Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/nIvyzj6bSAHiY_QzjWKhngVtYto.roa
File: nIvyzj6bSAHiY_QzjWKhngVtYto.roa (raw, json)
Hash identifier: YFdy/gMPTqFvewFVPRnYHt36S443UybExf+datHL/8w=
Subject key identifier: 9C:8B:F2:CE:3E:9B:48:01:E2:63:F4:33:8D:62:A1:9E:05:6D:62:DA
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 0192666DB2DB819A2193C92007B030885EC8
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/nIvyzj6bSAHiY_QzjWKhngVtYto.roa
Signing time: Mon 07 Oct 2024 10:01:58 +0000
ROA not before: Mon 07 Oct 2024 10:01:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 5.102.96.0/20 maxlen: 24
5.102.96.0/21 maxlen: 24
5.102.96.0/22 maxlen: 24
82.163.96.0/21 maxlen: 24
Validation: Failed, certificate revoked on Sun 27 Oct 2024 08:05:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:66:6d:b2:db:81:9a:21:93:c9:20:07:b0:30:88:5e:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Oct 7 10:01:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9c8bf2ce3e9b4801e263f4338d62a19e056d62da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:28:94:30:b9:11:44:18:4d:46:cd:37:9d:dd:
90:0d:7c:94:f5:ea:1c:ce:84:85:a3:52:5e:ec:d9:
39:c5:4b:5f:29:d7:5a:1a:6e:2f:d8:6a:36:86:29:
1b:68:47:f7:74:74:4d:20:ba:bd:0f:2f:bf:a5:1e:
60:e5:30:70:db:5c:4a:56:0c:52:0f:1a:91:8b:60:
17:2b:77:6d:4d:fd:a9:80:00:1d:8f:7e:65:03:ca:
94:d8:3d:45:b8:8e:4e:a2:3a:e9:1e:dc:6b:01:25:
69:45:ea:65:47:c3:2b:c7:7d:2b:7c:a6:98:97:24:
b6:13:80:e4:de:43:ee:20:ec:2c:a3:91:4b:1d:dc:
6b:13:39:00:40:95:c6:97:a1:c5:d1:58:6a:14:7f:
2d:a9:19:ef:bd:08:4f:e5:7d:a7:09:b3:0d:2e:21:
be:3b:96:6d:39:f4:d0:17:75:0b:63:b2:e0:3d:7a:
bd:28:7a:c2:85:05:59:9e:01:d1:45:62:f2:03:a7:
08:38:31:9d:7e:ce:7f:a2:1d:95:b3:ff:84:94:e4:
49:e1:f4:17:bc:1a:4b:78:11:a0:c8:81:f2:d9:8c:
56:00:c2:db:5f:6c:5c:3d:d4:2e:c4:8b:56:5c:85:
b5:1b:b6:1b:3b:e8:bc:b1:a7:c3:b3:00:bc:76:76:
6f:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:8B:F2:CE:3E:9B:48:01:E2:63:F4:33:8D:62:A1:9E:05:6D:62:DA
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/nIvyzj6bSAHiY_QzjWKhngVtYto.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0/20
82.163.96.0/21
Signature Algorithm: sha256WithRSAEncryption
21:ec:69:3b:0c:11:15:4f:da:45:64:03:c4:02:e4:d8:eb:7f:
c8:f6:f2:e7:7d:bd:52:98:49:59:e1:17:95:75:89:e8:9a:b9:
f1:99:72:ea:24:2e:a2:1c:18:31:31:62:18:6c:57:3a:de:05:
0c:8c:24:69:47:7c:d2:c4:98:52:ee:01:6a:08:a9:a5:88:43:
cb:47:e9:77:43:8c:a5:67:f7:16:48:aa:22:fd:e9:03:78:28:
15:7f:5c:52:88:0f:45:a2:6e:0c:31:74:94:04:f6:15:1f:2b:
f4:f7:91:48:4d:8e:da:86:22:63:c3:23:a8:9d:e7:76:a7:26:
f1:a0:b8:5f:dc:5e:e9:e1:80:f7:33:19:df:98:70:c0:ae:c3:
d7:f9:3e:96:82:c9:81:36:55:e6:b1:0b:99:6c:24:71:46:cd:
7f:47:00:3d:83:5c:68:d2:f0:42:6b:fa:bf:76:05:91:6d:a8:
40:92:44:fa:3e:05:3e:61:86:33:80:5a:30:04:97:ec:fd:cd:
ad:45:c3:ba:3b:a8:c9:c2:bf:01:2b:8a:9c:05:64:0d:f8:73:
35:18:2c:c7:44:37:c2:3d:40:3f:92:70:ad:7b:6c:7d:27:64:
89:10:42:f1:59:00:b5:3b:62:3b:9d:aa:38:30:68:cf:a9:8c:
fb:56:8c:92
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZJmbbLbgZohk8kgB7AwiF7IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQxMDA3MTAwMTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzhiZjJjZTNlOWI0ODAxZTI2M2Y0MzM4ZDYyYTE5ZTA1NmQ2MmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqiiUMLkRRBhNRs03nd2QDXyU9eoc
zoSFo1Je7Nk5xUtfKddaGm4v2Go2hikbaEf3dHRNILq9Dy+/pR5g5TBw21xKVgxS
DxqRi2AXK3dtTf2pgAAdj35lA8qU2D1FuI5OojrpHtxrASVpReplR8Mrx30rfKaY
lyS2E4Dk3kPuIOwso5FLHdxrEzkAQJXGl6HF0VhqFH8tqRnvvQhP5X2nCbMNLiG+
O5ZtOfTQF3ULY7LgPXq9KHrChQVZngHRRWLyA6cIODGdfs5/oh2Vs/+ElORJ4fQX
vBpLeBGgyIHy2YxWAMLbX2xcPdQuxItWXIW1G7YbO+i8safDswC8dnZviQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJyL8s4+m0gB4mP0M41ioZ4FbWLaMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvbkl2eXpqNmJTQUhpWV9RempXS2huZ1Z0WXRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEBWZgAwQD
UqNgMA0GCSqGSIb3DQEBCwUAA4IBAQAh7Gk7DBEVT9pFZAPEAuTY63/I9vLnfb1S
mElZ4ReVdYnomrnxmXLqJC6iHBgxMWIYbFc63gUMjCRpR3zSxJhS7gFqCKmliEPL
R+l3Q4ylZ/cWSKoi/ekDeCgVf1xSiA9Fom4MMXSUBPYVHyv095FITY7ahiJjwyOo
ned2pybxoLhf3F7p4YD3MxnfmHDArsPX+T6WgsmBNlXmsQuZbCRxRs1/RwA9g1xo
0vBCa/q/dgWRbahAkkT6PgU+YYYzgFowBJfs/c2tRcO6O6jJwr8BK4qcBWQN+HM1
GCzHRDfCPUA/knCte2x9J2SJEELxWQC1O2I7nao4MGjPqYz7VoyS
-----END CERTIFICATE-----
Generated at Sun Oct 27 10:02:23 2024 by rpki-client on console-fra.rpki-client.org