Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/DxGZOXZSr00vgY1KnVQ_eBHDSAc.roa
File: DxGZOXZSr00vgY1KnVQ_eBHDSAc.roa (raw, json)
Hash identifier: PY7PKC0gKpe9enpgDmr500ywgLGfcXvQsoDBAVg5GKo=
Subject key identifier: 0F:11:99:39:76:52:AF:4D:2F:81:8D:4A:9D:54:3F:78:11:C3:48:07
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 01908C6CB84F57088E870F9581853BE50FAE
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/DxGZOXZSr00vgY1KnVQ_eBHDSAc.roa
Signing time: Sun 07 Jul 2024 09:00:53 +0000
ROA not before: Sun 07 Jul 2024 09:00:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 5.102.96.0/20 maxlen: 24
5.102.96.0/21 maxlen: 24
5.102.108.0/22 maxlen: 24
46.20.216.0/21 maxlen: 24
86.104.164.0/22 maxlen: 24
89.46.180.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 11 Jul 2024 16:56:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:8c:6c:b8:4f:57:08:8e:87:0f:95:81:85:3b:e5:0f:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Jul 7 09:00:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0f1199397652af4d2f818d4a9d543f7811c34807
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:6b:cb:74:1a:4d:f4:9b:35:3b:6f:06:2e:89:
5f:e4:c8:8a:b0:0d:72:3f:c5:a8:65:97:68:9e:87:
98:79:f6:93:8e:4c:67:3d:6d:00:60:bd:71:63:ba:
b6:4f:8a:73:77:bd:51:ad:fd:42:33:d7:40:33:0f:
6c:e4:f7:61:73:e9:22:e2:3e:81:cb:36:6b:4c:9c:
f4:12:36:9a:b1:72:b2:ee:4c:6f:2b:d0:f9:1b:2b:
e1:6e:14:ba:8b:fe:31:4a:6d:51:23:5a:03:27:e0:
4c:b1:1b:5e:42:ce:a9:7e:b9:fa:a6:24:b6:50:e1:
38:f7:eb:39:93:15:a8:d2:52:f3:8d:e9:e2:e8:23:
0a:38:b3:d3:6d:05:19:d2:aa:b2:ff:00:3b:0a:4f:
d2:91:1b:d2:74:08:85:5e:aa:4d:3a:f1:5b:bf:af:
ad:7e:2d:0d:69:dd:44:ab:85:79:fb:d1:15:70:d6:
75:4b:2b:f3:5d:a0:99:5c:62:da:3e:96:f5:28:93:
d7:49:6f:b2:bc:85:a4:89:75:7b:36:3c:e4:74:75:
e7:d6:b5:01:4d:50:9b:71:fc:88:78:58:a7:85:fb:
66:2f:a9:45:54:84:3e:3d:af:46:35:17:af:16:af:
62:f6:ff:33:a5:e9:5d:95:26:11:b9:03:6d:cf:68:
a2:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:11:99:39:76:52:AF:4D:2F:81:8D:4A:9D:54:3F:78:11:C3:48:07
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/DxGZOXZSr00vgY1KnVQ_eBHDSAc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0/20
46.20.216.0/21
86.104.164.0/22
89.46.180.0/22
Signature Algorithm: sha256WithRSAEncryption
34:a1:83:e7:9f:97:a8:9e:73:0c:54:0c:db:b7:39:2a:57:37:
91:63:3c:d0:eb:57:7c:34:be:95:4e:79:cc:f3:2c:98:a4:79:
cc:8c:63:9e:c0:ad:22:34:39:fe:78:69:4f:ca:d6:56:d4:c5:
a3:f3:b2:7b:fd:3a:58:e7:09:f5:34:22:33:a7:7d:47:cb:08:
11:8f:6f:97:43:8d:47:49:2b:5c:fc:55:56:81:f1:81:94:57:
1f:8c:7a:c7:4b:f1:e3:b1:3f:69:a3:47:54:1f:75:4c:bd:e4:
97:cd:9b:de:26:37:cb:60:e1:7c:d3:c0:3a:48:20:7d:b3:10:
de:85:f4:de:e0:70:34:f4:6f:4b:6a:b4:90:3b:d8:ee:60:61:
04:fd:d8:5e:22:d7:9a:54:2f:7f:bc:98:41:83:31:2f:61:f1:
3d:a2:a3:39:b9:0e:93:ee:6f:19:37:35:37:9c:07:dc:4f:47:
79:3e:9d:75:ba:ec:4b:04:62:2b:36:af:fc:91:1a:bc:37:37:
2e:f1:8c:b4:d5:11:30:60:c1:48:0e:8c:f9:f8:95:42:21:04:
d6:fd:1a:b8:e5:2d:08:f9:f9:61:ca:f6:2d:75:18:bb:42:10:
5d:bc:cb:a0:2f:a6:90:04:9a:cf:f9:7b:ec:6a:e7:c0:a7:54:
a3:c3:c4:2b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZCMbLhPVwiOhw+VgYU75Q+uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQwNzA3MDkwMDUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjExOTkzOTc2NTJhZjRkMmY4MThkNGE5ZDU0M2Y3ODExYzM0ODA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApmvLdBpN9Js1O28GLolf5MiKsA1y
P8WoZZdonoeYefaTjkxnPW0AYL1xY7q2T4pzd71Rrf1CM9dAMw9s5Pdhc+ki4j6B
yzZrTJz0EjaasXKy7kxvK9D5GyvhbhS6i/4xSm1RI1oDJ+BMsRteQs6pfrn6piS2
UOE49+s5kxWo0lLzjeni6CMKOLPTbQUZ0qqy/wA7Ck/SkRvSdAiFXqpNOvFbv6+t
fi0Nad1Eq4V5+9EVcNZ1SyvzXaCZXGLaPpb1KJPXSW+yvIWkiXV7NjzkdHXn1rUB
TVCbcfyIeFinhftmL6lFVIQ+Pa9GNRevFq9i9v8zpeldlSYRuQNtz2iiIwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFA8RmTl2Uq9NL4GNSp1UP3gRw0gHMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvRHhHWk9YWlNyMDB2Z1kxS25WUV9lQkhEU0FjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQEBWZgAwQD
LhTYAwQCVmikAwQCWS60MA0GCSqGSIb3DQEBCwUAA4IBAQA0oYPnn5eonnMMVAzb
tzkqVzeRYzzQ61d8NL6VTnnM8yyYpHnMjGOewK0iNDn+eGlPytZW1MWj87J7/TpY
5wn1NCIzp31HywgRj2+XQ41HSStc/FVWgfGBlFcfjHrHS/HjsT9po0dUH3VMveSX
zZveJjfLYOF808A6SCB9sxDehfTe4HA09G9LarSQO9juYGEE/dheIteaVC9/vJhB
gzEvYfE9oqM5uQ6T7m8ZNzU3nAfcT0d5Pp11uuxLBGIrNq/8kRq8Nzcu8Yy01REw
YMFIDoz5+JVCIQTW/Rq45S0I+flhyvYtdRi7QhBdvMugL6aQBJrP+XvsaufAp1Sj
w8Qr
-----END CERTIFICATE-----
Generated at Thu Jul 11 19:21:51 2024 by rpki-client on console-ams.rpki-client.org