Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/Rj2zRJOkJFaAKqwkb9IM1c_hnlU.roa
File: Rj2zRJOkJFaAKqwkb9IM1c_hnlU.roa (raw, json)
Hash identifier: lTx0UuCww8PuNcG7/fQrIgQmoPSnfxgDj8oHSDrME7s=
Subject key identifier: 46:3D:B3:44:93:A4:24:56:80:2A:AC:24:6F:D2:0C:D5:CF:E1:9E:55
Certificate issuer: /CN=8bdf76c54b9e6935c30a9b4c9ba9309ac470ec02
Certificate serial: 018B496BB05BE32DFA5FD76B50377F0DA807
Authority key identifier: 8B:DF:76:C5:4B:9E:69:35:C3:0A:9B:4C:9B:A9:30:9A:C4:70:EC:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i992xUueaTXDCptMm6kwmsRw7AI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/Rj2zRJOkJFaAKqwkb9IM1c_hnlU.roa
Signing time: Thu 19 Oct 2023 19:31:16 +0000
ROA not before: Thu 19 Oct 2023 19:31:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2914
IP address blocks: 5.102.38.0/24 maxlen: 24
5.102.36.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 08 Nov 2023 21:39:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:49:6b:b0:5b:e3:2d:fa:5f:d7:6b:50:37:7f:0d:a8:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bdf76c54b9e6935c30a9b4c9ba9309ac470ec02
Validity
Not Before: Oct 19 19:31:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=463db34493a42456802aac246fd20cd5cfe19e55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:0c:49:30:0a:c3:9d:43:ef:3d:98:d0:dd:99:
74:b4:63:29:af:aa:ca:ad:d7:fa:5c:63:f2:af:5d:
f6:62:98:d5:03:84:bd:b8:f6:cf:07:27:b6:07:d2:
1c:21:b4:82:be:50:6b:07:8f:cb:cc:1a:c3:fd:5f:
83:6a:79:b1:d7:57:bf:cc:fc:3d:4b:31:a7:fa:06:
d9:9d:10:2e:b2:53:26:12:47:8c:fc:bc:65:05:5d:
ed:81:a2:f6:bd:45:35:05:c2:9b:64:5b:b5:a6:d2:
35:e2:51:a7:f9:40:4a:66:48:e9:15:51:49:d2:2b:
d7:19:5c:7a:70:2b:ac:4c:10:66:de:3e:10:b1:cd:
58:41:fc:f4:d4:66:84:63:71:cd:8f:b4:52:1f:cf:
90:52:f3:3b:4b:be:0e:84:96:8d:5c:d2:d3:04:21:
53:36:dd:1b:aa:87:cf:fa:94:aa:ac:88:cb:b6:a0:
59:33:43:64:ad:87:bf:84:b9:9d:51:88:51:73:3f:
82:a5:bd:30:9c:9c:70:c1:ce:86:87:f7:c3:d3:a6:
0b:12:af:07:dd:32:4d:b3:0f:bb:3a:7d:3b:f9:4e:
f7:dd:3f:b1:78:59:b9:b8:6a:3d:64:3e:9b:41:b4:
b7:e0:34:bd:8e:0d:4e:c0:26:7b:d8:51:4e:ab:57:
2d:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:3D:B3:44:93:A4:24:56:80:2A:AC:24:6F:D2:0C:D5:CF:E1:9E:55
X509v3 Authority Key Identifier:
keyid:8B:DF:76:C5:4B:9E:69:35:C3:0A:9B:4C:9B:A9:30:9A:C4:70:EC:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i992xUueaTXDCptMm6kwmsRw7AI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/Rj2zRJOkJFaAKqwkb9IM1c_hnlU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/i992xUueaTXDCptMm6kwmsRw7AI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.36.0-5.102.38.255
