Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/7osLCH6m5bHH2EjEDEUGtSjlaNM.roa
File: 7osLCH6m5bHH2EjEDEUGtSjlaNM.roa (raw, json)
Hash identifier: 0DHnEBe2ymfoK5etFJPloCJl8N+5vHcs0KtBuKZVcFw=
Subject key identifier: EE:8B:0B:08:7E:A6:E5:B1:C7:D8:48:C4:0C:45:06:B5:28:E5:68:D3
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018BD81427BAB9C243BD9C3DE8B2F034D481
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/7osLCH6m5bHH2EjEDEUGtSjlaNM.roa
Signing time: Thu 16 Nov 2023 12:21:21 +0000
ROA not before: Thu 16 Nov 2023 12:21:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 5.102.96.0/19 maxlen: 24
5.102.96.0/20 maxlen: 24
5.102.112.0/20 maxlen: 24
Validation: Failed, certificate revoked on Sun 19 Nov 2023 07:23:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d8:14:27:ba:b9:c2:43:bd:9c:3d:e8:b2:f0:34:d4:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Nov 16 12:21:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ee8b0b087ea6e5b1c7d848c40c4506b528e568d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:6b:d4:97:92:bf:fa:36:42:02:14:43:40:a2:
a6:de:65:70:15:1c:83:c3:cf:db:c3:d0:29:70:1b:
54:c7:05:8a:a3:9d:ab:dd:55:1b:03:77:19:f4:f5:
d1:e4:f7:0b:69:ac:f5:16:9f:2b:ad:86:de:7f:62:
8b:f8:86:2d:c8:2f:03:d9:09:19:ac:af:c7:dd:75:
d5:38:4b:ab:44:a1:07:f0:a5:c7:61:02:d5:75:5c:
8d:e3:20:bd:e3:2a:da:ae:c1:8d:81:3c:73:33:4d:
9f:f9:d2:5c:16:e7:e1:cd:61:ba:4d:0f:1c:f8:19:
cf:5a:1c:a0:80:f2:a9:0e:00:cd:fe:3d:21:21:44:
30:d9:6b:c2:ac:88:08:28:96:ae:31:dc:b2:43:34:
7e:00:1d:ee:ae:bd:bd:3e:87:cc:25:0b:fb:95:79:
8f:d8:84:d2:d2:87:d3:19:b2:86:f0:74:25:9c:6b:
7e:e8:7b:cf:f8:32:40:8a:bb:25:b5:ed:8b:90:f2:
4d:4e:9c:85:ad:3a:3d:74:6c:63:64:e5:15:37:0b:
e3:dc:bc:58:10:64:08:2c:ef:21:25:ae:20:33:e1:
0a:80:99:4b:1b:fb:6e:fb:77:3c:88:8a:3c:a6:81:
9e:ca:33:df:41:74:69:21:c7:03:37:e9:cb:18:a0:
a4:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:8B:0B:08:7E:A6:E5:B1:C7:D8:48:C4:0C:45:06:B5:28:E5:68:D3
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/7osLCH6m5bHH2EjEDEUGtSjlaNM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0/19
Signature Algorithm: sha256WithRSAEncryption
13:3e:6f:9b:04:c2:21:50:bb:7f:2f:b9:18:93:04:79:95:42:
4b:9d:f8:b3:ab:cd:b6:0d:7e:1e:9e:eb:9c:98:5d:2e:20:12:
b1:5f:28:de:2c:a3:af:52:9c:b4:cc:e3:ba:4e:fc:12:23:df:
13:7e:e4:f5:de:5c:ea:d3:eb:fa:2f:1a:75:5e:aa:49:38:dc:
41:23:25:0b:fe:a6:83:e2:d5:36:da:be:2a:8a:40:5e:15:1c:
cc:91:e7:e5:f5:a6:03:e3:80:88:d0:b6:19:93:84:81:6b:34:
29:a5:ce:ad:4b:a5:4d:aa:7f:89:99:67:7d:95:d8:9c:28:61:
1d:db:f8:7e:ee:0f:55:e2:a5:0e:47:21:63:45:db:33:97:14:
b9:51:46:d8:11:1f:1a:40:00:9b:f3:72:86:3d:23:b7:a6:34:
56:25:16:a9:86:3e:db:c9:53:84:c8:17:cd:59:b6:0e:97:40:
61:18:81:ec:7a:0e:dd:a8:f0:95:5b:f3:6d:ae:89:c8:9d:6b:
b8:51:d0:12:e7:b1:d5:45:42:a9:e9:aa:50:c3:5c:9d:01:75:
2d:50:da:cd:00:16:ac:0e:d7:09:45:17:73:03:f1:c3:26:43:
63:ee:48:6c:94:a1:95:08:2d:b3:e5:81:ec:76:63:44:86:80:
bb:5b:60:d5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYvYFCe6ucJDvZw96LLwNNSBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMxMTE2MTIyMTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZThiMGIwODdlYTZlNWIxYzdkODQ4YzQwYzQ1MDZiNTI4ZTU2OGQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2vUl5K/+jZCAhRDQKKm3mVwFRyD
w8/bw9ApcBtUxwWKo52r3VUbA3cZ9PXR5PcLaaz1Fp8rrYbef2KL+IYtyC8D2QkZ
rK/H3XXVOEurRKEH8KXHYQLVdVyN4yC94yrarsGNgTxzM02f+dJcFufhzWG6TQ8c
+BnPWhyggPKpDgDN/j0hIUQw2WvCrIgIKJauMdyyQzR+AB3urr29PofMJQv7lXmP
2ITS0ofTGbKG8HQlnGt+6HvP+DJAirslte2LkPJNTpyFrTo9dGxjZOUVNwvj3LxY
EGQILO8hJa4gM+EKgJlLG/tu+3c8iIo8poGeyjPfQXRpIccDN+nLGKCk0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO6LCwh+puWxx9hIxAxFBrUo5WjTMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvN29zTENINm01YkhIMkVqRURFVUd0U2psYU5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFBWZgMA0G
CSqGSIb3DQEBCwUAA4IBAQATPm+bBMIhULt/L7kYkwR5lUJLnfizq822DX4enuuc
mF0uIBKxXyjeLKOvUpy0zOO6TvwSI98TfuT13lzq0+v6Lxp1XqpJONxBIyUL/qaD
4tU22r4qikBeFRzMkefl9aYD44CI0LYZk4SBazQppc6tS6VNqn+JmWd9ldicKGEd
2/h+7g9V4qUORyFjRdszlxS5UUbYER8aQACb83KGPSO3pjRWJRaphj7byVOEyBfN
WbYOl0BhGIHseg7dqPCVW/NtronInWu4UdAS57HVRUKp6apQw1ydAXUtUNrNABas
DtcJRRdzA/HDJkNj7khslKGVCC2z5YHsdmNEhoC7W2DV
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:46 2024 by rpki-client on console-ams.rpki-client.org