Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/wYHG-7m5IqY_bjvmB7NyiC_dvnE.roa
File: wYHG-7m5IqY_bjvmB7NyiC_dvnE.roa (raw, json)
Hash identifier: s7925bIf/fyobtQ8lanj2RRApWVKCGCfqSxp3na3O/E=
Subject key identifier: C1:81:C6:FB:B9:B9:22:A6:3F:6E:3B:E6:07:B3:72:88:2F:DD:BE:71
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 0190A2B9A7653759A36738EB4C8DF34A01C7
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/wYHG-7m5IqY_bjvmB7NyiC_dvnE.roa
Signing time: Thu 11 Jul 2024 16:56:34 +0000
ROA not before: Thu 11 Jul 2024 16:56:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 5.102.96.0/20 maxlen: 24
5.102.96.0/21 maxlen: 24
46.20.216.0/21 maxlen: 24
86.104.164.0/22 maxlen: 24
89.46.180.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 16 Jul 2024 11:01:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:a2:b9:a7:65:37:59:a3:67:38:eb:4c:8d:f3:4a:01:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Jul 11 16:56:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c181c6fbb9b922a63f6e3be607b372882fddbe71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:85:03:aa:76:38:5c:26:56:e3:54:dd:a0:fa:
ab:d5:88:4e:b3:56:1b:a1:dd:23:c1:fd:6d:86:e9:
ea:46:c6:05:99:23:75:0f:4e:98:38:6f:2e:36:b7:
20:b1:4d:4d:cb:8d:52:d0:96:78:1a:2d:88:84:ef:
2a:83:8e:c2:d2:65:aa:cf:25:01:af:7a:52:a0:ac:
50:31:b9:08:b2:67:41:43:97:05:67:fa:e6:8f:e1:
fa:56:71:09:72:ef:37:dc:19:cc:4c:79:d9:0b:69:
cf:f0:9b:e0:86:d7:2a:0b:98:ef:09:f7:fa:4e:f9:
6d:fb:2e:c0:95:b1:45:83:15:6d:21:df:c4:86:a2:
0e:08:7d:f4:04:37:47:62:2f:af:62:bb:dd:42:99:
3c:63:9b:05:38:36:8d:47:09:3e:88:9f:68:c2:1f:
70:be:d2:d5:01:fa:cc:8a:b9:eb:8d:7b:3e:bc:3a:
99:0a:15:ba:11:ea:e7:ab:72:86:ab:6d:22:18:94:
e4:86:85:47:14:1e:80:f3:78:38:c9:01:3b:08:48:
51:5f:1d:83:17:dc:2e:10:75:a6:4f:07:44:a4:2c:
13:c7:58:c9:39:34:6c:3f:65:4c:07:0d:30:4b:27:
3f:7b:5c:23:89:a4:18:57:bc:2e:44:35:dc:f5:1a:
4d:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:81:C6:FB:B9:B9:22:A6:3F:6E:3B:E6:07:B3:72:88:2F:DD:BE:71
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/wYHG-7m5IqY_bjvmB7NyiC_dvnE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0/20
46.20.216.0/21
86.104.164.0/22
89.46.180.0/22
Signature Algorithm: sha256WithRSAEncryption
55:77:53:24:bf:22:5c:8b:b3:6c:b0:61:01:04:a2:1d:ee:3d:
c1:27:39:5e:73:c3:ba:c2:f3:6a:8b:7c:52:3f:01:9d:f5:89:
3e:95:cc:11:13:73:68:b1:8f:6d:5a:d3:84:4a:02:0d:65:64:
f3:37:14:5a:de:34:1d:6a:f4:1c:6b:31:c3:94:3e:a5:87:6f:
ab:cd:d8:98:d2:b5:aa:e1:e1:5d:c7:3e:2a:6c:01:84:e7:d5:
77:18:35:fb:be:06:3f:9c:90:e4:01:03:29:2f:ca:f1:3f:83:
10:55:04:50:d8:22:d1:56:69:c1:80:62:08:57:6f:52:1a:40:
69:5d:67:27:bb:02:eb:8a:29:24:6a:38:80:68:b3:e0:a4:11:
d8:83:52:48:f9:73:85:58:8f:5d:0d:0c:fd:3f:ef:7d:30:d0:
72:27:8f:10:d9:d3:06:c3:3e:44:ab:d1:de:95:dd:c0:31:62:
53:8a:b1:8a:69:07:38:00:93:16:6a:d0:4f:5c:e8:8c:a5:bc:
93:4a:3b:2d:71:1a:fb:de:6d:3b:03:c9:9f:89:c1:aa:b8:5a:
2b:6f:26:b5:e9:b5:fb:35:7a:b7:9e:14:af:00:2a:9e:01:bb:
a6:d5:a0:74:39:dc:10:dd:bd:b4:e7:84:08:84:4d:12:f3:54:
71:33:ac:45
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZCiuadlN1mjZzjrTI3zSgHHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQwNzExMTY1NjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTgxYzZmYmI5YjkyMmE2M2Y2ZTNiZTYwN2IzNzI4ODJmZGRiZTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoIUDqnY4XCZW41TdoPqr1YhOs1Yb
od0jwf1thunqRsYFmSN1D06YOG8uNrcgsU1Ny41S0JZ4Gi2IhO8qg47C0mWqzyUB
r3pSoKxQMbkIsmdBQ5cFZ/rmj+H6VnEJcu833BnMTHnZC2nP8JvghtcqC5jvCff6
Tvlt+y7AlbFFgxVtId/EhqIOCH30BDdHYi+vYrvdQpk8Y5sFODaNRwk+iJ9owh9w
vtLVAfrMirnrjXs+vDqZChW6Eernq3KGq20iGJTkhoVHFB6A83g4yQE7CEhRXx2D
F9wuEHWmTwdEpCwTx1jJOTRsP2VMBw0wSyc/e1wjiaQYV7wuRDXc9RpNgQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMGBxvu5uSKmP2475gezcogv3b5xMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvd1lIRy03bTVJcVlfYmp2bUI3TnlpQ19kdm5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQEBWZgAwQD
LhTYAwQCVmikAwQCWS60MA0GCSqGSIb3DQEBCwUAA4IBAQBVd1MkvyJci7NssGEB
BKId7j3BJzlec8O6wvNqi3xSPwGd9Yk+lcwRE3NosY9tWtOESgINZWTzNxRa3jQd
avQcazHDlD6lh2+rzdiY0rWq4eFdxz4qbAGE59V3GDX7vgY/nJDkAQMpL8rxP4MQ
VQRQ2CLRVmnBgGIIV29SGkBpXWcnuwLriikkajiAaLPgpBHYg1JI+XOFWI9dDQz9
P+99MNByJ48Q2dMGwz5Eq9Held3AMWJTirGKaQc4AJMWatBPXOiMpbyTSjstcRr7
3m07A8mficGquForbya16bX7NXq3nhSvACqeAbum1aB0OdwQ3b2054QIhE0S81Rx
M6xF
-----END CERTIFICATE-----
Generated at Tue Jul 16 15:47:46 2024 by rpki-client on console-fra.rpki-client.org