Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/87ddpHYZy_WQ1Bze-qV0vBpUxWs.roa
File: 87ddpHYZy_WQ1Bze-qV0vBpUxWs.roa (raw, json)
Hash identifier: LSFi8Y2o9YiNvVY0GOwktJyL/JYsHeq0jKA+IMy6rJU=
Subject key identifier: F3:B7:5D:A4:76:19:CB:F5:90:D4:1C:DE:FA:A5:74:BC:1A:54:C5:6B
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 0192DC493197266135AB8A258A9B540DF1C4
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/87ddpHYZy_WQ1Bze-qV0vBpUxWs.roa
Signing time: Wed 30 Oct 2024 07:17:17 +0000
ROA not before: Wed 30 Oct 2024 07:17:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 5.102.96.0/20 maxlen: 24
5.102.96.0/21 maxlen: 24
5.102.96.0/22 maxlen: 24
5.102.100.0/22 maxlen: 24
5.102.116.0/22 maxlen: 24
82.163.96.0/21 maxlen: 24
Validation: Failed, certificate revoked on Wed 30 Oct 2024 10:32:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:dc:49:31:97:26:61:35:ab:8a:25:8a:9b:54:0d:f1:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Oct 30 07:17:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f3b75da47619cbf590d41cdefaa574bc1a54c56b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:9e:0e:89:8e:65:f8:81:a7:e7:ec:dd:c0:ee:
a9:5b:93:fe:17:69:c4:34:c1:fa:93:45:d0:a3:df:
24:6f:0c:a5:a3:c5:b8:e9:1d:be:fd:0d:2c:38:c1:
55:df:93:d3:35:be:4f:d5:91:bb:8e:18:02:87:7f:
09:d1:6f:42:92:d2:47:30:e3:f0:c0:0f:55:34:04:
e1:e3:1e:87:86:56:da:7d:5f:ef:44:ab:a1:52:59:
1e:68:77:8c:cf:b9:ba:2b:30:ef:98:03:19:ce:82:
25:1b:b4:8e:e1:d3:d1:56:54:c4:f7:31:f2:9e:8d:
a7:27:f0:e3:69:1a:a2:01:51:23:24:dc:78:e6:5a:
0e:43:91:20:3a:f5:be:f0:36:44:a9:16:95:04:02:
5c:f4:5a:02:a3:e3:cd:3c:3d:ec:d0:ce:09:66:d5:
2b:b8:ce:51:f8:bb:7a:55:98:c9:de:9b:5f:4e:76:
4d:6f:9e:76:e4:fd:e1:ca:04:57:d5:1d:e7:14:37:
bd:ff:d5:a8:6c:9c:1d:95:51:ab:fe:2d:85:ca:95:
0e:c8:df:f9:94:ec:a0:ed:dc:70:ec:4b:03:86:be:
3c:4f:4e:5c:4b:91:27:28:44:72:af:9b:28:3b:4b:
c9:22:9c:5e:7d:49:cc:c3:bd:1a:39:a7:25:4d:9f:
46:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:B7:5D:A4:76:19:CB:F5:90:D4:1C:DE:FA:A5:74:BC:1A:54:C5:6B
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/87ddpHYZy_WQ1Bze-qV0vBpUxWs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0/20
5.102.116.0/22
82.163.96.0/21
Signature Algorithm: sha256WithRSAEncryption
4f:1b:25:86:eb:7f:0f:4f:0d:97:a4:9f:2a:2b:08:c6:aa:ec:
89:03:dd:cf:be:7b:7b:a9:d4:b2:ab:e1:67:4f:96:de:3c:18:
46:08:89:2a:d8:42:d5:ad:ef:6e:9e:e7:f9:42:e6:08:cd:bd:
9b:71:db:7e:e8:7b:82:5b:50:75:14:50:6f:95:82:7e:61:78:
f1:ad:e9:6c:11:f9:18:b3:3c:01:44:e9:86:ab:91:43:aa:64:
ed:05:ce:0b:c8:61:a6:6e:8c:3d:3e:7c:d8:ea:a6:80:b5:22:
27:f8:6e:9b:c8:cb:cb:b4:54:7a:eb:99:c8:9a:4f:8c:30:78:
54:d5:15:20:43:17:80:7c:d0:26:27:16:14:ab:72:95:57:a5:
bf:27:68:54:5c:02:fe:9b:13:56:a3:67:ae:8e:25:1c:dc:3d:
85:e5:12:36:33:17:67:60:35:90:29:c1:10:bf:e9:30:01:c0:
d6:ff:cf:a4:45:82:b8:12:bc:27:e8:1f:23:dd:1a:9d:51:be:
3c:84:5c:29:c8:68:59:96:b8:7a:85:90:81:93:ad:c9:97:2f:
a3:22:64:94:ac:c5:ec:ab:95:4d:0f:2d:9e:34:d5:5e:34:ec:
15:d8:07:c0:0f:28:c9:11:3c:c6:22:bb:b7:52:80:ee:52:c2:
a1:14:88:46
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZLcSTGXJmE1q4oliptUDfHEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQxMDMwMDcxNzE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2I3NWRhNDc2MTljYmY1OTBkNDFjZGVmYWE1NzRiYzFhNTRjNTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArp4OiY5l+IGn5+zdwO6pW5P+F2nE
NMH6k0XQo98kbwylo8W46R2+/Q0sOMFV35PTNb5P1ZG7jhgCh38J0W9CktJHMOPw
wA9VNATh4x6HhlbafV/vRKuhUlkeaHeMz7m6KzDvmAMZzoIlG7SO4dPRVlTE9zHy
no2nJ/DjaRqiAVEjJNx45loOQ5EgOvW+8DZEqRaVBAJc9FoCo+PNPD3s0M4JZtUr
uM5R+Lt6VZjJ3ptfTnZNb5525P3hygRX1R3nFDe9/9WobJwdlVGr/i2FypUOyN/5
lOyg7dxw7EsDhr48T05cS5EnKERyr5soO0vJIpxefUnMw70aOaclTZ9GjQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPO3XaR2Gcv1kNQc3vqldLwaVMVrMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvODdkZHBIWVp5X1dRMUJ6ZS1xVjB2QnBVeFdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEBWZgAwQC
BWZ0AwQDUqNgMA0GCSqGSIb3DQEBCwUAA4IBAQBPGyWG638PTw2XpJ8qKwjGquyJ
A93Pvnt7qdSyq+FnT5bePBhGCIkq2ELVre9unuf5QuYIzb2bcdt+6HuCW1B1FFBv
lYJ+YXjxrelsEfkYszwBROmGq5FDqmTtBc4LyGGmbow9PnzY6qaAtSIn+G6byMvL
tFR665nImk+MMHhU1RUgQxeAfNAmJxYUq3KVV6W/J2hUXAL+mxNWo2eujiUc3D2F
5RI2MxdnYDWQKcEQv+kwAcDW/8+kRYK4Erwn6B8j3RqdUb48hFwpyGhZlrh6hZCB
k63Jly+jImSUrMXsq5VNDy2eNNVeNOwV2AfADyjJETzGIru3UoDuUsKhFIhG
-----END CERTIFICATE-----
Generated at Wed Oct 30 14:14:25 2024 by rpki-client on console-fra.rpki-client.org