Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/uQ0krvk6d7S2OtdCW6MICrFrns0.roa
File: uQ0krvk6d7S2OtdCW6MICrFrns0.roa (raw, json)
Hash identifier: 1xJT5sC4qbpkrgd8ibqD6CT1YGhBwNBC1/vuICgw6BQ=
Subject key identifier: B9:0D:24:AE:F9:3A:77:B4:B6:3A:D7:42:5B:A3:08:0A:B1:6B:9E:CD
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 0191F4F2F5F93E3339C662AAF202886BCD08
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/uQ0krvk6d7S2OtdCW6MICrFrns0.roa
Signing time: Sun 15 Sep 2024 09:10:48 +0000
ROA not before: Sun 15 Sep 2024 09:10:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 5.102.96.0/20 maxlen: 24
5.102.96.0/21 maxlen: 24
5.102.96.0/22 maxlen: 24
5.102.112.0/22 maxlen: 24
82.163.52.0/23 maxlen: 24
82.163.96.0/21 maxlen: 24
Validation: Failed, certificate revoked on Fri 04 Oct 2024 14:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:f4:f2:f5:f9:3e:33:39:c6:62:aa:f2:02:88:6b:cd:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Sep 15 09:10:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b90d24aef93a77b4b63ad7425ba3080ab16b9ecd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:a7:80:62:3c:43:2b:09:d6:a3:09:e1:aa:7b:
8e:ca:92:e8:b3:76:7b:71:33:70:0c:b0:02:65:99:
d4:19:0a:6c:cc:0c:3b:28:00:09:87:6e:c1:af:48:
41:b2:d1:8c:b6:8f:a7:22:06:1d:39:2b:e0:0f:b2:
92:f2:0c:b8:07:e6:40:64:c5:d6:13:31:da:9e:f4:
7c:ed:e4:28:7e:db:51:b2:05:a8:82:be:a1:56:59:
44:7f:cb:4b:18:e1:e9:7f:a9:2a:6d:a6:b9:2c:c5:
96:5f:d3:81:9b:6d:62:63:50:ac:3a:52:04:5a:6e:
1a:74:40:7f:2c:b8:6b:85:7c:42:60:69:91:65:02:
f5:52:3a:12:13:a3:56:ea:6d:70:b4:2c:ec:be:ae:
2d:3c:be:28:e6:07:c5:0c:78:ee:6d:27:73:25:c0:
79:9c:14:64:33:c2:e6:20:ba:1a:65:08:2e:75:70:
4c:ed:67:59:8c:5c:a0:9c:c3:9c:60:49:f0:ad:69:
e6:69:a8:4e:a0:25:f5:06:37:2f:dc:f0:61:de:58:
cb:19:34:01:67:28:b6:33:71:89:96:85:d8:9a:f4:
87:92:de:b4:b5:97:00:3e:e0:90:12:89:24:ad:d2:
e2:4e:84:fe:db:f5:c3:a1:e7:93:e1:fc:d9:dc:c6:
47:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:0D:24:AE:F9:3A:77:B4:B6:3A:D7:42:5B:A3:08:0A:B1:6B:9E:CD
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/uQ0krvk6d7S2OtdCW6MICrFrns0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0-5.102.115.255
82.163.52.0/23
82.163.96.0/21
Signature Algorithm: sha256WithRSAEncryption
5b:9a:74:c1:c9:0c:5e:e8:4c:67:2e:26:37:c7:f6:60:7e:e6:
2c:1d:4f:84:fb:f0:4f:05:b3:80:49:df:11:95:af:0b:8b:6b:
da:01:bc:72:91:9f:05:f6:c9:4a:8e:61:a8:2c:ce:3e:6d:b5:
31:59:0d:91:a1:c9:32:9a:51:10:5a:8b:f4:b6:7a:39:c7:88:
06:3b:64:38:74:94:62:47:45:eb:14:5b:6d:dc:79:9a:94:5d:
96:5e:22:cf:97:78:cc:2b:48:d7:12:09:e2:e5:eb:b9:b2:4a:
da:c4:76:8c:03:21:dc:fa:4d:d9:e4:90:81:9a:a8:11:bc:23:
2c:5a:c7:42:d3:55:74:ec:cb:d6:28:7f:d8:c2:28:c9:24:b6:
3d:9d:67:01:32:03:9f:43:f1:9c:b2:b1:bd:27:58:c0:6d:01:
33:54:91:7a:a5:ae:bb:fb:dc:f7:e1:03:97:2b:a8:19:34:9d:
a9:38:98:f6:81:48:1f:d8:4e:70:5f:ab:89:20:6d:4e:66:92:
87:61:b2:96:79:d9:0e:ac:40:75:61:5c:f2:99:ce:c9:b3:c1:
ba:95:b1:04:91:d4:5a:3e:e4:f1:6a:d0:b7:fd:8e:98:35:f6:
52:eb:bc:86:bd:e1:9f:63:34:b3:5b:05:78:59:4e:8d:bb:10:
ca:62:ef:85
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZH08vX5PjM5xmKq8gKIa80IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQwOTE1MDkxMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTBkMjRhZWY5M2E3N2I0YjYzYWQ3NDI1YmEzMDgwYWIxNmI5ZWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwKeAYjxDKwnWownhqnuOypLos3Z7
cTNwDLACZZnUGQpszAw7KAAJh27Br0hBstGMto+nIgYdOSvgD7KS8gy4B+ZAZMXW
EzHanvR87eQofttRsgWogr6hVllEf8tLGOHpf6kqbaa5LMWWX9OBm21iY1CsOlIE
Wm4adEB/LLhrhXxCYGmRZQL1UjoSE6NW6m1wtCzsvq4tPL4o5gfFDHjubSdzJcB5
nBRkM8LmILoaZQgudXBM7WdZjFygnMOcYEnwrWnmaahOoCX1Bjcv3PBh3ljLGTQB
Zyi2M3GJloXYmvSHkt60tZcAPuCQEokkrdLiToT+2/XDoeeT4fzZ3MZHWQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFLkNJK75One0tjrXQlujCAqxa57NMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvdVEwa3J2azZkN1MyT3RkQ1c2TUlDckZybnMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAUFZmAD
BAIFZnADBAFSozQDBANSo2AwDQYJKoZIhvcNAQELBQADggEBAFuadMHJDF7oTGcu
JjfH9mB+5iwdT4T78E8Fs4BJ3xGVrwuLa9oBvHKRnwX2yUqOYagszj5ttTFZDZGh
yTKaURBai/S2ejnHiAY7ZDh0lGJHResUW23ceZqUXZZeIs+XeMwrSNcSCeLl67my
StrEdowDIdz6TdnkkIGaqBG8Iyxax0LTVXTsy9Yof9jCKMkktj2dZwEyA59D8Zyy
sb0nWMBtATNUkXqlrrv73PfhA5crqBk0nak4mPaBSB/YTnBfq4kgbU5mkodhspZ5
2Q6sQHVhXPKZzsmzwbqVsQSR1Fo+5PFq0Lf9jpg19lLrvIa94Z9jNLNbBXhZTo27
EMpi74U=
-----END CERTIFICATE-----
Generated at Fri Oct 4 18:58:31 2024 by rpki-client on console-ams.rpki-client.org