Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/eEzBz63W51F2eBk2IzLlbDlS__I.roa
File: eEzBz63W51F2eBk2IzLlbDlS__I.roa (raw, json)
Hash identifier: vrPUOHkvZ5oZG1o5Q+OJWQo8IKTIM6fqa2Thhxh4IXU=
Subject key identifier: 78:4C:C1:CF:AD:D6:E7:51:76:78:19:36:23:32:E5:6C:39:52:FF:F2
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018E751BE1673853DB4AEB50177AD88570C1
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/eEzBz63W51F2eBk2IzLlbDlS__I.roa
Signing time: Mon 25 Mar 2024 10:15:45 +0000
ROA not before: Mon 25 Mar 2024 10:15:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 5.102.96.0/20 maxlen: 24
5.102.96.0/21 maxlen: 24
Validation: Failed, certificate revoked on Sat 06 Apr 2024 10:08:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:75:1b:e1:67:38:53:db:4a:eb:50:17:7a:d8:85:70:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Mar 25 10:15:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=784cc1cfadd6e751767819362332e56c3952fff2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:c4:7f:8e:28:c7:b1:17:b4:c0:42:f9:bc:0a:
7d:54:6f:ab:92:27:f1:cc:6a:b6:3f:5d:11:0c:8c:
b0:e3:19:09:63:3f:f8:15:61:4d:46:c4:39:e6:ca:
55:83:cc:52:b9:cf:0b:4f:b7:91:72:82:6d:5a:ed:
2b:27:b1:6a:d9:6c:f3:64:f4:9c:3b:e3:a4:7e:a3:
16:d8:73:f1:77:0c:9e:a2:6d:29:0a:26:c8:0b:a1:
8c:a6:30:9e:df:4a:8a:22:53:b6:fb:c7:21:1e:65:
49:22:e0:58:c4:e6:36:48:dc:65:4f:3e:db:d6:98:
cf:64:89:dd:82:dc:d6:5c:96:4b:1f:d9:98:32:7c:
53:52:4b:0c:fa:32:31:eb:a2:e0:3b:ce:8a:fa:34:
08:ce:c5:60:37:e6:4b:c5:ad:8c:71:57:f0:01:be:
cc:a9:97:2c:67:00:f4:81:62:5b:2d:09:ce:8d:79:
4d:5b:83:f5:b3:b6:0d:1b:b8:1a:40:43:3c:6f:56:
2d:5c:c8:4b:db:c7:cf:17:53:0e:ad:6c:29:70:d0:
31:da:91:be:58:7d:f1:8b:26:e0:95:cc:60:12:70:
6d:7e:74:e6:77:b2:f8:f7:52:d2:21:36:7c:af:ac:
65:fb:57:7f:46:f7:ac:0f:cd:11:4d:73:77:57:39:
a8:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:4C:C1:CF:AD:D6:E7:51:76:78:19:36:23:32:E5:6C:39:52:FF:F2
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/eEzBz63W51F2eBk2IzLlbDlS__I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0/20
Signature Algorithm: sha256WithRSAEncryption
24:b7:df:72:d4:10:08:10:59:68:a1:8e:dc:9d:86:28:50:99:
74:5d:4e:cd:78:d6:c1:6a:3b:32:bd:84:3c:17:17:6f:a7:0a:
c7:f5:b1:4d:e4:4d:9c:2e:c0:9d:bd:31:dc:20:0f:d1:e3:8f:
64:bb:7d:71:51:e5:b3:46:79:f9:f6:09:29:c1:4c:36:81:12:
20:b4:62:e1:16:cd:23:8f:16:4c:b4:80:de:31:03:7e:65:a0:
19:ca:fa:8c:a6:5e:44:3f:26:7e:15:53:c2:48:71:2c:43:5f:
d5:c0:3b:91:51:e5:04:78:a6:65:89:1b:d6:cf:f8:fb:30:3d:
a2:46:d1:32:03:ad:7b:08:ff:33:b7:b7:54:31:d9:1b:31:07:
71:1e:cd:2a:50:9c:62:8e:2e:2e:bf:8a:31:53:23:17:4e:e1:
b8:71:8c:76:58:b1:8d:32:fc:5f:18:8b:11:4b:21:2b:ae:1c:
1d:67:05:ce:7b:fc:5d:36:b0:92:2e:d4:4f:12:f6:9e:a5:93:
f9:e4:7a:1b:46:02:99:17:ef:15:5f:54:3f:6c:84:3f:ce:78:
05:3d:de:72:15:d4:2a:b3:2b:fe:b9:60:99:03:5e:9c:bc:7b:
54:13:cb:ca:52:e0:0f:5d:8a:d5:0b:c8:d3:03:72:0c:da:9b:
19:73:4b:f0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY51G+FnOFPbSutQF3rYhXDBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQwMzI1MTAxNTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODRjYzFjZmFkZDZlNzUxNzY3ODE5MzYyMzMyZTU2YzM5NTJmZmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgsR/jijHsRe0wEL5vAp9VG+rkifx
zGq2P10RDIyw4xkJYz/4FWFNRsQ55spVg8xSuc8LT7eRcoJtWu0rJ7Fq2WzzZPSc
O+OkfqMW2HPxdwyeom0pCibIC6GMpjCe30qKIlO2+8chHmVJIuBYxOY2SNxlTz7b
1pjPZIndgtzWXJZLH9mYMnxTUksM+jIx66LgO86K+jQIzsVgN+ZLxa2McVfwAb7M
qZcsZwD0gWJbLQnOjXlNW4P1s7YNG7gaQEM8b1YtXMhL28fPF1MOrWwpcNAx2pG+
WH3xiybglcxgEnBtfnTmd7L491LSITZ8r6xl+1d/RvesD80RTXN3VzmomwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHhMwc+t1udRdngZNiMy5Ww5Uv/yMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvZUV6Qno2M1c1MUYyZUJrMkl6TGxiRGxTX19JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEBWZgMA0G
CSqGSIb3DQEBCwUAA4IBAQAkt99y1BAIEFlooY7cnYYoUJl0XU7NeNbBajsyvYQ8
FxdvpwrH9bFN5E2cLsCdvTHcIA/R449ku31xUeWzRnn59gkpwUw2gRIgtGLhFs0j
jxZMtIDeMQN+ZaAZyvqMpl5EPyZ+FVPCSHEsQ1/VwDuRUeUEeKZliRvWz/j7MD2i
RtEyA617CP8zt7dUMdkbMQdxHs0qUJxiji4uv4oxUyMXTuG4cYx2WLGNMvxfGIsR
SyErrhwdZwXOe/xdNrCSLtRPEvaepZP55HobRgKZF+8VX1Q/bIQ/zngFPd5yFdQq
syv+uWCZA16cvHtUE8vKUuAPXYrVC8jTA3IM2psZc0vw
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:47 2024 by rpki-client on console-ams.rpki-client.org