Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/Vl77ySaq19NVpJqcU7B-ZKxkFKU.roa
File: Vl77ySaq19NVpJqcU7B-ZKxkFKU.roa (raw, json)
Hash identifier: dR+daHEiEogjOCmOG7wd341HLE/OOUjfO5G3Rz3HKqo=
Subject key identifier: 56:5E:FB:C9:26:AA:D7:D3:55:A4:9A:9C:53:B0:7E:64:AC:64:14:A5
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 01925C6AFF113585FAD9B490D2669514ECEE
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/Vl77ySaq19NVpJqcU7B-ZKxkFKU.roa
Signing time: Sat 05 Oct 2024 11:22:48 +0000
ROA not before: Sat 05 Oct 2024 11:22:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 5.102.96.0/20 maxlen: 24
5.102.96.0/21 maxlen: 24
5.102.96.0/22 maxlen: 24
82.163.52.0/23 maxlen: 24
82.163.96.0/21 maxlen: 24
92.114.40.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sun 06 Oct 2024 12:31:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:5c:6a:ff:11:35:85:fa:d9:b4:90:d2:66:95:14:ec:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Oct 5 11:22:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=565efbc926aad7d355a49a9c53b07e64ac6414a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:c9:69:98:c6:03:df:be:95:6a:09:d6:29:24:
04:73:5c:cc:de:b7:4b:99:0d:30:22:3f:7f:54:de:
cd:ad:5a:75:94:16:c9:93:7b:0e:48:e2:e0:9b:5f:
82:41:61:53:48:a1:7c:ef:5c:03:7d:66:e0:fc:45:
da:b9:c6:ac:0c:ed:02:cd:06:20:d5:46:3f:2e:2b:
fc:92:14:f2:a5:dc:1e:d8:05:b0:08:e0:9b:7c:fb:
a5:8f:55:1b:f4:22:28:e3:0d:d9:6b:65:33:58:e1:
82:a8:47:d9:8c:78:14:51:de:76:f7:29:fd:b8:36:
34:2d:41:19:e6:d8:fb:0a:3d:e6:61:25:04:ae:3a:
54:03:62:a0:1a:c5:f8:a7:e8:7b:fb:6f:7c:49:e3:
af:1e:0a:ef:41:41:ad:7a:4e:a5:88:ea:3d:9b:9a:
82:a5:63:15:29:4e:98:58:83:aa:38:8a:46:a8:56:
fd:96:48:87:b3:2f:1f:c8:83:ed:c4:c4:05:6d:1a:
da:ab:b8:c7:8f:f9:47:a0:69:5e:3a:f7:7e:dd:ff:
a7:a1:9d:91:17:04:94:76:18:c4:e8:c1:4a:98:b9:
fe:d4:c4:4c:34:c5:28:de:cf:cb:e1:27:83:d6:77:
14:28:5b:99:0c:c7:a1:d2:b6:64:5c:76:5d:8f:66:
4a:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:5E:FB:C9:26:AA:D7:D3:55:A4:9A:9C:53:B0:7E:64:AC:64:14:A5
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/Vl77ySaq19NVpJqcU7B-ZKxkFKU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0/20
82.163.52.0/23
82.163.96.0/21
92.114.40.0/22
Signature Algorithm: sha256WithRSAEncryption
3e:99:8a:1e:3d:e3:ec:3e:47:42:1d:bd:d6:0f:02:e9:b8:be:
5c:0e:97:b3:ff:ca:a5:d1:69:5a:77:89:60:d3:d0:37:7e:6e:
94:a9:a5:3a:ad:53:2d:81:f8:e7:37:a6:ec:41:77:2e:1b:60:
b7:c8:7c:a1:96:09:14:bc:bd:44:9f:9e:fc:84:e7:c9:93:8f:
69:54:d2:b9:4b:77:8f:b7:64:85:5f:2c:34:8e:9f:fe:84:d4:
2b:7c:2c:b2:c0:b7:3d:35:66:ae:5e:55:90:f4:0c:c4:a9:92:
b6:8b:37:ba:0e:4b:4b:94:66:c5:ce:bf:0d:4e:b4:16:c0:85:
f0:c1:85:50:2b:a2:74:93:35:1d:17:38:2a:1b:c2:be:66:54:
cc:f3:84:94:86:11:3a:55:5a:45:5d:43:6d:73:ba:e4:dc:36:
43:53:8b:a2:5a:e4:dd:d7:19:4c:87:57:7f:94:a8:89:51:ff:
e4:bc:85:2a:0d:d1:9b:b0:9c:af:fe:fb:f6:c8:28:73:c4:f3:
2e:b8:9f:c8:57:e9:5c:b8:b4:99:6c:10:c8:d5:f5:fc:d1:00:
1a:77:80:11:fd:48:d2:48:8c:bd:45:2f:34:0e:7d:ab:58:d3:
14:11:15:36:ad:97:58:ee:e2:cc:0b:c5:23:e5:e6:9a:60:69:
c8:e8:a8:c7
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZJcav8RNYX62bSQ0maVFOzuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQxMDA1MTEyMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjVlZmJjOTI2YWFkN2QzNTVhNDlhOWM1M2IwN2U2NGFjNjQxNGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwclpmMYD376VagnWKSQEc1zM3rdL
mQ0wIj9/VN7NrVp1lBbJk3sOSOLgm1+CQWFTSKF871wDfWbg/EXaucasDO0CzQYg
1UY/Liv8khTypdwe2AWwCOCbfPulj1Ub9CIo4w3Za2UzWOGCqEfZjHgUUd529yn9
uDY0LUEZ5tj7Cj3mYSUErjpUA2KgGsX4p+h7+298SeOvHgrvQUGtek6liOo9m5qC
pWMVKU6YWIOqOIpGqFb9lkiHsy8fyIPtxMQFbRraq7jHj/lHoGleOvd+3f+noZ2R
FwSUdhjE6MFKmLn+1MRMNMUo3s/L4SeD1ncUKFuZDMeh0rZkXHZdj2ZKrwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFZe+8kmqtfTVaSanFOwfmSsZBSlMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvVmw3N3lTYXExOU5WcEpxY1U3Qi1aS3hrRktVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQEBWZgAwQB
UqM0AwQDUqNgAwQCXHIoMA0GCSqGSIb3DQEBCwUAA4IBAQA+mYoePePsPkdCHb3W
DwLpuL5cDpez/8ql0Wlad4lg09A3fm6UqaU6rVMtgfjnN6bsQXcuG2C3yHyhlgkU
vL1En578hOfJk49pVNK5S3ePt2SFXyw0jp/+hNQrfCyywLc9NWauXlWQ9AzEqZK2
ize6DktLlGbFzr8NTrQWwIXwwYVQK6J0kzUdFzgqG8K+ZlTM84SUhhE6VVpFXUNt
c7rk3DZDU4uiWuTd1xlMh1d/lKiJUf/kvIUqDdGbsJyv/vv2yChzxPMuuJ/IV+lc
uLSZbBDI1fX80QAad4AR/UjSSIy9RS80Dn2rWNMUERU2rZdY7uLMC8Uj5eaaYGnI
6KjH
-----END CERTIFICATE-----
Generated at Sun Oct 6 16:43:52 2024 by rpki-client on console-fra.rpki-client.org