Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/ZAo-r6mzbjBnOMZsnl1kB3zqd4A.roa
File: ZAo-r6mzbjBnOMZsnl1kB3zqd4A.roa (raw, json)
Hash identifier: o62cPCvRoH/QIOVZb0zV1pER2Kuz2dcuLPYS4eZ9nkI=
Subject key identifier: 64:0A:3E:AF:A9:B3:6E:30:67:38:C6:6C:9E:5D:64:07:7C:EA:77:80
Certificate issuer: /CN=8bdf76c54b9e6935c30a9b4c9ba9309ac470ec02
Certificate serial: 018F2AB344B9E281E656D95609BD8A043681
Authority key identifier: 8B:DF:76:C5:4B:9E:69:35:C3:0A:9B:4C:9B:A9:30:9A:C4:70:EC:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i992xUueaTXDCptMm6kwmsRw7AI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/ZAo-r6mzbjBnOMZsnl1kB3zqd4A.roa
Signing time: Mon 29 Apr 2024 16:32:22 +0000
ROA not before: Mon 29 Apr 2024 16:32:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2914
IP address blocks: 5.102.36.0/23 maxlen: 23
5.102.36.0/24 maxlen: 24
5.102.37.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 03 May 2024 20:49:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:2a:b3:44:b9:e2:81:e6:56:d9:56:09:bd:8a:04:36:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bdf76c54b9e6935c30a9b4c9ba9309ac470ec02
Validity
Not Before: Apr 29 16:32:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=640a3eafa9b36e306738c66c9e5d64077cea7780
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:13:0e:a9:8d:e7:9d:43:e8:f2:1f:ab:f8:d8:
75:eb:64:09:87:91:99:e7:a3:c3:27:9f:74:2a:e5:
cb:98:7d:82:c0:24:e2:d4:9a:59:ad:b9:c1:74:92:
5e:08:68:53:ab:c3:3e:9d:85:1f:4d:bd:42:f6:cf:
ef:99:84:10:fc:00:f7:9b:b6:1a:c4:44:e8:44:9d:
13:b9:15:dc:98:17:bc:d4:18:50:87:94:78:3b:20:
f0:da:96:9d:5b:56:d0:12:dc:e9:87:c2:49:a4:46:
66:a6:b0:33:ea:0b:0c:19:72:40:c9:97:49:98:16:
a2:96:a7:54:f9:37:fd:69:da:9d:cd:0b:74:af:27:
e4:60:86:ad:19:af:2e:f9:3f:93:13:2b:a5:6d:41:
ea:c4:aa:60:5c:79:55:9d:f5:d1:67:60:06:4e:4d:
39:1c:fe:14:b4:89:6b:29:fe:8b:24:71:1b:21:06:
98:b2:88:32:d5:81:e6:d7:c0:bc:f2:83:6a:b7:b6:
5c:94:34:82:f9:10:f6:97:3c:26:2e:f8:54:6c:de:
35:0a:b9:20:bd:46:7c:40:1c:a7:e1:06:c3:23:32:
29:ea:5e:f7:15:7e:f2:d9:24:71:3c:a0:20:75:65:
70:3e:7e:2c:4a:10:ea:39:f4:1e:00:f2:98:79:53:
4b:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:0A:3E:AF:A9:B3:6E:30:67:38:C6:6C:9E:5D:64:07:7C:EA:77:80
X509v3 Authority Key Identifier:
keyid:8B:DF:76:C5:4B:9E:69:35:C3:0A:9B:4C:9B:A9:30:9A:C4:70:EC:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i992xUueaTXDCptMm6kwmsRw7AI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/ZAo-r6mzbjBnOMZsnl1kB3zqd4A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/i992xUueaTXDCptMm6kwmsRw7AI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.36.0/23
