Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/xVvEavYLRrwIog4rTl3vTHW5XCo.roa
File: xVvEavYLRrwIog4rTl3vTHW5XCo.roa (raw, json)
Hash identifier: nTXmF6VbNRtZGogWIQaHlJ3zTsLrqAn+t16QuJ6DfRU=
Subject key identifier: C5:5B:C4:6A:F6:0B:46:BC:08:A2:0E:2B:4E:5D:EF:4C:75:B9:5C:2A
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018C95D2EFB9067EB9A41BFF01DA9BCA1AD5
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/xVvEavYLRrwIog4rTl3vTHW5XCo.roa
Signing time: Sat 23 Dec 2023 08:37:58 +0000
ROA not before: Sat 23 Dec 2023 08:37:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 149.126.88.0/22 maxlen: 24
5.102.96.0/20 maxlen: 24
5.102.96.0/21 maxlen: 24
31.186.180.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sun 24 Dec 2023 07:41:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:95:d2:ef:b9:06:7e:b9:a4:1b:ff:01:da:9b:ca:1a:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Dec 23 08:37:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c55bc46af60b46bc08a20e2b4e5def4c75b95c2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:8a:be:b0:90:e5:0d:4d:68:40:bf:07:b8:fd:
1e:75:24:03:2c:67:d7:fa:ac:35:bc:ae:38:69:c6:
12:5a:f1:af:01:38:2c:b6:8b:9d:cf:af:e7:c9:6d:
b7:e4:63:5f:82:8c:d6:85:e4:0a:f7:c2:0c:37:5e:
62:c0:19:1f:c3:4d:cc:78:a3:92:c8:bd:d3:71:d6:
07:2b:e5:3f:86:10:7b:e6:e6:45:8f:c0:35:1a:ca:
a6:02:a7:cb:e9:65:a8:d6:06:d7:73:89:74:49:0c:
84:d1:8f:52:0d:5a:c9:1c:63:1d:56:3c:03:36:0a:
c1:23:59:48:71:b3:bc:e1:ba:1b:55:89:c8:e2:2b:
cf:54:f6:df:0c:cd:e7:cc:48:33:a4:e4:ce:16:7c:
3b:2c:96:12:0d:b2:16:ff:85:44:31:1a:81:76:4a:
9e:a3:7e:79:58:71:94:e3:67:ea:be:58:a5:bf:7e:
92:9c:97:58:64:da:46:5a:e0:ad:66:f1:32:6f:25:
2d:3d:d4:96:e6:02:e5:58:db:af:d5:b3:b2:52:3a:
96:79:3c:05:9d:53:3c:c3:76:fe:8c:b5:c7:e2:81:
62:6c:23:e3:51:dc:10:78:8b:57:39:35:2c:f4:57:
38:35:83:a6:43:7f:ed:f3:9d:75:96:72:77:23:b5:
f6:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:5B:C4:6A:F6:0B:46:BC:08:A2:0E:2B:4E:5D:EF:4C:75:B9:5C:2A
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/xVvEavYLRrwIog4rTl3vTHW5XCo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0/20
31.186.180.0/22
149.126.88.0/22
Signature Algorithm: sha256WithRSAEncryption
17:1b:2c:f5:7e:56:05:7b:c9:f8:9b:57:a9:79:80:c5:9c:7a:
9f:ba:b8:bd:68:9d:b5:07:92:dd:f3:d4:66:ee:db:6c:9e:e5:
41:df:2a:d6:ea:20:a1:37:b7:df:cb:4c:0f:a7:2e:4a:97:e9:
76:ca:a3:a9:63:91:1e:02:08:10:39:a4:8a:5e:38:19:ac:1f:
4f:bf:22:db:5d:8e:0a:92:81:61:78:60:85:ca:79:8b:64:89:
5e:4b:80:74:49:93:25:f2:c9:95:a7:63:3f:63:31:d0:4f:64:
9a:4e:39:4f:26:06:3a:55:ab:db:86:f5:ea:7c:ef:2a:41:2d:
c2:c9:e9:a5:d7:e9:12:5b:86:21:f8:08:14:bc:9f:46:06:cb:
7b:49:38:e4:9c:0d:a3:11:c0:7d:23:35:d9:90:81:5b:f3:06:
4b:1c:61:3b:87:6f:c7:20:80:ec:06:af:8b:8e:33:d8:ad:78:
28:56:4b:8f:02:47:7a:ee:2b:ca:76:b7:82:01:fe:a6:7e:3c:
67:9f:ab:e2:69:49:d3:fe:01:0e:d9:62:bf:75:14:a8:7e:28:
d8:1e:f7:f9:7f:1e:b0:a7:c4:36:ad:e8:ea:7d:39:93:1f:9e:
9a:f1:eb:1b:1a:a3:b2:db:4c:a8:5f:f8:46:b1:d0:de:cb:20:
54:2c:9f:ab
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYyV0u+5Bn65pBv/AdqbyhrVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMxMjIzMDgzNzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTViYzQ2YWY2MGI0NmJjMDhhMjBlMmI0ZTVkZWY0Yzc1Yjk1YzJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4q+sJDlDU1oQL8HuP0edSQDLGfX
+qw1vK44acYSWvGvATgstoudz6/nyW235GNfgozWheQK98IMN15iwBkfw03MeKOS
yL3TcdYHK+U/hhB75uZFj8A1GsqmAqfL6WWo1gbXc4l0SQyE0Y9SDVrJHGMdVjwD
NgrBI1lIcbO84bobVYnI4ivPVPbfDM3nzEgzpOTOFnw7LJYSDbIW/4VEMRqBdkqe
o355WHGU42fqvlilv36SnJdYZNpGWuCtZvEybyUtPdSW5gLlWNuv1bOyUjqWeTwF
nVM8w3b+jLXH4oFibCPjUdwQeItXOTUs9Fc4NYOmQ3/t8511lnJ3I7X2ewIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMVbxGr2C0a8CKIOK05d70x1uVwqMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEveFZ2RWF2WUxScndJb2c0clRsM3ZUSFc1WENvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEBWZgAwQC
H7q0AwQClX5YMA0GCSqGSIb3DQEBCwUAA4IBAQAXGyz1flYFe8n4m1epeYDFnHqf
uri9aJ21B5Ld89Rm7ttsnuVB3yrW6iChN7ffy0wPpy5Kl+l2yqOpY5EeAggQOaSK
XjgZrB9PvyLbXY4KkoFheGCFynmLZIleS4B0SZMl8smVp2M/YzHQT2SaTjlPJgY6
VavbhvXqfO8qQS3Cyeml1+kSW4Yh+AgUvJ9GBst7STjknA2jEcB9IzXZkIFb8wZL
HGE7h2/HIIDsBq+LjjPYrXgoVkuPAkd67ivKdreCAf6mfjxnn6viaUnT/gEO2WK/
dRSofijYHvf5fx6wp8Q2rejqfTmTH56a8esbGqOy20yoX/hGsdDeyyBULJ+r
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:39 2024 by rpki-client on console-fra.rpki-client.org