Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/t9izKhof1285IOX-n1NOiAIdV0g.roa
File: t9izKhof1285IOX-n1NOiAIdV0g.roa (raw, json)
Hash identifier: VHRljrZTRmt0eVF7sAF4AA5cnD7WcuyBoCRQU6zvdek=
Subject key identifier: B7:D8:B3:2A:1A:1F:D7:6F:39:20:E5:FE:9F:53:4E:88:02:1D:57:48
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 0190BB355A9D18752A3F1DA48C63B64BEAC9
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/t9izKhof1285IOX-n1NOiAIdV0g.roa
Signing time: Tue 16 Jul 2024 11:02:34 +0000
ROA not before: Tue 16 Jul 2024 11:02:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 5.102.96.0/20 maxlen: 24
5.102.96.0/21 maxlen: 24
46.20.216.0/21 maxlen: 24
82.163.52.0/23 maxlen: 24
86.104.164.0/22 maxlen: 24
89.46.180.0/22 maxlen: 24
149.126.92.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 17 Jul 2024 07:33:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:bb:35:5a:9d:18:75:2a:3f:1d:a4:8c:63:b6:4b:ea:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Jul 16 11:02:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b7d8b32a1a1fd76f3920e5fe9f534e88021d5748
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:a3:6e:c6:94:5f:86:20:d0:01:a3:c1:f9:28:
e0:d4:3c:4b:eb:66:84:b8:f8:4b:2f:11:7b:df:f3:
05:f3:d2:65:c3:52:64:a9:8a:67:b3:9d:25:71:d4:
2a:c9:3d:1e:f4:b8:09:e3:ff:d1:b4:fa:5b:a8:45:
f5:23:3f:50:e1:76:8e:51:7f:a5:46:b3:2c:ec:3a:
cc:ee:2b:13:76:a9:5c:e1:40:b3:f2:6e:5c:a3:79:
46:6a:e6:30:42:33:be:63:26:62:ab:68:39:fa:74:
9a:c4:30:8f:74:40:c7:2b:f5:27:45:dc:cf:b9:3c:
fd:8a:b1:2c:d4:7b:6f:3b:ae:81:bd:a1:73:bd:78:
44:e1:f6:a8:2a:75:ff:3b:1d:00:a1:87:19:60:61:
c6:40:39:f0:2b:6a:79:3c:7f:85:c9:26:2b:6b:88:
46:8b:a4:92:06:37:9a:b7:7e:54:a2:8b:bd:b4:ac:
69:a1:10:47:ad:fc:ac:e9:16:c9:46:3f:bd:a5:8c:
e9:9b:8c:8a:bb:e0:b7:e2:e6:e1:8a:76:e2:ad:74:
eb:6b:5d:dd:6b:ef:78:5a:f1:80:fa:30:13:9c:24:
a2:d5:f8:53:c1:08:ec:a8:5e:af:51:62:b1:4d:3e:
4d:b6:52:36:80:3c:05:0e:10:af:2c:8c:95:76:d7:
91:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:D8:B3:2A:1A:1F:D7:6F:39:20:E5:FE:9F:53:4E:88:02:1D:57:48
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/t9izKhof1285IOX-n1NOiAIdV0g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0/20
46.20.216.0/21
82.163.52.0/23
86.104.164.0/22
89.46.180.0/22
149.126.92.0/22
Signature Algorithm: sha256WithRSAEncryption
89:bc:93:dc:d0:71:e8:9f:12:f8:ca:fc:67:80:4a:fb:4e:65:
9f:90:9c:b0:38:15:cb:02:02:fa:01:0a:fd:b7:c7:c5:d4:30:
05:1b:9d:97:0d:8a:c4:21:e1:fd:ff:4d:b7:95:64:76:95:2f:
da:af:da:8e:58:7f:c7:0f:84:09:f6:10:df:d3:ce:ef:ca:f6:
b8:aa:e7:09:93:a7:b2:cd:39:a7:57:cc:27:b5:3b:ac:e3:e0:
fe:63:43:b8:7b:00:8c:e8:ce:61:27:57:49:3f:93:89:66:71:
95:d6:c5:18:32:0a:c6:04:28:bf:24:ce:2a:8d:6f:da:18:cd:
55:d4:ac:0d:c6:68:dd:b4:fa:ec:52:91:f8:e0:8f:54:d2:ab:
08:7d:70:01:56:a3:ad:dd:0d:d4:cc:bb:45:ac:cb:43:5a:79:
80:f2:7a:cf:9b:18:3b:8d:1b:97:05:5a:d3:8c:5a:13:ba:96:
3f:a1:f7:1d:30:a9:88:3f:76:34:c1:43:ce:da:52:b9:92:cd:
e6:e8:e9:64:e7:15:82:89:8b:bf:fd:f4:cf:0d:cc:f7:f7:a9:
98:1d:db:40:94:3e:63:07:ca:78:55:1c:9c:9e:50:e3:76:4f:
5a:07:2d:5c:0b:59:b3:80:31:8f:f3:62:92:b0:fb:3b:3b:2e:
9d:e3:d1:2c
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZC7NVqdGHUqPx2kjGO2S+rJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQwNzE2MTEwMjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2Q4YjMyYTFhMWZkNzZmMzkyMGU1ZmU5ZjUzNGU4ODAyMWQ1NzQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlqNuxpRfhiDQAaPB+Sjg1DxL62aE
uPhLLxF73/MF89Jlw1JkqYpns50lcdQqyT0e9LgJ4//RtPpbqEX1Iz9Q4XaOUX+l
RrMs7DrM7isTdqlc4UCz8m5co3lGauYwQjO+YyZiq2g5+nSaxDCPdEDHK/UnRdzP
uTz9irEs1HtvO66BvaFzvXhE4faoKnX/Ox0AoYcZYGHGQDnwK2p5PH+FySYra4hG
i6SSBjeat35Uoou9tKxpoRBHrfys6RbJRj+9pYzpm4yKu+C34ubhinbirXTra13d
a+94WvGA+jATnCSi1fhTwQjsqF6vUWKxTT5NtlI2gDwFDhCvLIyVdteRqwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFLfYsyoaH9dvOSDl/p9TTogCHVdIMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvdDlpektob2YxMjg1SU9YLW4xTk9pQUlkVjBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQEBWZgAwQD
LhTYAwQBUqM0AwQCVmikAwQCWS60AwQClX5cMA0GCSqGSIb3DQEBCwUAA4IBAQCJ
vJPc0HHonxL4yvxngEr7TmWfkJywOBXLAgL6AQr9t8fF1DAFG52XDYrEIeH9/023
lWR2lS/ar9qOWH/HD4QJ9hDf087vyva4qucJk6eyzTmnV8wntTus4+D+Y0O4ewCM
6M5hJ1dJP5OJZnGV1sUYMgrGBCi/JM4qjW/aGM1V1KwNxmjdtPrsUpH44I9U0qsI
fXABVqOt3Q3UzLtFrMtDWnmA8nrPmxg7jRuXBVrTjFoTupY/ofcdMKmIP3Y0wUPO
2lK5ks3m6Olk5xWCiYu//fTPDcz396mYHdtAlD5jB8p4VRycnlDjdk9aBy1cC1mz
gDGP82KSsPs7Oy6d49Es
-----END CERTIFICATE-----
Generated at Wed Jul 17 09:20:40 2024 by rpki-client on console-ams.rpki-client.org