Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/bN97dNB5y5IORV1K3xpQiWLHZhs.roa
File: bN97dNB5y5IORV1K3xpQiWLHZhs.roa (raw, json)
Hash identifier: qeQFSaxQmmzQ+us+WEdSGBS3Iaw9jSwTUR2DozzXN6U=
Subject key identifier: 6C:DF:7B:74:D0:79:CB:92:0E:45:5D:4A:DF:1A:50:89:62:C7:66:1B
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018B8C0CE08526EAEC7DC5178A8245154176
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/bN97dNB5y5IORV1K3xpQiWLHZhs.roa
Signing time: Wed 01 Nov 2023 18:02:16 +0000
ROA not before: Wed 01 Nov 2023 18:02:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 5.102.96.0/19 maxlen: 24
5.102.96.0/20 maxlen: 24
5.102.112.0/20 maxlen: 24
Validation: Failed, certificate revoked on Mon 06 Nov 2023 07:58:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8c:0c:e0:85:26:ea:ec:7d:c5:17:8a:82:45:15:41:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Nov 1 18:02:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6cdf7b74d079cb920e455d4adf1a508962c7661b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:99:3e:a9:5e:55:be:59:22:9b:de:0b:4b:06:
a9:e5:ce:8f:ff:a5:77:66:73:33:eb:ce:31:6f:87:
ca:ad:7d:30:7d:67:25:68:22:3d:ff:ec:b8:99:39:
53:94:1d:48:f9:c0:63:85:03:f9:c4:f1:6c:2a:2a:
48:39:39:38:51:dc:9c:0c:4a:6d:bf:64:6b:ae:6d:
ff:d7:39:d4:57:ae:80:cf:da:68:39:f1:a1:fd:5c:
18:eb:5b:e2:2d:f6:d2:d6:e1:7d:5e:06:1e:30:ae:
5b:18:86:e2:fd:ee:3e:5a:3f:27:65:e1:9c:ea:b1:
f1:8f:68:e4:94:48:f4:8e:d3:4a:98:a6:ba:39:58:
1a:c3:12:e5:bf:db:b3:5c:18:8f:09:fd:87:5e:80:
37:e3:83:66:a4:b0:71:fe:63:11:19:35:1c:6f:c8:
4c:0b:21:5a:20:67:69:a7:c5:53:06:70:ce:ea:02:
6f:61:5c:c2:f8:5d:cd:09:58:e4:2e:1c:ce:37:ff:
bc:1c:d2:fb:77:84:9a:4d:3c:2a:59:c9:d2:7a:11:
94:28:a4:76:0c:bb:5b:a7:16:3a:a7:91:74:c3:d5:
95:32:c1:cd:cb:23:56:41:14:a7:b7:a4:b5:b2:87:
6d:19:5f:84:25:1e:11:22:98:ab:37:80:47:ea:36:
9c:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:DF:7B:74:D0:79:CB:92:0E:45:5D:4A:DF:1A:50:89:62:C7:66:1B
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/bN97dNB5y5IORV1K3xpQiWLHZhs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0/19
Signature Algorithm: sha256WithRSAEncryption
8e:a1:f7:38:93:8d:d5:f2:64:11:7e:22:80:bf:c7:5e:c0:9f:
6f:c9:b0:b6:5f:ca:5e:cf:a1:c5:53:e0:ec:d8:8e:1d:85:76:
61:7b:5c:8b:69:ae:dc:5e:f4:c4:68:22:e0:83:7f:14:0d:da:
0d:da:1d:8c:d7:de:f9:93:9f:ab:3a:4b:f1:cb:32:69:1d:03:
4d:bc:23:87:65:90:70:02:39:82:0e:52:ca:38:b3:fd:ae:d3:
f6:37:27:2d:83:2b:b1:f2:c5:a3:e2:60:95:c9:fa:8c:a1:0b:
26:90:0d:d7:fb:04:e8:a2:a0:b8:35:e6:3f:49:b0:8b:29:f7:
7e:2c:82:47:8a:df:a7:f4:b8:aa:06:97:aa:57:74:59:b1:62:
d9:8d:49:9f:44:95:cc:0b:2b:cc:df:2b:e2:23:f5:96:dd:5e:
84:1d:58:3f:5a:35:47:af:aa:2d:8f:a2:49:22:88:bd:48:03:
83:57:3a:a6:45:26:c9:ef:1a:d7:4f:a9:ac:cc:3f:af:6d:ef:
5c:a5:01:be:21:86:58:c3:76:a3:7e:87:b9:dd:c5:aa:d5:c1:
49:f4:01:d3:ca:6e:e0:32:e1:54:81:3e:5f:30:e5:63:6c:70:
c6:e5:0f:e1:d4:cf:e1:56:aa:74:cc:c3:a4:0c:19:ff:39:c3:
1c:10:46:55
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYuMDOCFJursfcUXioJFFUF2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMxMTAxMTgwMjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2RmN2I3NGQwNzljYjkyMGU0NTVkNGFkZjFhNTA4OTYyYzc2NjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp5k+qV5Vvlkim94LSwap5c6P/6V3
ZnMz684xb4fKrX0wfWclaCI9/+y4mTlTlB1I+cBjhQP5xPFsKipIOTk4UdycDEpt
v2Rrrm3/1znUV66Az9poOfGh/VwY61viLfbS1uF9XgYeMK5bGIbi/e4+Wj8nZeGc
6rHxj2jklEj0jtNKmKa6OVgawxLlv9uzXBiPCf2HXoA344NmpLBx/mMRGTUcb8hM
CyFaIGdpp8VTBnDO6gJvYVzC+F3NCVjkLhzON/+8HNL7d4SaTTwqWcnSehGUKKR2
DLtbpxY6p5F0w9WVMsHNyyNWQRSnt6S1sodtGV+EJR4RIpirN4BH6jachwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGzfe3TQecuSDkVdSt8aUIlix2YbMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvYk45N2ROQjV5NUlPUlYxSzN4cFFpV0xIWmhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFBWZgMA0G
CSqGSIb3DQEBCwUAA4IBAQCOofc4k43V8mQRfiKAv8dewJ9vybC2X8pez6HFU+Ds
2I4dhXZhe1yLaa7cXvTEaCLgg38UDdoN2h2M1975k5+rOkvxyzJpHQNNvCOHZZBw
AjmCDlLKOLP9rtP2Nyctgyux8sWj4mCVyfqMoQsmkA3X+wTooqC4NeY/SbCLKfd+
LIJHit+n9LiqBpeqV3RZsWLZjUmfRJXMCyvM3yviI/WW3V6EHVg/WjVHr6otj6JJ
Ioi9SAODVzqmRSbJ7xrXT6mszD+vbe9cpQG+IYZYw3ajfoe53cWq1cFJ9AHTym7g
MuFUgT5fMOVjbHDG5Q/h1M/hVqp0zMOkDBn/OcMcEEZV
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:47 2024 by rpki-client on console-ams.rpki-client.org