Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/23742f-1d70-4f31-a9ca-7acb21ba773f/1/kcYz28zlO3Lj1fA-JTr40eELF9k.roa
File: kcYz28zlO3Lj1fA-JTr40eELF9k.roa (raw, json)
Hash identifier: voezDsk7Qf1kioWQbjmon7D8p+F7V4Wl3cyGGRAfu/s=
Subject key identifier: 91:C6:33:DB:CC:E5:3B:72:E3:D5:F0:3E:25:3A:F8:D1:E1:0B:17:D9
Certificate issuer: /CN=8bdc53cc2263f6fdea170d3282a20b8e71607386
Certificate serial: 018571A7A974D651E4D9092481A1BB2B8325
Authority key identifier: 8B:DC:53:CC:22:63:F6:FD:EA:17:0D:32:82:A2:0B:8E:71:60:73:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i9xTzCJj9v3qFw0ygqILjnFgc4Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/23742f-1d70-4f31-a9ca-7acb21ba773f/1/kcYz28zlO3Lj1fA-JTr40eELF9k.roa
Signing time: Mon 02 Jan 2023 08:44:51 +0000
ROA not before: Mon 02 Jan 2023 08:44:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51110
IP address blocks: 5.102.77.0/24 maxlen: 24
5.102.76.0/24 maxlen: 24
5.102.78.0/24 maxlen: 24
5.102.73.0/24 maxlen: 24
5.102.72.0/24 maxlen: 24
5.102.75.0/24 maxlen: 24
5.102.74.0/24 maxlen: 24
185.91.233.0/24 maxlen: 24
185.91.232.0/24 maxlen: 24
185.91.234.0/24 maxlen: 24
94.124.152.0/24 maxlen: 24
94.124.154.0/24 maxlen: 24
94.124.153.0/24 maxlen: 24
94.124.156.0/24 maxlen: 24
94.124.155.0/24 maxlen: 24
94.124.157.0/24 maxlen: 24
94.124.159.0/24 maxlen: 24
94.124.158.0/24 maxlen: 24
5.102.79.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:a7:a9:74:d6:51:e4:d9:09:24:81:a1:bb:2b:83:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bdc53cc2263f6fdea170d3282a20b8e71607386
Validity
Not Before: Jan 2 08:44:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=91c633dbcce53b72e3d5f03e253af8d1e10b17d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:f8:19:7d:fd:be:b6:e6:9d:3a:37:c0:6d:76:
13:69:0d:30:de:95:e3:ac:84:2a:c2:47:6b:33:c2:
14:28:9f:ab:a5:1b:2b:1d:51:93:d7:af:89:eb:6e:
e4:ec:8b:f7:f6:90:5a:7d:4f:a6:80:ea:d8:9d:b3:
3e:83:c4:cd:e0:16:3f:ab:60:f6:fe:e3:42:17:fb:
cb:66:13:b9:5d:30:df:0b:b1:49:e6:9c:74:52:f0:
3e:5a:3d:21:23:bb:aa:97:eb:eb:f4:6a:98:76:22:
7f:7c:53:5b:46:9e:06:46:a0:89:39:e3:a1:93:3e:
b6:5c:b6:ec:5a:f8:51:a6:31:66:df:af:b0:c4:c8:
37:db:97:a9:b2:da:e6:73:62:f5:70:59:78:18:82:
40:a5:6c:70:98:33:93:e7:5b:10:83:e4:29:fb:f9:
21:eb:7f:80:f8:e5:8e:b7:b0:0d:1b:8f:8c:60:49:
80:10:59:27:33:51:03:9e:b0:21:3b:75:b0:f7:aa:
99:be:89:33:cf:9f:0f:c5:9d:ef:e1:8c:42:a6:0e:
c6:60:92:1e:61:2c:df:56:09:1f:6b:7e:f1:6c:40:
1e:7d:cc:4a:94:67:a6:a0:0c:0e:6e:5a:40:77:5f:
09:61:dc:d3:d9:6a:64:05:7e:68:27:83:58:3c:e6:
63:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:C6:33:DB:CC:E5:3B:72:E3:D5:F0:3E:25:3A:F8:D1:E1:0B:17:D9
X509v3 Authority Key Identifier:
