Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/rQ_DBDJdn6FN5bvdMXrUdWK2FWo.roa
File: rQ_DBDJdn6FN5bvdMXrUdWK2FWo.roa (raw, json)
Hash identifier: ZrAGpvcK6IS9FhotpbdTHYn/56iA3YJvZhgMpTCpyYg=
Subject key identifier: AD:0F:C3:04:32:5D:9F:A1:4D:E5:BB:DD:31:7A:D4:75:62:B6:15:6A
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018CCA58609310759DF0D7D8677BBB95CE7F
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/rQ_DBDJdn6FN5bvdMXrUdWK2FWo.roa
Signing time: Tue 02 Jan 2024 13:23:58 +0000
ROA not before: Tue 02 Jan 2024 13:23:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 400909
IP address blocks: 5.102.108.0/22 maxlen: 22
82.163.228.0/22 maxlen: 22
Validation: Failed, certificate revoked on Sat 03 Feb 2024 07:50:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:58:60:93:10:75:9d:f0:d7:d8:67:7b:bb:95:ce:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Jan 2 13:23:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ad0fc304325d9fa14de5bbdd317ad47562b6156a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:e9:a2:a2:20:35:8a:61:45:89:aa:eb:fa:77:
96:79:15:86:2f:a2:a4:ec:8b:1d:c7:1d:ae:a3:50:
73:b1:00:1c:79:06:41:a2:7d:14:19:1d:41:d7:fd:
36:49:84:4a:7e:de:20:4b:36:63:26:48:d9:0c:3a:
0d:c7:9a:b6:9e:d6:87:f8:9a:b7:c5:ec:ba:ba:ce:
67:4c:1c:9d:1c:4d:e1:83:b9:e8:9b:41:cb:93:ec:
f3:8e:66:ce:a6:8d:b0:35:f7:31:9d:5f:7c:72:15:
12:b2:68:84:df:af:99:bb:b5:59:33:b7:6c:72:46:
72:e8:92:f2:fd:ba:12:d4:ef:ec:df:cc:12:94:ba:
71:34:4a:b5:c3:81:dc:b5:c6:8d:bd:13:06:98:67:
b9:6d:90:6d:eb:f4:d9:60:8d:c0:4b:c7:1c:91:43:
81:2c:b3:ff:4b:79:f4:46:d2:44:54:fc:9f:4a:d5:
b4:bf:3c:2a:62:7c:f4:62:f6:13:77:06:ae:b4:4a:
31:42:4e:8d:5d:3b:51:11:9c:b7:66:81:1b:38:5e:
d5:14:a6:ed:6e:29:84:6d:46:19:54:cb:c8:ad:3d:
ed:4e:c9:46:23:5d:16:d9:e8:12:88:ad:6c:66:9f:
fa:6a:cb:52:09:d0:bd:14:b1:24:a7:ac:77:1c:3b:
ba:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:0F:C3:04:32:5D:9F:A1:4D:E5:BB:DD:31:7A:D4:75:62:B6:15:6A
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/rQ_DBDJdn6FN5bvdMXrUdWK2FWo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.108.0/22
82.163.228.0/22
Signature Algorithm: sha256WithRSAEncryption
08:ab:9f:61:41:62:dc:35:0f:99:5c:7d:b8:26:f7:77:4a:d8:
d8:ff:dd:f2:c4:cb:d1:7d:dc:6a:e0:9d:3e:3f:64:7b:64:d7:
6b:d6:95:de:a2:d1:ad:ca:06:aa:77:fd:24:35:23:a6:08:05:
81:6c:89:9c:ba:18:d7:06:bf:52:22:c1:71:48:6e:d9:79:b5:
71:92:b1:1e:be:e1:03:10:d0:84:b1:3a:90:c7:d0:7c:bb:03:
5a:a5:4d:ed:39:95:0a:fa:b1:03:98:f8:99:c3:91:5e:69:a3:
63:bb:3b:cb:e5:85:d1:19:76:5e:1f:15:ac:65:85:3a:01:e7:
1c:b3:3e:a2:59:48:6c:cc:3e:5d:33:6e:a3:f5:b1:db:47:27:
22:4c:5a:7a:8e:20:94:f0:92:1f:a3:3f:91:f9:b6:e9:38:d7:
79:de:ed:93:e6:2b:ba:09:32:d3:b7:4e:aa:f5:65:39:ab:54:
0b:ba:50:e9:73:b3:63:34:f7:31:fe:17:35:58:68:23:3d:d9:
3a:1e:66:73:0f:1a:f2:83:54:c8:68:09:e5:94:59:31:10:54:
d7:80:50:21:7b:e4:5a:9e:af:12:14:cf:1c:07:2f:a0:bf:71:
07:54:57:c0:10:3b:e0:bc:23:2d:f8:8a:b0:8a:72:ee:bc:6d:
1a:53:19:0e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzKWGCTEHWd8NfYZ3u7lc5/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQwMTAyMTMyMzU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDBmYzMwNDMyNWQ5ZmExNGRlNWJiZGQzMTdhZDQ3NTYyYjYxNTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgumioiA1imFFiarr+neWeRWGL6Kk
7Isdxx2uo1BzsQAceQZBon0UGR1B1/02SYRKft4gSzZjJkjZDDoNx5q2ntaH+Jq3
xey6us5nTBydHE3hg7nom0HLk+zzjmbOpo2wNfcxnV98chUSsmiE36+Zu7VZM7ds
ckZy6JLy/boS1O/s38wSlLpxNEq1w4HctcaNvRMGmGe5bZBt6/TZYI3AS8cckUOB
LLP/S3n0RtJEVPyfStW0vzwqYnz0YvYTdwautEoxQk6NXTtREZy3ZoEbOF7VFKbt
bimEbUYZVMvIrT3tTslGI10W2egSiK1sZp/6astSCdC9FLEkp6x3HDu6PwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFK0PwwQyXZ+hTeW73TF61HVithVqMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvclFfREJESmRuNkZONWJ2ZE1YclVkV0syRldvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCBWZsAwQC
UqPkMA0GCSqGSIb3DQEBCwUAA4IBAQAIq59hQWLcNQ+ZXH24Jvd3StjY/93yxMvR
fdxq4J0+P2R7ZNdr1pXeotGtygaqd/0kNSOmCAWBbImcuhjXBr9SIsFxSG7ZebVx
krEevuEDENCEsTqQx9B8uwNapU3tOZUK+rEDmPiZw5FeaaNjuzvL5YXRGXZeHxWs
ZYU6Aeccsz6iWUhszD5dM26j9bHbRyciTFp6jiCU8JIfoz+R+bbpONd53u2T5iu6
CTLTt06q9WU5q1QLulDpc7NjNPcx/hc1WGgjPdk6HmZzDxryg1TIaAnllFkxEFTX
gFAhe+Ranq8SFM8cBy+gv3EHVFfAEDvgvCMt+IqwinLuvG0aUxkO
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:47 2024 by rpki-client on console-ams.rpki-client.org