Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/n_N-hlgnodFTzmbbmc-k2-XR-R4.roa
File: n_N-hlgnodFTzmbbmc-k2-XR-R4.roa (raw, json)
Hash identifier: D7uzltkRQcvwEV9Poat7Y5BKsFZ0+7GbRxD9dFURlaI=
Subject key identifier: 9F:F3:7E:86:58:27:A1:D1:53:CE:66:DB:99:CF:A4:DB:E5:D1:F9:1E
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 01906D784BDC14418D752190704FBC982CAB
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/n_N-hlgnodFTzmbbmc-k2-XR-R4.roa
Signing time: Mon 01 Jul 2024 08:45:18 +0000
ROA not before: Mon 01 Jul 2024 08:45:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 5.102.96.0/20 maxlen: 24
5.102.96.0/21 maxlen: 24
82.163.54.0/23 maxlen: 24
86.104.160.0/22 maxlen: 24
86.104.164.0/22 maxlen: 24
89.46.180.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 03 Jul 2024 05:56:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:6d:78:4b:dc:14:41:8d:75:21:90:70:4f:bc:98:2c:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Jul 1 08:45:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9ff37e865827a1d153ce66db99cfa4dbe5d1f91e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:69:d3:ad:a3:10:5f:a3:79:85:1d:fe:0a:79:
96:54:22:a4:61:57:f2:73:9a:e9:3e:a8:5a:45:7e:
1e:d8:54:ca:90:83:68:8f:cb:a7:de:b2:16:5e:76:
a6:83:81:2e:9e:57:e5:2e:76:42:c6:6f:76:07:84:
13:72:02:5d:c2:4b:b4:9c:15:21:cd:6b:94:c8:e9:
46:6a:71:72:86:c4:be:d5:21:d5:fd:15:db:3d:5e:
56:94:32:b4:38:26:d3:80:4a:3b:e8:46:95:2e:bd:
cb:2d:8d:92:02:96:01:b2:e3:04:94:86:dc:c2:0c:
a6:b6:f7:0c:d3:13:18:99:44:a7:e2:b3:d2:3f:b6:
b4:06:20:60:23:fc:d0:74:3a:5b:59:f6:fd:2e:7e:
2f:d2:e8:11:a0:4b:21:b5:3a:d4:25:25:f1:06:c7:
4d:7c:6b:98:23:24:79:a7:6a:f9:37:c6:f8:90:ae:
2b:1f:32:f3:2e:ef:fc:46:4c:68:bc:22:7f:b9:df:
f0:c0:56:2c:b9:2a:23:c4:a0:f8:d3:10:f1:24:f7:
fd:b2:7a:3e:c9:af:44:77:42:1f:99:c8:84:61:e5:
59:24:e9:71:e4:6d:58:4b:50:c5:2b:18:98:91:7d:
30:89:6d:49:1f:1e:ae:7f:a5:ae:d9:51:f8:99:76:
89:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:F3:7E:86:58:27:A1:D1:53:CE:66:DB:99:CF:A4:DB:E5:D1:F9:1E
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/n_N-hlgnodFTzmbbmc-k2-XR-R4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0/20
82.163.54.0/23
86.104.160.0/21
89.46.180.0/22
Signature Algorithm: sha256WithRSAEncryption
08:05:9b:9a:0d:44:01:5a:25:ab:99:93:fb:62:ed:45:cc:9f:
58:f3:60:49:b7:67:82:cb:19:e8:7a:c3:6f:f2:83:74:13:87:
b0:c3:09:18:73:68:d8:a1:e5:a4:8d:33:3a:40:47:ab:ce:b6:
36:91:66:3b:c5:5d:e1:6f:40:1a:1a:81:4d:de:a5:26:c2:a2:
b1:90:bb:69:48:f4:08:32:28:b6:1b:d7:6e:17:58:a6:7c:65:
0c:ea:4a:19:0d:a8:06:1a:d2:e7:13:73:9d:22:87:fb:7e:da:
20:b3:d3:e3:90:22:98:db:bc:2e:fe:f3:6a:63:b9:ca:9f:4f:
63:2a:6f:88:7c:c9:04:cc:41:ed:da:b8:6f:f6:d0:44:32:99:
0b:ce:80:6f:0f:49:50:33:59:f3:ba:94:1b:ed:fc:55:0d:69:
6e:7e:4a:66:90:b1:70:df:74:3d:04:9e:d1:32:9f:aa:6a:af:
97:8a:52:75:f6:7a:4a:7b:68:b7:5b:49:3b:e7:f1:05:51:cb:
a3:6f:f0:4b:b5:2c:0e:3f:9e:a1:dd:b6:43:c5:ed:ae:87:6b:
a9:20:07:30:8d:71:e1:aa:f2:59:cd:4b:fc:d2:46:06:12:45:
c1:b7:26:74:5d:fc:f4:94:5c:95:8e:36:00:d1:ef:43:1e:82:
90:f5:e1:ec
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZBteEvcFEGNdSGQcE+8mCyrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQwNzAxMDg0NTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmYzN2U4NjU4MjdhMWQxNTNjZTY2ZGI5OWNmYTRkYmU1ZDFmOTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4WnTraMQX6N5hR3+CnmWVCKkYVfy
c5rpPqhaRX4e2FTKkINoj8un3rIWXnamg4EunlflLnZCxm92B4QTcgJdwku0nBUh
zWuUyOlGanFyhsS+1SHV/RXbPV5WlDK0OCbTgEo76EaVLr3LLY2SApYBsuMElIbc
wgymtvcM0xMYmUSn4rPSP7a0BiBgI/zQdDpbWfb9Ln4v0ugRoEshtTrUJSXxBsdN
fGuYIyR5p2r5N8b4kK4rHzLzLu/8RkxovCJ/ud/wwFYsuSojxKD40xDxJPf9sno+
ya9Ed0IfmciEYeVZJOlx5G1YS1DFKxiYkX0wiW1JHx6uf6Wu2VH4mXaJ4wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJ/zfoZYJ6HRU85m25nPpNvl0fkeMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvbl9OLWhsZ25vZEZUem1iYm1jLWsyLVhSLVI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQEBWZgAwQB
UqM2AwQDVmigAwQCWS60MA0GCSqGSIb3DQEBCwUAA4IBAQAIBZuaDUQBWiWrmZP7
Yu1FzJ9Y82BJt2eCyxnoesNv8oN0E4ewwwkYc2jYoeWkjTM6QEerzrY2kWY7xV3h
b0AaGoFN3qUmwqKxkLtpSPQIMii2G9duF1imfGUM6koZDagGGtLnE3OdIof7ftog
s9PjkCKY27wu/vNqY7nKn09jKm+IfMkEzEHt2rhv9tBEMpkLzoBvD0lQM1nzupQb
7fxVDWlufkpmkLFw33Q9BJ7RMp+qaq+XilJ19npKe2i3W0k75/EFUcujb/BLtSwO
P56h3bZDxe2uh2upIAcwjXHhqvJZzUv80kYGEkXBtyZ0Xfz0lFyVjjYA0e9DHoKQ
9eHs
-----END CERTIFICATE-----
Generated at Wed Jul 3 07:18:22 2024 by rpki-client on console-fra.rpki-client.org