Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/Grpr3dbkT0roUyNLoKjY54mA1uY.roa
File: Grpr3dbkT0roUyNLoKjY54mA1uY.roa (raw, json)
Hash identifier: cDolwzUb5puj2r83duDrGGd2hCgNuixY+mJKUtvDKsY=
Subject key identifier: 1A:BA:6B:DD:D6:E4:4F:4A:E8:53:23:4B:A0:A8:D8:E7:89:80:D6:E6
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018EB2E1EBA00FC2237B4582BCDF05732511
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/Grpr3dbkT0roUyNLoKjY54mA1uY.roa
Signing time: Sat 06 Apr 2024 10:08:54 +0000
ROA not before: Sat 06 Apr 2024 10:08:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 5.102.96.0/20 maxlen: 24
5.102.96.0/21 maxlen: 24
82.163.52.0/23 maxlen: 24
82.163.54.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 17 Apr 2024 14:12:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:b2:e1:eb:a0:0f:c2:23:7b:45:82:bc:df:05:73:25:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Apr 6 10:08:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1aba6bddd6e44f4ae853234ba0a8d8e78980d6e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:06:45:10:c5:b3:9b:d8:ce:d6:e8:95:1d:38:
f9:9d:72:43:96:e1:b9:51:6d:f9:0b:97:e0:dd:da:
64:61:ea:aa:df:22:8f:c9:ee:1d:a5:68:21:55:d8:
e8:ef:32:00:11:38:90:0f:89:eb:ae:43:4f:bd:36:
18:87:1c:14:93:8d:e5:9e:4e:a2:00:79:0e:0a:65:
64:10:92:7c:7a:94:69:d0:c1:f6:ff:73:04:26:54:
fd:7b:a6:2b:5a:6b:84:0b:98:fb:1a:7a:56:ce:a0:
57:61:72:d0:de:c4:95:69:2d:a5:3f:6f:a2:d4:f6:
24:97:e3:b4:08:d1:20:54:dd:b6:e4:55:fc:20:b7:
7a:8c:dc:3a:ed:7a:ee:c5:eb:27:4b:23:51:a4:4a:
89:1a:68:79:7f:e4:09:ed:fd:96:50:34:fa:fb:61:
7c:87:41:9b:d6:95:fb:ea:62:5a:07:d8:80:28:bf:
98:33:0e:77:74:ca:0e:cf:a9:2a:a7:f8:26:c8:5d:
c0:62:23:f8:1b:5f:71:96:f3:2c:d8:fd:c5:aa:b2:
9f:13:45:ac:64:ef:8c:59:b6:97:a9:13:71:cd:aa:
df:a5:fa:bf:7d:de:a5:c0:0d:c9:49:cf:56:b0:e4:
f0:65:94:19:9c:42:71:f6:fb:89:44:70:e9:a6:14:
d7:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:BA:6B:DD:D6:E4:4F:4A:E8:53:23:4B:A0:A8:D8:E7:89:80:D6:E6
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/Grpr3dbkT0roUyNLoKjY54mA1uY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0/20
82.163.52.0/22
Signature Algorithm: sha256WithRSAEncryption
32:dc:25:ce:8c:4d:78:1a:87:b0:06:9f:31:76:cb:3c:5e:7b:
2f:eb:01:a8:79:11:33:b9:d7:eb:a7:f7:98:18:35:22:08:ea:
96:77:52:5a:47:da:61:fe:79:5f:5f:cb:0e:a5:cd:69:cf:5e:
aa:50:6e:40:12:e3:99:7f:56:7e:0a:92:1a:4d:5b:eb:6b:3a:
00:88:d5:91:ac:09:92:ee:c3:15:60:38:b6:2e:a2:8c:b4:0b:
6b:a7:1f:92:0d:58:9c:f3:ba:0f:eb:e1:d9:46:c7:aa:c7:03:
99:70:c4:66:dd:5c:b9:6c:e7:99:0e:59:d3:23:bc:c2:a5:78:
24:06:db:c8:f7:60:6e:82:3f:dd:73:5a:7b:ad:df:c8:6d:d1:
d1:a1:c5:51:99:c0:00:c5:af:39:7d:f1:18:9f:1d:23:87:88:
88:49:19:fa:2a:42:e4:b7:7d:5c:76:96:3e:92:d5:3b:ea:31:
b4:8f:5a:25:16:f0:6c:4b:76:e0:d3:4d:b9:e4:fa:86:90:aa:
bb:2d:1b:15:00:28:1f:46:6b:f5:6d:ed:dd:c7:c7:10:40:e4:
1f:bb:ef:62:86:46:5d:4c:22:d5:11:e3:ef:31:5d:f3:0b:b3:
8e:d9:cc:57:23:4f:62:be:ee:a5:44:ab:31:04:13:7f:cc:a3:
b3:f6:09:d6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY6y4eugD8Ije0WCvN8FcyURMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQwNDA2MTAwODU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWJhNmJkZGQ2ZTQ0ZjRhZTg1MzIzNGJhMGE4ZDhlNzg5ODBkNmU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhAZFEMWzm9jO1uiVHTj5nXJDluG5
UW35C5fg3dpkYeqq3yKPye4dpWghVdjo7zIAETiQD4nrrkNPvTYYhxwUk43lnk6i
AHkOCmVkEJJ8epRp0MH2/3MEJlT9e6YrWmuEC5j7GnpWzqBXYXLQ3sSVaS2lP2+i
1PYkl+O0CNEgVN225FX8ILd6jNw67XruxesnSyNRpEqJGmh5f+QJ7f2WUDT6+2F8
h0Gb1pX76mJaB9iAKL+YMw53dMoOz6kqp/gmyF3AYiP4G19xlvMs2P3FqrKfE0Ws
ZO+MWbaXqRNxzarfpfq/fd6lwA3JSc9WsOTwZZQZnEJx9vuJRHDpphTXAwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBq6a93W5E9K6FMjS6Co2OeJgNbmMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvR3JwcjNkYmtUMHJvVXlOTG9Lalk1NG1BMXVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEBWZgAwQC
UqM0MA0GCSqGSIb3DQEBCwUAA4IBAQAy3CXOjE14GoewBp8xdss8Xnsv6wGoeREz
udfrp/eYGDUiCOqWd1JaR9ph/nlfX8sOpc1pz16qUG5AEuOZf1Z+CpIaTVvrazoA
iNWRrAmS7sMVYDi2LqKMtAtrpx+SDVic87oP6+HZRseqxwOZcMRm3Vy5bOeZDlnT
I7zCpXgkBtvI92Bugj/dc1p7rd/IbdHRocVRmcAAxa85ffEYnx0jh4iISRn6KkLk
t31cdpY+ktU76jG0j1olFvBsS3bg00255PqGkKq7LRsVACgfRmv1be3dx8cQQOQf
u+9ihkZdTCLVEePvMV3zC7OO2cxXI09ivu6lRKsxBBN/zKOz9gnW
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:47 2024 by rpki-client on console-ams.rpki-client.org