Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/aF9dV4hekyXFErt-R4XIA6RGO1I.roa
File: aF9dV4hekyXFErt-R4XIA6RGO1I.roa (raw, json)
Hash identifier: lbO4+K2kPAQlzE9IO8ffh47Eo+cGXjULnA6Gr8iKwOg=
Subject key identifier: 68:5F:5D:57:88:5E:93:25:C5:12:BB:7E:47:85:C8:03:A4:46:3B:52
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018AF023FE5E5D502A5EEDC9D3A3303E0A7C
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/aF9dV4hekyXFErt-R4XIA6RGO1I.roa
Signing time: Mon 02 Oct 2023 11:26:45 +0000
ROA not before: Mon 02 Oct 2023 11:26:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 82.163.68.0/22 maxlen: 24
5.102.96.0/19 maxlen: 24
5.102.96.0/20 maxlen: 24
5.102.112.0/20 maxlen: 24
46.20.212.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 06 Oct 2023 18:43:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f0:23:fe:5e:5d:50:2a:5e:ed:c9:d3:a3:30:3e:0a:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Oct 2 11:26:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=685f5d57885e9325c512bb7e4785c803a4463b52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:5b:30:60:61:5f:22:16:4c:29:cf:33:71:ba:
e2:32:e0:68:a2:29:93:d1:13:2a:ee:d4:47:aa:f6:
ea:7d:a8:b8:8a:f0:c1:c9:1b:11:88:f0:a4:ed:2d:
bf:7f:65:b9:62:26:42:8a:c3:98:a1:05:57:b2:ab:
d9:5b:1e:66:98:3b:b1:4f:23:2a:85:f4:4d:a8:3b:
67:c3:8b:93:24:53:64:37:b4:d2:a4:71:e2:07:c7:
5e:43:81:a3:4f:ac:13:24:73:06:27:40:48:63:da:
33:1c:4a:a1:bb:77:3f:71:ad:c7:69:ba:25:0d:ba:
37:04:18:1e:a7:f2:8f:7f:09:0a:0d:c5:36:ca:30:
b3:93:0b:cd:56:9b:40:fe:25:1a:f2:73:e0:4b:86:
4f:a2:bd:6e:1d:ee:bc:4a:b0:c9:b0:62:6b:8f:fc:
eb:e0:ed:a5:b8:0c:24:d3:7c:a3:22:da:a3:ca:d7:
c9:01:4d:ad:a1:55:5c:09:1a:a0:94:12:75:ff:18:
07:6e:eb:bb:7e:ea:2d:1d:97:10:15:11:18:fe:59:
df:62:7c:95:93:f8:f6:31:73:10:74:8c:2e:43:70:
6b:4a:17:76:e6:8c:6d:01:f7:8e:3b:02:db:b8:95:
59:ac:65:d5:8e:e7:c9:f5:ae:ec:78:b4:fc:b3:55:
b1:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:5F:5D:57:88:5E:93:25:C5:12:BB:7E:47:85:C8:03:A4:46:3B:52
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/aF9dV4hekyXFErt-R4XIA6RGO1I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0/19
46.20.212.0/22
82.163.68.0/22
Signature Algorithm: sha256WithRSAEncryption
7f:7f:72:9b:7f:ba:44:6d:3d:47:16:2e:cb:bc:d9:f9:b4:88:
0f:86:76:96:08:c2:2a:38:dd:52:ae:3d:19:2f:cf:f9:10:2f:
e5:04:2f:9a:2b:ab:b1:f0:41:e4:76:bb:02:aa:34:f5:28:f5:
79:2e:83:2b:12:e7:8b:4a:62:33:36:31:10:cf:ec:81:8a:11:
23:9e:78:02:e5:dd:ce:e0:1f:29:6c:00:c5:27:ee:68:fc:7a:
6e:2e:b5:e4:4f:48:20:03:bc:18:47:46:95:d1:6d:f7:73:e1:
96:c9:1f:7c:fe:c9:57:d8:f8:e3:ee:bd:0f:14:f6:5e:64:15:
1a:6c:05:76:da:d1:aa:44:fe:66:ff:fe:51:fb:8f:7b:cf:c4:
de:de:53:cb:fc:df:88:fe:6e:9a:cc:10:a3:6f:5d:3a:3c:cd:
5f:e7:d8:10:9b:c4:c3:13:c1:22:00:cc:c2:68:a7:4d:fd:e7:
c0:76:1b:f6:25:6e:0a:45:a7:e1:1c:27:e6:0d:46:b5:42:a0:
73:a3:3a:63:dd:05:d9:e4:a0:f4:75:81:3d:84:fa:0c:25:51:
be:ee:c1:59:31:ef:0e:c7:18:c5:66:a5:75:b9:fd:26:a0:aa:
1a:60:ee:85:25:fb:5f:de:b7:49:c5:e3:0a:64:9b:1a:6a:87:
8c:06:92:f5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYrwI/5eXVAqXu3J06MwPgp8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMxMDAyMTEyNjQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODVmNWQ1Nzg4NWU5MzI1YzUxMmJiN2U0Nzg1YzgwM2E0NDYzYjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnFswYGFfIhZMKc8zcbriMuBooimT
0RMq7tRHqvbqfai4ivDByRsRiPCk7S2/f2W5YiZCisOYoQVXsqvZWx5mmDuxTyMq
hfRNqDtnw4uTJFNkN7TSpHHiB8deQ4GjT6wTJHMGJ0BIY9ozHEqhu3c/ca3Habol
Dbo3BBgep/KPfwkKDcU2yjCzkwvNVptA/iUa8nPgS4ZPor1uHe68SrDJsGJrj/zr
4O2luAwk03yjItqjytfJAU2toVVcCRqglBJ1/xgHbuu7fuotHZcQFREY/lnfYnyV
k/j2MXMQdIwuQ3BrShd25oxtAfeOOwLbuJVZrGXVjufJ9a7seLT8s1WxUQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGhfXVeIXpMlxRK7fkeFyAOkRjtSMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvYUY5ZFY0aGVreVhGRXJ0LVI0WElBNlJHTzFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQFBWZgAwQC
LhTUAwQCUqNEMA0GCSqGSIb3DQEBCwUAA4IBAQB/f3Kbf7pEbT1HFi7LvNn5tIgP
hnaWCMIqON1Srj0ZL8/5EC/lBC+aK6ux8EHkdrsCqjT1KPV5LoMrEueLSmIzNjEQ
z+yBihEjnngC5d3O4B8pbADFJ+5o/HpuLrXkT0ggA7wYR0aV0W33c+GWyR98/slX
2Pjj7r0PFPZeZBUabAV22tGqRP5m//5R+497z8Te3lPL/N+I/m6azBCjb106PM1f
59gQm8TDE8EiAMzCaKdN/efAdhv2JW4KRafhHCfmDUa1QqBzozpj3QXZ5KD0dYE9
hPoMJVG+7sFZMe8OxxjFZqV1uf0moKoaYO6FJftf3rdJxeMKZJsaaoeMBpL1
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:35 2024 by rpki-client on console-fra.rpki-client.org