Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/Ekh9zmTOEgPggn3a2_SdS7O4f-A.roa
File: Ekh9zmTOEgPggn3a2_SdS7O4f-A.roa (raw, json)
Hash identifier: MRqypmwE1D+7UIlPWvNlRM35Zi2x3JuljVC9Noki9tk=
Subject key identifier: 12:48:7D:CE:64:CE:12:03:E0:82:7D:DA:DB:F4:9D:4B:B3:B8:7F:E0
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 01915A09392694FD9D9AA793A92D0FECEE88
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/Ekh9zmTOEgPggn3a2_SdS7O4f-A.roa
Signing time: Fri 16 Aug 2024 07:13:59 +0000
ROA not before: Fri 16 Aug 2024 07:13:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 5.102.96.0/20 maxlen: 24
5.102.96.0/21 maxlen: 24
5.102.96.0/22 maxlen: 24
5.102.112.0/22 maxlen: 24
82.163.54.0/23 maxlen: 23
82.163.96.0/21 maxlen: 24
Validation: Failed, certificate revoked on Sun 25 Aug 2024 07:54:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:5a:09:39:26:94:fd:9d:9a:a7:93:a9:2d:0f:ec:ee:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Aug 16 07:13:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=12487dce64ce1203e0827ddadbf49d4bb3b87fe0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:3a:26:3b:98:89:4f:80:cf:07:dc:3c:d9:2a:
e6:08:35:c9:a9:6f:dd:a4:43:b8:bd:17:0e:f9:78:
df:3e:45:2b:2f:ec:15:2b:7d:cd:7a:fa:2a:20:88:
14:34:e3:a1:75:7d:4f:b4:0a:d7:dd:8d:cd:e6:27:
d0:fa:33:dd:bb:8c:bd:e0:dd:a6:c5:b9:96:c2:79:
32:7d:a8:e7:cd:db:a8:e8:47:24:82:70:83:41:24:
cc:17:3d:21:f9:f4:97:47:6e:54:37:5e:a8:4b:96:
3f:0c:d6:48:bc:55:0e:43:bf:07:f2:23:17:fb:16:
8a:ac:0b:00:78:85:ac:48:43:2a:81:0a:3d:6e:f4:
26:e9:24:70:c0:9c:a6:df:7d:eb:bc:61:0d:e9:2b:
9f:46:e1:a5:d0:77:fd:ef:2c:8c:85:57:da:de:85:
88:ac:56:c6:b4:e7:59:80:f5:6c:94:59:b2:21:60:
d3:75:52:8b:28:db:37:6c:90:87:03:86:12:32:d8:
1a:de:b5:04:3b:0e:4f:d6:34:c0:6e:78:98:5d:49:
64:9f:e2:b9:cf:fb:64:94:40:4e:cc:67:27:94:d9:
c6:67:fd:31:10:4e:41:0d:80:b3:3f:b3:57:b3:0f:
4f:10:e7:73:3d:72:58:d4:fb:a0:85:a2:68:1b:99:
d7:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:48:7D:CE:64:CE:12:03:E0:82:7D:DA:DB:F4:9D:4B:B3:B8:7F:E0
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/Ekh9zmTOEgPggn3a2_SdS7O4f-A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0-5.102.115.255
82.163.54.0/23
82.163.96.0/21
Signature Algorithm: sha256WithRSAEncryption
6b:f0:d8:fe:76:f7:bd:d1:70:f6:d1:5f:f6:ad:54:79:d0:98:
96:21:f0:fe:cb:bd:d1:42:d1:74:40:02:a6:76:dc:0a:ea:cf:
34:52:ef:8a:0a:02:76:b5:6c:b8:73:5c:5d:f2:22:5c:19:18:
35:43:61:cb:db:0f:0b:5b:d0:a5:a9:00:9a:a8:81:51:29:a3:
d9:e7:75:e3:0d:3d:b4:e3:03:37:63:5d:21:c4:c6:57:c3:39:
fa:01:5f:3e:4f:b5:9d:5b:34:1b:23:8e:f0:c4:54:72:26:72:
cf:63:66:05:44:c5:db:65:c7:48:ab:cd:ee:eb:ba:b5:d8:9a:
2e:7a:76:0c:21:0f:cb:e0:10:84:82:b1:a2:0e:52:d4:55:f7:
2c:0a:bc:21:f8:2e:50:68:8a:ac:58:2a:e4:0d:a5:2a:d3:3e:
f8:03:bf:35:09:1a:68:45:0e:a6:3e:ba:e2:56:94:49:f2:09:
e5:81:30:a5:cf:ff:61:5b:d8:fc:01:a4:fe:fc:ad:d9:8b:ce:
72:3a:77:be:ef:41:bf:8c:5b:5b:8e:9b:70:41:fc:c3:ec:24:
24:e6:f2:36:b7:a3:01:7e:45:17:a8:6e:91:4d:bc:c0:46:0a:
72:de:a7:f8:8f:b2:6c:70:c5:33:24:52:7b:01:f5:29:43:df:
fd:93:2f:7d
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZFaCTkmlP2dmqeTqS0P7O6IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQwODE2MDcxMzU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjQ4N2RjZTY0Y2UxMjAzZTA4MjdkZGFkYmY0OWQ0YmIzYjg3ZmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3DomO5iJT4DPB9w82SrmCDXJqW/d
pEO4vRcO+XjfPkUrL+wVK33NevoqIIgUNOOhdX1PtArX3Y3N5ifQ+jPdu4y94N2m
xbmWwnkyfajnzduo6EckgnCDQSTMFz0h+fSXR25UN16oS5Y/DNZIvFUOQ78H8iMX
+xaKrAsAeIWsSEMqgQo9bvQm6SRwwJym333rvGEN6SufRuGl0Hf97yyMhVfa3oWI
rFbGtOdZgPVslFmyIWDTdVKLKNs3bJCHA4YSMtga3rUEOw5P1jTAbniYXUlkn+K5
z/tklEBOzGcnlNnGZ/0xEE5BDYCzP7NXsw9PEOdzPXJY1PughaJoG5nXhQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFBJIfc5kzhID4IJ92tv0nUuzuH/gMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvRWtoOXptVE9FZ1BnZ24zYTJfU2RTN080Zi1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAUFZmAD
BAIFZnADBAFSozYDBANSo2AwDQYJKoZIhvcNAQELBQADggEBAGvw2P52973RcPbR
X/atVHnQmJYh8P7LvdFC0XRAAqZ23ArqzzRS74oKAna1bLhzXF3yIlwZGDVDYcvb
Dwtb0KWpAJqogVEpo9nndeMNPbTjAzdjXSHExlfDOfoBXz5PtZ1bNBsjjvDEVHIm
cs9jZgVExdtlx0irze7rurXYmi56dgwhD8vgEISCsaIOUtRV9ywKvCH4LlBoiqxY
KuQNpSrTPvgDvzUJGmhFDqY+uuJWlEnyCeWBMKXP/2Fb2PwBpP78rdmLznI6d77v
Qb+MW1uOm3BB/MPsJCTm8ja3owF+RReobpFNvMBGCnLep/iPsmxwxTMkUnsB9SlD
3/2TL30=
-----END CERTIFICATE-----
Generated at Sun Aug 25 10:38:51 2024 by rpki-client on console-ams.rpki-client.org