Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/8utz6JjSLtIaKHvH0NxJ4kn-Es0.roa
File: 8utz6JjSLtIaKHvH0NxJ4kn-Es0.roa (raw, json)
Hash identifier: Ey8az0iL8fWAvRbLhRo5450Y9jPyEZSrcHaMc0j4rM8=
Subject key identifier: F2:EB:73:E8:98:D2:2E:D2:1A:28:7B:C7:D0:DC:49:E2:49:FE:12:CD
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 019428240B63DE610091399A85F6E19DB538
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/8utz6JjSLtIaKHvH0NxJ4kn-Es0.roa
Signing time: Thu 02 Jan 2025 17:50:38 +0000
ROA not before: Thu 02 Jan 2025 17:50:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 5.102.116.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sat 04 Jan 2025 13:04:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:24:0b:63:de:61:00:91:39:9a:85:f6:e1:9d:b5:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Jan 2 17:50:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f2eb73e898d22ed21a287bc7d0dc49e249fe12cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:ed:6f:02:f1:79:4a:08:69:29:46:26:a5:2e:
70:6d:7c:20:6b:dc:78:a6:88:9e:e5:41:38:3d:ef:
64:8e:8e:92:c4:1e:9f:80:29:3b:06:48:f2:9c:71:
4b:dc:fb:2d:75:7b:22:1b:2f:b5:18:01:92:73:1b:
32:4c:65:f9:f2:c0:1e:21:53:2c:3c:6f:b2:64:8b:
9e:30:39:65:4c:ea:24:ec:8f:47:ea:2e:17:e7:82:
e9:8f:3e:88:fb:c3:34:1d:1f:88:5f:e4:d8:dc:cb:
a7:58:23:ce:9c:71:49:97:8d:12:31:6b:c6:37:d0:
41:94:8b:2a:71:e3:b3:61:1d:ec:04:30:3d:da:97:
ae:06:cb:2d:c9:e4:73:c2:e7:b2:58:69:b8:30:16:
04:54:6e:80:26:5d:c0:78:19:2f:b3:7b:6d:56:87:
fc:9b:cc:3e:36:8c:93:78:29:0e:27:c5:0c:2e:d2:
df:d2:51:4f:99:31:98:af:92:47:f3:05:85:c6:9b:
84:12:38:84:97:19:f6:0b:79:d1:f7:0c:5d:ce:f4:
4c:e0:ed:4a:b7:d6:bb:82:5a:12:7c:f0:bc:c8:a8:
50:5a:bf:06:e8:8a:8a:ca:9f:33:41:ec:dd:bd:ed:
02:b3:94:d9:a8:b0:ee:95:62:a5:93:d3:80:c9:53:
9f:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:EB:73:E8:98:D2:2E:D2:1A:28:7B:C7:D0:DC:49:E2:49:FE:12:CD
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/8utz6JjSLtIaKHvH0NxJ4kn-Es0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.116.0/22
Signature Algorithm: sha256WithRSAEncryption
62:df:8c:42:69:be:8a:a1:89:1e:f8:ba:51:74:a1:74:33:26:
74:f6:e4:b5:4d:0e:df:8a:c9:11:44:3d:b2:6c:b7:4a:23:65:
ae:e4:ca:41:b5:cd:12:cb:bb:2c:9e:03:02:d9:61:48:10:ab:
d1:09:fb:4e:4f:8c:83:3a:64:f2:2f:11:49:ac:91:29:2a:50:
7b:95:13:8c:2c:39:4a:45:37:24:4c:70:59:d6:fe:ff:2c:df:
cb:86:04:6f:4d:0a:dd:8b:31:7b:02:d0:6c:cd:e8:02:af:89:
79:34:f1:26:09:69:ac:12:83:e7:11:76:90:d0:e5:5b:11:05:
22:84:c1:d3:07:94:2e:83:e9:c2:99:a6:11:3d:28:9f:4a:c4:
3e:14:27:15:d2:25:fa:74:ad:87:af:d5:46:13:61:d5:f1:16:
e0:39:aa:dd:6e:2a:2c:54:ba:9a:5a:ca:36:fb:1f:e0:73:3a:
d6:18:b1:ae:a1:c0:9a:3b:f0:a5:52:d2:d0:34:d3:d5:3d:73:
23:7a:e7:0f:73:c9:0b:ec:58:64:a1:43:35:d8:85:16:81:52:
9f:77:98:1f:4b:26:c0:57:97:fd:44:f4:d8:ff:97:7a:42:08:
22:92:47:ed:22:6f:0c:62:5a:15:e9:43:56:0c:71:47:15:62:
08:f0:1c:ec
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJAtj3mEAkTmahfbhnbU4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjUwMTAyMTc1MDM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmViNzNlODk4ZDIyZWQyMWEyODdiYzdkMGRjNDllMjQ5ZmUxMmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5e1vAvF5SghpKUYmpS5wbXwga9x4
poie5UE4Pe9kjo6SxB6fgCk7BkjynHFL3PstdXsiGy+1GAGScxsyTGX58sAeIVMs
PG+yZIueMDllTOok7I9H6i4X54Lpjz6I+8M0HR+IX+TY3MunWCPOnHFJl40SMWvG
N9BBlIsqceOzYR3sBDA92peuBsstyeRzwueyWGm4MBYEVG6AJl3AeBkvs3ttVof8
m8w+NoyTeCkOJ8UMLtLf0lFPmTGYr5JH8wWFxpuEEjiElxn2C3nR9wxdzvRM4O1K
t9a7gloSfPC8yKhQWr8G6IqKyp8zQezdve0Cs5TZqLDulWKlk9OAyVOfnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPLrc+iY0i7SGih7x9DcSeJJ/hLNMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvOHV0ejZKalNMdElhS0h2SDBOeEo0a24tRXMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBWZ0MA0G
CSqGSIb3DQEBCwUAA4IBAQBi34xCab6KoYke+LpRdKF0MyZ09uS1TQ7fiskRRD2y
bLdKI2Wu5MpBtc0Sy7ssngMC2WFIEKvRCftOT4yDOmTyLxFJrJEpKlB7lROMLDlK
RTckTHBZ1v7/LN/LhgRvTQrdizF7AtBszegCr4l5NPEmCWmsEoPnEXaQ0OVbEQUi
hMHTB5Qug+nCmaYRPSifSsQ+FCcV0iX6dK2Hr9VGE2HV8RbgOardbiosVLqaWso2
+x/gczrWGLGuocCaO/ClUtLQNNPVPXMjeucPc8kL7FhkoUM12IUWgVKfd5gfSybA
V5f9RPTY/5d6QggikkftIm8MYloV6UNWDHFHFWII8Bzs
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:21:12 2025 by rpki-client