Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/aDCphM1R-LyM_w6zc5IM_Pariic.roa
File: aDCphM1R-LyM_w6zc5IM_Pariic.roa (raw, json)
Hash identifier: P+hFo1v6W5IgM9AzQKocm7K4eMrI2+QAz87dFiwqtfA=
Subject key identifier: 68:30:A9:84:CD:51:F8:BC:8C:FF:0E:B3:73:92:0C:FC:F6:AB:8A:27
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018C9FDCD28ACB441D465BFE621E420D09C7
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/aDCphM1R-LyM_w6zc5IM_Pariic.roa
Signing time: Mon 25 Dec 2023 07:24:58 +0000
ROA not before: Mon 25 Dec 2023 07:24:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212238
IP address blocks: 82.163.68.0/22 maxlen: 22
149.126.88.0/22 maxlen: 22
5.102.96.0/22 maxlen: 22
5.102.108.0/22 maxlen: 22
5.102.120.0/22 maxlen: 22
5.102.124.0/22 maxlen: 22
Validation: Failed, certificate revoked on Sat 30 Dec 2023 08:35:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:9f:dc:d2:8a:cb:44:1d:46:5b:fe:62:1e:42:0d:09:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Dec 25 07:24:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6830a984cd51f8bc8cff0eb373920cfcf6ab8a27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:c8:72:6a:1f:ac:16:61:de:76:33:0c:5f:cc:
66:67:68:a8:c8:63:62:c0:8e:4a:d0:51:0e:d2:8a:
a4:84:d1:3b:4f:13:f9:91:48:26:42:d6:c3:45:05:
b5:27:fe:a0:44:a3:8a:c3:51:55:14:b7:14:ad:d2:
01:d2:94:c8:3e:71:e8:b9:99:1f:57:70:4f:7a:04:
da:88:fc:a1:2e:e4:14:f7:dd:d7:11:5a:38:12:70:
e7:d0:97:99:32:15:7e:02:c2:6d:ef:15:07:e1:b6:
75:20:54:0b:b9:23:c5:b7:98:ac:5c:73:f1:1b:44:
d9:88:43:a5:e3:6b:f6:53:78:bd:db:ac:aa:f4:2c:
81:7c:e0:ab:7a:83:72:57:55:a6:68:59:d2:c6:d6:
31:11:77:33:9a:99:0a:e8:9a:74:d5:10:a6:f5:bb:
e6:3b:51:d6:a7:5c:36:ec:53:61:c9:09:3e:dd:24:
c7:37:57:b0:70:ce:88:a0:aa:cf:b1:2c:28:50:78:
83:23:bc:6c:9c:42:78:80:22:d4:f9:8d:3d:1f:ba:
b4:fc:46:4a:5c:f1:7b:e1:79:3e:54:3a:ac:61:5d:
a4:ed:4c:ea:21:c7:60:30:08:3f:75:15:a4:15:b6:
54:4e:5c:76:82:ff:5a:7f:ab:10:ce:38:91:bf:00:
90:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:30:A9:84:CD:51:F8:BC:8C:FF:0E:B3:73:92:0C:FC:F6:AB:8A:27
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/aDCphM1R-LyM_w6zc5IM_Pariic.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0/22
5.102.108.0/22
5.102.120.0/21
82.163.68.0/22
149.126.88.0/22
Signature Algorithm: sha256WithRSAEncryption
9e:cd:29:6e:13:bc:b2:04:56:0c:08:6f:f0:76:82:f4:b9:4b:
f8:08:86:e9:d6:c4:07:c3:81:53:cb:e5:b9:8c:ff:39:95:e2:
9b:16:2f:9e:88:e6:f1:05:b4:de:e8:31:e5:ec:32:64:d6:c6:
94:5e:ae:10:d6:84:a0:43:4b:6e:c5:d2:e4:7d:5a:9a:ea:02:
fe:58:c2:c3:33:e7:6e:8f:00:36:3e:78:41:88:9f:1a:e0:c8:
83:ed:f7:20:8a:64:b2:f8:9d:ea:5e:49:f5:0f:9b:54:5a:3c:
c5:44:cd:da:8f:55:eb:4a:d0:0f:d5:b7:9c:10:c8:df:37:10:
52:f0:0f:e5:79:bf:7f:05:8e:84:c7:b1:3e:0d:66:14:08:45:
18:29:d1:e9:cc:8d:49:d6:21:0d:02:cb:49:13:99:c7:b3:52:
07:22:63:40:20:f5:1d:a4:2a:7b:71:58:c4:2a:16:08:59:f1:
71:aa:b7:4d:c7:6a:0b:87:18:8d:8b:a5:a6:27:07:ab:fa:03:
ba:0f:ef:2c:f7:69:02:42:b6:11:ef:cc:70:2e:c1:59:5d:85:
ab:b2:7b:d8:b2:5f:e1:97:f9:9e:bc:da:b1:ae:6d:3c:b4:0c:
36:c9:49:ab:2c:71:fc:9d:41:58:79:99:1d:af:93:0c:dd:fc:
8f:20:fd:39
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYyf3NKKy0QdRlv+Yh5CDQnHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMxMjI1MDcyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODMwYTk4NGNkNTFmOGJjOGNmZjBlYjM3MzkyMGNmY2Y2YWI4YTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv8hyah+sFmHedjMMX8xmZ2ioyGNi
wI5K0FEO0oqkhNE7TxP5kUgmQtbDRQW1J/6gRKOKw1FVFLcUrdIB0pTIPnHouZkf
V3BPegTaiPyhLuQU993XEVo4EnDn0JeZMhV+AsJt7xUH4bZ1IFQLuSPFt5isXHPx
G0TZiEOl42v2U3i926yq9CyBfOCreoNyV1WmaFnSxtYxEXczmpkK6Jp01RCm9bvm
O1HWp1w27FNhyQk+3STHN1ewcM6IoKrPsSwoUHiDI7xsnEJ4gCLU+Y09H7q0/EZK
XPF74Xk+VDqsYV2k7UzqIcdgMAg/dRWkFbZUTlx2gv9af6sQzjiRvwCQGwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGgwqYTNUfi8jP8Os3OSDPz2q4onMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvYURDcGhNMVItTHlNX3c2emM1SU1fUGFyaWljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCBWZgAwQC
BWZsAwQDBWZ4AwQCUqNEAwQClX5YMA0GCSqGSIb3DQEBCwUAA4IBAQCezSluE7yy
BFYMCG/wdoL0uUv4CIbp1sQHw4FTy+W5jP85leKbFi+eiObxBbTe6DHl7DJk1saU
Xq4Q1oSgQ0tuxdLkfVqa6gL+WMLDM+dujwA2PnhBiJ8a4MiD7fcgimSy+J3qXkn1
D5tUWjzFRM3aj1XrStAP1becEMjfNxBS8A/leb9/BY6Ex7E+DWYUCEUYKdHpzI1J
1iENAstJE5nHs1IHImNAIPUdpCp7cVjEKhYIWfFxqrdNx2oLhxiNi6WmJwer+gO6
D+8s92kCQrYR78xwLsFZXYWrsnvYsl/hl/mevNqxrm08tAw2yUmrLHH8nUFYeZkd
r5MM3fyPIP05
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:47 2024 by rpki-client on console-ams.rpki-client.org