Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/H8xDOiA2JTbsYRQotlk4pRxPHxs.roa
File: H8xDOiA2JTbsYRQotlk4pRxPHxs.roa (raw, json)
Hash identifier: UBKEEk+Kw1w7gWZ5bQoHitLl21+Gp8lZ1plQZxduYtg=
Subject key identifier: 1F:CC:43:3A:20:36:25:36:EC:61:14:28:B6:59:38:A5:1C:4F:1F:1B
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 019257D9DD5023845357E1D8694199AEE4EE
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/H8xDOiA2JTbsYRQotlk4pRxPHxs.roa
Signing time: Fri 04 Oct 2024 14:05:48 +0000
ROA not before: Fri 04 Oct 2024 14:05:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 5.102.96.0/20 maxlen: 24
5.102.96.0/21 maxlen: 24
5.102.96.0/22 maxlen: 24
82.163.52.0/23 maxlen: 24
82.163.96.0/21 maxlen: 24
Validation: Failed, certificate revoked on Sat 05 Oct 2024 11:22:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:57:d9:dd:50:23:84:53:57:e1:d8:69:41:99:ae:e4:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Oct 4 14:05:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1fcc433a20362536ec611428b65938a51c4f1f1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:a8:5f:59:83:23:96:39:d8:67:0a:89:ec:90:
e8:6f:75:c3:90:4b:97:46:cd:ba:af:06:f5:0a:ca:
9c:d3:63:f7:c4:76:08:d5:ed:86:2e:1b:1d:17:4a:
7a:ef:d9:c4:36:2c:fd:95:63:7b:c1:fc:27:b4:99:
b8:e3:53:50:6c:b7:0d:25:0a:66:b9:6f:f7:b7:d2:
f9:fd:b8:88:7b:e0:87:b0:db:a3:fd:e2:6f:ae:b5:
3d:7a:86:d0:4c:40:4b:f1:6c:bc:37:a1:e9:be:6e:
95:06:a8:83:fc:27:45:8e:db:1b:79:e8:27:0e:59:
16:1d:af:54:38:58:89:d3:65:60:86:10:75:c0:89:
f1:19:d5:fb:9f:45:e3:2d:f9:60:4c:07:e6:96:65:
86:cc:3b:bc:82:97:6b:0f:e7:16:b1:3c:a1:8a:62:
48:15:a5:73:1e:a5:74:3d:b2:b9:2d:74:5a:d4:ed:
4a:36:70:a5:f0:50:20:ac:29:70:bc:f7:14:74:65:
fe:15:d4:ca:b8:7a:09:fe:4f:3f:89:5d:4f:80:5e:
9d:82:d5:51:f7:d6:43:c9:30:41:7e:bb:6f:60:37:
e7:a5:7e:b9:0b:8c:c1:69:1f:ed:23:b7:d7:36:1c:
3b:18:f3:76:9d:b1:23:cf:ce:33:6f:e0:44:4d:f3:
2f:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:CC:43:3A:20:36:25:36:EC:61:14:28:B6:59:38:A5:1C:4F:1F:1B
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/H8xDOiA2JTbsYRQotlk4pRxPHxs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0/20
82.163.52.0/23
82.163.96.0/21
Signature Algorithm: sha256WithRSAEncryption
34:50:f5:ef:5f:0b:77:b5:fe:e5:75:cd:47:8a:b8:8e:26:5e:
01:67:10:8f:bc:3b:bd:65:90:bc:cf:f7:79:e7:a5:7b:c2:a3:
db:e4:3b:58:90:3b:37:1c:9b:d8:41:c4:72:96:f1:7f:7e:1f:
0c:ef:83:4f:ed:5e:b6:81:da:3e:cc:25:8a:88:f3:6a:0a:41:
ab:16:0e:14:91:2d:1d:30:ff:ab:cb:05:c3:00:6b:ef:a2:74:
17:5c:80:5b:4f:ee:72:21:f3:8d:78:a5:c5:e7:35:d2:4c:79:
9f:13:47:d8:9c:65:06:8c:f9:11:06:bf:04:ce:3c:75:3e:75:
2c:e0:5c:1f:bf:16:7c:86:df:58:97:3e:57:4f:94:96:a6:a0:
64:6f:60:6f:db:35:c7:85:88:f7:97:c9:f9:e8:12:c6:03:c2:
1a:df:79:6f:bd:06:8e:8d:fa:18:31:38:8b:51:ea:20:e0:64:
60:e5:65:05:90:98:be:1c:f3:95:ce:03:d3:57:1c:c5:78:8d:
11:86:e1:97:93:80:89:c5:7f:a1:3b:cb:e5:21:1e:b7:5f:97:
91:e4:07:ee:88:e9:da:b3:3e:04:17:99:80:90:28:11:65:98:
33:3a:ae:f4:62:21:42:aa:09:62:42:2a:a7:12:7b:9e:34:6d:
1e:a8:51:8d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZJX2d1QI4RTV+HYaUGZruTuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQxMDA0MTQwNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmNjNDMzYTIwMzYyNTM2ZWM2MTE0MjhiNjU5MzhhNTFjNGYxZjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7KhfWYMjljnYZwqJ7JDob3XDkEuX
Rs26rwb1Csqc02P3xHYI1e2GLhsdF0p679nENiz9lWN7wfwntJm441NQbLcNJQpm
uW/3t9L5/biIe+CHsNuj/eJvrrU9eobQTEBL8Wy8N6Hpvm6VBqiD/CdFjtsbeegn
DlkWHa9UOFiJ02VghhB1wInxGdX7n0XjLflgTAfmlmWGzDu8gpdrD+cWsTyhimJI
FaVzHqV0PbK5LXRa1O1KNnCl8FAgrClwvPcUdGX+FdTKuHoJ/k8/iV1PgF6dgtVR
99ZDyTBBfrtvYDfnpX65C4zBaR/tI7fXNhw7GPN2nbEjz84zb+BETfMvLQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFB/MQzogNiU27GEUKLZZOKUcTx8bMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvSDh4RE9pQTJKVGJzWVJRb3RsazRwUnhQSHhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEBWZgAwQB
UqM0AwQDUqNgMA0GCSqGSIb3DQEBCwUAA4IBAQA0UPXvXwt3tf7ldc1HiriOJl4B
ZxCPvDu9ZZC8z/d556V7wqPb5DtYkDs3HJvYQcRylvF/fh8M74NP7V62gdo+zCWK
iPNqCkGrFg4UkS0dMP+rywXDAGvvonQXXIBbT+5yIfONeKXF5zXSTHmfE0fYnGUG
jPkRBr8Ezjx1PnUs4FwfvxZ8ht9Ylz5XT5SWpqBkb2Bv2zXHhYj3l8n56BLGA8Ia
33lvvQaOjfoYMTiLUeog4GRg5WUFkJi+HPOVzgPTVxzFeI0RhuGXk4CJxX+hO8vl
IR63X5eR5AfuiOnasz4EF5mAkCgRZZgzOq70YiFCqgliQiqnEnueNG0eqFGN
-----END CERTIFICATE-----
Generated at Sat Oct 5 17:29:47 2024 by rpki-client on console-ams.rpki-client.org