Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/u_JFppMjKZ9D-MxkIuUT5k4bCGA.roa
File: u_JFppMjKZ9D-MxkIuUT5k4bCGA.roa (raw, json)
Hash identifier: sfZNeqLPPLt283tgRrSUJs7KRggfrRMZj1JMqCj7fJI=
Subject key identifier: BB:F2:45:A6:93:23:29:9F:43:F8:CC:64:22:E5:13:E6:4E:1B:08:60
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018AB6D2B677B201EFE65F56CC319E8EA0C5
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/u_JFppMjKZ9D-MxkIuUT5k4bCGA.roa
Signing time: Thu 21 Sep 2023 08:19:37 +0000
ROA not before: Thu 21 Sep 2023 08:19:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 82.163.168.0/22 maxlen: 24
82.163.68.0/22 maxlen: 24
5.102.96.0/19 maxlen: 24
5.102.96.0/20 maxlen: 24
82.163.224.0/22 maxlen: 24
130.255.68.0/22 maxlen: 24
5.102.112.0/20 maxlen: 24
46.20.212.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 21 Sep 2023 19:41:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b6:d2:b6:77:b2:01:ef:e6:5f:56:cc:31:9e:8e:a0:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Sep 21 08:19:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bbf245a69323299f43f8cc6422e513e64e1b0860
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:f7:5c:66:0a:77:46:7c:ea:e5:da:9d:dd:ce:
3f:19:c2:b1:80:9c:96:a1:13:80:24:de:0f:df:78:
58:12:e7:3c:c1:18:12:83:6a:ad:0a:b8:17:9b:b6:
0e:ec:54:26:56:16:07:b4:93:d4:e8:a4:86:5f:91:
65:10:37:7a:41:12:5d:e9:86:72:04:64:79:f9:8d:
48:13:96:28:92:3f:a3:0e:bd:02:1e:58:66:16:d7:
bf:93:98:d8:f8:a6:d6:e7:7a:eb:02:b8:df:26:19:
5d:d6:dd:6d:12:f6:fe:a8:4f:70:11:38:92:f4:ca:
43:be:a3:89:a6:11:b4:c6:c6:22:ff:d8:d5:17:24:
82:85:4f:7e:15:58:4d:02:d7:ec:5d:3c:38:3e:1c:
ec:a6:c6:f0:17:d0:07:71:be:99:df:33:79:4c:01:
e5:a8:7d:e7:c4:b7:bb:94:5d:84:27:cb:44:1c:19:
a0:13:d2:64:ab:e9:ae:e6:4b:2f:9d:60:a2:8a:27:
7d:00:3a:02:94:d3:d4:c4:76:a9:31:55:5f:a8:b4:
03:09:11:41:a8:1b:5a:67:c2:61:01:0b:b5:f8:3a:
ff:68:d0:99:31:cb:f1:9c:c9:9a:80:37:41:b6:1e:
cc:0f:18:30:38:8c:d3:1b:bb:33:d4:2f:ca:b5:bd:
5a:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:F2:45:A6:93:23:29:9F:43:F8:CC:64:22:E5:13:E6:4E:1B:08:60
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/u_JFppMjKZ9D-MxkIuUT5k4bCGA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0/19
46.20.212.0/22
82.163.68.0/22
82.163.168.0/22
82.163.224.0/22
130.255.68.0/22
Signature Algorithm: sha256WithRSAEncryption
7e:b8:87:4d:ae:21:34:a7:6c:5e:12:a9:ca:94:fb:ec:c2:02:
d7:f6:ec:dc:82:cd:72:d0:5e:79:4b:63:ab:dd:63:15:11:d4:
5c:19:50:e2:8c:4c:b1:2b:6a:60:e0:bb:bc:e8:63:6f:55:d1:
3d:de:be:7a:e3:40:4b:75:1c:54:d3:23:35:b7:ee:6a:bd:10:
6e:7e:1a:30:a0:f8:13:73:e0:58:73:b2:27:44:10:a4:e5:62:
f5:3f:5c:bd:b3:e5:b6:69:4d:9d:d3:90:29:97:4f:40:6b:35:
c4:c8:45:61:f0:56:bd:96:d2:6a:01:8d:a7:1f:2d:77:8b:e0:
b6:f8:34:1e:e4:c3:a7:a1:ef:4d:51:a0:e7:55:e5:08:c6:ec:
1c:0b:fb:21:ce:56:62:03:1d:c5:5c:82:e6:32:ce:9e:2b:e0:
77:4a:aa:e8:30:1a:f8:d7:d1:3f:ec:78:1d:7b:6a:26:22:86:
9f:20:62:47:d4:db:cd:b4:21:45:8a:e3:85:01:72:09:8b:4b:
47:1c:7c:19:ec:1f:b4:b7:ce:4c:91:ab:8d:c4:c5:93:3e:d8:
a4:ac:d4:09:ea:4b:e3:ef:3e:af:33:b9:8e:07:88:6e:e0:82:
dc:d5:ab:b7:db:dd:b2:7e:36:cf:d2:6b:61:16:fe:9e:36:70:
bc:fb:e3:7d
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYq20rZ3sgHv5l9WzDGejqDFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMwOTIxMDgxOTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmYyNDVhNjkzMjMyOTlmNDNmOGNjNjQyMmU1MTNlNjRlMWIwODYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwPdcZgp3Rnzq5dqd3c4/GcKxgJyW
oROAJN4P33hYEuc8wRgSg2qtCrgXm7YO7FQmVhYHtJPU6KSGX5FlEDd6QRJd6YZy
BGR5+Y1IE5Yokj+jDr0CHlhmFte/k5jY+KbW53rrArjfJhld1t1tEvb+qE9wETiS
9MpDvqOJphG0xsYi/9jVFySChU9+FVhNAtfsXTw4PhzspsbwF9AHcb6Z3zN5TAHl
qH3nxLe7lF2EJ8tEHBmgE9Jkq+mu5ksvnWCiiid9ADoClNPUxHapMVVfqLQDCRFB
qBtaZ8JhAQu1+Dr/aNCZMcvxnMmagDdBth7MDxgwOIzTG7sz1C/Ktb1aSQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFLvyRaaTIymfQ/jMZCLlE+ZOGwhgMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvdV9KRnBwTWpLWjlELU14a0l1VVQ1azRiQ0dBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQFBWZgAwQC
LhTUAwQCUqNEAwQCUqOoAwQCUqPgAwQCgv9EMA0GCSqGSIb3DQEBCwUAA4IBAQB+
uIdNriE0p2xeEqnKlPvswgLX9uzcgs1y0F55S2Or3WMVEdRcGVDijEyxK2pg4Lu8
6GNvVdE93r5640BLdRxU0yM1t+5qvRBufhowoPgTc+BYc7InRBCk5WL1P1y9s+W2
aU2d05Apl09AazXEyEVh8Fa9ltJqAY2nHy13i+C2+DQe5MOnoe9NUaDnVeUIxuwc
C/shzlZiAx3FXILmMs6eK+B3SqroMBr419E/7Hgde2omIoafIGJH1NvNtCFFiuOF
AXIJi0tHHHwZ7B+0t85MkauNxMWTPtikrNQJ6kvj7z6vM7mOB4hu4ILc1au3292y
fjbP0mthFv6eNnC8++N9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:39 2024 by rpki-client on console-fra.rpki-client.org