keyid:8B:DC:53:CC:22:63:F6:FD:EA:17:0D:32:82:A2:0B:8E:71:60:73:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i9xTzCJj9v3qFw0ygqILjnFgc4Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/23742f-1d70-4f31-a9ca-7acb21ba773f/1/kcYz28zlO3Lj1fA-JTr40eELF9k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/23742f-1d70-4f31-a9ca-7acb21ba773f/1/i9xTzCJj9v3qFw0ygqILjnFgc4Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.72.0/21
94.124.152.0/21
185.91.232.0-185.91.234.255
Signature Algorithm: sha256WithRSAEncryption
07:b6:c8:65:87:77:14:45:8a:c4:ef:cc:c7:ae:80:0d:11:b1:
ab:63:a5:78:3e:87:25:ae:e5:6a:80:2b:80:a7:32:0a:84:51:
46:f0:c8:09:34:17:27:b4:fa:86:f0:49:7f:04:39:d6:3b:1f:
b9:61:b3:1a:f2:10:1d:47:4f:bd:cd:ef:6a:e8:20:3f:95:6a:
57:31:95:8f:bc:0f:bc:eb:f9:a7:64:30:23:30:38:a5:60:b7:
88:eb:9a:cf:b2:78:52:f7:94:72:89:95:95:b1:30:3f:1c:28:
68:41:ee:8c:81:ab:18:46:a3:c8:d6:b4:03:83:22:6c:85:fa:
9e:f6:37:db:12:15:99:6a:b1:7a:62:b4:64:4f:5b:64:30:6a:
77:a0:dc:7f:98:08:f4:7c:60:30:d0:55:58:a7:48:62:cf:b1:
9f:9b:26:21:a5:90:5a:ea:02:fc:7b:b1:04:8b:b8:b9:28:66:
1a:31:69:78:bc:99:a8:6f:1b:66:7b:77:b7:cb:8f:1c:83:cc:
3f:60:b2:49:aa:ca:91:93:cd:a4:1d:67:c5:c0:73:3b:e7:4a:
3f:52:ad:02:0e:72:7c:dc:c5:7d:29:4a:85:55:f1:02:1f:69:
4a:56:6f:3a:ee:2e:85:02:4f:ca:c6:3e:0a:7f:3c:e9:35:49:
b8:a4:00:5b
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYVxp6l01lHk2QkkgaG7K4MlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiZGM1M2NjMjI2M2Y2ZmRlYTE3MGQzMjgyYTIwYjhlNzE2
MDczODYwHhcNMjMwMTAyMDg0NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWM2MzNkYmNjZTUzYjcyZTNkNWYwM2UyNTNhZjhkMWUxMGIxN2Q5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm/gZff2+tuadOjfAbXYTaQ0w3pXj
rIQqwkdrM8IUKJ+rpRsrHVGT16+J627k7Iv39pBafU+mgOrYnbM+g8TN4BY/q2D2
/uNCF/vLZhO5XTDfC7FJ5px0UvA+Wj0hI7uql+vr9GqYdiJ/fFNbRp4GRqCJOeOh
kz62XLbsWvhRpjFm36+wxMg325epstrmc2L1cFl4GIJApWxwmDOT51sQg+Qp+/kh
63+A+OWOt7ANG4+MYEmAEFknM1EDnrAhO3Ww96qZvokzz58PxZ3v4YxCpg7GYJIe
YSzfVgkfa37xbEAefcxKlGemoAwOblpAd18JYdzT2WpkBX5oJ4NYPOZjiQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFJHGM9vM5Tty49XwPiU6+NHhCxfZMB8GA1UdIwQY
MBaAFIvcU8wiY/b96hcNMoKiC45xYHOGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTl4VHpDSmo5djNxRncweWdxSUxqbkZnYzRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8yMzc0MmYtMWQ3MC00ZjMxLWE5Y2Et
N2FjYjIxYmE3NzNmLzEva2NZejI4emxPM0xqMWZBLUpUcjQwZUVMRjlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy8yMzc0MmYtMWQ3MC00ZjMxLWE5Y2EtN2FjYjIxYmE3NzNm
LzEvaTl4VHpDSmo5djNxRncweWdxSUxqbkZnYzRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQDBWZIAwQD
XnyYMAwDBAO5W+gDBAC5W+owDQYJKoZIhvcNAQELBQADggEBAAe2yGWHdxRFisTv
zMeugA0RsatjpXg+hyWu5WqAK4CnMgqEUUbwyAk0Fye0+obwSX8EOdY7H7lhsxry
EB1HT73N72roID+ValcxlY+8D7zr+adkMCMwOKVgt4jrms+yeFL3lHKJlZWxMD8c
KGhB7oyBqxhGo8jWtAODImyF+p72N9sSFZlqsXpitGRPW2Qwaneg3H+YCPR8YDDQ
VVinSGLPsZ+bJiGlkFrqAvx7sQSLuLkoZhoxaXi8mahvG2Z7d7fLjxyDzD9gskmq
ypGTzaQdZ8XAczvnSj9SrQIOcnzcxX0pSoVV8QIfaUpWbzruLoUCT8rGPgp/POk1
SbikAFs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:42 2024 by rpki-client on console-fra.rpki-client.org