Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/tuOFqlup3rT1_w7F5m-omxwVJLs.roa
File: tuOFqlup3rT1_w7F5m-omxwVJLs.roa (raw, json)
Hash identifier: i/2c48QaSB9RhnZeFtgYO9krertlWKoqmavtT09qY14=
Subject key identifier: B6:E3:85:AA:5B:A9:DE:B4:F5:FF:0E:C5:E6:6F:A8:9B:1C:15:24:BB
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018BF6EABFE19F3C35FC7B9D28A5825578D1
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/tuOFqlup3rT1_w7F5m-omxwVJLs.roa
Signing time: Wed 22 Nov 2023 12:04:21 +0000
ROA not before: Wed 22 Nov 2023 12:04:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 5.102.96.0/19 maxlen: 24
5.102.96.0/20 maxlen: 24
5.102.112.0/20 maxlen: 24
Validation: Failed, certificate revoked on Sat 02 Dec 2023 08:18:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f6:ea:bf:e1:9f:3c:35:fc:7b:9d:28:a5:82:55:78:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Nov 22 12:04:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b6e385aa5ba9deb4f5ff0ec5e66fa89b1c1524bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:a5:ac:15:59:93:48:57:91:6f:80:1f:8d:09:
79:19:e9:5e:8d:0b:35:11:d2:97:0e:20:6c:19:e6:
a8:0c:58:f3:fa:7e:96:2d:ba:ef:f7:09:d1:60:33:
ee:ba:29:44:98:6f:de:5c:09:9e:98:50:3a:b6:51:
1a:94:d0:3f:63:ad:41:04:9e:77:96:bf:28:c3:a4:
ef:50:bd:ca:96:96:9c:72:87:0b:1e:7a:a7:fe:9f:
e9:d1:5a:2a:5c:f0:a6:b1:ff:85:99:a0:98:ac:cc:
b0:4e:9d:8f:65:be:db:7e:43:de:32:c0:9c:db:f1:
54:c8:77:84:a0:9b:1e:77:77:de:48:a4:3d:b5:a6:
a9:9d:b7:6b:1b:15:c7:e6:e9:b1:a8:07:e6:e5:5e:
91:6e:c9:6a:d5:5d:3d:5b:fc:a4:22:b5:ef:0a:a9:
ff:2a:94:27:0b:6c:09:43:0b:2a:af:71:bf:15:b2:
5b:75:1e:2d:b9:9f:b1:e2:7d:6c:f2:3f:86:7c:45:
c3:d0:e2:5c:ff:42:e7:35:80:70:5f:aa:b5:74:c4:
9e:58:37:66:78:e8:19:7a:81:a8:95:73:aa:93:17:
ac:4c:94:2a:93:14:94:b8:8a:2c:ad:e1:4b:29:35:
8b:bd:f9:56:df:b4:c7:c5:b6:78:0f:cb:f8:8b:a7:
81:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:E3:85:AA:5B:A9:DE:B4:F5:FF:0E:C5:E6:6F:A8:9B:1C:15:24:BB
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/tuOFqlup3rT1_w7F5m-omxwVJLs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0/19
Signature Algorithm: sha256WithRSAEncryption
80:2d:6a:a0:2d:13:9c:22:34:9b:5d:98:97:1b:94:40:af:b7:
ad:b1:4f:4a:20:d7:81:a2:dd:12:cb:5a:fa:10:d3:ba:4d:fd:
c3:24:37:bc:51:02:69:4a:c8:09:0f:c2:26:bf:3e:93:3e:e9:
a3:64:ab:35:cf:5d:50:a9:67:2f:2e:d6:15:ac:ef:e7:bb:39:
86:6e:05:16:3c:08:b3:02:4f:8c:94:bb:cf:e9:b4:86:57:37:
34:29:35:1a:9a:e5:dc:ba:f4:88:8c:6d:53:99:7a:69:c0:71:
9f:97:b0:4e:15:b5:e6:7c:a4:e6:8f:ee:d0:63:f9:7d:e8:a1:
d9:d2:ac:60:2e:b7:29:51:6d:9e:08:34:62:09:71:a8:b7:a9:
1e:6b:dd:77:bf:ea:a3:c1:bf:f8:fc:be:98:43:21:6a:6a:be:
92:eb:53:95:5d:16:80:67:fe:e6:c4:0b:0b:2a:57:53:e3:51:
ae:fa:97:c2:47:b1:36:0a:f2:6b:50:98:68:b5:48:62:02:32:
82:8c:95:86:70:53:20:c8:03:af:3c:37:63:79:3c:b7:18:a9:
2f:37:b8:ca:36:e4:25:db:7f:33:23:41:64:b2:e9:9d:1b:46:
5f:0d:81:f8:82:3b:7e:f6:84:4c:16:eb:80:3d:c8:2c:f4:5f:
fb:11:92:29
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYv26r/hnzw1/HudKKWCVXjRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMxMTIyMTIwNDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmUzODVhYTViYTlkZWI0ZjVmZjBlYzVlNjZmYTg5YjFjMTUyNGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9qWsFVmTSFeRb4AfjQl5GelejQs1
EdKXDiBsGeaoDFjz+n6WLbrv9wnRYDPuuilEmG/eXAmemFA6tlEalNA/Y61BBJ53
lr8ow6TvUL3KlpaccocLHnqn/p/p0VoqXPCmsf+FmaCYrMywTp2PZb7bfkPeMsCc
2/FUyHeEoJsed3feSKQ9taapnbdrGxXH5umxqAfm5V6Rbslq1V09W/ykIrXvCqn/
KpQnC2wJQwsqr3G/FbJbdR4tuZ+x4n1s8j+GfEXD0OJc/0LnNYBwX6q1dMSeWDdm
eOgZeoGolXOqkxesTJQqkxSUuIosreFLKTWLvflW37THxbZ4D8v4i6eBRwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLbjhapbqd609f8OxeZvqJscFSS7MB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvdHVPRnFsdXAzclQxX3c3RjVtLW9teHdWSkxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFBWZgMA0G
CSqGSIb3DQEBCwUAA4IBAQCALWqgLROcIjSbXZiXG5RAr7etsU9KINeBot0Sy1r6
ENO6Tf3DJDe8UQJpSsgJD8Imvz6TPumjZKs1z11QqWcvLtYVrO/nuzmGbgUWPAiz
Ak+MlLvP6bSGVzc0KTUamuXcuvSIjG1TmXppwHGfl7BOFbXmfKTmj+7QY/l96KHZ
0qxgLrcpUW2eCDRiCXGot6kea913v+qjwb/4/L6YQyFqar6S61OVXRaAZ/7mxAsL
KldT41Gu+pfCR7E2CvJrUJhotUhiAjKCjJWGcFMgyAOvPDdjeTy3GKkvN7jKNuQl
238zI0FksumdG0ZfDYH4gjt+9oRMFuuAPcgs9F/7EZIp
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:39 2024 by rpki-client on console-fra.rpki-client.org