Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/RdkDosoP1ib0idokl7JaJdofhy4.roa
File: RdkDosoP1ib0idokl7JaJdofhy4.roa (raw, json)
Hash identifier: ZOy9sYMR9cb3QWtIrierrHyJmRj3d8Gy6VCU7dLV0Rw=
Subject key identifier: 45:D9:03:A2:CA:0F:D6:26:F4:89:DA:24:97:B2:5A:25:DA:1F:87:2E
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018BA8890D514653F8D6D5B6C37CEE360C18
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/RdkDosoP1ib0idokl7JaJdofhy4.roa
Signing time: Tue 07 Nov 2023 06:47:15 +0000
ROA not before: Tue 07 Nov 2023 06:47:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 5.102.96.0/19 maxlen: 24
5.102.96.0/20 maxlen: 24
5.102.112.0/20 maxlen: 24
46.20.212.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 14 Nov 2023 19:08:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a8:89:0d:51:46:53:f8:d6:d5:b6:c3:7c:ee:36:0c:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Nov 7 06:47:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=45d903a2ca0fd626f489da2497b25a25da1f872e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:d8:02:25:89:90:f7:fc:9a:f1:39:49:de:35:
f3:06:40:6f:16:53:bd:31:6d:1f:44:bb:7e:52:d0:
93:92:ba:85:5f:21:a0:3f:fa:78:9a:50:e3:b5:28:
29:d0:b5:c6:5e:81:ea:a0:2c:e3:35:99:ea:3a:cd:
8c:3f:92:28:b3:38:33:e7:db:8d:b5:85:6b:23:b3:
60:60:9f:c8:9d:4b:24:6d:f2:80:42:c6:db:78:da:
90:d7:9d:69:e4:82:2f:69:50:92:f0:2e:d2:89:ed:
40:53:1d:63:ee:43:8d:e0:e5:37:85:95:62:dd:fa:
cf:29:2f:43:54:85:bd:37:60:19:73:e9:d4:47:9a:
50:01:5b:69:0e:93:71:76:86:04:62:a3:a7:0b:e2:
fb:f1:38:fe:85:0e:3b:a6:c1:9d:d0:cf:ed:c6:d3:
e0:cc:fa:27:87:37:fe:98:07:fc:4b:3d:09:87:ec:
cd:68:51:97:90:18:84:e6:74:e7:cb:bc:a6:94:2b:
30:e2:29:20:24:c9:c8:02:5d:53:53:10:de:9e:44:
f7:d9:c9:9d:fc:08:b1:f4:c3:fb:f1:2b:0f:12:f2:
f9:9e:f7:91:7b:3f:f4:69:15:f7:a2:43:6f:07:6f:
34:af:8c:c4:02:a1:8f:d3:2b:e0:a6:39:17:1b:21:
5d:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:D9:03:A2:CA:0F:D6:26:F4:89:DA:24:97:B2:5A:25:DA:1F:87:2E
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/RdkDosoP1ib0idokl7JaJdofhy4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0/19
46.20.212.0/22
Signature Algorithm: sha256WithRSAEncryption
76:62:7a:e7:20:64:1d:3c:53:cc:7e:20:89:c4:b4:22:2f:3a:
87:50:79:4f:2d:a3:31:5d:53:f8:4e:68:fd:95:4c:af:5e:87:
8b:f0:74:ae:48:ee:46:40:00:9e:a7:86:f8:42:38:d2:3a:fe:
15:f6:7a:02:04:f7:96:55:5f:6a:5a:db:22:82:6d:4b:cc:85:
c4:f1:e9:34:c6:26:87:38:17:27:d7:11:c3:7d:1f:b7:6a:30:
78:71:3b:67:e8:9d:58:f7:bc:79:3b:f0:dd:48:92:37:b1:d7:
41:e3:6c:ca:a5:cf:bc:3f:cf:5d:82:ad:2c:84:dc:18:70:87:
26:10:b9:6c:fd:77:56:60:6d:09:73:68:bb:bf:7f:63:3c:93:
dc:ed:b9:c5:39:d7:43:5e:61:fc:23:98:c8:2e:4b:1c:62:b4:
52:67:0c:9b:f9:b3:23:d6:34:58:e7:d3:57:84:af:c7:63:4b:
4a:04:f6:a1:d8:87:f5:71:2e:29:29:8f:22:a6:3f:f1:47:dd:
8c:37:62:7c:65:82:cc:43:6f:1d:f0:b8:5e:86:00:c5:04:32:
8d:1a:df:5b:38:6c:90:80:7e:c0:3b:2b:7a:d8:d8:ce:09:32:
c6:5f:52:3d:d6:b0:d4:83:2c:14:af:43:36:24:b0:c7:8a:22:
a8:b2:80:f2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYuoiQ1RRlP41tW2w3zuNgwYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMxMTA3MDY0NzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWQ5MDNhMmNhMGZkNjI2ZjQ4OWRhMjQ5N2IyNWEyNWRhMWY4NzJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk9gCJYmQ9/ya8TlJ3jXzBkBvFlO9
MW0fRLt+UtCTkrqFXyGgP/p4mlDjtSgp0LXGXoHqoCzjNZnqOs2MP5Ioszgz59uN
tYVrI7NgYJ/InUskbfKAQsbbeNqQ151p5IIvaVCS8C7Sie1AUx1j7kON4OU3hZVi
3frPKS9DVIW9N2AZc+nUR5pQAVtpDpNxdoYEYqOnC+L78Tj+hQ47psGd0M/txtPg
zPonhzf+mAf8Sz0Jh+zNaFGXkBiE5nTny7ymlCsw4ikgJMnIAl1TUxDenkT32cmd
/Aix9MP78SsPEvL5nveRez/0aRX3okNvB280r4zEAqGP0yvgpjkXGyFdrwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEXZA6LKD9Ym9InaJJeyWiXaH4cuMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvUmRrRG9zb1AxaWIwaWRva2w3SmFKZG9maHk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFBWZgAwQC
LhTUMA0GCSqGSIb3DQEBCwUAA4IBAQB2YnrnIGQdPFPMfiCJxLQiLzqHUHlPLaMx
XVP4Tmj9lUyvXoeL8HSuSO5GQACep4b4QjjSOv4V9noCBPeWVV9qWtsigm1LzIXE
8ek0xiaHOBcn1xHDfR+3ajB4cTtn6J1Y97x5O/DdSJI3sddB42zKpc+8P89dgq0s
hNwYcIcmELls/XdWYG0Jc2i7v39jPJPc7bnFOddDXmH8I5jILkscYrRSZwyb+bMj
1jRY59NXhK/HY0tKBPah2If1cS4pKY8ipj/xR92MN2J8ZYLMQ28d8LhehgDFBDKN
Gt9bOGyQgH7AOyt62NjOCTLGX1I91rDUgywUr0M2JLDHiiKosoDy
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:35 2024 by rpki-client on console-fra.rpki-client.org