Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/mH6_qrLbqzCVKCiREh_6P-0Ioos.roa
File: mH6_qrLbqzCVKCiREh_6P-0Ioos.roa (raw, json)
Hash identifier: nFVDs0zTyvyDdY5HsBJ+rKtm1LFwZVKmq1zBTrstbro=
Subject key identifier: 98:7E:BF:AA:B2:DB:AB:30:95:28:28:91:12:1F:FA:3F:ED:08:A2:8B
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 0191406371E9BFF1527F43775C349BDF55B3
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/mH6_qrLbqzCVKCiREh_6P-0Ioos.roa
Signing time: Sun 11 Aug 2024 07:42:24 +0000
ROA not before: Sun 11 Aug 2024 07:42:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 5.102.96.0/20 maxlen: 24
5.102.96.0/21 maxlen: 24
5.102.96.0/22 maxlen: 24
5.102.112.0/22 maxlen: 24
46.20.216.0/21 maxlen: 24
82.163.54.0/23 maxlen: 23
82.163.96.0/21 maxlen: 24
Validation: Failed, certificate revoked on Fri 16 Aug 2024 07:13:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:40:63:71:e9:bf:f1:52:7f:43:77:5c:34:9b:df:55:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Aug 11 07:42:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=987ebfaab2dbab3095282891121ffa3fed08a28b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:6f:28:70:b2:74:88:7f:4d:3d:8c:6a:b0:d7:
a9:cc:66:18:30:e4:5d:da:94:ef:f3:45:b1:98:07:
82:9b:1c:f9:b3:b7:ee:d0:72:bc:a7:4a:45:42:4c:
4b:7d:77:6f:dc:89:75:a5:5b:fb:0a:ab:13:0d:25:
ea:12:b3:1b:5a:4e:1f:09:97:bb:53:33:4b:82:1f:
6f:56:a4:5e:e4:69:ca:d9:ee:5a:44:76:e5:19:ef:
02:be:1f:7b:b2:26:af:60:91:a0:e2:34:46:89:ba:
47:7d:41:af:5f:57:ef:ce:a8:fa:76:da:01:37:63:
5a:95:92:cb:c3:3a:34:28:83:ff:b3:c0:f6:fa:75:
73:d6:df:2f:5b:87:90:07:fd:96:07:cc:93:c7:12:
9f:36:39:d4:34:3e:eb:f2:66:d0:c2:a9:e4:10:6f:
e3:dc:e8:e3:12:92:46:67:6c:35:a4:a6:11:60:f1:
15:75:02:aa:d5:7b:fb:8d:07:e7:5e:9a:90:f3:a7:
ec:1c:55:39:3f:a4:7c:c8:70:09:21:47:03:3e:60:
c6:2a:31:93:8d:a6:e4:90:97:fc:f8:9f:3d:a1:9a:
c5:ef:49:7c:75:5f:69:75:87:b4:fb:2d:06:a0:34:
29:a5:bf:33:13:f8:ac:de:a4:28:fa:63:34:f6:15:
5c:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:7E:BF:AA:B2:DB:AB:30:95:28:28:91:12:1F:FA:3F:ED:08:A2:8B
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/mH6_qrLbqzCVKCiREh_6P-0Ioos.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0-5.102.115.255
46.20.216.0/21
82.163.54.0/23
82.163.96.0/21
Signature Algorithm: sha256WithRSAEncryption
3b:95:a9:34:85:02:8a:a9:7b:64:f7:e8:69:79:62:0e:57:df:
67:07:e7:87:c0:10:f4:46:38:ee:cb:a2:9d:6c:f2:28:70:43:
ac:d4:65:47:44:d3:fe:f7:96:65:a7:9f:23:28:e7:50:6e:29:
c9:8a:f9:09:d5:11:5e:7d:9c:44:25:a3:a4:e1:9e:a0:aa:90:
4c:71:d9:b1:98:63:ee:88:fb:d7:15:5f:62:05:fa:ca:1e:94:
7b:eb:b8:a9:0b:52:18:7c:af:ec:09:d6:cd:6d:f5:3c:a6:e4:
0b:bf:21:f4:d9:dd:c9:83:cd:50:b5:d5:86:39:ab:d9:68:1c:
b1:b2:b2:ce:2f:d7:d0:d8:2e:ce:27:f8:5a:6c:f8:83:f5:b5:
fd:4f:6f:28:cc:04:e8:83:7a:44:f5:9a:ee:27:37:28:a6:69:
6f:81:af:5d:d5:dd:ab:2d:61:d5:70:28:84:1a:cc:43:bb:c3:
84:10:f7:0e:b7:54:e2:b3:12:52:76:98:ec:59:6b:49:ac:33:
57:b8:08:da:4a:45:ce:ac:21:fb:85:18:83:05:42:29:f4:1b:
1d:0e:70:c7:58:3d:42:b4:14:b6:8b:a4:70:e1:de:53:25:b5:
60:ca:73:ed:2a:99:c1:94:ea:1d:2c:1b:7b:73:f7:bc:80:9e:
9b:eb:8e:74
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZFAY3Hpv/FSf0N3XDSb31WzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQwODExMDc0MjI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODdlYmZhYWIyZGJhYjMwOTUyODI4OTExMjFmZmEzZmVkMDhhMjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxW8ocLJ0iH9NPYxqsNepzGYYMORd
2pTv80WxmAeCmxz5s7fu0HK8p0pFQkxLfXdv3Il1pVv7CqsTDSXqErMbWk4fCZe7
UzNLgh9vVqRe5GnK2e5aRHblGe8Cvh97siavYJGg4jRGibpHfUGvX1fvzqj6dtoB
N2NalZLLwzo0KIP/s8D2+nVz1t8vW4eQB/2WB8yTxxKfNjnUND7r8mbQwqnkEG/j
3OjjEpJGZ2w1pKYRYPEVdQKq1Xv7jQfnXpqQ86fsHFU5P6R8yHAJIUcDPmDGKjGT
jabkkJf8+J89oZrF70l8dV9pdYe0+y0GoDQppb8zE/is3qQo+mM09hVcmwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFJh+v6qy26swlSgokRIf+j/tCKKLMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvbUg2X3FyTGJxekNWS0NpUkVoXzZQLTBJb29zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBAUFZmAD
BAIFZnADBAMuFNgDBAFSozYDBANSo2AwDQYJKoZIhvcNAQELBQADggEBADuVqTSF
Aoqpe2T36Gl5Yg5X32cH54fAEPRGOO7Lop1s8ihwQ6zUZUdE0/73lmWnnyMo51Bu
KcmK+QnVEV59nEQlo6ThnqCqkExx2bGYY+6I+9cVX2IF+soelHvruKkLUhh8r+wJ
1s1t9Tym5Au/IfTZ3cmDzVC11YY5q9loHLGyss4v19DYLs4n+Fps+IP1tf1PbyjM
BOiDekT1mu4nNyimaW+Br13V3astYdVwKIQazEO7w4QQ9w63VOKzElJ2mOxZa0ms
M1e4CNpKRc6sIfuFGIMFQin0Gx0OcMdYPUK0FLaLpHDh3lMltWDKc+0qmcGU6h0s
G3tz97yAnpvrjnQ=
-----END CERTIFICATE-----
Generated at Fri Aug 16 10:13:44 2024 by rpki-client on console-fra.rpki-client.org