Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/muN-zE0_GWlNbUmlA8TzyN2jHHk.roa
File: muN-zE0_GWlNbUmlA8TzyN2jHHk.roa (raw, json)
Hash identifier: yEze125xsN/gHO+kz+2vODSLmAJRkQeVxVHQDylRBSE=
Subject key identifier: 9A:E3:7E:CC:4D:3F:19:69:4D:6D:49:A5:03:C4:F3:C8:DD:A3:1C:79
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018A0801B86E6CAC3855FED1683D4768CB6D
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/muN-zE0_GWlNbUmlA8TzyN2jHHk.roa
Signing time: Fri 18 Aug 2023 09:37:24 +0000
ROA not before: Fri 18 Aug 2023 09:37:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 188.215.120.0/22 maxlen: 24
5.102.96.0/19 maxlen: 24
5.102.96.0/20 maxlen: 24
5.102.112.0/20 maxlen: 24
Validation: Failed, certificate revoked on Mon 21 Aug 2023 07:55:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:08:01:b8:6e:6c:ac:38:55:fe:d1:68:3d:47:68:cb:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Aug 18 09:37:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9ae37ecc4d3f19694d6d49a503c4f3c8dda31c79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:ab:95:39:ac:89:b0:ca:b2:94:54:a2:5e:0c:
78:cc:a5:e2:81:cb:af:cf:f4:b4:15:f7:f1:db:77:
4e:66:b6:90:52:23:56:b4:54:43:d9:d5:57:78:12:
3f:0e:7a:5f:fa:7b:71:ac:d3:b9:e9:3f:cd:4a:5c:
0c:83:9a:4f:04:90:a9:05:7e:71:f0:f6:12:95:e3:
0e:5d:27:ba:4c:58:d8:a7:44:ff:c9:b1:93:9b:13:
98:65:fc:27:d1:65:be:17:6b:4c:44:62:89:f5:7a:
f6:9e:2d:3e:cc:99:0b:f8:dc:fb:01:fc:f2:37:44:
23:18:ad:6f:b7:f7:37:cd:31:b6:3c:53:ef:99:10:
04:67:49:2d:d0:c4:01:a5:4d:18:5f:39:64:6b:d3:
3b:1b:ce:6e:04:81:44:f9:89:c5:b9:99:96:32:a5:
68:71:13:52:83:4a:6c:8c:49:da:4d:dc:53:3c:87:
0e:ec:ee:c2:de:7a:fb:69:85:9a:51:9b:3c:38:2b:
96:88:8c:69:20:0f:4d:f0:90:73:f5:3c:0c:7c:eb:
51:c0:56:ac:ce:46:e7:ce:7d:99:71:7a:32:09:6f:
5c:3d:4b:9c:c3:17:75:ee:09:43:60:eb:49:81:2a:
57:b6:bd:a3:35:f3:4a:bb:2f:36:19:5d:9f:3b:ce:
2f:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:E3:7E:CC:4D:3F:19:69:4D:6D:49:A5:03:C4:F3:C8:DD:A3:1C:79
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/muN-zE0_GWlNbUmlA8TzyN2jHHk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0/19
188.215.120.0/22
Signature Algorithm: sha256WithRSAEncryption
89:f3:66:44:0f:04:38:ac:78:5b:0d:56:31:5e:62:f7:73:f1:
6b:66:3d:63:21:44:d4:6c:15:4a:6d:ef:d4:28:c9:54:6b:be:
4b:e2:8c:7f:b6:b3:a2:76:19:f8:fe:79:af:f3:f5:bf:ef:f2:
9c:f0:81:01:15:13:73:95:f4:98:21:5f:98:8f:0e:7a:71:a4:
50:39:b4:0a:b1:ab:88:9c:4e:dd:bb:25:2a:a3:2b:96:e7:f9:
d0:24:94:db:30:ab:17:bc:96:0f:fc:eb:33:73:c5:64:57:37:
f8:43:39:c5:f1:db:3d:b1:69:86:66:14:2d:b7:d9:e2:6c:a6:
14:c9:6f:4b:bb:e2:68:a4:39:93:5a:4c:85:91:ce:61:95:a6:
9a:0a:9e:bd:1e:1c:38:ca:05:8b:3a:b9:ff:d5:0f:1b:5e:9a:
5c:ed:71:14:24:be:cb:7f:e5:66:36:7c:e3:23:c2:d5:5c:81:
13:03:f4:66:42:35:54:d2:12:0c:30:87:4a:d7:3d:48:88:f4:
7f:24:d8:1e:3b:f7:25:ec:21:4b:62:46:41:e9:e6:28:80:58:
42:0c:ac:66:c3:75:d8:38:fd:43:46:6f:96:0e:c2:fe:24:e0:
1c:62:97:69:bb:96:2f:38:8b:39:72:e3:07:99:0d:b9:95:97:
50:c9:ec:3a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYoIAbhubKw4Vf7RaD1HaMttMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMwODE4MDkzNzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWUzN2VjYzRkM2YxOTY5NGQ2ZDQ5YTUwM2M0ZjNjOGRkYTMxYzc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlquVOayJsMqylFSiXgx4zKXigcuv
z/S0Fffx23dOZraQUiNWtFRD2dVXeBI/Dnpf+ntxrNO56T/NSlwMg5pPBJCpBX5x
8PYSleMOXSe6TFjYp0T/ybGTmxOYZfwn0WW+F2tMRGKJ9Xr2ni0+zJkL+Nz7Afzy
N0QjGK1vt/c3zTG2PFPvmRAEZ0kt0MQBpU0YXzlka9M7G85uBIFE+YnFuZmWMqVo
cRNSg0psjEnaTdxTPIcO7O7C3nr7aYWaUZs8OCuWiIxpIA9N8JBz9TwMfOtRwFas
zkbnzn2ZcXoyCW9cPUucwxd17glDYOtJgSpXtr2jNfNKuy82GV2fO84vYwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJrjfsxNPxlpTW1JpQPE88jdoxx5MB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvbXVOLXpFMF9HV2xOYlVtbEE4VHp5TjJqSEhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFBWZgAwQC
vNd4MA0GCSqGSIb3DQEBCwUAA4IBAQCJ82ZEDwQ4rHhbDVYxXmL3c/FrZj1jIUTU
bBVKbe/UKMlUa75L4ox/trOidhn4/nmv8/W/7/Kc8IEBFRNzlfSYIV+Yjw56caRQ
ObQKsauInE7duyUqoyuW5/nQJJTbMKsXvJYP/Oszc8VkVzf4QznF8ds9sWmGZhQt
t9nibKYUyW9Lu+JopDmTWkyFkc5hlaaaCp69Hhw4ygWLOrn/1Q8bXppc7XEUJL7L
f+VmNnzjI8LVXIETA/RmQjVU0hIMMIdK1z1IiPR/JNgeO/cl7CFLYkZB6eYogFhC
DKxmw3XYOP1DRm+WDsL+JOAcYpdpu5YvOIs5cuMHmQ25lZdQyew6
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:47 2024 by rpki-client on console-ams.rpki-client.org