Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/Qyb_Qji4zlwMrFGpC9JbGmG4WxQ.roa
File: Qyb_Qji4zlwMrFGpC9JbGmG4WxQ.roa (raw, json)
Hash identifier: l1yGvZbxz2ZA79T0QWiwgMGQ2vGDQPAg9zeQ6nLCy+8=
Subject key identifier: 43:26:FF:42:38:B8:CE:5C:0C:AC:51:A9:0B:D2:5B:1A:61:B8:5B:14
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 0193BA5748B332AF647925FB37FF320A6E06
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/Qyb_Qji4zlwMrFGpC9JbGmG4WxQ.roa
Signing time: Thu 12 Dec 2024 10:08:22 +0000
ROA not before: Thu 12 Dec 2024 10:08:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 5.102.100.0/22 maxlen: 24
5.102.124.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 16 Dec 2024 07:48:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:ba:57:48:b3:32:af:64:79:25:fb:37:ff:32:0a:6e:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Dec 12 10:08:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4326ff4238b8ce5c0cac51a90bd25b1a61b85b14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:97:11:57:72:e7:2c:51:f7:96:96:76:b3:c1:
9c:07:cd:f0:0a:66:39:bd:0e:a2:3d:80:0d:a6:f7:
af:3c:8d:c5:af:d6:c5:b2:8a:f8:42:a3:8e:52:f3:
97:bc:8c:c5:d3:7f:38:af:51:79:8c:89:c8:94:a2:
75:a6:ea:a9:3f:7e:80:2c:96:bc:66:86:07:10:09:
c1:38:87:03:b1:03:c9:58:d7:ef:7b:b8:9f:50:6d:
98:ab:0a:7e:56:ec:19:8c:ca:64:51:1d:a5:b6:14:
3d:eb:f5:90:21:1b:52:f7:b4:a9:b0:23:a7:a8:5f:
46:b6:cd:58:85:87:3d:dd:88:a7:98:5c:5f:44:7b:
d1:3b:d6:b4:8a:37:d7:17:b5:9b:e7:f9:d8:97:02:
2e:a3:61:cf:c7:f0:5f:32:20:b4:28:4a:1d:d0:04:
e6:1a:fc:6d:0b:b7:48:33:ed:a0:c5:fa:aa:4a:10:
af:3d:61:80:55:0c:83:86:eb:18:f9:5b:8f:1f:7e:
b0:86:52:0f:2a:35:2f:7a:f6:18:3f:87:7a:bc:8c:
44:cd:fb:e3:b7:01:fe:54:a1:45:11:b6:10:92:2f:
8f:d8:f4:74:80:5a:1b:04:eb:51:c9:f1:bf:5f:15:
83:c9:f3:22:27:47:a8:a7:38:d1:2b:7d:ee:5b:2b:
0b:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:26:FF:42:38:B8:CE:5C:0C:AC:51:A9:0B:D2:5B:1A:61:B8:5B:14
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/Qyb_Qji4zlwMrFGpC9JbGmG4WxQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.100.0/22
5.102.124.0/22
Signature Algorithm: sha256WithRSAEncryption
78:05:4f:63:44:a7:1b:96:2a:d2:81:e9:1f:c0:ad:60:2a:c3:
ae:eb:77:e5:4c:5f:a0:37:88:db:01:3d:1d:15:40:0b:58:0f:
63:f6:7d:f3:78:04:61:e4:b1:78:1b:da:22:25:9b:bb:be:7d:
40:1a:8b:53:f5:6f:9d:95:4c:4c:c5:6c:6a:28:ea:11:cf:e0:
0e:3a:0a:42:44:a1:c5:f1:45:01:9e:43:c1:27:da:cd:f9:f9:
20:60:65:ee:5e:03:ed:c2:22:b1:90:58:df:e9:ca:6a:a3:a2:
da:4a:ae:fd:b6:62:2b:e5:c7:c9:e3:82:28:04:95:e1:4c:10:
c7:8c:61:5d:9f:61:77:e4:11:7f:c8:44:bb:41:83:ab:b7:49:
b1:d1:b4:de:94:4f:6f:e9:97:7c:f0:62:91:58:3b:67:fb:dc:
c3:43:a3:fb:2c:b7:49:33:45:e2:7e:85:e8:6f:c5:cc:91:69:
90:be:06:35:a8:3c:5f:dc:a9:1b:e2:8c:5b:3b:57:94:cf:93:
0e:56:16:cb:47:bf:89:12:84:75:d0:a9:cb:f5:86:7a:d3:e5:
74:0c:2a:e1:80:68:8a:f9:3b:2c:2d:d5:0a:06:10:c7:75:2b:
fb:34:34:cd:8c:0e:a4:e1:60:f9:ce:3a:b8:e6:18:05:c8:3e:
21:71:7c:a1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZO6V0izMq9keSX7N/8yCm4GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQxMjEyMTAwODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzI2ZmY0MjM4YjhjZTVjMGNhYzUxYTkwYmQyNWIxYTYxYjg1YjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5pcRV3LnLFH3lpZ2s8GcB83wCmY5
vQ6iPYANpvevPI3Fr9bFsor4QqOOUvOXvIzF0384r1F5jInIlKJ1puqpP36ALJa8
ZoYHEAnBOIcDsQPJWNfve7ifUG2Yqwp+VuwZjMpkUR2lthQ96/WQIRtS97SpsCOn
qF9Gts1YhYc93YinmFxfRHvRO9a0ijfXF7Wb5/nYlwIuo2HPx/BfMiC0KEod0ATm
GvxtC7dIM+2gxfqqShCvPWGAVQyDhusY+VuPH36whlIPKjUvevYYP4d6vIxEzfvj
twH+VKFFEbYQki+P2PR0gFobBOtRyfG/XxWDyfMiJ0eopzjRK33uWysLxwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEMm/0I4uM5cDKxRqQvSWxphuFsUMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvUXliX1FqaTR6bHdNckZHcEM5SmJHbUc0V3hRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCBWZkAwQC
BWZ8MA0GCSqGSIb3DQEBCwUAA4IBAQB4BU9jRKcblirSgekfwK1gKsOu63flTF+g
N4jbAT0dFUALWA9j9n3zeARh5LF4G9oiJZu7vn1AGotT9W+dlUxMxWxqKOoRz+AO
OgpCRKHF8UUBnkPBJ9rN+fkgYGXuXgPtwiKxkFjf6cpqo6LaSq79tmIr5cfJ44Io
BJXhTBDHjGFdn2F35BF/yES7QYOrt0mx0bTelE9v6Zd88GKRWDtn+9zDQ6P7LLdJ
M0XifoXob8XMkWmQvgY1qDxf3Kkb4oxbO1eUz5MOVhbLR7+JEoR10KnL9YZ60+V0
DCrhgGiK+TssLdUKBhDHdSv7NDTNjA6k4WD5zjq45hgFyD4hcXyh
-----END CERTIFICATE-----
Generated at Sun May 11 21:18:26 2025 by rpki-client