Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/iNWDIIk5rb3PkjaYzocvdebe9Zw.roa
File: iNWDIIk5rb3PkjaYzocvdebe9Zw.roa (raw, json)
Hash identifier: 3j90Iqpw0DFca0/TvMwXgMxlpGdiQWLPigPIkQxY8QA=
Subject key identifier: 88:D5:83:20:89:39:AD:BD:CF:92:36:98:CE:87:2F:75:E6:DE:F5:9C
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018CC5DCE806362C0FA317BE190E0C646AAF
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/iNWDIIk5rb3PkjaYzocvdebe9Zw.roa
Signing time: Mon 01 Jan 2024 16:30:38 +0000
ROA not before: Mon 01 Jan 2024 16:30:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 82.163.68.0/22 maxlen: 22
149.126.88.0/22 maxlen: 22
5.102.96.0/22 maxlen: 22
5.102.120.0/22 maxlen: 22
Validation: Failed, certificate revoked on Sun 07 Jan 2024 09:22:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:e8:06:36:2c:0f:a3:17:be:19:0e:0c:64:6a:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Jan 1 16:30:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=88d583208939adbdcf923698ce872f75e6def59c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:f0:6e:20:5b:d1:1d:80:31:eb:6f:2a:b7:ec:
0a:81:20:69:44:66:fb:29:5b:eb:73:4e:53:f8:ad:
21:08:3c:20:00:af:6d:26:1c:63:35:76:d6:7c:ec:
42:01:fb:b6:43:6d:8e:4e:7b:72:28:c6:d4:30:d3:
b3:e4:6b:80:e8:60:85:d8:57:f5:76:5d:6e:b6:f6:
c3:ff:15:be:b1:60:d5:5c:ae:47:35:d7:0c:b8:10:
99:af:71:98:55:64:31:2f:57:b1:f2:e3:29:54:0b:
4a:68:e9:f7:f8:6e:e3:dc:36:8f:30:79:40:89:77:
fc:6a:24:36:eb:d8:9b:5c:75:55:4a:77:e0:3a:de:
d6:39:78:da:84:3b:9a:0a:89:07:5c:f6:b4:e0:3b:
1c:bf:9c:ef:af:3d:98:ad:dc:0f:3f:a0:29:a9:ed:
c9:e2:da:cf:2c:bf:e9:d2:31:6a:ed:66:08:d2:9c:
8e:f3:04:ea:5c:21:15:93:26:cf:8b:71:ec:b7:01:
3b:4c:3e:6e:ba:90:a6:a0:58:26:94:ef:4e:f2:43:
d5:db:ef:ea:4b:b3:7e:b0:00:1e:31:49:02:2d:ee:
66:43:24:8b:18:2a:25:2f:0f:3f:43:de:6b:08:40:
63:9c:e5:2a:de:00:0a:0e:ae:9a:99:d6:ae:b9:db:
92:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:D5:83:20:89:39:AD:BD:CF:92:36:98:CE:87:2F:75:E6:DE:F5:9C
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/iNWDIIk5rb3PkjaYzocvdebe9Zw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0/22
5.102.120.0/22
82.163.68.0/22
149.126.88.0/22
Signature Algorithm: sha256WithRSAEncryption
5c:a7:fc:b3:2a:de:b1:51:50:4b:88:cb:c2:3d:d7:90:fc:64:
95:9c:6e:23:c2:db:39:a8:34:39:89:f9:2e:46:55:da:4c:d3:
d9:62:4d:2f:6a:e5:79:bd:49:83:4a:a7:ee:8b:aa:00:f7:5d:
69:33:6a:33:75:f5:0a:bc:19:a0:ad:86:e6:08:3e:d3:bc:3a:
a3:7a:47:9d:a6:50:14:64:38:0a:78:d3:ea:cb:c4:fb:da:08:
08:a2:15:1f:9b:9a:77:89:c3:a2:e8:0b:5d:d6:57:c3:43:b1:
48:19:d4:eb:3e:79:0c:6a:28:57:b5:04:05:93:10:5a:e8:4a:
23:fd:fd:ce:17:1d:67:e3:dd:57:b1:74:a7:b6:35:bf:0b:51:
26:fe:96:2d:90:4d:c5:fc:7f:03:59:7a:6f:8f:65:b7:0f:3a:
ee:61:fa:5d:d7:57:5d:17:db:73:ee:84:40:13:2b:79:14:5c:
52:6e:e0:6d:72:d3:a9:4b:6a:85:fd:f1:e0:72:c1:39:d3:2c:
a8:6e:dd:03:5f:72:8f:80:68:7c:5b:f9:f9:7d:51:b7:dc:11:
f9:19:15:c6:31:89:ee:e4:d0:25:b9:57:54:55:4f:a3:c8:d0:
b9:91:78:c1:0d:53:4a:00:8b:90:0a:20:96:28:43:d3:3c:cb:
26:f8:75:9d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzF3OgGNiwPoxe+GQ4MZGqvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQwMTAxMTYzMDM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGQ1ODMyMDg5MzlhZGJkY2Y5MjM2OThjZTg3MmY3NWU2ZGVmNTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7vBuIFvRHYAx628qt+wKgSBpRGb7
KVvrc05T+K0hCDwgAK9tJhxjNXbWfOxCAfu2Q22OTntyKMbUMNOz5GuA6GCF2Ff1
dl1utvbD/xW+sWDVXK5HNdcMuBCZr3GYVWQxL1ex8uMpVAtKaOn3+G7j3DaPMHlA
iXf8aiQ269ibXHVVSnfgOt7WOXjahDuaCokHXPa04Dscv5zvrz2YrdwPP6Apqe3J
4trPLL/p0jFq7WYI0pyO8wTqXCEVkybPi3HstwE7TD5uupCmoFgmlO9O8kPV2+/q
S7N+sAAeMUkCLe5mQySLGColLw8/Q95rCEBjnOUq3gAKDq6amdauuduSrwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIjVgyCJOa29z5I2mM6HL3Xm3vWcMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvaU5XRElJazVyYjNQa2phWXpvY3ZkZWJlOVp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCBWZgAwQC
BWZ4AwQCUqNEAwQClX5YMA0GCSqGSIb3DQEBCwUAA4IBAQBcp/yzKt6xUVBLiMvC
PdeQ/GSVnG4jwts5qDQ5ifkuRlXaTNPZYk0vauV5vUmDSqfui6oA911pM2ozdfUK
vBmgrYbmCD7TvDqjekedplAUZDgKeNPqy8T72ggIohUfm5p3icOi6Atd1lfDQ7FI
GdTrPnkMaihXtQQFkxBa6Eoj/f3OFx1n491XsXSntjW/C1Em/pYtkE3F/H8DWXpv
j2W3DzruYfpd11ddF9tz7oRAEyt5FFxSbuBtctOpS2qF/fHgcsE50yyobt0DX3KP
gGh8W/n5fVG33BH5GRXGMYnu5NAluVdUVU+jyNC5kXjBDVNKAIuQCiCWKEPTPMsm
+HWd
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:36 2024 by rpki-client on console-fra.rpki-client.org