Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/YtyLt0C9YqyEA6hJDHbYQvGPMo4.roa
File: YtyLt0C9YqyEA6hJDHbYQvGPMo4.roa (raw, json)
Hash identifier: hocNgpEUFPmPlfBDWIYEQt/v7mf8XfQ26Id6i/dJDwQ=
Subject key identifier: 62:DC:8B:B7:40:BD:62:AC:84:03:A8:49:0C:76:D8:42:F1:8F:32:8E
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 01902F4959FC65F12997F952F47AE7B82589
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/YtyLt0C9YqyEA6hJDHbYQvGPMo4.roa
Signing time: Wed 19 Jun 2024 06:57:34 +0000
ROA not before: Wed 19 Jun 2024 06:57:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5065
IP address blocks: 5.102.124.0/22 maxlen: 24
82.163.96.0/21 maxlen: 24
82.163.168.0/22 maxlen: 24
82.163.224.0/22 maxlen: 24
130.255.68.0/22 maxlen: 24
188.215.120.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sat 03 Aug 2024 07:54:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:2f:49:59:fc:65:f1:29:97:f9:52:f4:7a:e7:b8:25:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Jun 19 06:57:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=62dc8bb740bd62ac8403a8490c76d842f18f328e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:6d:b1:b5:ef:c3:61:32:79:c1:56:ed:59:54:
8f:58:39:68:c2:5f:93:d0:76:bf:df:41:f1:3d:61:
83:e0:89:a7:fa:33:0f:23:19:e9:e7:c0:1b:e7:8c:
28:40:ee:6c:d1:e9:3e:70:2d:f7:49:9c:07:e2:01:
a2:6c:46:2c:64:7f:6f:7f:ac:bf:59:06:11:a0:df:
b3:76:d6:ed:71:ad:14:1f:6b:ec:74:9d:c8:51:91:
66:10:a7:d4:83:ec:d8:1c:d5:3a:5f:29:7f:63:cb:
68:df:18:82:b3:b3:a8:50:e7:68:4d:08:ce:ab:59:
29:bc:d2:d1:2c:9a:43:e0:43:3d:0f:2f:27:1f:53:
c6:8f:20:66:39:43:50:8b:9c:f5:6a:0c:b3:6d:f1:
82:8a:f6:d4:f9:5f:7c:dd:20:95:04:f0:47:07:19:
5f:0b:48:0f:71:a1:2e:13:87:d9:65:5a:a6:fa:5e:
b1:a9:bc:7d:dd:42:1b:5c:c8:d1:fc:1b:78:6a:ca:
8c:91:ed:6c:b8:14:4b:ee:68:6e:d1:4b:27:48:af:
0a:c0:8a:32:28:74:2b:9c:45:0d:42:53:71:f5:7c:
d5:fa:07:b9:c2:fd:31:98:93:59:a2:ab:44:27:08:
a9:36:94:f0:0a:22:8a:6a:33:ea:72:62:ef:31:c4:
ab:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:DC:8B:B7:40:BD:62:AC:84:03:A8:49:0C:76:D8:42:F1:8F:32:8E
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/YtyLt0C9YqyEA6hJDHbYQvGPMo4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.124.0/22
82.163.96.0/21
82.163.168.0/22
82.163.224.0/22
130.255.68.0/22
188.215.120.0/22
Signature Algorithm: sha256WithRSAEncryption
63:1d:11:cf:09:0f:6c:3c:77:6b:d0:0e:01:03:b4:b4:c2:8f:
02:d8:ca:ef:aa:de:fe:96:7f:2b:fd:15:32:d9:26:f5:af:38:
4f:1c:a9:e1:a1:74:ef:f4:40:4e:3e:25:ae:15:5f:d7:fd:57:
17:0b:d9:20:a5:f1:f4:c5:4f:96:ea:d4:46:80:ee:9c:7c:d5:
10:e1:29:85:92:cd:a3:c8:25:d7:ae:e9:69:3a:ec:d4:3b:f5:
9a:b7:d5:9d:0a:1e:90:74:80:08:7b:3e:a4:06:f9:3c:66:ec:
55:d1:81:f3:b5:5f:22:83:78:d1:2d:d1:d4:91:9c:c6:37:0c:
5d:32:29:3a:f8:76:10:5a:22:46:8e:70:a8:2a:d8:cf:2a:e4:
c7:b6:5a:aa:65:3b:7d:af:4a:22:30:f7:72:d0:73:63:6f:1e:
50:41:dd:d5:39:92:dd:43:84:81:ea:db:3a:62:74:61:54:17:
20:fb:86:98:2a:12:cd:37:53:2b:64:7d:1f:a6:d9:e0:59:01:
96:c0:72:78:e0:d3:ef:7c:46:b1:50:70:6c:bb:c7:37:70:fa:
c0:69:e1:e0:4c:f6:bc:09:ac:75:75:eb:84:d8:f3:55:db:6b:
e1:c3:4e:0c:ce:e3:71:d7:75:3d:58:56:bc:48:7d:cb:6f:c8:
de:a7:6e:fe
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZAvSVn8ZfEpl/lS9HrnuCWJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQwNjE5MDY1NzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmRjOGJiNzQwYmQ2MmFjODQwM2E4NDkwYzc2ZDg0MmYxOGYzMjhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4m2xte/DYTJ5wVbtWVSPWDlowl+T
0Ha/30HxPWGD4Imn+jMPIxnp58Ab54woQO5s0ek+cC33SZwH4gGibEYsZH9vf6y/
WQYRoN+zdtbtca0UH2vsdJ3IUZFmEKfUg+zYHNU6Xyl/Y8to3xiCs7OoUOdoTQjO
q1kpvNLRLJpD4EM9Dy8nH1PGjyBmOUNQi5z1agyzbfGCivbU+V983SCVBPBHBxlf
C0gPcaEuE4fZZVqm+l6xqbx93UIbXMjR/Bt4asqMke1suBRL7mhu0UsnSK8KwIoy
KHQrnEUNQlNx9XzV+ge5wv0xmJNZoqtEJwipNpTwCiKKajPqcmLvMcSrkQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFGLci7dAvWKshAOoSQx22ELxjzKOMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvWXR5THQwQzlZcXlFQTZoSkRIYllRdkdQTW80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCBWZ8AwQD
UqNgAwQCUqOoAwQCUqPgAwQCgv9EAwQCvNd4MA0GCSqGSIb3DQEBCwUAA4IBAQBj
HRHPCQ9sPHdr0A4BA7S0wo8C2Mrvqt7+ln8r/RUy2Sb1rzhPHKnhoXTv9EBOPiWu
FV/X/VcXC9kgpfH0xU+W6tRGgO6cfNUQ4SmFks2jyCXXrulpOuzUO/Wat9WdCh6Q
dIAIez6kBvk8ZuxV0YHztV8ig3jRLdHUkZzGNwxdMik6+HYQWiJGjnCoKtjPKuTH
tlqqZTt9r0oiMPdy0HNjbx5QQd3VOZLdQ4SB6ts6YnRhVBcg+4aYKhLNN1MrZH0f
ptngWQGWwHJ44NPvfEaxUHBsu8c3cPrAaeHgTPa8Cax1deuE2PNV22vhw04MzuNx
13U9WFa8SH3Lb8jep27+
-----END CERTIFICATE-----
Generated at Sat Aug 3 09:12:38 2024 by rpki-client on console-fra.rpki-client.org