Signature Algorithm: sha256WithRSAEncryption
59:24:a3:75:9c:eb:3f:e6:c4:99:59:39:27:1f:67:7b:98:79:
92:14:1d:7d:93:11:5b:14:29:ca:bc:7e:93:b2:fe:40:04:65:
68:d5:8b:92:b2:c9:37:4c:ce:0a:fe:96:31:2c:c8:3a:86:5d:
26:3e:73:75:40:c5:e8:d7:17:e8:61:45:58:fc:44:00:08:d2:
54:17:53:1c:e1:6b:f4:25:9c:a4:2e:8f:fd:22:1c:86:80:95:
35:0f:b7:5d:0e:14:b1:b5:22:8e:c9:b1:b3:fa:3f:91:e6:24:
66:d8:75:0e:e1:9c:67:4b:45:c0:b1:80:3d:5e:7e:56:b5:8c:
98:37:79:e0:de:a7:6f:5e:5f:5f:66:83:a6:78:d4:d5:a9:3c:
ad:f8:f4:e2:b0:91:0a:37:d0:25:4d:76:3d:90:21:4c:15:53:
ca:80:b1:15:aa:b2:25:f6:87:ed:4b:92:29:f0:80:5c:94:37:
45:ed:85:63:28:5d:65:20:41:95:7f:50:dd:c3:04:72:e5:37:
1d:d5:6f:8b:19:b1:2c:83:c4:3b:34:25:64:ac:77:a3:28:f5:
19:8c:e7:56:c6:5c:c8:2e:f4:cc:b3:23:0d:63:69:c1:cc:d1:
8f:06:06:a8:36:bf:ed:78:a6:7b:a2:35:7d:35:6f:ec:5b:9e:
d3:26:81:32
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYtJa7Bb4y36X9drUDd/DagHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiZGY3NmM1NGI5ZTY5MzVjMzBhOWI0YzliYTkzMDlhYzQ3
MGVjMDIwHhcNMjMxMDE5MTkzMTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjNkYjM0NDkzYTQyNDU2ODAyYWFjMjQ2ZmQyMGNkNWNmZTE5ZTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArgxJMArDnUPvPZjQ3Zl0tGMpr6rK
rdf6XGPyr132YpjVA4S9uPbPBye2B9IcIbSCvlBrB4/LzBrD/V+Danmx11e/zPw9
SzGn+gbZnRAuslMmEkeM/LxlBV3tgaL2vUU1BcKbZFu1ptI14lGn+UBKZkjpFVFJ
0ivXGVx6cCusTBBm3j4Qsc1YQfz01GaEY3HNj7RSH8+QUvM7S74OhJaNXNLTBCFT
Nt0bqofP+pSqrIjLtqBZM0NkrYe/hLmdUYhRcz+Cpb0wnJxwwc6Gh/fD06YLEq8H
3TJNsw+7On07+U733T+xeFm5uGo9ZD6bQbS34DS9jg1OwCZ72FFOq1ctvwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFEY9s0STpCRWgCqsJG/SDNXP4Z5VMB8GA1UdIwQY
MBaAFIvfdsVLnmk1wwqbTJupMJrEcOwCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTk5MnhVdWVhVFhEQ3B0TW02a3dtc1J3N0FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS8yMTUxOWUtYjhkYy00MjQwLWFhNzgt
OGQyMTg2NjUwMjdkLzEvUmoyelJKT2tKRmFBS3F3a2I5SU0xY19obmxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS8yMTUxOWUtYjhkYy00MjQwLWFhNzgtOGQyMTg2NjUwMjdk
LzEvaTk5MnhVdWVhVFhEQ3B0TW02a3dtc1J3N0FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAIFZiQD
BAAFZiYwDQYJKoZIhvcNAQELBQADggEBAFkko3Wc6z/mxJlZOScfZ3uYeZIUHX2T
EVsUKcq8fpOy/kAEZWjVi5KyyTdMzgr+ljEsyDqGXSY+c3VAxejXF+hhRVj8RAAI
0lQXUxzha/QlnKQuj/0iHIaAlTUPt10OFLG1Io7JsbP6P5HmJGbYdQ7hnGdLRcCx
gD1efla1jJg3eeDep29eX19mg6Z41NWpPK349OKwkQo30CVNdj2QIUwVU8qAsRWq
siX2h+1LkinwgFyUN0XthWMoXWUgQZV/UN3DBHLlNx3Vb4sZsSyDxDs0JWSsd6Mo
9RmM51bGXMgu9MyzIw1jacHM0Y8GBqg2v+14pnuiNX01b+xbntMmgTI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:50 2024 by rpki-client on console-fra.rpki-client.org