Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/SURivBMCCdlYr44QALi5gpD9QM4.roa
File: SURivBMCCdlYr44QALi5gpD9QM4.roa (raw, json)
Hash identifier: q6LnqN2jSrI1oaNNUPRDhsDqDwSed0VTkMrgXgJZ4Tc=
Subject key identifier: 49:44:62:BC:13:02:09:D9:58:AF:8E:10:00:B8:B9:82:90:FD:40:CE
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 0192E91711E5A75CD65887520991718B863A
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/SURivBMCCdlYr44QALi5gpD9QM4.roa
Signing time: Fri 01 Nov 2024 18:57:36 +0000
ROA not before: Fri 01 Nov 2024 18:57:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 5.102.96.0/20 maxlen: 24
5.102.96.0/21 maxlen: 24
5.102.96.0/22 maxlen: 24
82.163.96.0/21 maxlen: 24
Validation: Failed, certificate revoked on Wed 06 Nov 2024 06:38:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:e9:17:11:e5:a7:5c:d6:58:87:52:09:91:71:8b:86:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Nov 1 18:57:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=494462bc130209d958af8e1000b8b98290fd40ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:c1:1b:bc:94:76:57:4d:ef:a6:a8:b1:72:7e:
9b:18:3e:8e:14:a4:f9:af:b1:2a:45:de:6d:d6:5d:
68:57:f2:a6:f0:eb:5d:44:a1:0d:6d:72:57:e6:cb:
77:74:2e:85:0f:a0:86:69:17:04:47:d4:37:ff:12:
46:7a:c0:58:76:28:8f:25:82:ac:26:1c:2c:94:47:
0a:7d:bb:0a:b0:72:67:de:1c:96:83:75:e8:9c:34:
32:ed:38:3f:6c:ea:fe:b4:e2:73:bc:83:82:cd:b3:
2f:a6:8d:cb:7a:5c:2c:7a:ed:eb:94:96:0c:67:8d:
d7:28:62:88:93:12:a3:b5:26:54:cd:c8:0a:bf:f3:
e6:63:fc:f4:4f:b3:8b:b9:15:7f:bc:f6:b4:5f:51:
16:18:a6:f0:c7:42:0d:33:a2:85:9c:a8:35:54:91:
27:c2:53:02:69:06:c2:c4:b7:7c:f2:29:51:58:9a:
18:6e:5f:3d:3c:d2:63:31:9d:8d:dc:51:6a:0b:1b:
66:ee:88:3e:1e:ff:64:dd:91:5e:4c:ad:ee:fd:59:
b3:e1:05:17:b6:ed:cd:36:2f:ee:1b:3f:e1:7a:10:
fe:2e:19:20:60:0d:f0:77:91:6e:7b:3c:0b:73:c7:
bb:80:20:f7:96:75:da:fb:7f:be:10:6b:e0:45:70:
01:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:44:62:BC:13:02:09:D9:58:AF:8E:10:00:B8:B9:82:90:FD:40:CE
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/SURivBMCCdlYr44QALi5gpD9QM4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0/20
82.163.96.0/21
Signature Algorithm: sha256WithRSAEncryption
24:10:77:15:53:c9:95:23:8f:da:e5:fc:98:4a:a1:a7:a3:b7:
eb:86:d9:4e:70:ce:34:3c:5f:e1:53:b9:ba:f7:75:27:f2:79:
3c:c4:ff:49:a7:08:f3:30:98:0b:3b:6c:4e:e1:74:5b:b2:ab:
5c:90:dc:1d:1a:28:b1:25:c8:f2:09:1d:49:fe:be:d2:52:3a:
b9:6b:42:28:b8:df:40:61:c8:3c:12:56:bc:07:64:22:04:b0:
12:0e:28:64:61:11:be:ae:77:06:24:8e:49:24:b3:52:20:ef:
96:13:4a:6b:58:65:41:5c:e8:2e:0d:00:76:59:b8:42:93:ed:
dd:44:b8:24:26:e7:25:58:27:3e:d0:38:89:4b:c9:20:b7:e2:
2b:c0:86:48:c7:2f:06:42:4a:e9:c3:59:20:54:21:d4:94:20:
c6:37:a2:03:32:a1:64:55:24:9b:a8:4a:47:42:0f:8e:24:7c:
1c:2b:c4:f3:e3:4b:13:7d:a6:b4:52:c4:fb:ee:b6:9d:eb:54:
d1:16:56:48:5e:b9:f3:db:bd:5d:db:f2:b3:78:18:ca:11:9a:
75:44:e3:2c:8b:a4:bf:9d:d7:f1:09:b8:38:c9:25:4c:81:55:
b5:00:fc:97:04:c5:a8:95:ff:92:db:6e:d1:e3:5a:23:4a:1b:
c2:99:8c:a3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZLpFxHlp1zWWIdSCZFxi4Y6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQxMTAxMTg1NzM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTQ0NjJiYzEzMDIwOWQ5NThhZjhlMTAwMGI4Yjk4MjkwZmQ0MGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr8EbvJR2V03vpqixcn6bGD6OFKT5
r7EqRd5t1l1oV/Km8OtdRKENbXJX5st3dC6FD6CGaRcER9Q3/xJGesBYdiiPJYKs
JhwslEcKfbsKsHJn3hyWg3XonDQy7Tg/bOr+tOJzvIOCzbMvpo3Lelwseu3rlJYM
Z43XKGKIkxKjtSZUzcgKv/PmY/z0T7OLuRV/vPa0X1EWGKbwx0INM6KFnKg1VJEn
wlMCaQbCxLd88ilRWJoYbl89PNJjMZ2N3FFqCxtm7og+Hv9k3ZFeTK3u/Vmz4QUX
tu3NNi/uGz/hehD+LhkgYA3wd5FuezwLc8e7gCD3lnXa+3++EGvgRXABvQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFElEYrwTAgnZWK+OEAC4uYKQ/UDOMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvU1VSaXZCTUNDZGxZcjQ0UUFMaTVncEQ5UU00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEBWZgAwQD
UqNgMA0GCSqGSIb3DQEBCwUAA4IBAQAkEHcVU8mVI4/a5fyYSqGno7frhtlOcM40
PF/hU7m693Un8nk8xP9JpwjzMJgLO2xO4XRbsqtckNwdGiixJcjyCR1J/r7SUjq5
a0IouN9AYcg8Ela8B2QiBLASDihkYRG+rncGJI5JJLNSIO+WE0prWGVBXOguDQB2
WbhCk+3dRLgkJuclWCc+0DiJS8kgt+IrwIZIxy8GQkrpw1kgVCHUlCDGN6IDMqFk
VSSbqEpHQg+OJHwcK8Tz40sTfaa0UsT77rad61TRFlZIXrnz271d2/KzeBjKEZp1
ROMsi6S/ndfxCbg4ySVMgVW1APyXBMWolf+S227R41ojShvCmYyj
-----END CERTIFICATE-----
Generated at Wed Nov 6 08:29:11 2024 by rpki-client on console-fra.rpki-client.org