Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/SLaCwNDEcyLF2esEvgahQJ58pGc.roa
File: SLaCwNDEcyLF2esEvgahQJ58pGc.roa (raw, json)
Hash identifier: SdiJe3iP6tnDq4nd75/l4I/XYDCPhoRe1VPETb3FZDE=
Subject key identifier: 48:B6:82:C0:D0:C4:73:22:C5:D9:EB:04:BE:06:A1:40:9E:7C:A4:67
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018A1717681F25F2DEABDBCAFB3F85208F89
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/SLaCwNDEcyLF2esEvgahQJ58pGc.roa
Signing time: Mon 21 Aug 2023 07:55:24 +0000
ROA not before: Mon 21 Aug 2023 07:55:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 86.104.160.0/22 maxlen: 24
188.215.120.0/22 maxlen: 24
5.102.96.0/19 maxlen: 24
5.102.96.0/20 maxlen: 24
5.102.112.0/20 maxlen: 24
Validation: Failed, certificate revoked on Thu 24 Aug 2023 05:15:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:17:17:68:1f:25:f2:de:ab:db:ca:fb:3f:85:20:8f:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Aug 21 07:55:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=48b682c0d0c47322c5d9eb04be06a1409e7ca467
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:65:bc:85:55:8b:9b:8f:1d:ba:18:87:e8:ac:
06:8a:bf:b0:f8:82:5f:43:14:e3:69:77:06:0f:54:
96:18:5b:11:64:3f:20:7b:85:0e:a3:f6:25:48:f4:
b7:e8:7d:c3:6c:49:91:a3:3a:18:e5:aa:61:96:1d:
29:13:bd:5d:6d:2c:6b:e1:c0:ef:e1:cc:6e:78:f9:
e3:ba:1b:06:49:c4:ad:b8:79:bf:b0:2a:86:30:61:
03:cf:20:2b:7e:7f:b5:06:9e:1c:02:39:76:8d:a1:
3e:35:a4:52:cd:46:3e:ec:8a:25:61:e9:1f:f4:6c:
71:eb:d8:86:c2:c4:9a:75:06:e2:dc:e7:ac:e3:a2:
5c:bc:6f:08:8c:67:12:e5:e1:b9:bf:3f:0c:06:2e:
c2:b3:aa:00:ee:61:c0:8b:83:3e:67:b2:3f:d2:62:
c4:11:e0:4d:f8:0b:f5:c7:56:7d:fe:f4:73:67:48:
5d:24:c9:6c:23:64:9e:39:0c:87:d6:4e:97:22:29:
4a:df:3b:1d:43:e5:4e:73:c7:22:17:bf:46:e3:ad:
62:49:f9:16:29:da:ab:ba:5a:da:e3:57:94:10:2f:
a5:7d:c2:f5:f3:ee:4d:60:5d:5c:f9:c2:17:51:51:
8e:e6:d5:12:a8:dc:71:6f:31:67:46:34:83:d5:2c:
28:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:B6:82:C0:D0:C4:73:22:C5:D9:EB:04:BE:06:A1:40:9E:7C:A4:67
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/SLaCwNDEcyLF2esEvgahQJ58pGc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0/19
86.104.160.0/22
188.215.120.0/22
Signature Algorithm: sha256WithRSAEncryption
a0:b1:14:70:0c:50:c2:c2:50:35:cc:f4:3d:4e:0b:bf:f7:4e:
f0:82:99:37:15:a1:48:b5:93:78:18:29:62:e2:0a:62:12:2c:
10:11:f9:4b:95:2f:34:53:1a:da:ee:13:e7:8d:bd:e8:37:b8:
3b:13:4b:c0:1d:83:c5:cb:cf:9d:bd:e4:00:cc:56:30:07:2c:
21:0f:74:fe:3e:4b:14:61:9f:d4:2c:ed:31:dc:1c:c0:63:bd:
26:40:9e:1b:85:96:b9:53:49:4f:72:82:cd:ae:ad:57:8b:a6:
ed:5b:19:c1:c2:84:81:7b:43:20:5e:02:b5:4a:e4:10:24:cf:
40:8c:6e:0d:c9:29:5b:43:78:22:49:96:91:b4:5c:dc:9d:c6:
08:97:d6:9c:65:f3:9d:aa:47:63:d8:58:84:ea:8f:b5:c6:e8:
fa:d1:98:8d:ce:17:9a:45:01:23:5c:fe:93:e9:12:cb:58:45:
52:94:94:2f:13:36:9b:44:10:84:df:3b:b1:91:03:38:85:a3:
c1:a0:9e:4a:83:e9:8b:76:79:61:da:2b:9f:25:85:dc:88:35:
fc:e4:8b:b8:7d:f6:fb:77:8f:33:ba:a2:88:8f:92:b5:2d:1a:
c7:61:89:87:c4:02:28:f9:c1:5e:c9:82:c0:f3:e5:d4:c1:69:
fa:ac:11:50
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYoXF2gfJfLeq9vK+z+FII+JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMwODIxMDc1NTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OGI2ODJjMGQwYzQ3MzIyYzVkOWViMDRiZTA2YTE0MDllN2NhNDY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlmW8hVWLm48duhiH6KwGir+w+IJf
QxTjaXcGD1SWGFsRZD8ge4UOo/YlSPS36H3DbEmRozoY5aphlh0pE71dbSxr4cDv
4cxuePnjuhsGScStuHm/sCqGMGEDzyArfn+1Bp4cAjl2jaE+NaRSzUY+7IolYekf
9Gxx69iGwsSadQbi3Oes46JcvG8IjGcS5eG5vz8MBi7Cs6oA7mHAi4M+Z7I/0mLE
EeBN+Av1x1Z9/vRzZ0hdJMlsI2SeOQyH1k6XIilK3zsdQ+VOc8ciF79G461iSfkW
Kdqrulra41eUEC+lfcL18+5NYF1c+cIXUVGO5tUSqNxxbzFnRjSD1SwoKQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEi2gsDQxHMixdnrBL4GoUCefKRnMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvU0xhQ3dOREVjeUxGMmVzRXZnYWhRSjU4cEdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQFBWZgAwQC
VmigAwQCvNd4MA0GCSqGSIb3DQEBCwUAA4IBAQCgsRRwDFDCwlA1zPQ9Tgu/907w
gpk3FaFItZN4GCli4gpiEiwQEflLlS80Uxra7hPnjb3oN7g7E0vAHYPFy8+dveQA
zFYwBywhD3T+PksUYZ/ULO0x3BzAY70mQJ4bhZa5U0lPcoLNrq1Xi6btWxnBwoSB
e0MgXgK1SuQQJM9AjG4NySlbQ3giSZaRtFzcncYIl9acZfOdqkdj2FiE6o+1xuj6
0ZiNzheaRQEjXP6T6RLLWEVSlJQvEzabRBCE3zuxkQM4haPBoJ5Kg+mLdnlh2iuf
JYXciDX85Iu4ffb7d48zuqKIj5K1LRrHYYmHxAIo+cFeyYLA8+XUwWn6rBFQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:47 2024 by rpki-client on console-ams.rpki-client.org