Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/X5vZb7ky-dPfGNdYqSW_knAi2b8.roa
File: X5vZb7ky-dPfGNdYqSW_knAi2b8.roa (raw, json)
Hash identifier: XP+YXz92wvc+jMC2XbjTQQ6QNL66KHR87dYLfV1bPN8=
Subject key identifier: 5F:9B:D9:6F:B9:32:F9:D3:DF:18:D7:58:A9:25:BF:92:70:22:D9:BF
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 0189C492225E8D84A4926EBDD53A40D5AC6F
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/X5vZb7ky-dPfGNdYqSW_knAi2b8.roa
Signing time: Sat 05 Aug 2023 07:20:58 +0000
ROA not before: Sat 05 Aug 2023 07:20:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 82.163.60.0/22 maxlen: 24
82.163.168.0/22 maxlen: 24
92.114.40.0/22 maxlen: 24
5.102.96.0/20 maxlen: 24
82.163.224.0/22 maxlen: 24
130.255.68.0/22 maxlen: 24
5.102.112.0/20 maxlen: 24
Validation: Failed, certificate revoked on Wed 09 Aug 2023 06:14:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:c4:92:22:5e:8d:84:a4:92:6e:bd:d5:3a:40:d5:ac:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Aug 5 07:20:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5f9bd96fb932f9d3df18d758a925bf927022d9bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:85:01:bc:01:41:c0:11:e1:a8:d4:41:fd:f0:
1d:8a:ef:5c:3b:b7:b7:e5:b3:0c:c6:f9:8f:80:8a:
22:34:0a:c6:49:64:a4:a8:e7:c6:e8:80:ec:ef:e9:
d2:98:0d:f5:fc:ed:00:e2:ae:c5:29:b0:94:f3:fe:
ef:b3:d6:a1:07:c7:24:a9:b1:8e:25:b8:40:3d:df:
5b:71:cd:21:a6:e9:a2:08:67:4a:c4:43:3b:e7:32:
cf:fb:db:77:ba:c1:89:89:cf:67:b3:c8:0b:54:3b:
39:b3:75:e3:f5:0d:d0:59:b9:0d:b3:b2:30:cf:de:
a6:57:f7:21:9e:df:ea:c8:8b:48:7c:6d:e1:1c:e4:
cd:ed:ee:8a:ea:7c:da:a4:0f:41:47:73:0c:5b:06:
3a:6a:05:2c:3e:11:89:94:ef:8f:10:18:1c:2a:7d:
e0:8a:62:da:84:8c:6c:bd:22:0a:cf:b3:b5:d8:0b:
03:76:a5:96:09:65:9a:45:b9:74:c6:76:e9:88:71:
f4:f0:4e:2f:10:b1:39:9d:14:66:51:e9:37:61:52:
ca:02:0c:e6:d2:51:52:08:f5:57:b6:fc:23:ca:5b:
4e:2e:c8:7a:aa:08:f8:6e:df:88:db:86:fa:79:e7:
5d:9c:ef:b4:1b:09:95:b2:9e:44:d1:59:d3:21:64:
a3:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:9B:D9:6F:B9:32:F9:D3:DF:18:D7:58:A9:25:BF:92:70:22:D9:BF
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/X5vZb7ky-dPfGNdYqSW_knAi2b8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0/19
82.163.60.0/22
82.163.168.0/22
82.163.224.0/22
92.114.40.0/22
130.255.68.0/22
Signature Algorithm: sha256WithRSAEncryption
9c:aa:fc:6f:06:8a:83:3a:90:15:be:01:39:3d:a7:ef:b4:f2:
e3:16:90:0a:ca:34:0b:9d:23:24:08:7d:f1:13:72:13:99:e9:
ab:29:c9:b3:25:20:0d:9e:5d:b4:7a:8a:d7:64:f1:9d:e8:43:
81:b5:24:b3:8a:9d:e2:84:1f:0d:d3:71:6a:c5:4f:f8:14:f4:
cc:cc:31:9b:b5:62:50:f4:0c:0b:b2:c8:f8:4b:d2:3c:27:53:
e1:0f:e6:2a:1e:32:39:8e:fb:8c:86:89:0a:b5:6f:c2:ff:ae:
ad:f3:59:41:42:e0:d0:e6:f7:ea:a2:15:a3:24:15:e6:cb:0c:
f6:37:51:b5:54:54:72:d9:48:b9:8b:dc:7e:a5:f0:e9:8c:47:
fc:e2:06:e3:d8:b4:e3:e7:b4:c1:31:87:b8:81:fc:3c:6b:e4:
b2:3e:f6:61:ae:04:6a:da:78:05:3a:7a:b3:c1:77:ec:31:9e:
ff:57:b4:26:0f:90:7f:f2:43:4b:01:28:9c:ec:ae:40:c5:99:
60:ab:fd:16:2c:61:ec:bf:c6:d8:71:f3:f7:ed:48:88:53:b9:
28:15:a1:b0:d7:7a:9b:4e:e2:1d:0c:cb:58:3b:cc:f1:cd:11:
a9:36:e6:bc:9b:49:f4:00:da:92:bb:28:0d:12:ad:1d:13:32:
bb:cc:9b:1b
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYnEkiJejYSkkm691TpA1axvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMwODA1MDcyMDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjliZDk2ZmI5MzJmOWQzZGYxOGQ3NThhOTI1YmY5MjcwMjJkOWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApIUBvAFBwBHhqNRB/fAdiu9cO7e3
5bMMxvmPgIoiNArGSWSkqOfG6IDs7+nSmA31/O0A4q7FKbCU8/7vs9ahB8ckqbGO
JbhAPd9bcc0hpumiCGdKxEM75zLP+9t3usGJic9ns8gLVDs5s3Xj9Q3QWbkNs7Iw
z96mV/chnt/qyItIfG3hHOTN7e6K6nzapA9BR3MMWwY6agUsPhGJlO+PEBgcKn3g
imLahIxsvSIKz7O12AsDdqWWCWWaRbl0xnbpiHH08E4vELE5nRRmUek3YVLKAgzm
0lFSCPVXtvwjyltOLsh6qgj4bt+I24b6eeddnO+0GwmVsp5E0VnTIWSjfwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFF+b2W+5MvnT3xjXWKklv5JwItm/MB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvWDV2WmI3a3ktZFBmR05kWXFTV19rbkFpMmI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQFBWZgAwQC
UqM8AwQCUqOoAwQCUqPgAwQCXHIoAwQCgv9EMA0GCSqGSIb3DQEBCwUAA4IBAQCc
qvxvBoqDOpAVvgE5PafvtPLjFpAKyjQLnSMkCH3xE3ITmemrKcmzJSANnl20eorX
ZPGd6EOBtSSzip3ihB8N03FqxU/4FPTMzDGbtWJQ9AwLssj4S9I8J1PhD+YqHjI5
jvuMhokKtW/C/66t81lBQuDQ5vfqohWjJBXmywz2N1G1VFRy2Ui5i9x+pfDpjEf8
4gbj2LTj57TBMYe4gfw8a+SyPvZhrgRq2ngFOnqzwXfsMZ7/V7QmD5B/8kNLASic
7K5AxZlgq/0WLGHsv8bYcfP37UiIU7koFaGw13qbTuIdDMtYO8zxzRGpNua8m0n0
ANqSuygNEq0dEzK7zJsb
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:35 2024 by rpki-client on console-fra.rpki-client.org