Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hCwn86bZ3OGAUdIOMBlpdiANq8c.roa
File: hCwn86bZ3OGAUdIOMBlpdiANq8c.roa (raw, json)
Hash identifier: MUEHMQ6ld3rxmKQ3Mz4TZPENvZgI38wm7QGp20IX2os=
Subject key identifier: 84:2C:27:F3:A6:D9:DC:E1:80:51:D2:0E:30:19:69:76:20:0D:AB:C7
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018C38D5578CEDBF7FE8647D77AB4CEEFCEC
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hCwn86bZ3OGAUdIOMBlpdiANq8c.roa
Signing time: Tue 05 Dec 2023 07:15:54 +0000
ROA not before: Tue 05 Dec 2023 07:15:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.106.192.0/23 maxlen: 24
5.102.96.0/19 maxlen: 24
5.102.96.0/20 maxlen: 24
5.102.112.0/20 maxlen: 24
Validation: Failed, certificate revoked on Thu 07 Dec 2023 11:02:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:38:d5:57:8c:ed:bf:7f:e8:64:7d:77:ab:4c:ee:fc:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Dec 5 07:15:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=842c27f3a6d9dce18051d20e30196976200dabc7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:8e:ee:a7:b4:21:d6:08:22:b0:92:18:93:e6:
f6:85:6d:dc:54:bc:59:7a:b2:b5:17:af:95:c1:d0:
57:a5:8d:cf:aa:03:f9:64:72:3a:6a:bc:c0:fc:13:
b2:62:b8:c7:a0:0a:63:fd:40:7e:fc:7f:f2:f1:d2:
9c:a8:f0:ed:10:a7:9a:63:5d:d7:0d:a8:5f:fe:84:
bd:47:b8:c9:0e:d7:76:7c:45:17:88:bb:ce:30:24:
f0:fc:50:16:61:99:cf:74:f9:2b:50:6a:5a:67:88:
23:9b:97:f7:db:2d:5b:93:9e:73:b0:fe:76:8b:af:
be:e7:f1:f2:00:6d:94:b4:85:41:ca:fb:f4:69:57:
a1:05:7a:d6:eb:8f:40:50:0e:a3:59:11:47:93:ff:
ef:87:61:55:7d:fe:73:ba:f8:5e:a4:11:63:e5:d5:
22:f4:03:6e:4c:1c:07:ec:3c:7a:11:7f:f7:24:30:
d5:0a:62:43:a0:d5:56:66:d7:15:03:9e:f0:67:4e:
26:0e:d8:b2:38:3f:38:d3:0d:c2:7e:d2:81:aa:61:
aa:19:23:a6:ca:d8:6f:b9:ca:3e:26:b7:05:f5:49:
12:6d:49:56:ed:3a:de:2b:ac:4c:65:b6:7e:80:c6:
ce:53:ee:b9:83:db:8a:22:80:b6:88:36:ae:37:e1:
97:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:2C:27:F3:A6:D9:DC:E1:80:51:D2:0E:30:19:69:76:20:0D:AB:C7
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hCwn86bZ3OGAUdIOMBlpdiANq8c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0/19
185.106.192.0/23
Signature Algorithm: sha256WithRSAEncryption
47:aa:4f:d2:ff:b1:6f:f6:cb:fa:db:98:1e:df:15:c5:90:55:
11:87:bb:7e:34:16:e5:03:e4:0c:63:42:1a:25:3a:81:02:cc:
b2:51:9f:0c:99:7d:c5:08:d4:56:c6:fb:46:0f:36:b8:7e:6c:
ea:bc:16:03:2b:15:e3:f5:ff:47:21:e9:d5:e8:9c:43:b1:fa:
9f:cd:b4:af:e3:fe:97:d4:72:46:d6:59:ed:92:41:ec:8a:f5:
9a:26:c9:3e:8c:4e:af:d1:81:ea:3d:56:52:72:67:1d:df:46:
18:52:67:0c:04:9c:f3:1f:bf:46:31:db:12:41:c9:42:26:cc:
84:ef:09:17:5b:df:21:a0:bd:f1:fe:26:82:bb:79:2f:46:af:
91:2a:1c:74:b2:db:5a:f2:e6:57:4c:aa:69:21:24:db:f7:e7:
d6:7d:18:f6:33:4e:95:a8:e9:80:12:4f:13:1d:bd:02:79:db:
34:17:d3:57:26:e6:80:8a:01:9e:78:ab:29:bf:e5:52:f4:8e:
ae:83:83:aa:44:44:f0:f6:88:09:42:bb:ac:d4:8a:aa:c1:1e:
00:37:b8:c1:2b:87:5c:20:32:37:fb:69:67:fe:97:cf:03:41:
fa:6d:ac:d0:52:c0:2b:3c:51:6e:09:0a:7f:43:b5:5a:38:23:
fa:e5:54:7c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYw41VeM7b9/6GR9d6tM7vzsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMxMjA1MDcxNTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDJjMjdmM2E2ZDlkY2UxODA1MWQyMGUzMDE5Njk3NjIwMGRhYmM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr47up7Qh1ggisJIYk+b2hW3cVLxZ
erK1F6+VwdBXpY3PqgP5ZHI6arzA/BOyYrjHoApj/UB+/H/y8dKcqPDtEKeaY13X
Dahf/oS9R7jJDtd2fEUXiLvOMCTw/FAWYZnPdPkrUGpaZ4gjm5f32y1bk55zsP52
i6++5/HyAG2UtIVByvv0aVehBXrW649AUA6jWRFHk//vh2FVff5zuvhepBFj5dUi
9ANuTBwH7Dx6EX/3JDDVCmJDoNVWZtcVA57wZ04mDtiyOD840w3CftKBqmGqGSOm
ythvuco+JrcF9UkSbUlW7TreK6xMZbZ+gMbOU+65g9uKIoC2iDauN+GXJwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIQsJ/Om2dzhgFHSDjAZaXYgDavHMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvaEN3bjg2YlozT0dBVWRJT01CbHBkaUFOcThjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFBWZgAwQB
uWrAMA0GCSqGSIb3DQEBCwUAA4IBAQBHqk/S/7Fv9sv625ge3xXFkFURh7t+NBbl
A+QMY0IaJTqBAsyyUZ8MmX3FCNRWxvtGDza4fmzqvBYDKxXj9f9HIenV6JxDsfqf
zbSv4/6X1HJG1lntkkHsivWaJsk+jE6v0YHqPVZScmcd30YYUmcMBJzzH79GMdsS
QclCJsyE7wkXW98hoL3x/iaCu3kvRq+RKhx0stta8uZXTKppISTb9+fWfRj2M06V
qOmAEk8THb0Ceds0F9NXJuaAigGeeKspv+VS9I6ug4OqRETw9ogJQrus1IqqwR4A
N7jBK4dcIDI3+2ln/pfPA0H6bazQUsArPFFuCQp/Q7VaOCP65VR8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:36 2024 by rpki-client on console-fra.rpki-client.org