Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/z1wxfxRJdNq-AjupQrf4NFVEWSw.roa
File: z1wxfxRJdNq-AjupQrf4NFVEWSw.roa (raw, json)
Hash identifier: 8Wcp7u7Zeervoz9knXnJoO5PpsieVjWL3F1pjaIzkVQ=
Subject key identifier: CF:5C:31:7F:14:49:74:DA:BE:02:3B:A9:42:B7:F8:34:55:44:59:2C
Certificate issuer: /CN=8bdf76c54b9e6935c30a9b4c9ba9309ac470ec02
Certificate serial: 018F5E294F27E7873CAE9C71DAB04678D45B
Authority key identifier: 8B:DF:76:C5:4B:9E:69:35:C3:0A:9B:4C:9B:A9:30:9A:C4:70:EC:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i992xUueaTXDCptMm6kwmsRw7AI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/z1wxfxRJdNq-AjupQrf4NFVEWSw.roa
Signing time: Thu 09 May 2024 16:21:56 +0000
ROA not before: Thu 09 May 2024 16:21:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39130
IP address blocks: 5.102.36.0/23 maxlen: 23
5.102.36.0/24 maxlen: 24
5.102.38.0/24 maxlen: 24
5.102.39.0/24 maxlen: 24
195.5.124.0/23 maxlen: 24
195.5.124.0/24 maxlen: 24
2a10:d80::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 11 May 2024 14:34:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:5e:29:4f:27:e7:87:3c:ae:9c:71:da:b0:46:78:d4:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bdf76c54b9e6935c30a9b4c9ba9309ac470ec02
Validity
Not Before: May 9 16:21:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cf5c317f144974dabe023ba942b7f8345544592c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:1c:2a:28:7d:24:26:75:09:53:8c:7b:d1:07:
ed:f1:e5:5b:e2:a4:15:74:92:72:92:43:17:72:bc:
f6:9b:c4:d6:1b:19:8a:80:68:72:c9:09:f7:45:fa:
a5:4d:98:e5:b8:41:75:2a:5d:6d:c6:14:bb:5e:4d:
a1:d7:4b:c7:10:45:68:01:ff:23:bf:62:18:3e:3b:
4d:1a:39:28:4e:9e:06:83:d3:5f:0f:23:35:08:91:
18:9a:c3:9b:1d:bc:af:7d:f0:c5:46:ac:be:9d:14:
1a:95:45:48:e0:84:99:05:f9:49:71:39:34:b3:c3:
18:d3:6b:4b:92:46:ee:9b:ed:be:7e:f7:4c:49:1b:
ff:e7:18:56:3f:3d:25:03:a0:fa:5b:4b:f8:0a:c8:
53:08:47:ba:dd:b4:9e:67:97:2b:03:d7:75:6a:23:
ea:67:63:49:90:94:c5:57:95:aa:44:b4:a6:58:8f:
bf:4d:ac:6d:a4:1e:a2:f3:6c:da:d8:31:1c:a3:2e:
6b:76:dd:0f:81:c7:c8:4c:d5:d6:7f:a9:9d:d2:c8:
50:da:31:2e:c3:76:64:fe:e0:bc:9b:2f:38:46:15:
2c:37:61:26:90:d6:ef:70:0e:af:d1:bb:53:3b:59:
82:d8:7e:3a:43:27:52:36:cf:e7:b4:50:1c:6b:1c:
e7:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:5C:31:7F:14:49:74:DA:BE:02:3B:A9:42:B7:F8:34:55:44:59:2C
X509v3 Authority Key Identifier:
keyid:8B:DF:76:C5:4B:9E:69:35:C3:0A:9B:4C:9B:A9:30:9A:C4:70:EC:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i992xUueaTXDCptMm6kwmsRw7AI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/z1wxfxRJdNq-AjupQrf4NFVEWSw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/i992xUueaTXDCptMm6kwmsRw7AI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.36.0/22
