Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/n3pAS34hNPCyNPCbVGPyO9YQek4.roa
File: n3pAS34hNPCyNPCbVGPyO9YQek4.roa (raw, json)
Hash identifier: zOMSRIZnotHR2xAYVoLWTfWLoVHgHlTq2Oh1LpG4TO8=
Subject key identifier: 9F:7A:40:4B:7E:21:34:F0:B2:34:F0:9B:54:63:F2:3B:D6:10:7A:4E
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 0190A2B9A8324CBDD418E370D9ADFD49EF49
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/n3pAS34hNPCyNPCbVGPyO9YQek4.roa
Signing time: Thu 11 Jul 2024 16:56:34 +0000
ROA not before: Thu 11 Jul 2024 16:56:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 270127
IP address blocks: 5.102.108.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sun 28 Jul 2024 11:53:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:a2:b9:a8:32:4c:bd:d4:18:e3:70:d9:ad:fd:49:ef:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Jul 11 16:56:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9f7a404b7e2134f0b234f09b5463f23bd6107a4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:95:87:52:2b:5b:9e:d6:be:d9:30:c8:aa:64:
4d:f5:f5:b0:59:80:cd:4a:c6:5e:97:1b:3b:ba:12:
08:87:f2:45:84:b6:ed:26:ba:52:50:0f:de:93:33:
78:87:ce:71:49:f7:a1:25:29:24:ac:3c:c0:6e:a8:
67:5c:cd:bd:a8:eb:3b:b7:46:b1:81:d2:b0:77:10:
50:fb:09:89:9a:ad:10:cf:54:ed:62:4e:36:01:1b:
e5:e5:c3:b9:b8:5b:c8:a3:6f:1a:de:6c:3e:52:9f:
51:01:16:79:62:e8:ec:85:df:49:c3:7c:95:d1:1b:
52:0f:c2:84:bf:60:3c:4c:0f:cf:c8:3b:f8:84:29:
9c:72:ef:c6:0b:61:a1:2b:a4:b3:32:38:d7:d3:41:
0d:92:1d:1c:5b:da:db:18:e2:c7:a4:fe:8f:fb:55:
f7:d3:9b:2b:3f:c4:fd:bb:8b:d1:f8:3d:b5:94:b9:
d8:71:49:bb:d3:e7:95:a9:09:ed:fc:98:33:8a:49:
34:53:85:aa:05:a2:04:e8:9c:24:a4:a4:27:37:af:
7e:3a:9e:ec:0e:4a:44:c1:35:0c:0c:99:d0:eb:69:
21:1d:25:1a:6c:5d:98:10:38:45:bb:cf:5e:6e:d3:
bf:84:6b:38:60:3d:53:ba:81:be:3f:2f:4f:64:42:
9b:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:7A:40:4B:7E:21:34:F0:B2:34:F0:9B:54:63:F2:3B:D6:10:7A:4E
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/n3pAS34hNPCyNPCbVGPyO9YQek4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.108.0/22
Signature Algorithm: sha256WithRSAEncryption
4b:d9:2d:43:7b:6a:ac:72:0a:4f:f4:32:37:e4:1c:b8:e3:2c:
2d:43:7d:bf:e6:dd:cc:62:19:5f:47:91:47:ac:a6:f4:cd:21:
f6:26:c8:17:7c:50:c3:58:6f:52:dc:69:07:87:7f:80:bc:67:
6b:85:61:f6:73:ce:83:2c:ab:9b:55:69:3e:d2:77:d1:84:97:
74:0c:c4:d1:d4:14:58:89:ac:96:b5:d2:6f:c3:4b:a4:28:f5:
71:3b:da:39:2f:2a:c1:5e:36:5a:66:82:12:70:71:4a:4a:7c:
a1:e4:61:c9:fb:57:6d:91:89:b8:1f:4e:bf:1b:de:07:cf:db:
41:da:4d:89:b2:2c:26:57:2c:48:44:17:3f:00:65:a1:09:40:
e4:82:97:5c:dc:ba:7d:a7:5e:81:06:fc:f8:e8:37:d5:26:fe:
76:9b:51:84:02:7d:e1:56:0b:f2:4b:5d:ee:a6:d8:83:af:5d:
71:3e:9d:de:0b:99:b5:dc:92:ab:d3:b0:c2:48:ef:36:8a:ec:
f6:5a:14:ac:89:34:08:78:96:7c:06:11:ba:fc:55:a7:af:65:
51:f2:01:36:b5:97:60:a0:a2:6a:c3:92:8a:42:49:f5:7c:f2:
64:a3:5f:d4:08:3e:b8:b3:09:b1:ce:fe:74:b0:21:95:0d:d9:
2d:b1:f0:c3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZCiuagyTL3UGONw2a39Se9JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQwNzExMTY1NjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjdhNDA0YjdlMjEzNGYwYjIzNGYwOWI1NDYzZjIzYmQ2MTA3YTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs5WHUitbnta+2TDIqmRN9fWwWYDN
SsZelxs7uhIIh/JFhLbtJrpSUA/ekzN4h85xSfehJSkkrDzAbqhnXM29qOs7t0ax
gdKwdxBQ+wmJmq0Qz1TtYk42ARvl5cO5uFvIo28a3mw+Up9RARZ5Yujshd9Jw3yV
0RtSD8KEv2A8TA/PyDv4hCmccu/GC2GhK6SzMjjX00ENkh0cW9rbGOLHpP6P+1X3
05srP8T9u4vR+D21lLnYcUm70+eVqQnt/Jgzikk0U4WqBaIE6JwkpKQnN69+Op7s
DkpEwTUMDJnQ62khHSUabF2YEDhFu89ebtO/hGs4YD1TuoG+Py9PZEKb5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ96QEt+ITTwsjTwm1Rj8jvWEHpOMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvbjNwQVMzNGhOUEN5TlBDYlZHUHlPOVlRZWs0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBWZsMA0G
CSqGSIb3DQEBCwUAA4IBAQBL2S1De2qscgpP9DI35By44ywtQ32/5t3MYhlfR5FH
rKb0zSH2JsgXfFDDWG9S3GkHh3+AvGdrhWH2c86DLKubVWk+0nfRhJd0DMTR1BRY
iayWtdJvw0ukKPVxO9o5LyrBXjZaZoIScHFKSnyh5GHJ+1dtkYm4H06/G94Hz9tB
2k2JsiwmVyxIRBc/AGWhCUDkgpdc3Lp9p16BBvz46DfVJv52m1GEAn3hVgvyS13u
ptiDr11xPp3eC5m13JKr07DCSO82iuz2WhSsiTQIeJZ8BhG6/FWnr2VR8gE2tZdg
oKJqw5KKQkn1fPJko1/UCD64swmxzv50sCGVDdktsfDD
-----END CERTIFICATE-----
Generated at Sun Jul 28 15:31:56 2024 by rpki-client on console-ams.rpki-client.org