Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/dg_M14rypNSMGvhrRKIgZ7TBTbU.roa
File: dg_M14rypNSMGvhrRKIgZ7TBTbU.roa (raw, json)
Hash identifier: Z93yWGMFJ89mYDNi+cfJW70r3Y8hTu0G/0Htc/yvTYw=
Subject key identifier: 76:0F:CC:D7:8A:F2:A4:D4:8C:1A:F8:6B:44:A2:20:67:B4:C1:4D:B5
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 0192DCFBB83784D83F4E5085D8F74F44EBB5
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/dg_M14rypNSMGvhrRKIgZ7TBTbU.roa
Signing time: Wed 30 Oct 2024 10:32:17 +0000
ROA not before: Wed 30 Oct 2024 10:32:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 5.102.96.0/20 maxlen: 24
5.102.96.0/21 maxlen: 24
5.102.96.0/22 maxlen: 24
5.102.100.0/22 maxlen: 24
82.163.96.0/21 maxlen: 24
Validation: Failed, certificate revoked on Fri 01 Nov 2024 18:57:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:dc:fb:b8:37:84:d8:3f:4e:50:85:d8:f7:4f:44:eb:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Oct 30 10:32:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=760fccd78af2a4d48c1af86b44a22067b4c14db5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:c5:ef:4f:cd:e5:b2:ed:f7:79:85:b5:82:c5:
bd:f2:d9:76:12:86:03:d0:e3:fe:40:98:84:68:41:
14:0c:c8:b5:ac:2c:96:92:79:1b:22:ab:98:da:ce:
9e:af:92:dc:cd:a6:11:39:6d:e0:2f:f2:c7:e7:ff:
c2:10:48:95:09:a3:e8:48:5f:ea:d8:51:75:5a:e5:
6a:9a:42:d7:a5:6e:32:e9:f7:97:bf:75:a0:5a:a4:
d0:22:6d:ec:92:ca:a9:f2:ba:b3:6d:63:ff:9f:62:
8a:81:6a:13:5a:0f:84:49:b1:1b:59:d9:18:06:00:
d7:24:c6:9f:90:5d:69:45:d1:1a:f7:53:ad:80:77:
56:a3:e2:ee:3d:16:ce:ee:b7:99:e5:48:53:9f:45:
2e:f2:91:a8:27:b4:2f:e4:53:4b:e3:7c:60:53:d9:
82:65:23:5f:ab:9b:82:9b:5a:42:23:89:c5:e1:6d:
43:99:49:79:d6:c3:e9:08:c1:0a:71:a5:f8:43:bb:
53:ed:a4:13:66:34:c5:25:12:60:88:4a:a3:85:98:
f5:c4:6b:c0:b3:be:f6:b8:d6:9a:23:de:86:3b:dd:
d9:a7:c4:6b:5d:bd:55:3b:41:fd:62:79:31:2a:56:
89:1f:0f:1d:ad:17:9d:65:4d:49:cd:39:64:8c:af:
7c:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:0F:CC:D7:8A:F2:A4:D4:8C:1A:F8:6B:44:A2:20:67:B4:C1:4D:B5
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/dg_M14rypNSMGvhrRKIgZ7TBTbU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0/20
82.163.96.0/21
Signature Algorithm: sha256WithRSAEncryption
20:90:35:1e:dd:88:a6:4c:ec:28:df:e0:d0:9f:36:5d:4b:53:
54:aa:ee:05:c1:66:62:ca:7f:a2:06:1d:d1:34:6b:9b:5d:9e:
0a:2e:b6:09:27:84:cf:05:97:89:02:6a:bb:f8:07:64:8b:ab:
94:4b:b0:30:12:a4:e1:db:6b:d5:80:bc:8d:31:65:44:00:ff:
8e:bb:4f:fa:97:03:d2:24:3d:8d:b0:38:7d:a8:58:16:bf:bd:
bf:a7:32:27:95:6c:3f:12:db:26:7a:14:b8:06:55:89:16:7f:
b9:a4:48:72:4e:64:66:b0:c3:ad:37:d1:f4:7e:6e:90:66:1f:
4f:59:49:95:2a:92:f8:28:49:04:93:b1:eb:61:0d:f4:3c:5b:
f3:19:36:50:1f:d5:bb:f4:7b:26:82:1c:18:79:32:c5:99:fb:
1e:b8:d5:14:41:a6:11:23:29:e2:24:cc:e8:8f:35:e4:e4:3a:
62:8d:ef:13:e3:e8:23:4b:d4:07:d3:17:71:d9:cf:a8:70:99:
8b:3a:e8:46:a6:f9:23:0b:6a:33:9a:42:8b:82:fc:d6:7b:74:
e9:0f:44:69:01:2b:f1:f1:9b:fc:ba:53:9a:cc:91:d6:da:91:
c4:91:00:1a:94:eb:03:a8:4a:b8:97:65:67:00:bf:a4:2e:c3:
6c:46:9c:7d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZLc+7g3hNg/TlCF2PdPROu1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQxMDMwMTAzMjE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjBmY2NkNzhhZjJhNGQ0OGMxYWY4NmI0NGEyMjA2N2I0YzE0ZGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv8XvT83lsu33eYW1gsW98tl2EoYD
0OP+QJiEaEEUDMi1rCyWknkbIquY2s6er5LczaYROW3gL/LH5//CEEiVCaPoSF/q
2FF1WuVqmkLXpW4y6feXv3WgWqTQIm3sksqp8rqzbWP/n2KKgWoTWg+ESbEbWdkY
BgDXJMafkF1pRdEa91OtgHdWo+LuPRbO7reZ5UhTn0Uu8pGoJ7Qv5FNL43xgU9mC
ZSNfq5uCm1pCI4nF4W1DmUl51sPpCMEKcaX4Q7tT7aQTZjTFJRJgiEqjhZj1xGvA
s772uNaaI96GO93Zp8RrXb1VO0H9YnkxKlaJHw8drRedZU1JzTlkjK98QwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHYPzNeK8qTUjBr4a0SiIGe0wU21MB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvZGdfTTE0cnlwTlNNR3ZoclJLSWdaN1RCVGJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEBWZgAwQD
UqNgMA0GCSqGSIb3DQEBCwUAA4IBAQAgkDUe3YimTOwo3+DQnzZdS1NUqu4FwWZi
yn+iBh3RNGubXZ4KLrYJJ4TPBZeJAmq7+Adki6uUS7AwEqTh22vVgLyNMWVEAP+O
u0/6lwPSJD2NsDh9qFgWv72/pzInlWw/EtsmehS4BlWJFn+5pEhyTmRmsMOtN9H0
fm6QZh9PWUmVKpL4KEkEk7HrYQ30PFvzGTZQH9W79HsmghwYeTLFmfseuNUUQaYR
IyniJMzojzXk5Dpije8T4+gjS9QH0xdx2c+ocJmLOuhGpvkjC2ozmkKLgvzWe3Tp
D0RpASvx8Zv8ulOazJHW2pHEkQAalOsDqEq4l2VnAL+kLsNsRpx9
-----END CERTIFICATE-----
Generated at Fri Nov 1 20:38:00 2024 by rpki-client on console-ams.rpki-client.org