Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/0bYERe7XbwBUedX2m4sE5kZI5nY.roa
File: 0bYERe7XbwBUedX2m4sE5kZI5nY.roa (raw, json)
Hash identifier: 2jCY1AkTCYWZw8Gxpgz72IrlT4FABGSw0Ty4spqJYZ4=
Subject key identifier: D1:B6:04:45:EE:D7:6F:00:54:79:D5:F6:9B:8B:04:E6:46:48:E6:76
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 0190020BED822D6E1599DF59F523C77F62BF
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/0bYERe7XbwBUedX2m4sE5kZI5nY.roa
Signing time: Mon 10 Jun 2024 12:07:34 +0000
ROA not before: Mon 10 Jun 2024 12:07:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 5.102.96.0/20 maxlen: 24
5.102.96.0/21 maxlen: 24
Validation: Failed, certificate revoked on Wed 19 Jun 2024 06:57:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:02:0b:ed:82:2d:6e:15:99:df:59:f5:23:c7:7f:62:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Jun 10 12:07:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d1b60445eed76f005479d5f69b8b04e64648e676
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:37:69:90:83:14:72:f3:eb:75:e1:1c:66:58:
ba:85:b4:8f:c1:b6:76:ee:20:9e:bb:52:f3:ff:ae:
4a:45:47:f4:df:36:56:70:73:37:98:55:50:d8:10:
cc:39:34:c8:df:99:e8:d5:85:99:81:7b:09:e7:a1:
c5:3a:34:c6:25:97:e5:d9:2f:6d:43:74:f9:4b:2c:
70:e9:a9:9c:36:3d:02:ea:b2:bf:46:f2:37:ee:a1:
af:81:78:d6:15:be:5e:f8:f7:78:82:ea:d1:a7:19:
85:d6:1c:07:29:33:70:69:39:92:90:85:02:2e:bc:
73:7c:d5:36:c3:fe:c4:c1:ab:d7:11:f4:77:01:3b:
ed:9b:5b:17:13:1a:92:b3:69:6c:20:7f:9a:ae:4b:
a5:bc:f1:02:c2:6d:c4:fd:ce:d8:d3:37:1e:0f:85:
ab:b3:38:8a:13:c9:7d:2a:84:65:21:69:82:d7:76:
43:46:6d:0b:d5:2f:ca:ff:68:45:4f:fc:1f:3f:4e:
ba:c1:dd:de:5a:38:72:ae:02:10:35:ba:19:68:38:
ae:d9:18:cf:5a:18:7e:5e:a7:ae:58:26:73:a5:16:
3a:e5:8a:bf:a5:d0:e1:57:75:dd:80:7f:d8:a0:dd:
94:5f:96:59:30:f4:de:43:b3:41:3c:c7:f4:73:7f:
5c:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:B6:04:45:EE:D7:6F:00:54:79:D5:F6:9B:8B:04:E6:46:48:E6:76
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/0bYERe7XbwBUedX2m4sE5kZI5nY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0/20
Signature Algorithm: sha256WithRSAEncryption
92:98:0c:df:14:44:98:ac:17:97:80:45:91:f5:86:e8:d4:dd:
63:76:49:4b:93:1c:b8:f1:ef:2e:9d:56:24:cb:ff:13:b4:14:
05:07:d2:a6:6e:78:8a:0e:ac:db:b0:60:62:ed:5d:93:08:1f:
3c:3d:43:21:44:bf:65:56:2b:b1:20:31:b0:58:c1:a7:02:84:
8a:0d:7c:98:31:a6:44:d6:42:f6:99:69:4e:42:02:d0:9f:f7:
3e:f6:03:b2:f4:9f:86:bf:5a:a8:85:67:6c:1e:8f:a0:09:77:
79:2a:b2:d9:fe:b8:5b:1a:b2:9b:11:5d:f2:02:1e:fc:21:e8:
1c:aa:5c:b1:52:4d:9e:0d:e3:54:4b:a2:88:2b:3f:1b:ee:36:
9e:7b:8b:31:6d:6b:f3:33:52:72:29:41:05:24:9a:e1:19:a5:
04:d4:bd:c4:4a:9e:e8:5c:25:88:fc:e9:8b:f0:da:4e:30:61:
1b:d6:73:e6:88:8f:f1:5c:a8:ab:2a:c0:3b:06:c0:b6:b9:2e:
bf:1a:c7:9b:6d:42:eb:bd:9d:b6:8c:c9:22:da:83:69:50:9c:
2e:c1:e2:8e:89:64:11:64:1c:1f:7d:4c:ae:ff:4b:f6:e2:0b:
1a:d0:b0:37:bb:0a:4c:d3:ca:f9:00:a0:4f:30:73:a2:82:71:
55:d9:fa:78
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZACC+2CLW4Vmd9Z9SPHf2K/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQwNjEwMTIwNzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWI2MDQ0NWVlZDc2ZjAwNTQ3OWQ1ZjY5YjhiMDRlNjQ2NDhlNjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3DdpkIMUcvPrdeEcZli6hbSPwbZ2
7iCeu1Lz/65KRUf03zZWcHM3mFVQ2BDMOTTI35no1YWZgXsJ56HFOjTGJZfl2S9t
Q3T5Syxw6amcNj0C6rK/RvI37qGvgXjWFb5e+Pd4gurRpxmF1hwHKTNwaTmSkIUC
LrxzfNU2w/7EwavXEfR3ATvtm1sXExqSs2lsIH+arkulvPECwm3E/c7Y0zceD4Wr
sziKE8l9KoRlIWmC13ZDRm0L1S/K/2hFT/wfP066wd3eWjhyrgIQNboZaDiu2RjP
Whh+XqeuWCZzpRY65Yq/pdDhV3XdgH/YoN2UX5ZZMPTeQ7NBPMf0c39cdQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNG2BEXu128AVHnV9puLBOZGSOZ2MB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvMGJZRVJlN1hid0JVZWRYMm00c0U1a1pJNW5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEBWZgMA0G
CSqGSIb3DQEBCwUAA4IBAQCSmAzfFESYrBeXgEWR9Ybo1N1jdklLkxy48e8unVYk
y/8TtBQFB9KmbniKDqzbsGBi7V2TCB88PUMhRL9lViuxIDGwWMGnAoSKDXyYMaZE
1kL2mWlOQgLQn/c+9gOy9J+Gv1qohWdsHo+gCXd5KrLZ/rhbGrKbEV3yAh78Iegc
qlyxUk2eDeNUS6KIKz8b7jaee4sxbWvzM1JyKUEFJJrhGaUE1L3ESp7oXCWI/OmL
8NpOMGEb1nPmiI/xXKirKsA7BsC2uS6/GsebbULrvZ22jMki2oNpUJwuweKOiWQR
ZBwffUyu/0v24gsa0LA3uwpM08r5AKBPMHOignFV2fp4
-----END CERTIFICATE-----
Generated at Wed Jun 19 09:28:21 2024 by rpki-client on console-fra.rpki-client.org