Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/QoYtRcSAP1oKIY9zStWAz9oACA4.roa
File: QoYtRcSAP1oKIY9zStWAz9oACA4.roa (raw, json)
Hash identifier: ONUqNonOWsqbwYz/CZUw4Jkw/V29OKInAI9JTGjXH2I=
Subject key identifier: 42:86:2D:45:C4:80:3F:5A:0A:21:8F:73:4A:D5:80:CF:DA:00:08:0E
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018C43F1E30F3FD13D014EC2913F59AC7E74
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/QoYtRcSAP1oKIY9zStWAz9oACA4.roa
Signing time: Thu 07 Dec 2023 11:02:54 +0000
ROA not before: Thu 07 Dec 2023 11:02:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 5.102.96.0/19 maxlen: 24
5.102.96.0/20 maxlen: 24
5.102.112.0/20 maxlen: 24
Validation: Failed, certificate revoked on Sun 10 Dec 2023 14:03:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:43:f1:e3:0f:3f:d1:3d:01:4e:c2:91:3f:59:ac:7e:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Dec 7 11:02:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=42862d45c4803f5a0a218f734ad580cfda00080e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:ca:02:90:d7:c0:81:7e:4b:3d:21:a8:7f:39:
1b:25:93:14:d1:4d:15:83:99:0d:dc:69:6b:fa:6b:
a8:88:d9:42:93:92:64:bd:ee:91:b3:c2:dc:6f:e6:
9b:53:4e:ff:f2:e8:27:4a:d2:20:d8:d5:a6:89:d7:
34:62:9c:b3:b9:f1:54:b4:72:fb:a6:05:1a:b1:39:
01:c6:e3:08:35:e0:e0:61:66:bd:3a:b9:1d:97:2e:
71:cc:df:d1:2f:61:0c:c9:94:13:03:2d:4e:26:91:
1d:fe:11:9d:91:bb:ee:a0:3a:60:58:7f:4d:13:18:
39:66:40:ea:53:5c:d6:70:da:3b:41:e4:40:9b:d2:
32:02:db:4f:07:c5:cf:4f:4d:4c:cc:c6:19:58:95:
44:1e:4d:b4:f0:c9:31:b7:79:be:de:6c:3c:20:2a:
90:7f:3e:b0:ed:9e:f9:a5:41:73:64:fa:f5:84:72:
18:6a:5d:90:bf:3b:b8:b3:e9:92:02:97:34:5c:30:
4a:b4:d4:36:78:d0:10:b6:f9:79:0c:21:2e:fb:23:
b1:86:36:59:72:eb:83:94:24:48:fc:4c:4c:68:e9:
5d:0e:f1:03:c0:5e:f2:02:5d:52:05:c5:44:d7:7b:
7b:8a:26:43:82:94:98:a9:2f:e5:a6:f4:04:1b:47:
23:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:86:2D:45:C4:80:3F:5A:0A:21:8F:73:4A:D5:80:CF:DA:00:08:0E
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/QoYtRcSAP1oKIY9zStWAz9oACA4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0/19
Signature Algorithm: sha256WithRSAEncryption
24:22:e0:8e:0a:38:ba:c6:09:2a:d6:2e:01:58:14:28:ca:16:
46:86:41:6b:db:e5:76:d8:eb:72:67:b6:ba:c2:46:58:a6:7a:
bf:54:ad:19:a3:d9:c7:85:ff:db:6f:94:51:7a:0d:2a:0c:5d:
dc:04:b1:cd:fc:1f:32:e9:65:50:7c:93:78:11:72:68:52:a8:
29:92:2e:4b:80:83:d7:fc:7c:1c:a5:c5:33:0b:44:65:af:75:
b4:31:d9:69:e3:8c:2b:f8:e4:0f:a6:f5:1c:03:70:b2:ee:68:
f2:f1:84:11:71:e7:ac:9b:af:93:28:ff:26:ef:29:4c:e4:0a:
7e:54:91:1f:bc:c1:32:75:a3:5c:af:14:91:a6:6f:c1:55:6b:
59:c2:ce:17:73:77:aa:a2:46:21:d4:7d:ad:65:b2:32:b2:61:
a1:3a:e6:53:0f:5a:6e:0f:7c:07:95:63:db:b8:2a:19:90:57:
44:b6:a5:b1:0f:a7:ee:07:f5:a1:ba:e5:a5:66:e5:ad:69:96:
5f:fb:66:87:20:a9:70:ef:24:dc:df:93:da:d0:ed:4e:04:09:
f9:b0:52:7c:ca:93:cf:57:8d:6a:eb:a0:de:fb:e5:60:05:a5:
0a:02:7f:ef:a0:f2:e8:54:14:03:0d:22:31:17:f7:6a:5d:17:
92:85:fb:80
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxD8eMPP9E9AU7CkT9ZrH50MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMxMjA3MTEwMjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Mjg2MmQ0NWM0ODAzZjVhMGEyMThmNzM0YWQ1ODBjZmRhMDAwODBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArMoCkNfAgX5LPSGofzkbJZMU0U0V
g5kN3Glr+muoiNlCk5Jkve6Rs8Lcb+abU07/8ugnStIg2NWmidc0YpyzufFUtHL7
pgUasTkBxuMINeDgYWa9Orkdly5xzN/RL2EMyZQTAy1OJpEd/hGdkbvuoDpgWH9N
Exg5ZkDqU1zWcNo7QeRAm9IyAttPB8XPT01MzMYZWJVEHk208Mkxt3m+3mw8ICqQ
fz6w7Z75pUFzZPr1hHIYal2Qvzu4s+mSApc0XDBKtNQ2eNAQtvl5DCEu+yOxhjZZ
cuuDlCRI/ExMaOldDvEDwF7yAl1SBcVE13t7iiZDgpSYqS/lpvQEG0cj1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEKGLUXEgD9aCiGPc0rVgM/aAAgOMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvUW9ZdFJjU0FQMW9LSVk5elN0V0F6OW9BQ0E0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFBWZgMA0G
CSqGSIb3DQEBCwUAA4IBAQAkIuCOCji6xgkq1i4BWBQoyhZGhkFr2+V22OtyZ7a6
wkZYpnq/VK0Zo9nHhf/bb5RReg0qDF3cBLHN/B8y6WVQfJN4EXJoUqgpki5LgIPX
/HwcpcUzC0Rlr3W0Mdlp44wr+OQPpvUcA3Cy7mjy8YQRceesm6+TKP8m7ylM5Ap+
VJEfvMEydaNcrxSRpm/BVWtZws4Xc3eqokYh1H2tZbIysmGhOuZTD1puD3wHlWPb
uCoZkFdEtqWxD6fuB/WhuuWlZuWtaZZf+2aHIKlw7yTc35Pa0O1OBAn5sFJ8ypPP
V41q66De++VgBaUKAn/voPLoVBQDDSIxF/dqXReShfuA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:35 2024 by rpki-client on console-fra.rpki-client.org