Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/OMHyC_ag7qpgB_M_0qvB7d2GgN0.roa
File: OMHyC_ag7qpgB_M_0qvB7d2GgN0.roa (raw, json)
Hash identifier: WrpYhGenSq4YK8GPXQtbaZmURhCzRhKrdtOOVadewmo=
Subject key identifier: 38:C1:F2:0B:F6:A0:EE:AA:60:07:F3:3F:D2:AB:C1:ED:DD:86:80:DD
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018BCF3C9A6306BAD13780508B29B6866C1A
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/OMHyC_ag7qpgB_M_0qvB7d2GgN0.roa
Signing time: Tue 14 Nov 2023 19:08:57 +0000
ROA not before: Tue 14 Nov 2023 19:08:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 5.102.96.0/19 maxlen: 24
5.102.96.0/20 maxlen: 24
5.102.112.0/20 maxlen: 24
Validation: Failed, certificate revoked on Thu 16 Nov 2023 06:56:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:cf:3c:9a:63:06:ba:d1:37:80:50:8b:29:b6:86:6c:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Nov 14 19:08:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=38c1f20bf6a0eeaa6007f33fd2abc1eddd8680dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:8f:9c:1d:91:e7:02:e6:9d:b6:df:ff:95:2b:
1a:93:fe:ce:b6:8e:c7:4d:d1:69:b4:b7:32:7b:a2:
4a:ac:15:d4:77:f9:4d:b0:26:2c:46:c1:1a:02:c1:
cc:8e:f0:cf:75:46:2f:0a:88:91:18:3e:81:91:30:
dc:e1:e2:5e:1a:e2:1c:a3:6c:95:f6:da:cc:76:35:
dd:4b:70:95:1b:13:81:67:4b:d5:f7:f6:e2:32:58:
e3:64:80:d2:9d:35:4a:a2:0d:24:96:e1:5f:fd:41:
fe:e0:ed:75:4d:5f:c2:5d:96:43:c8:2b:f1:ce:a0:
68:bc:7a:67:1a:60:fd:83:72:97:33:7b:29:2b:e3:
9e:73:2d:4e:e9:5f:2b:8a:e2:a0:8c:7c:8d:81:fd:
f3:3a:58:c5:4a:74:f7:35:36:ff:2f:98:5a:b2:7a:
da:7c:5a:c2:d0:47:d5:56:56:d1:d8:cf:5f:bb:a3:
5b:1f:32:78:9a:9d:de:33:9d:ac:54:db:e7:a8:10:
ca:0e:10:3e:53:b6:57:af:fe:10:28:e5:bd:2e:4a:
79:57:70:aa:ac:1d:ed:87:83:3f:a0:32:13:8c:de:
bb:7b:1f:81:de:31:40:87:e4:1b:db:6e:59:bb:33:
3c:7d:95:5e:6a:8f:01:a9:f0:8b:b6:ff:9b:c1:24:
f0:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:C1:F2:0B:F6:A0:EE:AA:60:07:F3:3F:D2:AB:C1:ED:DD:86:80:DD
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/OMHyC_ag7qpgB_M_0qvB7d2GgN0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0/19
Signature Algorithm: sha256WithRSAEncryption
7c:db:5d:67:34:91:78:34:4f:90:b9:8c:a8:68:eb:a1:6f:71:
f0:a5:0a:7a:f1:c8:21:5f:25:fe:a5:9f:b9:21:c9:98:37:e1:
2d:13:b6:f3:82:76:9a:20:8d:42:5b:2e:e3:88:b8:1f:d3:ad:
5a:10:b8:9f:aa:7c:58:e1:31:da:d4:f0:e7:97:9e:d0:f2:ac:
8f:44:3f:91:bb:d9:ff:48:7a:34:49:5d:12:d3:cd:9a:11:11:
00:f4:b8:3f:4d:b1:21:17:15:86:c7:0a:e7:2b:92:a9:55:cb:
8e:d9:e4:10:d3:b4:c9:ff:81:8a:77:63:5a:d3:4e:05:8c:43:
ea:a0:88:9a:38:85:f8:b1:03:ab:1a:5c:18:3c:58:c8:41:38:
e3:c0:a3:17:ef:42:41:15:ae:3b:ea:d0:73:b9:a1:12:09:3c:
ed:86:e3:a3:9b:ff:b7:5e:7d:27:5d:51:20:10:fa:dc:57:3c:
e8:c4:0d:72:d3:62:f6:f7:35:8b:00:a6:82:2f:11:9f:27:42:
f8:dc:a8:71:b2:bf:da:ff:e5:06:f7:b7:e7:48:38:7b:9b:e4:
d7:dc:f5:bf:04:ab:d4:81:aa:72:a4:25:31:ed:22:96:3b:30:
71:09:ae:53:45:d7:fa:48:3b:66:3f:b2:32:a6:17:28:e1:7e:
4f:59:9b:60
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYvPPJpjBrrRN4BQiym2hmwaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMxMTE0MTkwODU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGMxZjIwYmY2YTBlZWFhNjAwN2YzM2ZkMmFiYzFlZGRkODY4MGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnI+cHZHnAuadtt//lSsak/7Oto7H
TdFptLcye6JKrBXUd/lNsCYsRsEaAsHMjvDPdUYvCoiRGD6BkTDc4eJeGuIco2yV
9trMdjXdS3CVGxOBZ0vV9/biMljjZIDSnTVKog0kluFf/UH+4O11TV/CXZZDyCvx
zqBovHpnGmD9g3KXM3spK+Oecy1O6V8riuKgjHyNgf3zOljFSnT3NTb/L5hasnra
fFrC0EfVVlbR2M9fu6NbHzJ4mp3eM52sVNvnqBDKDhA+U7ZXr/4QKOW9Lkp5V3Cq
rB3th4M/oDITjN67ex+B3jFAh+Qb225ZuzM8fZVeao8BqfCLtv+bwSTwTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDjB8gv2oO6qYAfzP9Krwe3dhoDdMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvT01IeUNfYWc3cXBnQl9NXzBxdkI3ZDJHZ04wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFBWZgMA0G
CSqGSIb3DQEBCwUAA4IBAQB8211nNJF4NE+QuYyoaOuhb3HwpQp68cghXyX+pZ+5
IcmYN+EtE7bzgnaaII1CWy7jiLgf061aELifqnxY4THa1PDnl57Q8qyPRD+Ru9n/
SHo0SV0S082aEREA9Lg/TbEhFxWGxwrnK5KpVcuO2eQQ07TJ/4GKd2Na004FjEPq
oIiaOIX4sQOrGlwYPFjIQTjjwKMX70JBFa476tBzuaESCTzthuOjm/+3Xn0nXVEg
EPrcVzzoxA1y02L29zWLAKaCLxGfJ0L43Khxsr/a/+UG97fnSDh7m+TX3PW/BKvU
gapypCUx7SKWOzBxCa5TRdf6SDtmP7Iyphco4X5PWZtg
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:35 2024 by rpki-client on console-fra.rpki-client.org