Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/GAe3QSgkEyZfOi-uJaTtyvyAqD0.roa
File: GAe3QSgkEyZfOi-uJaTtyvyAqD0.roa (raw, json)
Hash identifier: bOpVNg0SepqlEJ1O16osOPyfD90a9jvx4uBijDnFXkE=
Subject key identifier: 18:07:B7:41:28:24:13:26:5F:3A:2F:AE:25:A4:ED:CA:FC:80:A8:3D
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 0190C61578C1AE8B1BCD1D52119FA6AB1BE2
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/GAe3QSgkEyZfOi-uJaTtyvyAqD0.roa
Signing time: Thu 18 Jul 2024 13:43:34 +0000
ROA not before: Thu 18 Jul 2024 13:43:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 5.102.96.0/20 maxlen: 24
5.102.96.0/21 maxlen: 24
46.20.216.0/21 maxlen: 24
Validation: Failed, certificate revoked on Sun 28 Jul 2024 11:55:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:c6:15:78:c1:ae:8b:1b:cd:1d:52:11:9f:a6:ab:1b:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Jul 18 13:43:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1807b741282413265f3a2fae25a4edcafc80a83d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:73:6c:a5:de:f4:d9:32:c9:46:03:e0:74:ce:
0d:ec:5e:84:ae:74:27:0b:c1:ac:6c:17:3f:3b:a6:
ad:3e:e7:e1:f0:a0:6d:36:17:5f:81:af:e3:c5:af:
0b:90:d1:5a:54:58:9e:ef:ee:39:f0:d9:ed:48:35:
64:d1:5c:46:a1:38:74:c2:5a:c7:17:ff:7b:bb:75:
7d:8b:03:38:f7:41:eb:f3:c3:4e:ca:46:ac:89:bf:
36:e7:bb:3f:98:2c:0a:7f:3b:30:99:dd:e0:3e:2b:
5e:bf:dc:d0:16:88:32:9a:09:23:eb:6b:29:18:e6:
e3:6a:c3:94:0d:aa:45:86:c9:2f:75:db:e7:13:c1:
e0:60:72:92:6a:c8:fc:38:df:69:ae:5a:ac:52:21:
ec:50:27:de:a0:32:72:29:cc:37:84:b4:17:8c:59:
42:8b:85:6b:51:69:93:ab:b1:16:be:7b:1f:fd:7e:
3b:ef:17:3f:da:db:30:0b:d7:ab:d8:63:ec:07:b1:
d9:1c:a5:6b:94:78:4d:70:2a:0f:08:2b:bc:c8:25:
6a:a9:49:27:e4:94:b8:65:e6:ce:91:72:f3:39:c3:
84:b1:92:29:03:52:95:33:4a:b4:ba:62:73:6e:2b:
86:e9:0b:2f:d4:d8:9b:b3:2c:50:37:65:2b:f6:41:
90:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:07:B7:41:28:24:13:26:5F:3A:2F:AE:25:A4:ED:CA:FC:80:A8:3D
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/GAe3QSgkEyZfOi-uJaTtyvyAqD0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0/20
46.20.216.0/21
Signature Algorithm: sha256WithRSAEncryption
47:cd:e1:91:a3:c8:39:46:27:fa:1b:0f:b3:aa:0c:9c:29:93:
5e:93:53:4c:dd:f6:d6:28:3a:7e:9e:fd:ff:ad:34:1c:0c:26:
bd:ab:06:e8:63:a0:42:70:7c:d2:a1:c3:93:d5:03:8c:41:9e:
32:ab:0c:cf:8e:7e:0e:fa:f6:11:62:3e:f0:3f:21:69:fb:70:
31:c3:66:93:fe:21:bc:e7:db:45:ac:af:76:4d:65:1f:d5:51:
90:7c:0a:ef:a1:ef:8f:c7:72:74:7c:20:e5:b6:42:01:36:76:
2e:72:50:63:af:5a:9b:30:ea:90:ce:b2:95:9a:61:03:7a:ed:
1d:c5:01:b0:c6:31:b5:6a:77:02:30:2a:07:89:d8:80:04:00:
aa:4b:3d:74:57:ea:9e:84:ad:a8:05:eb:5e:1d:5a:55:c3:14:
a6:74:3e:11:61:dc:13:f4:da:82:10:60:f0:1e:26:58:e1:bb:
e2:03:00:00:26:a2:e3:3c:aa:4d:f0:69:d3:60:f3:d4:f2:c2:
c0:37:4a:5e:b2:1c:15:32:be:f5:95:69:de:65:7c:86:d1:99:
d9:f3:18:ad:f8:7e:c4:7c:42:14:aa:05:f2:8b:ee:1a:16:0e:
83:d6:0b:9c:a5:c0:b8:88:7c:dd:f9:43:03:8b:a1:07:8b:ae:
a3:94:f3:b8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZDGFXjBrosbzR1SEZ+mqxviMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQwNzE4MTM0MzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODA3Yjc0MTI4MjQxMzI2NWYzYTJmYWUyNWE0ZWRjYWZjODBhODNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwnNspd702TLJRgPgdM4N7F6ErnQn
C8GsbBc/O6atPufh8KBtNhdfga/jxa8LkNFaVFie7+458NntSDVk0VxGoTh0wlrH
F/97u3V9iwM490Hr88NOykasib8257s/mCwKfzswmd3gPitev9zQFogymgkj62sp
GObjasOUDapFhskvddvnE8HgYHKSasj8ON9prlqsUiHsUCfeoDJyKcw3hLQXjFlC
i4VrUWmTq7EWvnsf/X477xc/2tswC9er2GPsB7HZHKVrlHhNcCoPCCu8yCVqqUkn
5JS4ZebOkXLzOcOEsZIpA1KVM0q0umJzbiuG6Qsv1NibsyxQN2Ur9kGQ9QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBgHt0EoJBMmXzovriWk7cr8gKg9MB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvR0FlM1FTZ2tFeVpmT2ktdUphVHR5dnlBcUQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEBWZgAwQD
LhTYMA0GCSqGSIb3DQEBCwUAA4IBAQBHzeGRo8g5Rif6Gw+zqgycKZNek1NM3fbW
KDp+nv3/rTQcDCa9qwboY6BCcHzSocOT1QOMQZ4yqwzPjn4O+vYRYj7wPyFp+3Ax
w2aT/iG859tFrK92TWUf1VGQfArvoe+Px3J0fCDltkIBNnYuclBjr1qbMOqQzrKV
mmEDeu0dxQGwxjG1ancCMCoHidiABACqSz10V+qehK2oBeteHVpVwxSmdD4RYdwT
9NqCEGDwHiZY4bviAwAAJqLjPKpN8GnTYPPU8sLAN0peshwVMr71lWneZXyG0ZnZ
8xit+H7EfEIUqgXyi+4aFg6D1gucpcC4iHzd+UMDi6EHi66jlPO4
-----END CERTIFICATE-----
Generated at Sun Jul 28 14:05:03 2024 by rpki-client on console-fra.rpki-client.org