Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/3PoX_rwPmJceb_ZIO97lNeFwcvg.roa
File: 3PoX_rwPmJceb_ZIO97lNeFwcvg.roa (raw, json)
Hash identifier: 7mAeKW31n29RA1rm6gUHTm5tsfsyApCWFV1/PVUzVQM=
Subject key identifier: DC:FA:17:FE:BC:0F:98:97:1E:6F:F6:48:3B:DE:E5:35:E1:70:72:F8
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 0190F931BCD735BB0073D44CBC8ED1E5B53F
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/3PoX_rwPmJceb_ZIO97lNeFwcvg.roa
Signing time: Sun 28 Jul 2024 11:55:04 +0000
ROA not before: Sun 28 Jul 2024 11:55:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 5.102.96.0/20 maxlen: 24
5.102.96.0/21 maxlen: 24
5.102.96.0/22 maxlen: 24
46.20.216.0/21 maxlen: 24
Validation: Failed, certificate revoked on Sat 03 Aug 2024 07:54:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:f9:31:bc:d7:35:bb:00:73:d4:4c:bc:8e:d1:e5:b5:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Jul 28 11:55:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dcfa17febc0f98971e6ff6483bdee535e17072f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:a7:fa:ca:26:3f:cd:9a:ad:4b:0c:82:68:90:
69:e3:80:b9:a4:7f:ae:5d:4c:e4:a2:59:c0:0f:a0:
52:d9:76:8f:49:ee:3a:55:21:89:86:83:52:8f:c5:
70:f0:60:b7:4b:f3:36:49:6c:d2:ef:f1:6c:0d:30:
52:46:35:e9:fb:04:37:93:a4:7a:9a:69:b5:1d:d9:
7a:71:d8:08:cf:a7:80:b4:f3:ea:f6:4d:a4:51:97:
c8:a3:02:db:f4:97:5f:1c:27:6b:fe:8e:33:1f:45:
8b:f5:9b:d8:64:f8:f9:dc:c9:0d:0f:7e:57:82:64:
22:40:44:a5:83:d6:04:8e:aa:e1:04:48:a4:fd:80:
9c:93:9c:68:ed:32:ff:6c:d9:00:d3:b4:ca:53:f7:
ea:6c:71:f5:f9:91:ad:a1:cd:42:b8:a7:8d:6a:83:
ca:c8:58:22:0f:1a:83:62:52:80:a2:62:94:1a:9c:
f1:87:bf:5d:9d:3d:c1:2b:0c:bc:4f:59:c0:4a:de:
ce:48:38:8e:e8:1f:9d:13:71:f5:8e:38:20:c2:00:
a2:28:d3:b0:31:d6:43:42:c5:df:12:15:d0:84:af:
c7:df:28:98:c9:39:cb:15:a6:1a:32:a1:40:06:85:
f3:88:53:1e:a7:d8:a9:a9:e6:a9:60:b1:9d:c9:b3:
38:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:FA:17:FE:BC:0F:98:97:1E:6F:F6:48:3B:DE:E5:35:E1:70:72:F8
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/3PoX_rwPmJceb_ZIO97lNeFwcvg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0/20
46.20.216.0/21
Signature Algorithm: sha256WithRSAEncryption
48:f4:6a:a1:0f:41:21:ce:c6:f8:41:88:da:af:a7:68:ff:f4:
2b:94:f2:46:39:48:70:fc:03:82:19:28:66:28:a3:82:66:29:
a2:cf:b7:ab:20:6e:8a:ef:32:e5:57:f2:25:2d:01:6f:a4:d3:
4f:5b:8f:c7:a5:44:13:f9:ce:f0:4f:21:17:64:67:48:a5:36:
fe:c4:d9:15:14:8e:b6:ac:4a:5e:3e:89:9b:74:f0:fe:6f:0f:
e4:e4:0d:67:28:7d:91:51:b0:2f:c5:ef:c4:dd:60:64:d4:96:
5f:4b:ff:f8:b9:8d:c3:a1:f5:2d:5c:e0:1f:ec:21:7a:b6:a0:
8a:44:34:d0:51:1a:6a:73:3d:2d:e3:6f:bc:67:49:ba:7c:e4:
33:a1:28:22:8c:0f:52:9c:f8:8e:e8:ad:d4:8d:81:39:da:9b:
29:98:aa:89:e2:68:cd:9f:0f:e6:86:0a:95:88:29:22:99:b2:
b3:6c:2a:6d:92:df:b4:25:28:55:8f:d2:d0:08:2e:58:15:6c:
bd:73:ed:c5:7c:70:94:fa:88:6b:eb:cf:14:c9:fb:9c:e0:95:
6c:a8:eb:a1:bf:c5:d3:bb:a3:83:ec:d0:95:80:8b:57:24:4c:
ad:f3:db:9b:9f:81:25:ff:1a:7b:bf:d3:a9:40:2b:cd:1f:26:
4f:9e:6c:83
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZD5MbzXNbsAc9RMvI7R5bU/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQwNzI4MTE1NTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2ZhMTdmZWJjMGY5ODk3MWU2ZmY2NDgzYmRlZTUzNWUxNzA3MmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvKf6yiY/zZqtSwyCaJBp44C5pH+u
XUzkolnAD6BS2XaPSe46VSGJhoNSj8Vw8GC3S/M2SWzS7/FsDTBSRjXp+wQ3k6R6
mmm1Hdl6cdgIz6eAtPPq9k2kUZfIowLb9JdfHCdr/o4zH0WL9ZvYZPj53MkND35X
gmQiQESlg9YEjqrhBEik/YCck5xo7TL/bNkA07TKU/fqbHH1+ZGtoc1CuKeNaoPK
yFgiDxqDYlKAomKUGpzxh79dnT3BKwy8T1nASt7OSDiO6B+dE3H1jjggwgCiKNOw
MdZDQsXfEhXQhK/H3yiYyTnLFaYaMqFABoXziFMep9ipqeapYLGdybM4BwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNz6F/68D5iXHm/2SDve5TXhcHL4MB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvM1BvWF9yd1BtSmNlYl9aSU85N2xOZUZ3Y3ZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEBWZgAwQD
LhTYMA0GCSqGSIb3DQEBCwUAA4IBAQBI9GqhD0Ehzsb4QYjar6do//QrlPJGOUhw
/AOCGShmKKOCZimiz7erIG6K7zLlV/IlLQFvpNNPW4/HpUQT+c7wTyEXZGdIpTb+
xNkVFI62rEpePombdPD+bw/k5A1nKH2RUbAvxe/E3WBk1JZfS//4uY3DofUtXOAf
7CF6tqCKRDTQURpqcz0t42+8Z0m6fOQzoSgijA9SnPiO6K3UjYE52pspmKqJ4mjN
nw/mhgqViCkimbKzbCptkt+0JShVj9LQCC5YFWy9c+3FfHCU+ohr688Uyfuc4JVs
qOuhv8XTu6OD7NCVgItXJEyt89ubn4El/xp7v9OpQCvNHyZPnmyD
-----END CERTIFICATE-----
Generated at Sat Aug 3 09:29:40 2024 by rpki-client on console-ams.rpki-client.org