Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/ay6NFeB7fOS9lL7LabxJGIb2Ea4.roa
File: ay6NFeB7fOS9lL7LabxJGIb2Ea4.roa (raw, json)
Hash identifier: zE6WR2PWyEMtoqf9mYKaUCeSLN5nX4NxuU7Dom3EUuo=
Subject key identifier: 6B:2E:8D:15:E0:7B:7C:E4:BD:94:BE:CB:69:BC:49:18:86:F6:11:AE
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018DBB31D75D92CEE0F07C58DC2C0DF0B1A4
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/ay6NFeB7fOS9lL7LabxJGIb2Ea4.roa
Signing time: Sun 18 Feb 2024 07:50:22 +0000
ROA not before: Sun 18 Feb 2024 07:50:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5065
IP address blocks: 5.102.120.0/22 maxlen: 24
82.163.96.0/21 maxlen: 24
82.163.168.0/22 maxlen: 24
82.163.224.0/22 maxlen: 24
130.255.68.0/22 maxlen: 24
188.215.120.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 18 Mar 2024 08:38:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:bb:31:d7:5d:92:ce:e0:f0:7c:58:dc:2c:0d:f0:b1:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Feb 18 07:50:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6b2e8d15e07b7ce4bd94becb69bc491886f611ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:e3:03:98:9c:4a:8a:42:ab:a8:57:6d:fd:9c:
bc:e0:f7:0c:81:9c:ea:08:50:09:85:3a:72:80:e7:
8d:fa:a5:98:a7:c3:ae:77:77:cd:62:69:4a:28:d4:
1b:4b:f0:99:9b:b1:25:08:1a:0b:f2:19:27:ed:f2:
8f:c5:f9:4e:99:05:42:e7:56:a1:ea:cb:65:44:ec:
9f:a9:03:96:72:09:82:81:77:a4:4d:44:00:bc:26:
92:b1:79:43:2b:8a:8a:bb:e6:fc:81:c0:60:24:02:
0d:88:69:39:de:96:f8:cc:39:e3:05:18:1c:eb:48:
4f:67:b3:75:0f:69:26:50:f0:26:0c:57:5c:9e:49:
81:d0:2b:37:9f:60:16:34:b2:d3:66:e3:ce:38:c8:
e4:e0:14:a5:2a:7f:3b:0a:52:fe:ff:a0:68:8a:e9:
07:ab:cd:7a:94:a9:16:59:84:72:92:16:da:f9:af:
09:05:32:c2:64:d5:5a:f0:7d:5d:8d:ca:51:ec:77:
c9:f9:28:1f:2c:87:3b:0b:f5:be:06:ef:db:c6:47:
e0:23:82:26:ed:9f:59:53:96:be:be:2b:f9:c6:81:
c2:e7:90:3d:01:58:89:40:b8:b5:c2:54:4e:ed:c0:
23:1f:30:d2:30:6f:c4:6f:eb:56:dd:7b:3f:9f:e1:
13:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:2E:8D:15:E0:7B:7C:E4:BD:94:BE:CB:69:BC:49:18:86:F6:11:AE
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/ay6NFeB7fOS9lL7LabxJGIb2Ea4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.120.0/22
82.163.96.0/21
82.163.168.0/22
82.163.224.0/22
130.255.68.0/22
188.215.120.0/22
Signature Algorithm: sha256WithRSAEncryption
a0:db:53:c8:a2:55:0a:99:f9:f5:81:5a:af:86:ba:16:fb:10:
0f:88:bb:c2:3d:2a:26:27:77:17:2c:41:d7:81:d2:bd:33:40:
bc:5f:af:a2:da:bf:63:2b:89:1b:68:4f:60:54:fd:02:52:f1:
4a:23:8f:35:65:e6:b5:4d:af:5d:74:b4:24:1d:93:8b:21:92:
06:48:de:bd:8f:bd:c7:5a:56:3f:16:1f:bc:3c:c2:81:c3:5e:
0b:5b:7b:5a:aa:49:a8:dc:65:35:74:df:ab:56:b8:01:12:f7:
d3:bc:69:5d:d2:f8:c9:0b:34:54:7d:e8:30:78:58:f6:b5:c8:
76:00:dd:9e:4e:0e:3e:3b:0a:a1:fc:cb:b1:66:d9:50:7c:22:
14:8b:e6:28:d0:5c:14:80:a3:0f:c1:05:a3:73:e2:28:d1:80:
76:4b:6a:f9:a2:19:2e:ab:e7:0e:fb:74:c1:42:d1:c2:5e:09:
ef:ea:ea:7c:75:6c:83:8f:a5:e3:f5:52:a5:48:cc:86:0a:16:
3f:6f:4b:e8:4d:ad:f8:88:23:e4:9d:0f:0e:e5:ad:6c:09:5b:
a8:a1:3c:40:eb:12:f7:cb:f1:65:f9:d1:30:4d:4f:62:69:5e:
78:56:80:af:49:1e:fa:58:cc:ff:e0:3c:ae:3b:67:91:89:22:
54:bd:fb:74
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY27Mdddks7g8HxY3CwN8LGkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQwMjE4MDc1MDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjJlOGQxNWUwN2I3Y2U0YmQ5NGJlY2I2OWJjNDkxODg2ZjYxMWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+MDmJxKikKrqFdt/Zy84PcMgZzq
CFAJhTpygOeN+qWYp8Oud3fNYmlKKNQbS/CZm7ElCBoL8hkn7fKPxflOmQVC51ah
6stlROyfqQOWcgmCgXekTUQAvCaSsXlDK4qKu+b8gcBgJAINiGk53pb4zDnjBRgc
60hPZ7N1D2kmUPAmDFdcnkmB0Cs3n2AWNLLTZuPOOMjk4BSlKn87ClL+/6BoiukH
q816lKkWWYRykhba+a8JBTLCZNVa8H1djcpR7HfJ+SgfLIc7C/W+Bu/bxkfgI4Im
7Z9ZU5a+viv5xoHC55A9AViJQLi1wlRO7cAjHzDSMG/Eb+tW3Xs/n+ETqwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFGsujRXge3zkvZS+y2m8SRiG9hGuMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvYXk2TkZlQjdmT1M5bEw3TGFieEpHSWIyRWE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCBWZ4AwQD
UqNgAwQCUqOoAwQCUqPgAwQCgv9EAwQCvNd4MA0GCSqGSIb3DQEBCwUAA4IBAQCg
21PIolUKmfn1gVqvhroW+xAPiLvCPSomJ3cXLEHXgdK9M0C8X6+i2r9jK4kbaE9g
VP0CUvFKI481Zea1Ta9ddLQkHZOLIZIGSN69j73HWlY/Fh+8PMKBw14LW3taqkmo
3GU1dN+rVrgBEvfTvGld0vjJCzRUfegweFj2tch2AN2eTg4+Owqh/MuxZtlQfCIU
i+Yo0FwUgKMPwQWjc+Io0YB2S2r5ohkuq+cO+3TBQtHCXgnv6up8dWyDj6Xj9VKl
SMyGChY/b0voTa34iCPknQ8O5a1sCVuooTxA6xL3y/Fl+dEwTU9iaV54VoCvSR76
WMz/4DyuO2eRiSJUvft0
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:47 2024 by rpki-client on console-ams.rpki-client.org