Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/QOm7XAJhwjMfG-fiaqqdky0G7qM.roa
File: QOm7XAJhwjMfG-fiaqqdky0G7qM.roa (raw, json)
Hash identifier: EzT7SIQXlOQO13HLZUYUvzwQoaC5GM5u8FVOMZar3qY=
Subject key identifier: 40:E9:BB:5C:02:61:C2:33:1F:1B:E7:E2:6A:AA:9D:93:2D:06:EE:A3
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 01937D03A12137AFDB3C0D79978A87570761
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/QOm7XAJhwjMfG-fiaqqdky0G7qM.roa
Signing time: Sat 30 Nov 2024 12:20:10 +0000
ROA not before: Sat 30 Nov 2024 12:20:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 5.102.100.0/22 maxlen: 24
37.34.80.0/21 maxlen: 24
82.163.172.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 10 Dec 2024 07:15:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:7d:03:a1:21:37:af:db:3c:0d:79:97:8a:87:57:07:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Nov 30 12:20:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=40e9bb5c0261c2331f1be7e26aaa9d932d06eea3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:0f:47:c9:a5:ca:4f:98:74:5d:95:a1:7a:e0:
29:3d:bf:99:58:21:f8:20:9c:fa:78:92:f3:58:5b:
91:6a:4e:1e:ed:2f:79:4b:51:b5:4b:b4:0d:b3:51:
7d:ab:59:bc:be:48:ae:b6:36:1e:80:50:39:2e:c5:
e6:f9:0c:68:b9:00:e4:2c:9f:9c:11:0a:30:4e:58:
e4:e2:bb:3a:9a:15:f1:d0:45:ea:0a:a1:b5:8a:f2:
0c:b0:58:0e:9d:7b:fe:1c:d9:47:6d:f6:92:c0:d9:
68:22:02:a2:f6:ea:77:27:bd:e7:43:5b:4b:80:11:
a7:1d:be:91:7b:04:75:ec:e2:1f:8c:03:31:cc:96:
c9:99:7c:1d:38:45:30:3b:9b:34:70:94:69:d3:7b:
db:1b:52:79:b1:b8:64:39:99:9a:d2:48:1e:7f:c2:
c5:1a:5f:10:6d:1b:10:ee:30:d2:bc:af:3d:36:d8:
39:99:bc:6e:57:a6:6b:47:58:4f:7b:45:e6:cc:f0:
78:67:46:d6:77:96:2d:af:49:df:ac:dd:4a:63:c7:
35:1c:00:ef:fb:48:f0:1b:61:e0:86:2b:fa:44:c2:
28:fb:b8:9f:cd:f8:bb:d2:28:30:ee:48:00:56:a0:
28:92:7b:c0:37:fb:e4:2e:9e:fe:13:27:84:c4:8d:
e5:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:E9:BB:5C:02:61:C2:33:1F:1B:E7:E2:6A:AA:9D:93:2D:06:EE:A3
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/QOm7XAJhwjMfG-fiaqqdky0G7qM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.100.0/22
37.34.80.0/21
82.163.172.0/22
Signature Algorithm: sha256WithRSAEncryption
21:5e:41:39:d1:d3:bc:0f:b8:1f:d4:ac:d9:34:f6:46:cc:f1:
86:43:6c:93:a5:c6:dd:5b:20:f3:45:b4:b0:96:f6:83:cf:37:
b3:05:c0:d7:a1:3d:d2:8c:f8:cb:e8:a2:39:86:49:6a:e0:2a:
1b:78:02:2a:c2:dc:9f:0e:ed:50:01:04:57:92:cb:9e:67:d2:
85:8b:01:55:43:7e:fd:75:57:3d:f5:d5:10:22:b7:bb:94:33:
c4:5a:96:53:9b:7b:85:33:7b:af:6c:24:d6:4f:74:74:89:53:
fd:93:80:4e:a4:09:97:fb:15:65:0a:d1:03:82:29:84:96:3b:
90:c6:4d:97:06:54:04:bf:23:69:8e:1c:7f:fa:b8:f1:32:8a:
7c:19:5d:15:e2:f9:47:86:05:4a:e7:ac:a7:23:ae:7a:2a:a7:
94:5e:94:48:a7:da:d9:a1:41:96:14:f1:7e:ca:6c:5a:aa:86:
0e:df:94:0e:a3:95:92:b3:d0:60:e2:d0:05:4f:4a:8b:7e:f4:
3a:37:c2:7c:9b:04:13:61:5f:63:b2:67:32:55:20:1d:41:76:
f5:68:93:c5:01:ac:08:67:5a:c1:72:30:26:56:02:3e:f2:8e:
c3:da:7b:3a:ca:c4:3b:38:6d:3b:50:70:31:c1:73:dd:c2:ab:
67:75:41:5d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZN9A6EhN6/bPA15l4qHVwdhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQxMTMwMTIyMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGU5YmI1YzAyNjFjMjMzMWYxYmU3ZTI2YWFhOWQ5MzJkMDZlZWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxw9HyaXKT5h0XZWheuApPb+ZWCH4
IJz6eJLzWFuRak4e7S95S1G1S7QNs1F9q1m8vkiutjYegFA5LsXm+QxouQDkLJ+c
EQowTljk4rs6mhXx0EXqCqG1ivIMsFgOnXv+HNlHbfaSwNloIgKi9up3J73nQ1tL
gBGnHb6RewR17OIfjAMxzJbJmXwdOEUwO5s0cJRp03vbG1J5sbhkOZma0kgef8LF
Gl8QbRsQ7jDSvK89Ntg5mbxuV6ZrR1hPe0XmzPB4Z0bWd5Ytr0nfrN1KY8c1HADv
+0jwG2Hghiv6RMIo+7ifzfi70igw7kgAVqAoknvAN/vkLp7+EyeExI3lQQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEDpu1wCYcIzHxvn4mqqnZMtBu6jMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvUU9tN1hBSmh3ak1mRy1maWFxcWRreTBHN3FNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCBWZkAwQD
JSJQAwQCUqOsMA0GCSqGSIb3DQEBCwUAA4IBAQAhXkE50dO8D7gf1KzZNPZGzPGG
Q2yTpcbdWyDzRbSwlvaDzzezBcDXoT3SjPjL6KI5hklq4CobeAIqwtyfDu1QAQRX
ksueZ9KFiwFVQ379dVc99dUQIre7lDPEWpZTm3uFM3uvbCTWT3R0iVP9k4BOpAmX
+xVlCtEDgimEljuQxk2XBlQEvyNpjhx/+rjxMop8GV0V4vlHhgVK56ynI656KqeU
XpRIp9rZoUGWFPF+ymxaqoYO35QOo5WSs9Bg4tAFT0qLfvQ6N8J8mwQTYV9jsmcy
VSAdQXb1aJPFAawIZ1rBcjAmVgI+8o7D2ns6ysQ7OG07UHAxwXPdwqtndUFd
-----END CERTIFICATE-----
Generated at Mon May 12 01:27:22 2025 by rpki-client