Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/RZn4EWFuiwvFtji6qhPFIAM1J3Q.roa
File: RZn4EWFuiwvFtji6qhPFIAM1J3Q.roa (raw, json)
Hash identifier: 2W/NyqjeQ62tLzzrLzn7Z+I6hSkuICG40ZAdDXZAoiM=
Subject key identifier: 45:99:F8:11:61:6E:8B:0B:C5:B6:38:BA:AA:13:C5:20:03:35:27:74
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018C9AC608C4C302C4C476BFDC8653A5E5E3
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/RZn4EWFuiwvFtji6qhPFIAM1J3Q.roa
Signing time: Sun 24 Dec 2023 07:41:58 +0000
ROA not before: Sun 24 Dec 2023 07:41:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212238
IP address blocks: 82.163.68.0/22 maxlen: 22
149.126.88.0/22 maxlen: 24
5.102.96.0/22 maxlen: 22
5.102.108.0/22 maxlen: 22
5.102.120.0/22 maxlen: 22
5.102.124.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 25 Dec 2023 07:24:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:9a:c6:08:c4:c3:02:c4:c4:76:bf:dc:86:53:a5:e5:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Dec 24 07:41:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4599f811616e8b0bc5b638baaa13c52003352774
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:b0:7a:8f:6f:4c:0f:2b:ca:45:59:bd:f2:be:
01:1c:73:1e:ee:37:2c:d5:8d:ab:a8:a5:f1:d0:d7:
d5:4f:4a:ff:4e:14:18:13:19:bd:d4:51:40:c5:d2:
0b:43:5e:7c:04:86:d7:86:93:b6:1d:5f:bb:6e:74:
0e:7b:09:e1:a3:6b:51:44:31:d7:b7:51:7b:8e:27:
67:c7:ca:ca:e3:c7:c5:0e:a8:f0:54:bd:54:5d:89:
ed:ef:0b:f1:ae:9e:ab:75:04:93:43:c5:ab:04:f3:
67:b8:0b:5f:f7:fb:8b:a1:b4:e7:28:33:6a:33:b5:
16:ac:1c:44:be:e0:ea:5d:8d:95:4d:cc:b2:f2:02:
df:13:73:76:25:1d:4e:bf:be:e4:d8:55:72:15:1e:
6d:4c:a6:71:fb:b4:d4:ed:ef:84:b6:8e:c2:a2:cb:
44:92:e3:a1:ec:35:f7:58:5f:fe:84:42:f1:8e:1c:
45:a5:a8:e9:72:66:3f:11:f1:8f:55:9e:3d:a4:0a:
4b:22:7a:91:9d:a6:43:e6:23:f7:44:66:5a:00:f2:
0a:f3:21:c1:f0:32:96:87:5d:43:f2:02:3c:3f:06:
86:fc:e7:04:95:98:0d:db:49:ba:cd:72:93:bd:2d:
2c:cb:61:72:34:31:fc:c0:a2:7e:04:49:a6:80:3b:
f0:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:99:F8:11:61:6E:8B:0B:C5:B6:38:BA:AA:13:C5:20:03:35:27:74
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/RZn4EWFuiwvFtji6qhPFIAM1J3Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0/22
5.102.108.0/22
5.102.120.0/21
82.163.68.0/22
149.126.88.0/22
Signature Algorithm: sha256WithRSAEncryption
66:23:6b:54:5a:8c:32:e5:b9:f7:07:48:93:f1:11:1e:95:03:
ba:69:d7:de:22:ce:ff:94:13:20:c5:13:60:98:3a:8a:de:d5:
b9:64:42:b9:01:d0:db:ea:7c:2d:17:68:28:ef:f9:c0:48:ca:
2e:8d:ab:38:da:5d:2a:1c:b6:ef:ea:ea:84:1f:07:54:7e:e5:
71:65:e7:00:36:e8:4c:50:b3:3e:df:88:d2:c7:2f:8d:e0:c4:
2b:5f:3c:69:dc:a0:3c:0e:66:c4:db:c9:15:36:ba:52:e4:b9:
07:53:4a:b3:bc:dc:0e:39:70:3f:a4:8e:ad:ad:7a:56:b3:65:
65:19:ef:01:2e:be:4c:07:97:6a:b8:8d:f0:41:f3:00:39:7e:
42:2d:84:94:5a:5b:b6:d3:a9:66:8c:22:68:80:5e:40:8d:31:
5f:f3:19:50:f6:4d:8c:99:4b:c2:1a:e7:14:84:9b:58:64:9a:
67:1b:79:81:69:81:b4:71:89:4d:81:98:3e:ae:8a:bf:4d:72:
d2:c4:a2:e3:4e:7a:38:a8:48:c1:e0:ba:94:35:54:03:34:74:
d8:51:ff:b0:2d:cb:d9:a5:ad:f9:ea:b2:9f:6a:8f:f6:b2:cd:
2b:c3:cd:76:59:1c:76:cb:b7:e3:86:d1:25:a4:f7:65:24:6c:
b8:92:08:ec
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYyaxgjEwwLExHa/3IZTpeXjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMxMjI0MDc0MTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTk5ZjgxMTYxNmU4YjBiYzViNjM4YmFhYTEzYzUyMDAzMzUyNzc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAobB6j29MDyvKRVm98r4BHHMe7jcs
1Y2rqKXx0NfVT0r/ThQYExm91FFAxdILQ158BIbXhpO2HV+7bnQOewnho2tRRDHX
t1F7jidnx8rK48fFDqjwVL1UXYnt7wvxrp6rdQSTQ8WrBPNnuAtf9/uLobTnKDNq
M7UWrBxEvuDqXY2VTcyy8gLfE3N2JR1Ov77k2FVyFR5tTKZx+7TU7e+Eto7CostE
kuOh7DX3WF/+hELxjhxFpajpcmY/EfGPVZ49pApLInqRnaZD5iP3RGZaAPIK8yHB
8DKWh11D8gI8PwaG/OcElZgN20m6zXKTvS0sy2FyNDH8wKJ+BEmmgDvw4wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFEWZ+BFhbosLxbY4uqoTxSADNSd0MB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvUlpuNEVXRnVpd3ZGdGppNnFoUEZJQU0xSjNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCBWZgAwQC
BWZsAwQDBWZ4AwQCUqNEAwQClX5YMA0GCSqGSIb3DQEBCwUAA4IBAQBmI2tUWowy
5bn3B0iT8REelQO6adfeIs7/lBMgxRNgmDqK3tW5ZEK5AdDb6nwtF2go7/nASMou
jas42l0qHLbv6uqEHwdUfuVxZecANuhMULM+34jSxy+N4MQrXzxp3KA8DmbE28kV
NrpS5LkHU0qzvNwOOXA/pI6trXpWs2VlGe8BLr5MB5dquI3wQfMAOX5CLYSUWlu2
06lmjCJogF5AjTFf8xlQ9k2MmUvCGucUhJtYZJpnG3mBaYG0cYlNgZg+roq/TXLS
xKLjTno4qEjB4LqUNVQDNHTYUf+wLcvZpa356rKfao/2ss0rw812WRx2y7fjhtEl
pPdlJGy4kgjs
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:47 2024 by rpki-client on console-ams.rpki-client.org