Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/c1TZih2KgURKivX0IL099fRN3HU.roa
File: c1TZih2KgURKivX0IL099fRN3HU.roa (raw, json)
Hash identifier: ueRCMswTZTO/0WNuylnh2r7WT5z9wnKZrzCkhrO8uA8=
Subject key identifier: 73:54:D9:8A:1D:8A:81:44:4A:8A:F5:F4:20:BD:3D:F5:F4:4D:DC:75
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018F76EF9CAF07CBB7ABA94D3D04523B1E03
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/c1TZih2KgURKivX0IL099fRN3HU.roa
Signing time: Tue 14 May 2024 11:49:25 +0000
ROA not before: Tue 14 May 2024 11:49:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 5.102.108.0/22 maxlen: 22
5.102.124.0/22 maxlen: 22
92.114.40.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sat 08 Jun 2024 08:20:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:76:ef:9c:af:07:cb:b7:ab:a9:4d:3d:04:52:3b:1e:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: May 14 11:49:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7354d98a1d8a81444a8af5f420bd3df5f44ddc75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:c4:cc:04:f2:55:dc:ea:a2:60:b1:9b:d2:68:
bb:32:ec:3f:1c:bf:e7:26:0e:e2:ee:a1:25:7f:45:
44:1f:13:cd:71:c3:b1:1f:d4:bf:64:df:71:94:18:
82:4e:90:16:c8:c5:49:01:f7:61:09:b4:e7:f6:40:
ad:90:03:4a:e2:e6:56:c9:a2:98:a8:92:ba:9e:cc:
a6:3f:90:cc:49:02:58:56:69:66:17:b5:00:af:d5:
03:cc:4c:b3:5e:90:7a:03:36:b6:94:55:bf:26:64:
6a:a8:f8:6d:c8:23:57:9f:9b:b8:7b:6f:49:26:c6:
42:00:d3:50:e5:f6:72:9a:e8:50:3e:38:ef:34:04:
8d:68:0b:e4:64:66:f9:dc:7c:34:db:46:d7:f6:3a:
a2:f3:eb:9a:19:f1:53:f9:70:97:e4:21:ea:5e:51:
22:f3:07:e4:ca:50:b6:c1:59:47:fa:0e:37:10:bc:
4f:d0:c0:ad:3b:a5:b9:ef:46:28:52:bf:56:ec:30:
e2:64:f8:3e:b6:71:ae:0e:56:4b:6d:1f:2e:ab:81:
2a:e8:d9:08:61:38:af:49:04:97:fe:39:6b:f4:a1:
b3:43:c6:b1:0e:6c:40:92:41:20:0b:15:45:40:d7:
e7:1a:2b:3e:1c:b0:ab:26:4b:14:43:b9:63:6c:ea:
f2:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:54:D9:8A:1D:8A:81:44:4A:8A:F5:F4:20:BD:3D:F5:F4:4D:DC:75
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/c1TZih2KgURKivX0IL099fRN3HU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.108.0/22
5.102.124.0/22
92.114.40.0/22
Signature Algorithm: sha256WithRSAEncryption
6c:7f:16:ae:ee:13:6a:88:72:58:3c:f1:b1:9b:4c:5f:2c:03:
4a:d3:f0:58:1e:22:4b:5c:5e:56:4d:45:f1:b5:c6:7c:3e:92:
18:c7:25:7e:04:b4:a5:fc:30:16:69:6e:d4:d2:51:e3:3c:d8:
27:91:f3:9a:62:ad:62:c6:8d:97:57:52:7b:2d:0c:26:58:9d:
d0:e8:d6:6b:51:e7:c5:00:8b:0b:70:f8:c9:26:d8:47:73:bd:
d2:25:50:68:b3:1b:70:41:7e:a8:3e:7e:f4:32:1c:80:de:a2:
ff:ed:b6:cd:f9:b0:fb:8f:34:4b:cc:02:03:c7:2d:3d:43:84:
2f:cf:13:fe:de:e2:d6:dc:ac:02:70:0e:48:ca:3c:b5:d6:25:
39:ca:80:cc:70:0e:4a:be:1d:0c:66:45:a6:ad:7a:87:dc:d9:
86:90:18:07:c0:6c:85:08:aa:9d:b7:1c:9d:f3:7d:7b:38:d3:
87:7b:92:ee:27:8b:31:5a:3d:bb:c3:8f:0e:5b:7c:20:39:52:
71:1b:2b:38:dc:f2:36:57:4a:af:b8:60:29:58:03:84:d1:19:
f8:0c:31:0c:42:78:36:cf:8b:c9:18:8f:42:d1:01:36:52:cc:
7d:1e:ad:ca:cf:fd:76:90:29:2a:a8:c3:eb:b6:e2:d4:07:4c:
33:b7:cc:c6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY9275yvB8u3q6lNPQRSOx4DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQwNTE0MTE0OTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzU0ZDk4YTFkOGE4MTQ0NGE4YWY1ZjQyMGJkM2RmNWY0NGRkYzc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnsTMBPJV3OqiYLGb0mi7Muw/HL/n
Jg7i7qElf0VEHxPNccOxH9S/ZN9xlBiCTpAWyMVJAfdhCbTn9kCtkANK4uZWyaKY
qJK6nsymP5DMSQJYVmlmF7UAr9UDzEyzXpB6Aza2lFW/JmRqqPhtyCNXn5u4e29J
JsZCANNQ5fZymuhQPjjvNASNaAvkZGb53Hw020bX9jqi8+uaGfFT+XCX5CHqXlEi
8wfkylC2wVlH+g43ELxP0MCtO6W570YoUr9W7DDiZPg+tnGuDlZLbR8uq4Eq6NkI
YTivSQSX/jlr9KGzQ8axDmxAkkEgCxVFQNfnGis+HLCrJksUQ7ljbOryJwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHNU2YodioFESor19CC9PfX0Tdx1MB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvYzFUWmloMktnVVJLaXZYMElMMDk5ZlJOM0hVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCBWZsAwQC
BWZ8AwQCXHIoMA0GCSqGSIb3DQEBCwUAA4IBAQBsfxau7hNqiHJYPPGxm0xfLANK
0/BYHiJLXF5WTUXxtcZ8PpIYxyV+BLSl/DAWaW7U0lHjPNgnkfOaYq1ixo2XV1J7
LQwmWJ3Q6NZrUefFAIsLcPjJJthHc73SJVBosxtwQX6oPn70MhyA3qL/7bbN+bD7
jzRLzAIDxy09Q4QvzxP+3uLW3KwCcA5Iyjy11iU5yoDMcA5Kvh0MZkWmrXqH3NmG
kBgHwGyFCKqdtxyd8317ONOHe5LuJ4sxWj27w48OW3wgOVJxGys43PI2V0qvuGAp
WAOE0Rn4DDEMQng2z4vJGI9C0QE2Usx9Hq3Kz/12kCkqqMPrtuLUB0wzt8zG
-----END CERTIFICATE-----
Generated at Sat Jun 8 10:38:46 2024 by rpki-client on console-fra.rpki-client.org