Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/lVlpchL5E9wTNgCkibM-_0K11OA.roa
File: lVlpchL5E9wTNgCkibM-_0K11OA.roa (raw, json)
Hash identifier: 4h1Prz3NJF2m0z9MDRMTmr3w5LlSTm/oi7RLljX6wb8=
Subject key identifier: 95:59:69:72:12:F9:13:DC:13:36:00:A4:89:B3:3E:FF:42:B5:D4:E0
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018AEF5CA1CAA8BDBC3E486FAE94766CC1D9
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/lVlpchL5E9wTNgCkibM-_0K11OA.roa
Signing time: Mon 02 Oct 2023 07:48:59 +0000
ROA not before: Mon 02 Oct 2023 07:48:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 188.215.120.0/22 maxlen: 24
82.163.68.0/22 maxlen: 24
82.163.96.0/21 maxlen: 24
5.102.96.0/19 maxlen: 24
5.102.96.0/20 maxlen: 24
5.102.112.0/20 maxlen: 24
46.20.212.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 02 Oct 2023 11:26:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ef:5c:a1:ca:a8:bd:bc:3e:48:6f:ae:94:76:6c:c1:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Oct 2 07:48:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9559697212f913dc133600a489b33eff42b5d4e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:8a:24:ac:13:08:87:3d:35:05:31:5f:72:e4:
17:5f:a1:25:01:5d:cc:74:e5:26:55:42:e2:bc:5a:
f5:ad:0b:db:11:62:aa:6d:cf:71:89:de:c5:4f:cb:
a6:39:e6:33:ad:99:0c:c1:aa:7b:e9:e5:6c:62:9e:
10:b1:16:4c:15:46:b4:a3:8b:77:99:8f:5e:12:94:
53:0a:82:a2:67:c8:dd:d4:d3:0b:6a:90:60:a2:3d:
8c:62:ec:fc:b2:dc:e4:bb:b2:c7:99:64:62:33:d2:
26:30:47:e6:a0:b4:34:7f:7b:fa:83:bc:18:4b:a8:
93:fb:e7:e1:1b:dc:e5:96:37:39:89:63:af:63:3c:
20:5f:60:c4:21:92:00:b1:04:19:ed:79:06:ce:7d:
f5:65:43:3d:82:40:a1:7d:e0:10:3e:a0:e7:be:38:
f5:1c:db:d4:b9:ce:64:49:b2:dc:75:f7:55:30:a3:
8b:7c:d0:26:65:64:82:9c:19:1f:50:ad:d6:d1:c7:
67:bf:ff:05:be:5a:55:ec:07:59:13:57:16:88:21:
df:b7:4b:55:59:a8:13:d8:96:da:ca:70:8a:d3:27:
8a:02:0e:e1:03:5a:26:5c:e9:05:28:da:da:29:51:
c2:15:94:33:94:a3:46:e3:b6:b2:33:8c:55:2e:c9:
bb:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:59:69:72:12:F9:13:DC:13:36:00:A4:89:B3:3E:FF:42:B5:D4:E0
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/lVlpchL5E9wTNgCkibM-_0K11OA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0/19
46.20.212.0/22
82.163.68.0/22
82.163.96.0/21
188.215.120.0/22
Signature Algorithm: sha256WithRSAEncryption
6b:09:b9:ad:fd:0f:6b:9b:c6:7f:bd:ff:ff:0b:9d:af:49:18:
f4:ce:6b:c0:dd:d3:c6:c1:a0:c5:9e:64:69:26:f4:8c:0a:84:
1d:02:1c:6f:bb:dd:c5:82:b9:bf:3c:81:31:45:69:66:88:e7:
c5:dd:ef:5f:72:75:70:76:c2:91:72:2a:2b:b5:6a:e9:71:6f:
91:9d:ea:23:bb:98:02:57:b0:f0:ce:ec:5b:8c:0d:8a:a7:80:
f1:07:c3:45:63:61:0f:01:a1:d6:cc:43:a6:0d:93:95:42:75:
c3:4a:3a:4b:51:4c:75:80:c3:67:b5:72:f8:01:34:7a:45:9e:
ac:7f:b4:fc:71:c8:c0:bb:c4:20:40:a5:db:85:46:11:d7:3a:
19:b4:c6:29:0e:db:99:27:bf:32:4e:ef:1c:b6:09:4e:67:ae:
b3:cc:ff:25:7b:52:a2:96:f7:f9:ea:b8:17:eb:85:9c:ec:5c:
8e:0e:cc:3b:71:d0:ee:9c:fc:d6:36:85:83:46:cf:4b:04:f4:
36:53:e6:e9:cf:4e:bf:fc:c2:f6:bf:71:0a:6e:64:9f:7c:7b:
cb:99:3b:3a:0f:77:d7:36:01:ba:c2:52:1c:cc:05:24:d7:42:
cc:1c:06:51:12:0a:e1:3b:bc:6a:ed:ce:48:93:34:de:70:68:
6f:69:c0:7e
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYrvXKHKqL28PkhvrpR2bMHZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMxMDAyMDc0ODU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTU5Njk3MjEyZjkxM2RjMTMzNjAwYTQ4OWIzM2VmZjQyYjVkNGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv4okrBMIhz01BTFfcuQXX6ElAV3M
dOUmVULivFr1rQvbEWKqbc9xid7FT8umOeYzrZkMwap76eVsYp4QsRZMFUa0o4t3
mY9eEpRTCoKiZ8jd1NMLapBgoj2MYuz8stzku7LHmWRiM9ImMEfmoLQ0f3v6g7wY
S6iT++fhG9zlljc5iWOvYzwgX2DEIZIAsQQZ7XkGzn31ZUM9gkChfeAQPqDnvjj1
HNvUuc5kSbLcdfdVMKOLfNAmZWSCnBkfUK3W0cdnv/8FvlpV7AdZE1cWiCHft0tV
WagT2JbaynCK0yeKAg7hA1omXOkFKNraKVHCFZQzlKNG47ayM4xVLsm7tQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJVZaXIS+RPcEzYApImzPv9CtdTgMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvbFZscGNoTDVFOXdUTmdDa2liTS1fMEsxMU9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQFBWZgAwQC
LhTUAwQCUqNEAwQDUqNgAwQCvNd4MA0GCSqGSIb3DQEBCwUAA4IBAQBrCbmt/Q9r
m8Z/vf//C52vSRj0zmvA3dPGwaDFnmRpJvSMCoQdAhxvu93Fgrm/PIExRWlmiOfF
3e9fcnVwdsKRciortWrpcW+Rneoju5gCV7DwzuxbjA2Kp4DxB8NFY2EPAaHWzEOm
DZOVQnXDSjpLUUx1gMNntXL4ATR6RZ6sf7T8ccjAu8QgQKXbhUYR1zoZtMYpDtuZ
J78yTu8ctglOZ66zzP8le1Kilvf56rgX64Wc7FyODsw7cdDunPzWNoWDRs9LBPQ2
U+bpz06//ML2v3EKbmSffHvLmTs6D3fXNgG6wlIczAUk10LMHAZREgrhO7xq7c5I
kzTecGhvacB+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:36 2024 by rpki-client on console-fra.rpki-client.org