Signature Algorithm: sha256WithRSAEncryption
24:90:65:42:a3:a9:28:d0:a3:fb:76:b7:c9:05:83:c2:6a:1f:
7a:cb:01:02:dc:47:b8:0c:4c:41:c3:e4:14:24:f5:f1:0d:dc:
60:c2:4e:4c:81:11:d0:c5:a1:98:98:1f:a4:e0:a4:69:0e:ba:
ae:0c:e5:f7:73:64:34:de:fb:cc:dd:97:95:60:93:1f:c5:26:
8b:ec:fd:90:fa:ed:25:89:a7:d5:40:2e:34:f9:92:16:8a:fe:
10:f9:d0:0a:94:9a:09:10:50:e5:66:4d:e7:07:7d:3c:19:c0:
5e:31:b7:1a:8f:b0:88:f2:95:55:7a:2e:58:a5:2d:ed:76:fb:
f2:b9:22:03:6c:a4:ad:1c:e6:54:f8:16:2c:f5:0f:a8:fe:9f:
6a:65:69:89:c4:c0:e0:44:fe:e5:da:ec:93:0a:e8:86:55:0c:
0b:9b:21:b5:26:5a:b8:47:dd:bb:f6:fe:55:52:fe:41:58:83:
ad:b3:99:ea:2d:5d:9a:5f:ac:24:de:c3:42:60:ea:f2:18:62:
b2:03:93:02:ea:c9:ce:db:0b:c1:25:bd:b6:f2:63:87:8e:84:
d1:72:a8:0a:69:b1:01:0b:38:d2:bc:5e:43:9f:c6:78:8e:7a:
7e:67:13:f9:77:e5:88:32:7c:83:98:b5:8c:29:4a:5d:d3:c1:
26:6b:70:c9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY8qs0S54oHmVtlWCb2KBDaBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiZGY3NmM1NGI5ZTY5MzVjMzBhOWI0YzliYTkzMDlhYzQ3
MGVjMDIwHhcNMjQwNDI5MTYzMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDBhM2VhZmE5YjM2ZTMwNjczOGM2NmM5ZTVkNjQwNzdjZWE3NzgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkxMOqY3nnUPo8h+r+Nh162QJh5GZ
56PDJ590KuXLmH2CwCTi1JpZrbnBdJJeCGhTq8M+nYUfTb1C9s/vmYQQ/AD3m7Ya
xEToRJ0TuRXcmBe81BhQh5R4OyDw2padW1bQEtzph8JJpEZmprAz6gsMGXJAyZdJ
mBailqdU+Tf9adqdzQt0ryfkYIatGa8u+T+TEyulbUHqxKpgXHlVnfXRZ2AGTk05
HP4UtIlrKf6LJHEbIQaYsogy1YHm18C88oNqt7ZclDSC+RD2lzwmLvhUbN41Crkg
vUZ8QByn4QbDIzIp6l73FX7y2SRxPKAgdWVwPn4sShDqOfQeAPKYeVNLpQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGQKPq+ps24wZzjGbJ5dZAd86neAMB8GA1UdIwQY
MBaAFIvfdsVLnmk1wwqbTJupMJrEcOwCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTk5MnhVdWVhVFhEQ3B0TW02a3dtc1J3N0FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS8yMTUxOWUtYjhkYy00MjQwLWFhNzgt
OGQyMTg2NjUwMjdkLzEvWkFvLXI2bXpiakJuT01ac25sMWtCM3pxZDRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS8yMTUxOWUtYjhkYy00MjQwLWFhNzgtOGQyMTg2NjUwMjdk
LzEvaTk5MnhVdWVhVFhEQ3B0TW02a3dtc1J3N0FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBBWYkMA0G
CSqGSIb3DQEBCwUAA4IBAQAkkGVCo6ko0KP7drfJBYPCah96ywEC3Ee4DExBw+QU
JPXxDdxgwk5MgRHQxaGYmB+k4KRpDrquDOX3c2Q03vvM3ZeVYJMfxSaL7P2Q+u0l
iafVQC40+ZIWiv4Q+dAKlJoJEFDlZk3nB308GcBeMbcaj7CI8pVVei5YpS3tdvvy
uSIDbKStHOZU+BYs9Q+o/p9qZWmJxMDgRP7l2uyTCuiGVQwLmyG1Jlq4R9279v5V
Uv5BWIOts5nqLV2aX6wk3sNCYOryGGKyA5MC6snO2wvBJb228mOHjoTRcqgKabEB
CzjSvF5Dn8Z4jnp+ZxP5d+WIMnyDmLWMKUpd08Ema3DJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:06 2024 by rpki-client on console-ams.rpki-client.org