Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/z7veYA0iMSivdu8QRo90SBQXqo8.roa
File: z7veYA0iMSivdu8QRo90SBQXqo8.roa (raw, json)
Hash identifier: s1L0j99WMWYZJ4QC9HHuuetS5vv8bQiuK0kprBPGcEM=
Subject key identifier: CF:BB:DE:60:0D:22:31:28:AF:76:EF:10:46:8F:74:48:14:17:AA:8F
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018C2FBE7B214733BC95491EBF8705E8E36C
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/z7veYA0iMSivdu8QRo90SBQXqo8.roa
Signing time: Sun 03 Dec 2023 12:54:21 +0000
ROA not before: Sun 03 Dec 2023 12:54:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.106.192.0/23 maxlen: 24
92.114.40.0/22 maxlen: 24
5.102.96.0/19 maxlen: 24
5.102.96.0/20 maxlen: 24
5.102.112.0/20 maxlen: 24
Validation: Failed, certificate revoked on Tue 05 Dec 2023 07:15:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:2f:be:7b:21:47:33:bc:95:49:1e:bf:87:05:e8:e3:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Dec 3 12:54:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cfbbde600d223128af76ef10468f74481417aa8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:35:0a:ef:3a:98:b1:98:03:43:c9:99:a2:f4:
7c:b7:23:88:d1:92:a0:3d:76:a3:d8:a3:a0:2b:51:
65:d4:34:0b:be:51:e5:f4:5b:db:e1:87:9d:aa:3e:
20:a6:e3:b4:89:90:67:d9:7f:bb:93:a0:48:1b:bd:
86:44:af:4a:b5:cf:1b:b4:b9:a8:2f:da:0f:43:15:
c4:8e:cf:08:ab:e3:6e:1e:3e:ab:e8:ba:bf:fe:0c:
cd:72:d0:66:0c:65:62:3d:27:33:12:eb:13:99:38:
d4:d4:b7:7a:d3:e2:ce:26:f5:9d:78:be:ff:0c:1e:
5b:95:38:3e:b5:bd:31:58:89:9d:2c:da:de:12:f5:
1d:a1:96:6b:c9:60:d6:ed:7d:df:5e:63:7b:e0:87:
fc:7e:31:c7:5e:4f:3b:2a:6a:0f:d1:00:28:d4:9a:
a6:c4:f8:45:0d:20:c3:4d:ed:c1:9f:ae:b3:34:3b:
30:cd:03:09:c1:69:cf:dc:10:85:7f:b4:f4:47:27:
d3:37:3e:a9:13:38:a8:09:88:91:c5:11:b2:8c:05:
d7:ff:14:cf:c6:05:1c:e9:20:29:c1:0f:6e:43:29:
86:2c:12:48:06:f3:e0:a3:10:22:ec:2e:e5:42:fe:
03:7c:a0:07:98:79:5f:5b:78:55:bf:bd:4a:92:b0:
57:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:BB:DE:60:0D:22:31:28:AF:76:EF:10:46:8F:74:48:14:17:AA:8F
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/z7veYA0iMSivdu8QRo90SBQXqo8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0/19
92.114.40.0/22
185.106.192.0/23
Signature Algorithm: sha256WithRSAEncryption
14:0b:70:df:fd:f8:ab:4c:c3:ad:61:af:08:16:c2:88:fa:36:
cd:04:7d:11:0b:f0:cd:a5:5e:64:14:32:99:60:80:d5:16:c6:
54:bb:84:12:6d:76:20:cf:f8:2f:81:94:2e:d9:fa:20:11:92:
78:8c:f9:42:87:28:b3:62:b4:30:15:6e:47:56:55:13:d7:bf:
01:ef:bb:fe:63:b1:92:99:f9:c5:a6:1d:1a:44:aa:a5:b5:4a:
63:75:fd:de:49:03:c1:cf:0e:46:ed:62:5f:71:2e:23:41:a4:
8f:19:fd:52:16:82:08:a5:ab:d5:b3:cd:72:54:af:27:ae:d2:
cf:2b:44:40:5e:8c:2f:5e:20:3f:b4:16:7f:f2:91:37:a4:79:
98:8b:82:74:93:3c:77:17:7d:fb:93:c0:b1:65:2f:36:5e:58:
bc:f9:d7:f0:fd:2d:dd:cb:8b:55:c3:30:f4:bd:b4:26:39:b4:
cb:a5:f4:e2:22:eb:29:c0:23:08:60:68:65:18:65:67:3b:97:
98:fd:31:3b:b8:9c:5a:d7:10:0c:3a:c0:96:31:a3:59:d8:e5:
70:6d:cb:c4:ab:e8:0e:8a:38:8d:1a:0f:d9:88:76:75:4a:22:
04:b2:69:b5:be:cd:6d:0b:bf:7a:a3:12:a9:a4:6d:01:fb:2c:
44:04:0b:7f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYwvvnshRzO8lUkev4cF6ONsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMxMjAzMTI1NDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmJiZGU2MDBkMjIzMTI4YWY3NmVmMTA0NjhmNzQ0ODE0MTdhYThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0TUK7zqYsZgDQ8mZovR8tyOI0ZKg
PXaj2KOgK1Fl1DQLvlHl9Fvb4Yedqj4gpuO0iZBn2X+7k6BIG72GRK9Ktc8btLmo
L9oPQxXEjs8Iq+NuHj6r6Lq//gzNctBmDGViPSczEusTmTjU1Ld60+LOJvWdeL7/
DB5blTg+tb0xWImdLNreEvUdoZZryWDW7X3fXmN74If8fjHHXk87KmoP0QAo1Jqm
xPhFDSDDTe3Bn66zNDswzQMJwWnP3BCFf7T0RyfTNz6pEzioCYiRxRGyjAXX/xTP
xgUc6SApwQ9uQymGLBJIBvPgoxAi7C7lQv4DfKAHmHlfW3hVv71KkrBXkwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFM+73mANIjEor3bvEEaPdEgUF6qPMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvejd2ZVlBMGlNU2l2ZHU4UVJvOTBTQlFYcW84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQFBWZgAwQC
XHIoAwQBuWrAMA0GCSqGSIb3DQEBCwUAA4IBAQAUC3Df/firTMOtYa8IFsKI+jbN
BH0RC/DNpV5kFDKZYIDVFsZUu4QSbXYgz/gvgZQu2fogEZJ4jPlChyizYrQwFW5H
VlUT178B77v+Y7GSmfnFph0aRKqltUpjdf3eSQPBzw5G7WJfcS4jQaSPGf1SFoII
pavVs81yVK8nrtLPK0RAXowvXiA/tBZ/8pE3pHmYi4J0kzx3F337k8CxZS82Xli8
+dfw/S3dy4tVwzD0vbQmObTLpfTiIuspwCMIYGhlGGVnO5eY/TE7uJxa1xAMOsCW
MaNZ2OVwbcvEq+gOijiNGg/ZiHZ1SiIEsmm1vs1tC796oxKppG0B+yxEBAt/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:39 2024 by rpki-client on console-fra.rpki-client.org