Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/ki248nhiZIhOVPejxkv3kLUGFBw.roa
File: ki248nhiZIhOVPejxkv3kLUGFBw.roa (raw, json)
Hash identifier: vdOPXKsY4kpoTbu4hzDSiMX58oGoqVr+XSBB9IcBBKI=
Subject key identifier: 92:2D:B8:F2:78:62:64:88:4E:54:F7:A3:C6:4B:F7:90:B5:06:14:1C
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018DE974967D4738B32172428B2DB9006407
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/ki248nhiZIhOVPejxkv3kLUGFBw.roa
Signing time: Tue 27 Feb 2024 07:25:48 +0000
ROA not before: Tue 27 Feb 2024 07:25:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202662
IP address blocks: 5.102.96.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sat 27 Apr 2024 12:28:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:e9:74:96:7d:47:38:b3:21:72:42:8b:2d:b9:00:64:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Feb 27 07:25:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=922db8f2786264884e54f7a3c64bf790b506141c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:3e:9a:64:c5:93:21:cf:97:9a:e6:67:0b:99:
7c:31:ad:3e:1d:a0:31:25:92:48:19:38:f7:94:1f:
9c:15:fe:93:64:82:7d:9a:4c:4e:8d:2b:50:04:35:
55:4d:1e:98:b1:d9:ba:53:18:61:73:93:ea:59:86:
b0:6c:7c:f8:a7:90:75:d9:33:37:8d:4a:17:0a:7a:
3e:0b:36:5e:d7:0c:1c:29:f9:1b:a3:3c:8b:7b:27:
8f:2e:5d:e6:53:9b:99:73:9e:8f:90:cb:ef:ee:2b:
4d:73:46:00:0b:e6:fc:8f:26:60:d0:7a:7a:77:b4:
cd:aa:ca:5f:5c:2b:44:08:5e:e2:86:a9:69:5b:e2:
c2:6f:f1:5c:da:b7:e8:a3:e5:3b:77:56:30:49:84:
13:62:9a:e6:e0:d1:ee:84:94:16:47:a8:33:fb:d5:
9f:25:9e:a6:14:40:28:a1:50:ca:cc:5e:8c:6f:14:
b8:57:90:ca:22:a5:60:e8:1f:76:b3:9f:60:54:0c:
b1:a9:3d:44:39:b1:86:3b:0d:c5:78:6c:9e:f4:4a:
55:ee:aa:12:ac:a7:4c:1a:8b:92:9b:97:0b:af:79:
9e:89:62:8c:43:52:b6:5d:e8:08:c6:8a:4e:85:16:
ab:c5:39:70:56:08:fa:0c:6e:2c:ba:fa:9e:31:3d:
c4:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:2D:B8:F2:78:62:64:88:4E:54:F7:A3:C6:4B:F7:90:B5:06:14:1C
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/ki248nhiZIhOVPejxkv3kLUGFBw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0/22
Signature Algorithm: sha256WithRSAEncryption
4c:40:4d:e3:7c:a7:7a:8c:66:50:24:9c:31:84:68:e2:41:04:
95:41:cc:1a:f0:51:3b:12:a3:74:ee:11:2a:7d:95:81:0a:c4:
1e:52:f6:dd:fc:b8:a9:27:05:d6:9a:3a:50:5e:20:85:cd:ee:
67:e2:fb:c2:fd:91:00:f7:0f:06:5c:a0:52:6c:1c:08:ad:cf:
50:c3:c4:92:c1:d0:3e:dd:d4:71:52:a7:b9:f5:5c:64:e6:ee:
6a:64:61:77:a4:45:d2:11:46:94:14:31:95:5c:54:6a:ba:b5:
e3:ee:72:bf:74:db:0a:e5:89:be:56:20:e8:b2:ab:e6:fc:c9:
b6:b7:12:34:5c:d0:99:a3:9f:a9:bd:c0:d0:c9:0f:d5:40:f7:
46:88:04:1c:83:19:88:38:24:ce:87:43:fe:37:18:17:eb:fd:
84:d8:3e:b1:dd:23:65:8f:98:d8:99:a1:45:91:7e:74:b4:11:
ea:7a:d6:3d:6e:a0:d2:c4:20:d6:6a:a9:4f:8e:1f:65:dc:15:
e4:9b:95:4f:cc:e1:43:8d:fe:c3:7a:22:aa:ca:a6:e6:d2:b2:
53:fa:b0:a2:9e:78:90:c3:50:18:e7:0d:c8:1d:64:7b:a4:6c:
29:02:f7:e5:10:26:50:f5:be:22:7c:02:bb:07:c3:fb:e0:92:
d1:ed:38:34
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY3pdJZ9RzizIXJCiy25AGQHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQwMjI3MDcyNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjJkYjhmMjc4NjI2NDg4NGU1NGY3YTNjNjRiZjc5MGI1MDYxNDFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArD6aZMWTIc+XmuZnC5l8Ma0+HaAx
JZJIGTj3lB+cFf6TZIJ9mkxOjStQBDVVTR6Ysdm6Uxhhc5PqWYawbHz4p5B12TM3
jUoXCno+CzZe1wwcKfkbozyLeyePLl3mU5uZc56PkMvv7itNc0YAC+b8jyZg0Hp6
d7TNqspfXCtECF7ihqlpW+LCb/Fc2rfoo+U7d1YwSYQTYprm4NHuhJQWR6gz+9Wf
JZ6mFEAooVDKzF6MbxS4V5DKIqVg6B92s59gVAyxqT1EObGGOw3FeGye9EpV7qoS
rKdMGouSm5cLr3meiWKMQ1K2XegIxopOhRarxTlwVgj6DG4suvqeMT3E5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJItuPJ4YmSITlT3o8ZL95C1BhQcMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEva2kyNDhuaGlaSWhPVlBlanhrdjNrTFVHRkJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBWZgMA0G
CSqGSIb3DQEBCwUAA4IBAQBMQE3jfKd6jGZQJJwxhGjiQQSVQcwa8FE7EqN07hEq
fZWBCsQeUvbd/LipJwXWmjpQXiCFze5n4vvC/ZEA9w8GXKBSbBwIrc9Qw8SSwdA+
3dRxUqe59Vxk5u5qZGF3pEXSEUaUFDGVXFRqurXj7nK/dNsK5Ym+ViDosqvm/Mm2
txI0XNCZo5+pvcDQyQ/VQPdGiAQcgxmIOCTOh0P+NxgX6/2E2D6x3SNlj5jYmaFF
kX50tBHqetY9bqDSxCDWaqlPjh9l3BXkm5VPzOFDjf7DeiKqyqbm0rJT+rCinniQ
w1AY5w3IHWR7pGwpAvflECZQ9b4ifAK7B8P74JLR7Tg0
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:47 2024 by rpki-client on console-ams.rpki-client.org