Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/OLIPD-vSZ2rbmGu-acDbuUSF93A.roa
File: OLIPD-vSZ2rbmGu-acDbuUSF93A.roa (raw, json)
Hash identifier: oD8GwTvj1TB3yU0NlqzPKTKp6BEF5ZEUOAe9UWvMWNk=
Subject key identifier: 38:B2:0F:0F:EB:D2:67:6A:DB:98:6B:BE:69:C0:DB:B9:44:85:F7:70
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 0193B5D2F9176972CB238224CBDCBA986D2A
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/OLIPD-vSZ2rbmGu-acDbuUSF93A.roa
Signing time: Wed 11 Dec 2024 13:05:22 +0000
ROA not before: Wed 11 Dec 2024 13:05:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 5.102.100.0/22 maxlen: 24
5.102.124.0/22 maxlen: 24
82.163.172.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 12 Dec 2024 10:08:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:b5:d2:f9:17:69:72:cb:23:82:24:cb:dc:ba:98:6d:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Dec 11 13:05:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=38b20f0febd2676adb986bbe69c0dbb94485f770
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:ab:36:96:d8:f6:19:4d:c1:4b:5c:1f:d1:06:
4e:23:d9:96:09:7d:95:95:16:56:a5:55:e6:1a:d2:
6f:7d:29:aa:dc:d8:f1:a3:0a:28:ca:de:46:82:ee:
58:95:2f:46:62:08:e8:a7:a7:ff:a0:4a:de:87:40:
80:70:90:79:06:56:be:a5:65:ed:33:df:f0:4b:1c:
89:df:4d:98:b1:2c:19:a7:6b:d1:fe:dc:9f:9f:eb:
77:01:9d:f4:00:c9:24:05:4c:ba:d7:80:bd:b4:b3:
dd:aa:ac:c8:80:a8:93:80:94:4a:5d:e6:cd:3b:03:
ad:0a:ed:10:6f:3c:2c:88:7b:bc:f7:f7:74:d4:47:
06:e8:2d:98:0b:c9:68:a3:7e:92:3b:8f:2a:d6:35:
26:27:69:cd:5d:c4:80:60:ff:4f:6d:2f:15:0b:40:
29:49:ab:7a:c8:93:cc:49:9e:a7:24:2e:e6:cc:6c:
48:a5:fc:84:e8:88:d3:5f:71:35:c1:09:3c:a1:0f:
92:3a:62:e3:c2:2e:48:4b:5c:d7:78:08:1a:df:2b:
9f:6e:69:e4:cf:a0:27:65:87:a0:ff:38:aa:42:3f:
91:f4:47:4c:cb:1e:7c:0d:f4:33:e5:12:92:d9:94:
00:4d:2b:99:bf:e5:01:e2:da:78:a3:3f:eb:0f:74:
69:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:B2:0F:0F:EB:D2:67:6A:DB:98:6B:BE:69:C0:DB:B9:44:85:F7:70
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/OLIPD-vSZ2rbmGu-acDbuUSF93A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.100.0/22
5.102.124.0/22
82.163.172.0/22
Signature Algorithm: sha256WithRSAEncryption
1e:54:ab:87:21:fc:a3:08:d5:32:06:ff:dd:1b:73:ec:a6:77:
4c:cc:01:9f:67:b6:07:f2:96:02:1c:bd:78:48:7e:e8:9f:3b:
58:ef:71:b4:e0:7d:57:dc:e3:01:aa:b6:11:81:ed:f7:76:a1:
9d:3f:3d:05:e5:21:f5:07:14:70:a6:e3:dd:67:7b:99:da:b6:
f1:e3:c5:93:07:4b:5f:70:9c:f7:b4:30:b6:f9:23:dc:aa:a3:
1b:52:b6:b3:90:06:3c:cc:46:38:db:46:b8:4c:cd:dd:60:60:
31:31:dd:6c:a1:51:a4:36:c3:36:d3:eb:08:50:72:b2:bd:6d:
5f:7b:8c:df:fb:4c:2a:1e:51:02:da:19:42:03:56:43:7c:cf:
82:8b:bf:be:72:15:c7:8e:db:ee:d5:a0:e3:59:7d:6c:ad:96:
95:39:e3:91:39:c8:fc:c9:4e:79:15:f5:91:9e:4d:e4:dc:5e:
c7:b0:1b:4d:57:01:62:9a:b0:d2:88:38:46:ce:59:7c:d6:fb:
2e:09:f4:b4:ae:18:66:a2:5a:83:fb:c7:79:33:16:84:ce:8e:
04:fc:99:d0:4b:ff:9d:a0:d3:da:fe:82:29:dc:47:59:e5:08:
e0:6d:22:20:db:42:d8:3e:97:bc:27:bd:d4:ac:dd:f1:bd:44:
9a:34:64:83
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZO10vkXaXLLI4Iky9y6mG0qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQxMjExMTMwNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGIyMGYwZmViZDI2NzZhZGI5ODZiYmU2OWMwZGJiOTQ0ODVmNzcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKs2ltj2GU3BS1wf0QZOI9mWCX2V
lRZWpVXmGtJvfSmq3Njxowooyt5Ggu5YlS9GYgjop6f/oEreh0CAcJB5Bla+pWXt
M9/wSxyJ302YsSwZp2vR/tyfn+t3AZ30AMkkBUy614C9tLPdqqzIgKiTgJRKXebN
OwOtCu0QbzwsiHu89/d01EcG6C2YC8loo36SO48q1jUmJ2nNXcSAYP9PbS8VC0Ap
Sat6yJPMSZ6nJC7mzGxIpfyE6IjTX3E1wQk8oQ+SOmLjwi5IS1zXeAga3yufbmnk
z6AnZYeg/ziqQj+R9EdMyx58DfQz5RKS2ZQATSuZv+UB4tp4oz/rD3RpVQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDiyDw/r0mdq25hrvmnA27lEhfdwMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvT0xJUEQtdlNaMnJibUd1LWFjRGJ1VVNGOTNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCBWZkAwQC
BWZ8AwQCUqOsMA0GCSqGSIb3DQEBCwUAA4IBAQAeVKuHIfyjCNUyBv/dG3PspndM
zAGfZ7YH8pYCHL14SH7onztY73G04H1X3OMBqrYRge33dqGdPz0F5SH1BxRwpuPd
Z3uZ2rbx48WTB0tfcJz3tDC2+SPcqqMbUrazkAY8zEY420a4TM3dYGAxMd1soVGk
NsM20+sIUHKyvW1fe4zf+0wqHlEC2hlCA1ZDfM+Ci7++chXHjtvu1aDjWX1srZaV
OeOROcj8yU55FfWRnk3k3F7HsBtNVwFimrDSiDhGzll81vsuCfS0rhhmolqD+8d5
MxaEzo4E/JnQS/+doNPa/oIp3EdZ5QjgbSIg20LYPpe8J73UrN3xvUSaNGSD
-----END CERTIFICATE-----
Generated at Sun May 11 21:16:12 2025 by rpki-client