Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/zPJ6otgiCW0WAZr_hgTBDn85e54.roa
File: zPJ6otgiCW0WAZr_hgTBDn85e54.roa (raw, json)
Hash identifier: XBpU84NJReR+kXpwXGdxZaHcalpRp6vGqCLcTshzn10=
Subject key identifier: CC:F2:7A:A2:D8:22:09:6D:16:01:9A:FF:86:04:C1:0E:7F:39:7B:9E
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018B375B366C24D7376A40CF2BC4BC532E52
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/zPJ6otgiCW0WAZr_hgTBDn85e54.roa
Signing time: Mon 16 Oct 2023 07:20:06 +0000
ROA not before: Mon 16 Oct 2023 07:20:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 149.126.92.0/22 maxlen: 24
5.102.96.0/19 maxlen: 24
92.114.40.0/22 maxlen: 24
5.102.96.0/20 maxlen: 24
5.102.112.0/20 maxlen: 24
Validation: Failed, certificate revoked on Tue 24 Oct 2023 10:14:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:37:5b:36:6c:24:d7:37:6a:40:cf:2b:c4:bc:53:2e:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Oct 16 07:20:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ccf27aa2d822096d16019aff8604c10e7f397b9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:da:ba:02:d5:e9:c3:0f:14:e0:e9:34:03:c9:
57:2a:a4:45:cf:3a:ee:a0:df:f7:cf:69:ed:72:6d:
37:f1:d7:39:77:bb:40:3d:8c:fe:4d:8e:28:73:14:
c6:21:1b:b4:00:a5:29:9f:ec:fb:63:5b:24:4b:e4:
6d:56:aa:aa:b5:c9:7f:21:d6:54:cf:00:3a:8a:fc:
67:0f:4a:7a:10:b2:f0:cd:06:f7:08:60:0d:3e:84:
19:25:2b:fd:18:ba:79:c8:1d:74:7d:c4:b4:80:e9:
bc:9c:a4:9f:f5:9c:13:96:2c:f6:88:ee:74:89:3e:
21:a2:ea:80:3d:2d:fd:7a:f5:39:eb:c6:82:3e:81:
e9:9b:1f:25:57:e6:73:d8:25:e7:17:54:44:ea:6e:
f3:c8:c0:28:dd:cf:07:40:91:74:f6:e7:dd:70:9a:
9e:1e:69:2c:5e:5b:46:ee:5c:de:73:d3:68:f8:6b:
db:f9:e0:aa:cc:6d:8e:7c:4b:6e:8e:91:3f:c0:0b:
20:dd:44:89:74:38:55:f6:3b:6f:fa:04:4a:0c:59:
ad:ba:1f:bc:e9:06:75:6a:f2:73:81:1b:09:ce:05:
7f:dc:1b:ee:68:c1:a8:7a:08:ae:f7:27:ad:2e:e3:
a6:28:6b:f2:91:fa:87:90:ac:38:b1:ea:c8:cb:56:
39:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:F2:7A:A2:D8:22:09:6D:16:01:9A:FF:86:04:C1:0E:7F:39:7B:9E
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/zPJ6otgiCW0WAZr_hgTBDn85e54.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0/19
92.114.40.0/22
149.126.92.0/22
Signature Algorithm: sha256WithRSAEncryption
36:b4:20:b7:91:8d:03:30:5a:3b:24:bb:d7:99:fc:9c:e7:26:
e3:0d:26:01:80:8c:7c:0e:61:6d:e3:62:76:47:f8:63:d5:4d:
32:fd:8c:c8:9f:bd:48:e3:ff:43:9c:60:82:5c:b9:b5:bd:11:
21:8d:20:99:0c:80:3f:2c:d8:76:99:7e:a7:13:c7:6c:de:07:
6b:44:72:d6:86:55:10:87:66:71:bb:e5:29:f3:f7:79:27:23:
9c:0c:f0:cc:a9:7c:bf:a2:e6:9f:35:50:10:f6:6c:22:97:6c:
dd:87:fe:6b:22:b5:d8:a5:1b:df:8c:16:fc:19:be:58:77:5c:
53:d2:93:b2:1d:ca:95:ac:61:84:0d:bc:c9:68:97:3d:17:11:
c5:ac:10:24:f9:2d:3c:e2:42:20:21:1a:14:25:3d:de:24:94:
e3:28:5a:57:1e:3b:24:eb:ac:19:d4:70:a3:48:2d:bb:c2:ae:
77:c4:4b:6b:99:1c:2b:c7:4e:69:f6:25:55:54:c3:09:89:40:
79:52:1e:ef:4e:fc:31:c7:cb:14:75:8f:0c:c6:be:10:e3:47:
e7:47:8a:02:2f:c9:bc:f2:c8:e2:c9:99:41:ea:d1:9a:a0:8d:
d5:cb:64:85:d7:41:03:32:0c:d2:3a:b4:cc:3e:4c:3d:86:22:
03:ab:59:11
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYs3WzZsJNc3akDPK8S8Uy5SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMxMDE2MDcyMDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2YyN2FhMmQ4MjIwOTZkMTYwMTlhZmY4NjA0YzEwZTdmMzk3YjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjNq6AtXpww8U4Ok0A8lXKqRFzzru
oN/3z2ntcm038dc5d7tAPYz+TY4ocxTGIRu0AKUpn+z7Y1skS+RtVqqqtcl/IdZU
zwA6ivxnD0p6ELLwzQb3CGANPoQZJSv9GLp5yB10fcS0gOm8nKSf9ZwTliz2iO50
iT4houqAPS39evU568aCPoHpmx8lV+Zz2CXnF1RE6m7zyMAo3c8HQJF09ufdcJqe
HmksXltG7lzec9No+Gvb+eCqzG2OfEtujpE/wAsg3USJdDhV9jtv+gRKDFmtuh+8
6QZ1avJzgRsJzgV/3BvuaMGoegiu9yetLuOmKGvykfqHkKw4serIy1Y5wQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMzyeqLYIgltFgGa/4YEwQ5/OXueMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvelBKNm90Z2lDVzBXQVpyX2hnVEJEbjg1ZTU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQFBWZgAwQC
XHIoAwQClX5cMA0GCSqGSIb3DQEBCwUAA4IBAQA2tCC3kY0DMFo7JLvXmfyc5ybj
DSYBgIx8DmFt42J2R/hj1U0y/YzIn71I4/9DnGCCXLm1vREhjSCZDIA/LNh2mX6n
E8ds3gdrRHLWhlUQh2Zxu+Up8/d5JyOcDPDMqXy/ouafNVAQ9mwil2zdh/5rIrXY
pRvfjBb8Gb5Yd1xT0pOyHcqVrGGEDbzJaJc9FxHFrBAk+S084kIgIRoUJT3eJJTj
KFpXHjsk66wZ1HCjSC27wq53xEtrmRwrx05p9iVVVMMJiUB5Uh7vTvwxx8sUdY8M
xr4Q40fnR4oCL8m88sjiyZlB6tGaoI3Vy2SF10EDMgzSOrTMPkw9hiIDq1kR
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:47 2024 by rpki-client on console-ams.rpki-client.org