Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/AibYgxQnG4eJu0NKbRNf70Eezjk.roa
File: AibYgxQnG4eJu0NKbRNf70Eezjk.roa (raw, json)
Hash identifier: Ahjq+76/D3IVsQdUJFOUZXMLow5yOVU7M5EopdOxNOI=
Subject key identifier: 02:26:D8:83:14:27:1B:87:89:BB:43:4A:6D:13:5F:EF:41:1E:CE:39
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 0193AF6C2E28421118BF61335F7ECCDE6FF3
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/AibYgxQnG4eJu0NKbRNf70Eezjk.roa
Signing time: Tue 10 Dec 2024 07:15:22 +0000
ROA not before: Tue 10 Dec 2024 07:15:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 5.102.100.0/22 maxlen: 24
82.163.172.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 11 Dec 2024 13:05:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:af:6c:2e:28:42:11:18:bf:61:33:5f:7e:cc:de:6f:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Dec 10 07:15:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0226d88314271b8789bb434a6d135fef411ece39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:5d:a9:5b:7b:19:76:72:58:dd:3c:d9:1f:c1:
70:48:a7:1e:f5:72:2c:0e:c7:cc:93:61:aa:c6:82:
75:36:5d:61:2f:70:92:a2:22:a5:a3:2c:7a:cf:5f:
56:6c:5b:36:1c:a6:ad:db:81:72:6b:30:59:cb:ec:
ef:e1:a1:09:dc:1e:2f:82:96:ce:0b:e3:39:24:0c:
33:52:b8:4e:68:c4:dd:db:23:dd:e6:63:d0:aa:af:
ca:bd:80:1f:8e:28:4e:6a:6c:d4:fa:ae:3c:86:46:
e5:6e:96:24:c2:f5:c8:e4:8a:be:01:f6:9e:2d:8e:
bf:55:5c:22:b9:9b:62:47:32:cb:33:72:7c:9e:8f:
8f:7f:e6:d6:f9:e0:ea:fd:66:18:3f:93:aa:72:27:
83:4a:d8:9f:5c:52:58:76:0f:2c:f2:f5:d6:0f:01:
65:d7:bd:db:97:d5:e8:24:e7:64:bc:5a:55:f3:73:
d0:ea:f1:e8:7e:50:10:fe:f1:5c:21:75:87:2c:0d:
79:f3:df:93:cf:92:bc:38:2b:bc:fc:fe:70:5b:d1:
cb:60:f1:31:a0:ed:61:62:bc:1e:fa:2d:55:5f:6e:
f7:eb:a6:46:d2:2b:af:33:ab:bc:01:2f:f9:80:9d:
e0:3f:9c:96:17:40:8c:2a:7f:2b:8a:da:4b:af:cc:
08:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:26:D8:83:14:27:1B:87:89:BB:43:4A:6D:13:5F:EF:41:1E:CE:39
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/AibYgxQnG4eJu0NKbRNf70Eezjk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.100.0/22
82.163.172.0/22
Signature Algorithm: sha256WithRSAEncryption
79:57:76:85:12:ca:e7:42:c3:bf:8e:d7:76:1b:83:47:43:2f:
dc:68:9b:ee:f0:47:9e:85:b2:d4:54:1d:d7:b0:ea:1a:92:6a:
14:cc:73:d3:54:dc:e6:e4:4a:f6:0b:a8:b1:43:00:bb:80:e7:
e0:51:01:0d:75:26:2a:7c:8d:dc:99:ab:92:83:2c:43:19:c3:
d9:74:e6:b7:f0:9b:17:57:11:9f:45:66:58:57:23:0c:88:1a:
e4:9a:e7:fb:b4:d5:91:34:e7:77:1c:09:3c:f0:b2:ce:80:05:
4f:18:f0:ad:14:8d:0a:c1:07:c0:0f:d8:68:61:ea:b3:9c:97:
c2:a0:42:d8:01:0e:91:3f:28:92:7e:e8:17:53:c4:77:58:88:
34:44:b5:2a:87:25:c1:46:36:a0:40:5b:8e:d5:60:96:50:45:
cd:bc:33:8c:60:34:f4:0b:a6:5b:69:9c:3d:a2:a7:8e:eb:d9:
f7:77:a1:fa:a5:56:da:5a:a8:0e:ff:14:2f:28:56:89:7d:cc:
83:cd:40:09:bb:74:64:3f:04:cc:ad:d5:c4:fc:ba:02:94:d0:
94:0f:aa:fd:c0:6f:8a:a3:4e:32:35:e7:78:8e:25:61:7f:73:
57:52:9a:b4:87:d7:20:c2:77:a5:f1:8b:af:a8:a6:16:e5:d0:
96:99:f8:1c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZOvbC4oQhEYv2EzX37M3m/zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQxMjEwMDcxNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjI2ZDg4MzE0MjcxYjg3ODliYjQzNGE2ZDEzNWZlZjQxMWVjZTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAql2pW3sZdnJY3TzZH8FwSKce9XIs
DsfMk2GqxoJ1Nl1hL3CSoiKloyx6z19WbFs2HKat24FyazBZy+zv4aEJ3B4vgpbO
C+M5JAwzUrhOaMTd2yPd5mPQqq/KvYAfjihOamzU+q48hkblbpYkwvXI5Iq+Afae
LY6/VVwiuZtiRzLLM3J8no+Pf+bW+eDq/WYYP5OqcieDStifXFJYdg8s8vXWDwFl
173bl9XoJOdkvFpV83PQ6vHoflAQ/vFcIXWHLA1589+Tz5K8OCu8/P5wW9HLYPEx
oO1hYrwe+i1VX27366ZG0iuvM6u8AS/5gJ3gP5yWF0CMKn8ritpLr8wIvQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAIm2IMUJxuHibtDSm0TX+9BHs45MB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvQWliWWd4UW5HNGVKdTBOS2JSTmY3MEVlemprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCBWZkAwQC
UqOsMA0GCSqGSIb3DQEBCwUAA4IBAQB5V3aFEsrnQsO/jtd2G4NHQy/caJvu8Eee
hbLUVB3XsOoakmoUzHPTVNzm5Er2C6ixQwC7gOfgUQENdSYqfI3cmauSgyxDGcPZ
dOa38JsXVxGfRWZYVyMMiBrkmuf7tNWRNOd3HAk88LLOgAVPGPCtFI0KwQfAD9ho
YeqznJfCoELYAQ6RPyiSfugXU8R3WIg0RLUqhyXBRjagQFuO1WCWUEXNvDOMYDT0
C6ZbaZw9oqeO69n3d6H6pVbaWqgO/xQvKFaJfcyDzUAJu3RkPwTMrdXE/LoClNCU
D6r9wG+Ko04yNed4jiVhf3NXUpq0h9cgwnel8YuvqKYW5dCWmfgc
-----END CERTIFICATE-----
Generated at Sat Apr 19 16:01:33 2025 by rpki-client