Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/edRjrkwwBTdXAQl6LgtQIXii-f0.roa
File: edRjrkwwBTdXAQl6LgtQIXii-f0.roa (raw, json)
Hash identifier: /SkUNDeHbFoKuNNK4aDJIIBOelkgE4EnXYJ4NshIG5Q=
Subject key identifier: 79:D4:63:AE:4C:30:05:37:57:01:09:7A:2E:0B:50:21:78:A2:F9:FD
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 019305631C2A813DB6E2382BC6C80F989798
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/edRjrkwwBTdXAQl6LgtQIXii-f0.roa
Signing time: Thu 07 Nov 2024 06:50:01 +0000
ROA not before: Thu 07 Nov 2024 06:50:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 5.102.96.0/20 maxlen: 24
5.102.96.0/21 maxlen: 24
82.163.52.0/23 maxlen: 24
82.163.96.0/21 maxlen: 24
92.114.40.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 07 Nov 2024 10:38:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:05:63:1c:2a:81:3d:b6:e2:38:2b:c6:c8:0f:98:97:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Nov 7 06:50:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=79d463ae4c3005375701097a2e0b502178a2f9fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:4d:90:a1:46:d5:ec:c1:83:a1:d1:63:51:26:
ab:28:0f:02:0b:c1:a2:ba:42:a2:bb:88:bb:0f:89:
e9:79:96:83:ff:92:1d:82:f5:b3:43:29:b8:2c:28:
ec:72:7d:f8:2c:f5:5e:78:27:3f:cd:8a:82:f3:47:
2e:4c:e7:e6:c1:67:33:40:dc:92:ca:17:80:2f:59:
b8:d3:8a:fd:1c:db:40:fa:1b:f5:d6:29:74:c7:8e:
94:e4:5e:2d:91:17:bb:28:16:6c:e8:4a:86:39:ac:
ef:95:3e:06:8c:e5:c6:46:a4:5a:49:90:4e:33:6d:
4f:96:56:57:7a:53:17:a7:0a:be:91:0a:be:b8:52:
ed:a4:1b:52:ca:30:08:e1:37:0a:33:c1:e6:5f:cc:
5d:9b:b0:c4:c0:44:eb:01:6c:a7:ef:db:06:b5:44:
9f:62:2f:07:7b:e5:d7:60:5a:88:b0:23:16:8c:16:
5f:f2:5f:13:c4:8e:10:89:bd:94:4d:0a:75:34:3c:
20:6e:44:e7:00:6b:85:de:2e:86:5e:0e:24:f6:cc:
37:6c:d9:c8:eb:a9:ee:3a:76:ea:fb:7a:b0:16:66:
5d:f2:0d:d7:15:bb:31:09:50:30:cf:61:8f:13:a4:
92:97:67:30:10:a2:4a:3d:87:ba:71:43:f0:cb:2a:
b5:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:D4:63:AE:4C:30:05:37:57:01:09:7A:2E:0B:50:21:78:A2:F9:FD
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/edRjrkwwBTdXAQl6LgtQIXii-f0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0/20
82.163.52.0/23
82.163.96.0/21
92.114.40.0/22
Signature Algorithm: sha256WithRSAEncryption
5d:9a:c1:71:b2:28:96:40:f7:d6:2e:d6:eb:24:61:2b:65:8f:
3e:57:b0:a9:4f:67:77:16:fd:2e:61:3d:05:75:3c:ab:e7:b1:
59:d5:ae:64:ff:81:fc:5f:30:a8:28:0c:44:bb:14:73:79:f0:
5b:e2:ce:b7:9e:06:18:02:d6:99:09:db:8c:7a:75:2b:16:71:
5e:6b:c3:6f:9a:83:92:fc:4b:bb:96:bf:e2:9c:a8:b3:7e:b3:
4a:a5:c5:97:fe:50:66:32:81:41:1b:80:fb:22:f4:18:24:16:
ef:6b:a5:3b:6f:f0:85:dc:80:08:ca:55:62:a1:5a:2d:7c:c6:
dc:a6:0d:74:92:b8:cb:ff:9b:e9:90:44:1f:e0:cf:51:b1:1e:
a3:41:a5:a6:17:d2:d6:c9:67:27:db:cd:96:5a:07:e3:0a:02:
c9:0a:02:a6:7c:95:80:2e:c5:b2:86:55:d6:a2:58:7d:21:24:
5f:a2:b0:e4:db:87:fc:a9:9e:4e:58:60:e4:a6:b4:5c:82:91:
5d:12:37:cd:f2:ff:2c:a0:79:08:13:28:24:15:1b:4b:2c:0c:
65:d8:82:33:7d:04:57:cb:8c:b7:79:08:25:ad:7f:b4:64:03:
a3:f0:f2:bc:98:13:74:72:92:f8:66:dd:f7:0c:10:3f:ea:2e:
39:53:1d:ff
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZMFYxwqgT224jgrxsgPmJeYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQxMTA3MDY1MDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OWQ0NjNhZTRjMzAwNTM3NTcwMTA5N2EyZTBiNTAyMTc4YTJmOWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvU2QoUbV7MGDodFjUSarKA8CC8Gi
ukKiu4i7D4npeZaD/5IdgvWzQym4LCjscn34LPVeeCc/zYqC80cuTOfmwWczQNyS
yheAL1m404r9HNtA+hv11il0x46U5F4tkRe7KBZs6EqGOazvlT4GjOXGRqRaSZBO
M21PllZXelMXpwq+kQq+uFLtpBtSyjAI4TcKM8HmX8xdm7DEwETrAWyn79sGtUSf
Yi8He+XXYFqIsCMWjBZf8l8TxI4Qib2UTQp1NDwgbkTnAGuF3i6GXg4k9sw3bNnI
66nuOnbq+3qwFmZd8g3XFbsxCVAwz2GPE6SSl2cwEKJKPYe6cUPwyyq10QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHnUY65MMAU3VwEJei4LUCF4ovn9MB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvZWRSanJrd3dCVGRYQVFsNkxndFFJWGlpLWYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQEBWZgAwQB
UqM0AwQDUqNgAwQCXHIoMA0GCSqGSIb3DQEBCwUAA4IBAQBdmsFxsiiWQPfWLtbr
JGErZY8+V7CpT2d3Fv0uYT0FdTyr57FZ1a5k/4H8XzCoKAxEuxRzefBb4s63ngYY
AtaZCduMenUrFnFea8NvmoOS/Eu7lr/inKizfrNKpcWX/lBmMoFBG4D7IvQYJBbv
a6U7b/CF3IAIylVioVotfMbcpg10krjL/5vpkEQf4M9RsR6jQaWmF9LWyWcn282W
WgfjCgLJCgKmfJWALsWyhlXWolh9ISRforDk24f8qZ5OWGDkprRcgpFdEjfN8v8s
oHkIEygkFRtLLAxl2IIzfQRXy4y3eQglrX+0ZAOj8PK8mBN0cpL4Zt33DBA/6i45
Ux3/
-----END CERTIFICATE-----
Generated at Thu Nov 7 15:01:50 2024 by rpki-client on console-fra.rpki-client.org