195.5.124.0/23
IPv6:
2a10:d80::/29
Signature Algorithm: sha256WithRSAEncryption
19:71:6d:a6:59:ba:e0:67:d2:9c:82:0f:21:e3:aa:64:b9:3d:
3c:bb:7c:12:01:1c:28:6b:a4:66:29:b7:1d:21:59:8d:1f:1b:
4d:95:cc:de:6d:a4:0b:4d:4c:d8:d2:a1:cc:f4:6a:6f:d4:a2:
5c:59:f0:04:33:af:59:9a:20:e3:98:54:a6:31:2f:12:24:df:
41:52:0b:23:9d:57:85:c1:60:9e:ac:16:37:02:2a:4c:52:73:
73:3f:9e:74:77:89:2d:fe:cd:73:41:12:10:79:ee:53:5d:01:
ea:49:c7:cf:ac:e4:e1:5e:8f:09:4c:94:04:67:e2:37:ba:e6:
c1:5d:76:7f:d9:48:8e:37:e7:34:23:82:85:c4:d3:ee:73:f7:
5b:8e:1f:40:c3:79:07:55:ee:e2:6d:30:b1:12:e8:ce:c6:8a:
c2:1b:e4:12:cf:b5:20:e6:f0:a5:97:8b:50:cf:87:51:78:c4:
1d:27:db:fd:b6:4d:8d:ce:f0:3a:0c:8c:ae:19:c8:85:c8:8e:
1d:38:7b:65:39:e4:6c:0c:7c:4f:f4:ab:21:29:5f:e5:59:53:
8b:1e:01:bf:14:2e:4c:69:b4:a3:84:06:34:60:aa:88:ab:15:
f3:16:ec:fa:32:dd:1e:ef:5b:0d:1e:e1:f0:8d:5c:24:15:4e:
51:0f:c2:3a
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY9eKU8n54c8rpxx2rBGeNRbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiZGY3NmM1NGI5ZTY5MzVjMzBhOWI0YzliYTkzMDlhYzQ3
MGVjMDIwHhcNMjQwNTA5MTYyMTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjVjMzE3ZjE0NDk3NGRhYmUwMjNiYTk0MmI3ZjgzNDU1NDQ1OTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkhwqKH0kJnUJU4x70Qft8eVb4qQV
dJJykkMXcrz2m8TWGxmKgGhyyQn3RfqlTZjluEF1Kl1txhS7Xk2h10vHEEVoAf8j
v2IYPjtNGjkoTp4Gg9NfDyM1CJEYmsObHbyvffDFRqy+nRQalUVI4ISZBflJcTk0
s8MY02tLkkbum+2+fvdMSRv/5xhWPz0lA6D6W0v4CshTCEe63bSeZ5crA9d1aiPq
Z2NJkJTFV5WqRLSmWI+/TaxtpB6i82za2DEcoy5rdt0PgcfITNXWf6md0shQ2jEu
w3Zk/uC8my84RhUsN2EmkNbvcA6v0btTO1mC2H46QydSNs/ntFAcaxznwwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFM9cMX8USXTavgI7qUK3+DRVRFksMB8GA1UdIwQY
MBaAFIvfdsVLnmk1wwqbTJupMJrEcOwCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTk5MnhVdWVhVFhEQ3B0TW02a3dtc1J3N0FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS8yMTUxOWUtYjhkYy00MjQwLWFhNzgt
OGQyMTg2NjUwMjdkLzEvejF3eGZ4UkpkTnEtQWp1cFFyZjRORlZFV1N3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS8yMTUxOWUtYjhkYy00MjQwLWFhNzgtOGQyMTg2NjUwMjdk
LzEvaTk5MnhVdWVhVFhEQ3B0TW02a3dtc1J3N0FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCBWYkAwQB
wwV8MA0EAgACMAcDBQMqEA2AMA0GCSqGSIb3DQEBCwUAA4IBAQAZcW2mWbrgZ9Kc
gg8h46pkuT08u3wSARwoa6RmKbcdIVmNHxtNlczebaQLTUzY0qHM9Gpv1KJcWfAE
M69ZmiDjmFSmMS8SJN9BUgsjnVeFwWCerBY3AipMUnNzP550d4kt/s1zQRIQee5T
XQHqScfPrOThXo8JTJQEZ+I3uubBXXZ/2UiON+c0I4KFxNPuc/dbjh9Aw3kHVe7i
bTCxEujOxorCG+QSz7Ug5vCll4tQz4dReMQdJ9v9tk2NzvA6DIyuGciFyI4dOHtl
OeRsDHxP9KshKV/lWVOLHgG/FC5MabSjhAY0YKqIqxXzFuz6Mt0e71sNHuHwjVwk
FU5RD8I6
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:06 2024 by rpki-client on console-ams.rpki-client.org