Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/yv2fOMzJWgBLihgxeU_RKjwMV9M.roa
File: yv2fOMzJWgBLihgxeU_RKjwMV9M.roa (raw, json)
Hash identifier: 7PF5YivWsrtWDh6dV05UZsCUW4mBBwFlyF0n8u34eEE=
Subject key identifier: CA:FD:9F:38:CC:C9:5A:00:4B:8A:18:31:79:4F:D1:2A:3C:0C:57:D3
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 0192D2085F8CD73FE1ADC7354D64A7F948CC
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/yv2fOMzJWgBLihgxeU_RKjwMV9M.roa
Signing time: Mon 28 Oct 2024 07:30:17 +0000
ROA not before: Mon 28 Oct 2024 07:30:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 5.102.96.0/20 maxlen: 24
5.102.96.0/21 maxlen: 24
5.102.96.0/22 maxlen: 24
5.102.100.0/22 maxlen: 24
5.102.116.0/22 maxlen: 24
78.143.224.0/21 maxlen: 24
82.163.96.0/21 maxlen: 24
Validation: Failed, certificate revoked on Wed 30 Oct 2024 07:17:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:d2:08:5f:8c:d7:3f:e1:ad:c7:35:4d:64:a7:f9:48:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Oct 28 07:30:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cafd9f38ccc95a004b8a1831794fd12a3c0c57d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:c6:24:45:83:d0:ee:0d:d5:f7:09:83:fc:48:
ed:a0:56:9b:a2:ac:9e:e6:4a:b3:46:b3:48:fe:99:
88:c9:af:c1:55:44:cc:df:62:2c:95:f9:87:27:59:
4b:3f:fc:24:ba:f9:3f:a4:06:b1:cf:8b:ad:dc:d9:
6c:c9:f8:ff:c1:11:85:08:e6:e0:1f:4a:63:75:34:
e5:87:a7:f8:32:d8:fc:64:15:93:f0:51:4b:3e:63:
c8:7d:ea:c8:c7:04:d2:ea:21:c4:9f:39:40:23:43:
15:95:c2:91:9b:29:04:51:46:64:57:50:c0:03:7a:
78:03:fa:8f:e0:68:45:96:2c:00:40:3b:1b:00:9e:
fa:aa:d0:71:86:6a:da:98:83:72:70:72:f9:89:3b:
c7:f9:a2:a5:9a:f5:82:f0:a0:4c:36:9a:8c:73:32:
26:2d:79:20:4f:93:df:b2:d4:90:cb:05:6a:bd:38:
2c:02:8c:1c:96:38:fc:7a:8a:ff:c9:47:66:91:39:
bf:9a:e2:c3:ba:73:aa:6f:7f:37:a0:73:24:40:dc:
df:85:75:54:8f:fc:42:0a:7d:42:3d:9b:45:bf:e7:
ef:61:92:3e:a0:2f:3d:08:c5:c2:ee:27:5f:59:48:
a3:71:72:0f:a1:67:f5:aa:e3:f2:4c:08:09:ca:51:
22:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:FD:9F:38:CC:C9:5A:00:4B:8A:18:31:79:4F:D1:2A:3C:0C:57:D3
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/yv2fOMzJWgBLihgxeU_RKjwMV9M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0/20
5.102.116.0/22
78.143.224.0/21
82.163.96.0/21
Signature Algorithm: sha256WithRSAEncryption
1c:40:12:dd:c3:5e:e0:53:b7:d0:f1:2e:4a:6e:04:bf:7c:6d:
02:d4:e5:e5:9b:89:5e:96:0d:20:bd:aa:f9:de:8d:dc:7f:53:
38:8b:71:d8:f8:bb:b6:fd:4b:a1:05:f2:a2:a9:bf:22:08:11:
bf:1e:58:c2:82:a2:82:14:8e:26:b7:15:97:47:91:5d:35:df:
1a:d4:74:7e:22:51:01:51:21:7e:79:a7:c1:47:58:43:b6:1a:
f0:2c:79:06:8b:2d:ba:bf:88:05:34:27:a5:ca:65:3e:06:f3:
0f:ab:72:56:db:3f:6b:bf:10:66:e8:25:0f:57:64:2e:09:6f:
18:bb:85:1d:89:c9:bf:a9:75:4f:1b:6b:2c:74:0a:8f:4a:65:
f9:cc:bc:d3:ee:c1:09:b0:4e:82:a2:ab:48:fd:a4:a9:54:ad:
60:fc:45:63:9b:c1:51:34:fd:0d:05:5c:c1:fa:b1:77:c2:3b:
b5:db:cd:06:92:aa:fc:69:ca:3b:e5:b7:db:5e:65:57:81:6d:
c4:e0:12:6f:b8:9b:9f:3b:40:b1:29:e7:0c:b2:47:70:96:e3:
d3:06:2c:ad:ea:6d:6d:f0:04:be:0e:0f:32:fa:b1:b0:58:65:
28:19:7f:19:5d:cb:a3:10:47:3a:dc:66:4d:5c:9e:91:29:94:
28:65:a9:3a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZLSCF+M1z/hrcc1TWSn+UjMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQxMDI4MDczMDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWZkOWYzOGNjYzk1YTAwNGI4YTE4MzE3OTRmZDEyYTNjMGM1N2QzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwMYkRYPQ7g3V9wmD/EjtoFaboqye
5kqzRrNI/pmIya/BVUTM32IslfmHJ1lLP/wkuvk/pAaxz4ut3Nlsyfj/wRGFCObg
H0pjdTTlh6f4Mtj8ZBWT8FFLPmPIferIxwTS6iHEnzlAI0MVlcKRmykEUUZkV1DA
A3p4A/qP4GhFliwAQDsbAJ76qtBxhmramINycHL5iTvH+aKlmvWC8KBMNpqMczIm
LXkgT5PfstSQywVqvTgsAowcljj8eor/yUdmkTm/muLDunOqb383oHMkQNzfhXVU
j/xCCn1CPZtFv+fvYZI+oC89CMXC7idfWUijcXIPoWf1quPyTAgJylEiyQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMr9nzjMyVoAS4oYMXlP0So8DFfTMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEveXYyZk9NekpXZ0JMaWhneGVVX1JLandNVjlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQEBWZgAwQC
BWZ0AwQDTo/gAwQDUqNgMA0GCSqGSIb3DQEBCwUAA4IBAQAcQBLdw17gU7fQ8S5K
bgS/fG0C1OXlm4lelg0gvar53o3cf1M4i3HY+Lu2/UuhBfKiqb8iCBG/HljCgqKC
FI4mtxWXR5FdNd8a1HR+IlEBUSF+eafBR1hDthrwLHkGiy26v4gFNCelymU+BvMP
q3JW2z9rvxBm6CUPV2QuCW8Yu4Udicm/qXVPG2ssdAqPSmX5zLzT7sEJsE6CoqtI
/aSpVK1g/EVjm8FRNP0NBVzB+rF3wju1280Gkqr8aco75bfbXmVXgW3E4BJvuJuf
O0CxKecMskdwluPTBiyt6m1t8AS+Dg8y+rGwWGUoGX8ZXcujEEc63GZNXJ6RKZQo
Zak6
-----END CERTIFICATE-----
Generated at Wed Oct 30 10:37:44 2024 by rpki-client on console-ams.rpki-client.org