Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/TFj05qU2f2p89FVgeQKl-78Q_gE.roa
File: TFj05qU2f2p89FVgeQKl-78Q_gE.roa (raw, json)
Hash identifier: I19KXjqTvI5btXFKR+mulsd9qj8x1qLBRFZXXGusD8Q=
Subject key identifier: 4C:58:F4:E6:A5:36:7F:6A:7C:F4:55:60:79:02:A5:FB:BF:10:FE:01
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018D6DF25BF2BEB8F42CBCD21B8E972DB6CC
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/TFj05qU2f2p89FVgeQKl-78Q_gE.roa
Signing time: Sat 03 Feb 2024 07:50:16 +0000
ROA not before: Sat 03 Feb 2024 07:50:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 5.102.96.0/20 maxlen: 24
5.102.96.0/21 maxlen: 24
5.102.108.0/22 maxlen: 22
5.102.124.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 08 Feb 2024 08:00:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:6d:f2:5b:f2:be:b8:f4:2c:bc:d2:1b:8e:97:2d:b6:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Feb 3 07:50:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4c58f4e6a5367f6a7cf455607902a5fbbf10fe01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:8b:86:72:30:9a:59:b0:51:86:37:d6:7f:0f:
f0:1d:15:44:09:9d:a5:9b:20:13:d6:84:a7:e4:53:
55:d2:76:e4:8d:71:7a:27:5b:58:90:a6:f6:82:11:
1d:d5:93:c5:24:46:0e:98:0f:f8:0d:f6:a1:47:82:
87:54:da:0f:94:44:23:5d:0e:98:70:3c:fe:31:c1:
0e:88:ea:21:07:c3:e9:0a:98:42:2a:5c:b0:a7:04:
a5:ad:b1:2f:f9:45:c5:da:38:f7:da:27:35:8b:dc:
53:a2:c1:9a:22:b7:97:e5:40:3a:f5:a6:41:d4:c0:
96:be:36:49:19:a2:96:92:82:e5:4a:8f:38:46:0c:
76:8f:c6:de:09:d8:d5:e9:fd:8b:88:f9:40:c0:0c:
88:03:21:d3:4e:9e:55:e9:9c:6a:9b:e7:52:ab:fa:
2f:3c:5f:db:aa:78:73:09:00:b4:da:9d:3b:12:53:
e7:1a:f2:ec:cc:38:41:c1:6c:a6:6b:b4:8a:53:70:
97:85:6e:9b:85:46:24:af:1a:2c:8e:65:12:e6:85:
6e:c5:66:40:11:50:00:5b:91:12:72:65:e1:82:f0:
91:e9:72:e4:b7:dd:20:55:bf:11:17:13:45:3b:85:
2f:68:8c:e3:a4:18:c1:80:23:cb:28:4d:16:b9:0c:
52:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:58:F4:E6:A5:36:7F:6A:7C:F4:55:60:79:02:A5:FB:BF:10:FE:01
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/TFj05qU2f2p89FVgeQKl-78Q_gE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0/20
5.102.124.0/22
Signature Algorithm: sha256WithRSAEncryption
17:54:c5:3f:76:8f:70:8a:62:dd:4d:ee:fd:5c:79:15:91:0a:
69:bc:9d:ae:8c:74:de:91:36:2d:28:53:d3:ec:a1:6d:d7:9f:
f3:8c:97:cd:35:20:b9:47:62:13:a0:63:a2:d3:bf:81:f0:44:
24:ca:b9:d1:4f:a2:17:19:11:36:04:a1:38:a5:9b:fa:c0:ba:
75:38:e2:f9:57:13:d1:e2:4c:24:51:5a:1d:41:29:ae:8d:0e:
a9:71:9c:cb:25:87:0e:d2:2c:4f:39:50:28:58:34:96:9d:84:
4a:f3:67:2f:e8:59:35:dc:88:96:e3:26:ba:a6:74:43:21:6d:
43:8f:b9:55:e4:51:96:86:f3:5e:58:2a:e9:3d:e6:65:82:72:
d4:c4:11:1c:ee:2e:e3:68:a4:35:ae:1b:b6:5b:7a:93:f4:df:
f0:11:9e:34:47:60:f6:c6:7c:7e:1f:92:e0:ae:59:a1:f5:54:
b0:00:b1:07:68:1b:2e:7a:12:34:d0:1b:2b:64:26:07:28:6a:
56:5b:da:75:84:b7:7c:85:67:19:0a:a1:0c:45:ac:89:a4:51:
4d:32:ec:1a:66:05:b7:19:9d:cc:2d:1f:df:e7:26:06:51:a8:
2d:7c:b9:9f:e5:23:43:8f:f2:1c:d1:39:48:86:eb:c3:db:ee:
07:35:61:78
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY1t8lvyvrj0LLzSG46XLbbMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQwMjAzMDc1MDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzU4ZjRlNmE1MzY3ZjZhN2NmNDU1NjA3OTAyYTVmYmJmMTBmZTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7YuGcjCaWbBRhjfWfw/wHRVECZ2l
myAT1oSn5FNV0nbkjXF6J1tYkKb2ghEd1ZPFJEYOmA/4DfahR4KHVNoPlEQjXQ6Y
cDz+McEOiOohB8PpCphCKlywpwSlrbEv+UXF2jj32ic1i9xTosGaIreX5UA69aZB
1MCWvjZJGaKWkoLlSo84Rgx2j8beCdjV6f2LiPlAwAyIAyHTTp5V6Zxqm+dSq/ov
PF/bqnhzCQC02p07ElPnGvLszDhBwWyma7SKU3CXhW6bhUYkrxosjmUS5oVuxWZA
EVAAW5EScmXhgvCR6XLkt90gVb8RFxNFO4UvaIzjpBjBgCPLKE0WuQxS5wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFExY9OalNn9qfPRVYHkCpfu/EP4BMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvVEZqMDVxVTJmMnA4OUZWZ2VRS2wtNzhRX2dFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEBWZgAwQC
BWZ8MA0GCSqGSIb3DQEBCwUAA4IBAQAXVMU/do9wimLdTe79XHkVkQppvJ2ujHTe
kTYtKFPT7KFt15/zjJfNNSC5R2IToGOi07+B8EQkyrnRT6IXGRE2BKE4pZv6wLp1
OOL5VxPR4kwkUVodQSmujQ6pcZzLJYcO0ixPOVAoWDSWnYRK82cv6Fk13IiW4ya6
pnRDIW1Dj7lV5FGWhvNeWCrpPeZlgnLUxBEc7i7jaKQ1rhu2W3qT9N/wEZ40R2D2
xnx+H5Lgrlmh9VSwALEHaBsuehI00BsrZCYHKGpWW9p1hLd8hWcZCqEMRayJpFFN
MuwaZgW3GZ3MLR/f5yYGUagtfLmf5SNDj/Ic0TlIhuvD2+4HNWF4
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:47 2024 by rpki-client on console-ams.rpki-client.org