Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/aiht8yIWzuhTdE39kDAcPmMBzDA.roa
File: aiht8yIWzuhTdE39kDAcPmMBzDA.roa (raw, json)
Hash identifier: 1UkC7QmYBWW6hl9ei00mq6kfbpbp+jVqcTnR4Ls1xgY=
Subject key identifier: 6A:28:6D:F3:22:16:CE:E8:53:74:4D:FD:90:30:1C:3E:63:01:CC:30
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018D87BB44369B035D718E8CA232169B59F8
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/aiht8yIWzuhTdE39kDAcPmMBzDA.roa
Signing time: Thu 08 Feb 2024 08:00:13 +0000
ROA not before: Thu 08 Feb 2024 08:00:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 5.102.96.0/20 maxlen: 24
5.102.96.0/21 maxlen: 24
Validation: Failed, certificate revoked on Thu 15 Feb 2024 11:17:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:87:bb:44:36:9b:03:5d:71:8e:8c:a2:32:16:9b:59:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Feb 8 08:00:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6a286df32216cee853744dfd90301c3e6301cc30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:7a:de:27:0b:48:39:00:3a:93:a9:ca:ba:ed:
88:b7:e3:a2:53:8d:21:fd:31:16:83:a3:bf:ad:80:
6b:42:67:eb:a5:1c:b3:89:88:2a:32:9e:7d:ce:de:
70:87:17:5e:0f:2f:9f:26:a7:d4:0b:5d:4e:c6:e0:
13:01:1d:5c:fc:5e:72:05:cf:0f:54:a7:05:10:37:
51:c9:2d:ce:fc:15:90:24:db:f9:52:21:af:a0:1a:
5f:7a:b1:62:a0:db:d3:e9:d3:ff:72:5a:36:c6:6f:
f4:8c:e5:ee:33:fd:f4:a9:69:69:0c:a8:69:d0:ef:
4f:26:1f:12:d6:50:ff:a0:91:01:ef:47:bb:27:ea:
bf:49:bc:63:f6:49:f1:51:1d:2a:ed:a1:a6:b4:f3:
90:5a:5a:16:3e:6a:e4:10:e7:07:5a:f2:f2:a0:7a:
d7:e1:95:61:3c:f1:9a:26:10:b5:56:83:94:f2:24:
a3:35:82:0c:d5:0e:29:50:fc:5f:6a:6f:46:5b:d8:
ab:46:fe:c9:e2:d1:3c:70:e4:a1:a0:99:40:8c:4c:
1b:dc:a9:d5:25:87:e6:c9:2b:ec:c2:cf:81:e8:39:
12:86:90:87:84:c6:1c:a1:1f:d2:e6:92:ec:ed:9b:
39:64:e6:c9:01:3a:f3:4b:5c:30:05:cc:f1:29:9a:
a4:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:28:6D:F3:22:16:CE:E8:53:74:4D:FD:90:30:1C:3E:63:01:CC:30
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/aiht8yIWzuhTdE39kDAcPmMBzDA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0/20
Signature Algorithm: sha256WithRSAEncryption
73:1c:34:68:57:e2:51:11:c1:6e:5f:da:a3:97:f2:9b:8d:c2:
84:a2:f1:51:9e:da:5a:4e:06:c8:57:8f:91:6a:da:33:e8:89:
18:c7:ac:4b:0c:9e:ce:c2:33:6e:58:e7:1e:41:3e:ed:61:16:
56:1f:d4:35:b6:9c:ea:8d:06:22:64:e5:3a:59:75:f8:f4:c4:
0d:f5:29:24:1f:43:c3:7a:00:ec:b3:5b:e5:8d:ab:8f:5e:a9:
5c:1a:0f:48:05:84:38:26:99:7e:28:5d:b3:dc:97:bc:78:15:
28:df:66:fa:a1:c7:cd:1d:08:f4:f3:97:12:26:c3:66:d3:1a:
76:86:4d:5b:33:54:9d:2d:d3:b8:eb:8a:49:c1:1e:f0:ed:d0:
e0:6a:89:b1:d5:ea:ab:c6:c1:5e:16:ba:95:2b:3a:af:a0:a8:
0c:57:b8:3d:7d:86:9c:1b:be:59:33:63:39:4c:c8:44:1f:3d:
76:c2:5b:5c:a7:9a:9d:33:43:c4:bf:2f:f5:10:0c:91:2c:40:
b5:a1:61:fe:6f:2a:e2:a0:38:5b:f3:89:e4:8f:02:96:37:10:
cb:5b:af:97:aa:d2:72:7f:93:b1:49:a6:d9:f2:fd:6a:1e:45:
a7:1b:6d:2b:c5:63:48:97:f7:3a:07:0f:22:9a:df:d7:88:3b:
10:73:91:68
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY2Hu0Q2mwNdcY6MojIWm1n4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQwMjA4MDgwMDEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTI4NmRmMzIyMTZjZWU4NTM3NDRkZmQ5MDMwMWMzZTYzMDFjYzMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApXreJwtIOQA6k6nKuu2It+OiU40h
/TEWg6O/rYBrQmfrpRyziYgqMp59zt5whxdeDy+fJqfUC11OxuATAR1c/F5yBc8P
VKcFEDdRyS3O/BWQJNv5UiGvoBpferFioNvT6dP/clo2xm/0jOXuM/30qWlpDKhp
0O9PJh8S1lD/oJEB70e7J+q/Sbxj9knxUR0q7aGmtPOQWloWPmrkEOcHWvLyoHrX
4ZVhPPGaJhC1VoOU8iSjNYIM1Q4pUPxfam9GW9irRv7J4tE8cOShoJlAjEwb3KnV
JYfmySvsws+B6DkShpCHhMYcoR/S5pLs7Zs5ZObJATrzS1wwBczxKZqkUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGoobfMiFs7oU3RN/ZAwHD5jAcwwMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvYWlodDh5SVd6dWhUZEUzOWtEQWNQbU1CekRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEBWZgMA0G
CSqGSIb3DQEBCwUAA4IBAQBzHDRoV+JREcFuX9qjl/KbjcKEovFRntpaTgbIV4+R
atoz6IkYx6xLDJ7OwjNuWOceQT7tYRZWH9Q1tpzqjQYiZOU6WXX49MQN9SkkH0PD
egDss1vljauPXqlcGg9IBYQ4Jpl+KF2z3Je8eBUo32b6ocfNHQj085cSJsNm0xp2
hk1bM1SdLdO464pJwR7w7dDgaomx1eqrxsFeFrqVKzqvoKgMV7g9fYacG75ZM2M5
TMhEHz12wltcp5qdM0PEvy/1EAyRLEC1oWH+byrioDhb84nkjwKWNxDLW6+XqtJy
f5OxSabZ8v1qHkWnG20rxWNIl/c6Bw8imt/XiDsQc5Fo
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:35 2024 by rpki-client on console-fra.rpki-client.org