Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/vDCGTmrvvW0dc8HVG3_ZnFGxIsw.roa
File: vDCGTmrvvW0dc8HVG3_ZnFGxIsw.roa (raw, json)
Hash identifier: +C158tbYbZ3srn5xgpVcx+4ZdJjXykO5FrKQKQnP5uc=
Subject key identifier: BC:30:86:4E:6A:EF:BD:6D:1D:73:C1:D5:1B:7F:D9:9C:51:B1:22:CC
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 01930031C3382B55B436708E78B7B1C40672
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/vDCGTmrvvW0dc8HVG3_ZnFGxIsw.roa
Signing time: Wed 06 Nov 2024 06:38:01 +0000
ROA not before: Wed 06 Nov 2024 06:38:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 5.102.96.0/20 maxlen: 24
5.102.96.0/21 maxlen: 24
5.102.96.0/22 maxlen: 24
82.163.52.0/23 maxlen: 24
82.163.96.0/21 maxlen: 24
Validation: Failed, certificate revoked on Thu 07 Nov 2024 06:48:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:00:31:c3:38:2b:55:b4:36:70:8e:78:b7:b1:c4:06:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Nov 6 06:38:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bc30864e6aefbd6d1d73c1d51b7fd99c51b122cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:06:e6:f4:de:ed:35:7c:e5:aa:9a:d7:e4:3a:
f1:4d:8d:f7:12:b4:c7:73:01:e5:41:7a:07:62:d3:
07:e6:8a:d6:36:00:8f:e1:32:f2:7d:be:8d:42:9f:
86:98:1d:55:fc:44:97:5d:65:fa:57:1d:c1:20:67:
b8:e4:53:58:01:d9:ab:86:7d:cf:c9:e9:54:23:3b:
cc:4b:7c:46:9f:8c:9c:ef:02:e7:3c:32:77:f0:15:
98:61:ab:88:2e:a4:be:d0:47:dc:11:20:a2:f6:a9:
6c:9c:e6:3f:56:c7:b8:6f:e5:54:5b:70:74:da:f9:
32:d5:17:02:8e:1a:75:b4:cb:f3:c6:a0:3f:4a:ea:
83:61:a1:04:45:30:af:7a:2d:39:c8:dd:0f:f9:21:
fb:d8:3f:53:64:9b:2f:d9:8a:f6:d4:98:e9:f1:60:
bd:26:16:c2:b9:31:05:e9:98:f3:79:d8:89:58:fc:
78:68:cd:92:26:dc:69:62:14:b4:e0:d3:ca:66:e5:
99:2c:23:ca:4f:e3:71:68:94:3e:65:69:21:80:ca:
d4:e7:06:40:eb:07:bb:c7:38:5e:33:92:4c:d6:3f:
cf:6d:af:ea:9b:be:88:48:9a:ed:41:ec:32:1d:64:
75:36:f8:bd:1a:9a:39:de:22:8d:20:86:41:f2:17:
c3:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:30:86:4E:6A:EF:BD:6D:1D:73:C1:D5:1B:7F:D9:9C:51:B1:22:CC
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/vDCGTmrvvW0dc8HVG3_ZnFGxIsw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0/20
82.163.52.0/23
82.163.96.0/21
Signature Algorithm: sha256WithRSAEncryption
26:ca:e9:81:c8:6e:58:80:ed:3b:72:23:40:33:cc:b9:97:ab:
7d:63:7d:62:71:29:ee:4e:05:65:d5:f3:f7:16:fc:57:31:35:
26:34:87:12:1b:e3:1b:76:cb:b1:dd:e0:09:4e:2c:a9:4b:4d:
ab:ef:b3:d9:8b:2b:75:da:cd:c1:ae:a2:f9:44:9f:bd:13:f6:
4e:aa:bf:61:01:07:80:7d:aa:77:1b:92:b8:a3:06:7b:8f:90:
fb:27:ce:69:17:f7:ce:98:f7:dd:ad:1e:2f:ab:0e:38:44:6f:
30:b1:c7:80:1a:9a:ca:c3:2e:0f:17:8e:f5:cd:8f:ee:6a:56:
90:d4:46:8d:66:b8:d6:d2:a1:33:38:88:f1:58:b2:26:80:4a:
0d:a0:ff:0e:b6:a8:25:78:c5:d0:f4:14:e3:16:4f:cc:7f:7d:
82:44:05:32:0e:db:9e:3a:51:cb:98:87:0c:69:b9:b1:ca:72:
15:d1:14:a6:33:cc:e3:9a:cc:50:83:04:3f:52:4a:f5:26:2e:
56:b5:d9:e7:b2:1d:bf:cc:a4:38:d5:87:05:2c:70:c9:d2:05:
e6:e4:74:03:67:44:32:41:b3:87:30:61:c2:d2:31:10:f8:b1:
c4:bd:5a:c7:b9:50:42:1a:d6:ce:9c:78:79:99:1b:aa:73:a1:
07:af:d4:f0
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZMAMcM4K1W0NnCOeLexxAZyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQxMTA2MDYzODAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzMwODY0ZTZhZWZiZDZkMWQ3M2MxZDUxYjdmZDk5YzUxYjEyMmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Qbm9N7tNXzlqprX5DrxTY33ErTH
cwHlQXoHYtMH5orWNgCP4TLyfb6NQp+GmB1V/ESXXWX6Vx3BIGe45FNYAdmrhn3P
yelUIzvMS3xGn4yc7wLnPDJ38BWYYauILqS+0EfcESCi9qlsnOY/Vse4b+VUW3B0
2vky1RcCjhp1tMvzxqA/SuqDYaEERTCvei05yN0P+SH72D9TZJsv2Yr21Jjp8WC9
JhbCuTEF6ZjzediJWPx4aM2SJtxpYhS04NPKZuWZLCPKT+NxaJQ+ZWkhgMrU5wZA
6we7xzheM5JM1j/Pba/qm76ISJrtQewyHWR1Nvi9Gpo53iKNIIZB8hfDfQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLwwhk5q771tHXPB1Rt/2ZxRsSLMMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvdkRDR1RtcnZ2VzBkYzhIVkczX1puRkd4SXN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEBWZgAwQB
UqM0AwQDUqNgMA0GCSqGSIb3DQEBCwUAA4IBAQAmyumByG5YgO07ciNAM8y5l6t9
Y31icSnuTgVl1fP3FvxXMTUmNIcSG+Mbdsux3eAJTiypS02r77PZiyt12s3BrqL5
RJ+9E/ZOqr9hAQeAfap3G5K4owZ7j5D7J85pF/fOmPfdrR4vqw44RG8wsceAGprK
wy4PF471zY/ualaQ1EaNZrjW0qEzOIjxWLImgEoNoP8OtqgleMXQ9BTjFk/Mf32C
RAUyDtueOlHLmIcMabmxynIV0RSmM8zjmsxQgwQ/Ukr1Ji5Wtdnnsh2/zKQ41YcF
LHDJ0gXm5HQDZ0QyQbOHMGHC0jEQ+LHEvVrHuVBCGtbOnHh5mRuqc6EHr9Tw
-----END CERTIFICATE-----
Generated at Thu Nov 7 08:10:31 2024 by rpki-client on console-fra.rpki-client.org