Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/3tdc_CDQuyJ77z4crVgy8fL__x0.roa
File: 3tdc_CDQuyJ77z4crVgy8fL__x0.roa (raw, json)
Hash identifier: pxUQyUQ1MQcPY0V0x1yxGWGOpgX2nI6xajvsTs8xpSc=
Subject key identifier: DE:D7:5C:FC:20:D0:BB:22:7B:EF:3E:1C:AD:58:32:F1:F2:FF:FF:1D
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 0190772A4A2399CC13DB95701908EA07C917
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/3tdc_CDQuyJ77z4crVgy8fL__x0.roa
Signing time: Wed 03 Jul 2024 05:56:18 +0000
ROA not before: Wed 03 Jul 2024 05:56:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 5.102.96.0/20 maxlen: 24
5.102.96.0/21 maxlen: 24
82.163.54.0/23 maxlen: 24
86.104.164.0/22 maxlen: 24
89.46.180.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 04 Jul 2024 06:18:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:77:2a:4a:23:99:cc:13:db:95:70:19:08:ea:07:c9:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Jul 3 05:56:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ded75cfc20d0bb227bef3e1cad5832f1f2ffff1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:34:e6:4b:e7:1c:bf:7a:3a:9a:fa:fa:76:44:
a3:a4:1e:a0:d9:71:4f:b2:20:59:c0:1e:47:ff:1e:
a5:63:0e:2d:07:6f:5d:bc:94:82:cb:3a:0c:9b:fe:
3c:56:0c:53:4c:5a:3e:77:ad:ca:8d:e6:e2:f8:85:
38:17:33:bf:86:4d:82:93:e0:e6:9d:23:21:a3:f3:
a8:ae:79:99:2a:fe:6c:93:1f:4e:d7:42:59:e1:87:
8b:91:51:37:0a:ce:9a:24:3d:20:b5:24:ac:72:59:
01:63:e3:22:cb:20:ab:e3:44:b9:65:45:fc:da:18:
98:a9:e1:4d:8c:22:7a:99:fe:57:41:82:51:0f:47:
85:2e:5b:8b:f8:d2:1f:4c:03:02:4d:81:63:f4:9d:
2a:16:4a:64:63:73:2f:6a:e7:da:d4:5a:53:c0:f8:
c4:93:99:43:41:38:1c:31:c7:ac:be:f4:fe:ad:58:
e9:35:31:23:9d:35:83:cf:d8:d3:5f:ac:9b:c4:ef:
91:83:f4:8a:c3:76:48:2e:16:88:e3:db:d8:44:d0:
fb:72:e1:49:78:4b:6e:2f:aa:cc:26:3b:d4:68:d3:
4c:41:b8:8d:2e:96:78:13:51:7d:bd:f9:5d:5c:f8:
2d:98:a5:ed:6f:f6:0b:37:24:fe:a7:74:a6:02:7b:
1f:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:D7:5C:FC:20:D0:BB:22:7B:EF:3E:1C:AD:58:32:F1:F2:FF:FF:1D
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/3tdc_CDQuyJ77z4crVgy8fL__x0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0/20
82.163.54.0/23
86.104.164.0/22
89.46.180.0/22
Signature Algorithm: sha256WithRSAEncryption
1b:75:5a:b6:26:35:4c:d3:90:56:60:79:93:0d:e3:45:16:0c:
6d:23:49:50:2d:d5:d8:c5:ea:54:d6:ee:08:39:08:01:c8:2e:
f0:1c:bf:d7:cc:89:5a:06:08:7c:aa:ed:af:32:43:07:08:b9:
f5:7c:25:95:a3:5e:41:74:17:d0:18:5c:e4:5d:74:ae:82:80:
23:c0:3b:b9:8f:a9:35:0c:a4:5f:07:ba:be:d1:49:34:af:24:
27:2a:36:c8:13:c8:ae:d0:99:23:f4:6e:ec:ab:28:ce:b8:4e:
3d:22:d7:c3:0a:40:06:4e:61:3f:50:da:5d:2a:dc:d1:dc:32:
40:a6:bc:6a:ca:4f:f9:d6:74:f7:b3:a7:8b:11:d6:88:39:99:
09:c9:82:ab:b3:d7:ba:25:6f:c9:35:ac:c7:72:29:41:99:c9:
59:1e:df:fd:e3:16:35:80:eb:24:a2:e3:36:df:7b:9e:6c:3a:
f4:57:d3:4a:49:a1:63:da:aa:aa:ae:2e:39:22:bb:3d:e7:68:
37:7a:f0:c6:a6:c0:1d:52:d8:c2:d2:77:fb:e1:c7:b0:c6:09:
5b:44:d9:64:9a:b9:c2:fd:57:57:f2:47:3c:d1:bb:ce:e9:8e:
82:62:35:2c:4c:04:70:ab:35:6f:02:3f:85:b2:16:3b:60:33:
2b:94:10:ad
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZB3KkojmcwT25VwGQjqB8kXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQwNzAzMDU1NjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWQ3NWNmYzIwZDBiYjIyN2JlZjNlMWNhZDU4MzJmMWYyZmZmZjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAozTmS+ccv3o6mvr6dkSjpB6g2XFP
siBZwB5H/x6lYw4tB29dvJSCyzoMm/48VgxTTFo+d63Kjebi+IU4FzO/hk2Ck+Dm
nSMho/OornmZKv5skx9O10JZ4YeLkVE3Cs6aJD0gtSSsclkBY+MiyyCr40S5ZUX8
2hiYqeFNjCJ6mf5XQYJRD0eFLluL+NIfTAMCTYFj9J0qFkpkY3Mvaufa1FpTwPjE
k5lDQTgcMcesvvT+rVjpNTEjnTWDz9jTX6ybxO+Rg/SKw3ZILhaI49vYRND7cuFJ
eEtuL6rMJjvUaNNMQbiNLpZ4E1F9vfldXPgtmKXtb/YLNyT+p3SmAnsfwwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFN7XXPwg0Lsie+8+HK1YMvHy//8dMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvM3RkY19DRFF1eUo3N3o0Y3JWZ3k4ZkxfX3gwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQEBWZgAwQB
UqM2AwQCVmikAwQCWS60MA0GCSqGSIb3DQEBCwUAA4IBAQAbdVq2JjVM05BWYHmT
DeNFFgxtI0lQLdXYxepU1u4IOQgByC7wHL/XzIlaBgh8qu2vMkMHCLn1fCWVo15B
dBfQGFzkXXSugoAjwDu5j6k1DKRfB7q+0Uk0ryQnKjbIE8iu0Jkj9G7sqyjOuE49
ItfDCkAGTmE/UNpdKtzR3DJAprxqyk/51nT3s6eLEdaIOZkJyYKrs9e6JW/JNazH
cilBmclZHt/94xY1gOskouM233uebDr0V9NKSaFj2qqqri45Irs952g3evDGpsAd
UtjC0nf74cewxglbRNlkmrnC/VdX8kc80bvO6Y6CYjUsTARwqzVvAj+FshY7YDMr
lBCt
-----END CERTIFICATE-----
Generated at Thu Jul 4 07:19:34 2024 by rpki-client on console-ams.rpki-client.org