Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/58wDQYpSZi5dQP_EshngEDMdfUk.roa
File: 58wDQYpSZi5dQP_EshngEDMdfUk.roa (raw, json)
Hash identifier: 6N5L2MqjsXydf5DCum+6pcpdiaIsYZa+5W9xPAvyemM=
Subject key identifier: E7:CC:03:41:8A:52:66:2E:5D:40:FF:C4:B2:19:E0:10:33:1D:7D:49
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 01936C8E5F05B18B4C16B7130052F4681259
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/58wDQYpSZi5dQP_EshngEDMdfUk.roa
Signing time: Wed 27 Nov 2024 07:38:09 +0000
ROA not before: Wed 27 Nov 2024 07:38:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29802
IP address blocks: 5.102.100.0/22 maxlen: 22
5.102.104.0/22 maxlen: 24
5.102.116.0/22 maxlen: 22
31.186.180.0/22 maxlen: 24
82.163.96.0/21 maxlen: 24
Validation: Failed, certificate revoked on Sat 30 Nov 2024 12:20:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:6c:8e:5f:05:b1:8b:4c:16:b7:13:00:52:f4:68:12:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Nov 27 07:38:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e7cc03418a52662e5d40ffc4b219e010331d7d49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:88:63:45:e9:85:cd:d8:9d:53:cb:6c:19:7b:
80:7e:0e:be:eb:99:8f:fe:c7:40:39:ab:8e:e7:ee:
82:43:cb:14:9b:f1:c5:97:97:9f:5d:d5:96:79:cd:
80:c7:c7:b4:19:c1:b9:18:4a:97:e9:31:d0:9d:fb:
3f:1f:7c:07:e2:67:2b:01:37:36:93:da:94:3a:01:
b0:f2:a7:90:a7:5d:c1:7f:42:6e:9a:e7:63:a3:aa:
08:7c:44:da:f5:24:c6:12:95:f3:aa:11:6f:97:4d:
87:64:e4:06:67:42:fd:1f:c6:9d:60:39:51:a7:fd:
dc:3c:b6:ad:12:e5:57:f2:40:18:4e:25:94:2d:0f:
12:0f:3b:82:78:96:ae:3a:1e:5c:fc:3e:aa:29:63:
7d:62:60:57:0b:dc:55:34:23:9d:65:a0:e0:82:1f:
3d:36:37:47:cf:a8:18:31:0a:42:28:eb:af:83:06:
30:d3:05:16:d4:79:d6:78:50:2f:36:6a:10:80:06:
3a:5b:c8:ae:bc:f1:4e:3a:39:10:0b:8c:ae:2d:b0:
47:ce:37:28:dc:88:07:d2:c4:17:6f:3d:de:8b:0a:
13:b0:2d:e8:7c:32:71:c9:70:71:5a:7d:dc:3a:b9:
1e:8a:15:76:1f:51:90:3f:64:76:7a:fe:bf:a1:51:
b5:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:CC:03:41:8A:52:66:2E:5D:40:FF:C4:B2:19:E0:10:33:1D:7D:49
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/58wDQYpSZi5dQP_EshngEDMdfUk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.100.0-5.102.107.255
5.102.116.0/22
31.186.180.0/22
82.163.96.0/21
Signature Algorithm: sha256WithRSAEncryption
28:24:db:07:1c:8f:26:60:91:6e:ac:ef:2e:f6:32:f7:4c:0d:
db:e6:34:ee:9e:e3:3f:ad:e9:33:f6:fb:2d:54:e6:77:19:b5:
26:93:af:81:5b:64:37:bc:cf:6e:5f:85:d8:95:5e:37:9f:c1:
cf:78:47:2a:9c:84:c4:b1:a3:1f:3e:08:ef:b1:79:c3:04:a8:
85:1f:58:b4:10:8f:26:05:ab:f8:c8:6d:27:d7:6c:10:9b:d1:
c4:61:45:13:91:d1:40:8f:cc:a3:dd:2e:d0:3e:1f:fd:2b:94:
d3:0e:ad:34:37:b3:36:3d:31:9f:0e:92:cb:07:c0:33:22:77:
e0:a5:a5:d5:f0:b9:07:eb:34:29:fc:05:2a:2b:d6:96:85:42:
0f:93:45:3c:f2:3a:5d:7f:23:24:1e:1f:03:10:72:8e:cb:92:
55:02:15:55:8b:55:e0:a8:6d:d3:b2:51:2e:ba:b5:7b:03:eb:
86:ce:fe:79:b7:50:15:ac:df:be:8d:5d:a1:75:a4:43:50:38:
bc:83:b0:ef:a8:4a:5c:84:88:8b:87:cb:dc:08:0c:40:a8:91:
74:ff:4f:16:e6:fd:39:f0:1d:a5:b0:c2:6d:0b:72:00:86:af:
d7:6b:64:66:e1:89:bd:04:37:73:65:e7:6c:ee:65:d1:89:97:
60:55:27:8f
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZNsjl8FsYtMFrcTAFL0aBJZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQxMTI3MDczODA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2NjMDM0MThhNTI2NjJlNWQ0MGZmYzRiMjE5ZTAxMDMzMWQ3ZDQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA24hjRemFzdidU8tsGXuAfg6+65mP
/sdAOauO5+6CQ8sUm/HFl5efXdWWec2Ax8e0GcG5GEqX6THQnfs/H3wH4mcrATc2
k9qUOgGw8qeQp13Bf0Jumudjo6oIfETa9STGEpXzqhFvl02HZOQGZ0L9H8adYDlR
p/3cPLatEuVX8kAYTiWULQ8SDzuCeJauOh5c/D6qKWN9YmBXC9xVNCOdZaDggh89
NjdHz6gYMQpCKOuvgwYw0wUW1HnWeFAvNmoQgAY6W8iuvPFOOjkQC4yuLbBHzjco
3IgH0sQXbz3eiwoTsC3ofDJxyXBxWn3cOrkeihV2H1GQP2R2ev6/oVG1UwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFOfMA0GKUmYuXUD/xLIZ4BAzHX1JMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvNTh3RFFZcFNaaTVkUVBfRXNobmdFRE1kZlVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBAIFZmQD
BAIFZmgDBAIFZnQDBAIfurQDBANSo2AwDQYJKoZIhvcNAQELBQADggEBACgk2wcc
jyZgkW6s7y72MvdMDdvmNO6e4z+t6TP2+y1U5ncZtSaTr4FbZDe8z25fhdiVXjef
wc94RyqchMSxox8+CO+xecMEqIUfWLQQjyYFq/jIbSfXbBCb0cRhRROR0UCPzKPd
LtA+H/0rlNMOrTQ3szY9MZ8OkssHwDMid+ClpdXwuQfrNCn8BSor1paFQg+TRTzy
Ol1/IyQeHwMQco7LklUCFVWLVeCobdOyUS66tXsD64bO/nm3UBWs376NXaF1pENQ
OLyDsO+oSlyEiIuHy9wIDECokXT/Txbm/TnwHaWwwm0LcgCGr9drZGbhib0EN3Nl
52zuZdGJl2BVJ48=
-----END CERTIFICATE-----
Generated at Sun Apr 20 14:55:42 2025 by rpki-client