Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/Om-xZQ-LvfPa6NKAaITL8scR4_U.roa
File: Om-xZQ-LvfPa6NKAaITL8scR4_U.roa (raw, json)
Hash identifier: JpaEpaZeCTp1xqSo8snBd3hLNawFrU6dGq5XgLmcYq8=
Subject key identifier: 3A:6F:B1:65:0F:8B:BD:F3:DA:E8:D2:80:68:84:CB:F2:C7:11:E3:F5
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018AA21A5856EB797BB593EB348749A476B5
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/Om-xZQ-LvfPa6NKAaITL8scR4_U.roa
Signing time: Sun 17 Sep 2023 07:45:50 +0000
ROA not before: Sun 17 Sep 2023 07:45:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 5.102.96.0/19 maxlen: 24
5.102.96.0/20 maxlen: 24
130.255.68.0/22 maxlen: 24
5.102.112.0/20 maxlen: 24
Validation: Failed, certificate revoked on Mon 18 Sep 2023 08:07:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:a2:1a:58:56:eb:79:7b:b5:93:eb:34:87:49:a4:76:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Sep 17 07:45:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3a6fb1650f8bbdf3dae8d2806884cbf2c711e3f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:6d:d8:8d:15:9a:96:1e:0e:e3:df:9a:56:b5:
eb:9c:84:a4:02:d8:1a:bd:3c:ed:cd:53:f4:af:35:
fd:0f:9a:56:16:47:23:7d:00:01:c3:6c:df:83:a3:
fc:6d:f9:a5:8b:d0:89:0b:76:db:a9:a4:a4:eb:3c:
15:31:ed:bd:18:8c:58:97:77:2e:91:53:c0:0d:dc:
88:e9:4f:c9:1b:48:0a:4d:0d:c1:6d:97:28:b4:85:
1f:07:2f:3d:71:42:f8:a7:40:d5:5b:ca:5f:68:8f:
4c:ff:e0:c8:83:1d:03:e1:bd:37:d1:1c:e3:aa:63:
da:67:b9:bd:75:ce:03:73:57:c7:1d:c0:ec:9f:9f:
3d:cb:59:f0:e1:ea:aa:e4:2b:a1:ed:36:fc:9e:22:
4c:6b:a8:ca:d6:fb:07:08:90:dd:a8:4b:e3:63:96:
5c:1d:3b:62:6b:40:4e:ee:50:ab:69:b6:26:77:96:
a2:1f:39:b6:41:37:13:8d:a1:f0:dc:a7:86:e2:1c:
6f:96:ab:59:01:0d:17:2d:2e:95:c3:7f:84:8a:a2:
b1:4f:0e:26:ef:d1:9c:9f:e3:83:4a:ac:82:4c:fc:
19:76:8b:ff:ac:03:cd:4b:5b:ef:04:0e:0a:a3:eb:
47:ff:24:d2:69:8e:49:04:37:cd:85:e7:a6:1b:b8:
07:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:6F:B1:65:0F:8B:BD:F3:DA:E8:D2:80:68:84:CB:F2:C7:11:E3:F5
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/Om-xZQ-LvfPa6NKAaITL8scR4_U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0/19
130.255.68.0/22
Signature Algorithm: sha256WithRSAEncryption
08:b6:b8:2a:a3:49:11:d3:0f:eb:ad:58:d7:51:12:ff:65:7e:
2a:3a:b5:db:60:3d:af:97:0d:70:8c:09:51:86:ca:87:29:43:
c4:ea:95:c0:3a:c7:b8:25:8f:31:ca:d8:c3:51:d9:9b:7a:1f:
26:36:34:83:0a:38:b8:99:e1:51:8e:f5:6a:f9:48:c8:e0:9b:
7a:7a:a2:2e:cf:15:8c:aa:c0:f0:6c:f0:e7:e5:d1:8a:a8:aa:
08:32:75:da:ef:25:f3:78:12:72:0c:04:02:75:a8:f2:eb:f9:
72:42:ee:94:ff:d1:55:af:60:4f:c9:78:2c:c9:1c:a4:61:cc:
46:bf:d7:aa:3d:fa:77:87:01:40:55:5f:69:4c:f7:a8:06:1b:
7d:59:cf:07:84:1e:4b:d6:14:3d:f1:ae:94:80:3a:dc:5e:c9:
27:e3:81:8a:a0:ce:e9:d7:ba:89:c9:9c:a0:83:4e:cd:7a:19:
99:38:58:bb:bb:fb:d2:4d:56:d4:e9:d6:db:2d:64:bb:77:57:
5f:32:eb:34:76:62:a2:df:88:c4:cc:33:83:39:c8:13:22:23:
bc:39:af:9f:d2:cb:a7:3a:05:8d:46:1f:d0:3c:5e:67:72:7a:
7a:a3:59:a0:b7:bd:38:fc:b2:b5:50:59:b3:95:3d:67:76:85:
98:e6:99:02
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYqiGlhW63l7tZPrNIdJpHa1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMwOTE3MDc0NTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTZmYjE2NTBmOGJiZGYzZGFlOGQyODA2ODg0Y2JmMmM3MTFlM2Y1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnW3YjRWalh4O49+aVrXrnISkAtga
vTztzVP0rzX9D5pWFkcjfQABw2zfg6P8bfmli9CJC3bbqaSk6zwVMe29GIxYl3cu
kVPADdyI6U/JG0gKTQ3BbZcotIUfBy89cUL4p0DVW8pfaI9M/+DIgx0D4b030Rzj
qmPaZ7m9dc4Dc1fHHcDsn589y1nw4eqq5Cuh7Tb8niJMa6jK1vsHCJDdqEvjY5Zc
HTtia0BO7lCrabYmd5aiHzm2QTcTjaHw3KeG4hxvlqtZAQ0XLS6Vw3+EiqKxTw4m
79Gcn+ODSqyCTPwZdov/rAPNS1vvBA4Ko+tH/yTSaY5JBDfNheemG7gHOwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDpvsWUPi73z2ujSgGiEy/LHEeP1MB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvT20teFpRLUx2ZlBhNk5LQWFJVEw4c2NSNF9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFBWZgAwQC
gv9EMA0GCSqGSIb3DQEBCwUAA4IBAQAItrgqo0kR0w/rrVjXURL/ZX4qOrXbYD2v
lw1wjAlRhsqHKUPE6pXAOse4JY8xytjDUdmbeh8mNjSDCji4meFRjvVq+UjI4Jt6
eqIuzxWMqsDwbPDn5dGKqKoIMnXa7yXzeBJyDAQCdajy6/lyQu6U/9FVr2BPyXgs
yRykYcxGv9eqPfp3hwFAVV9pTPeoBht9Wc8HhB5L1hQ98a6UgDrcXskn44GKoM7p
17qJyZygg07NehmZOFi7u/vSTVbU6dbbLWS7d1dfMus0dmKi34jEzDODOcgTIiO8
Oa+f0sunOgWNRh/QPF5ncnp6o1mgt704/LK1UFmzlT1ndoWY5pkC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:35 2024 by rpki-client on console-fra.rpki-client.org