Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/1-2zegdsn_5E5Y9PY6WOokImPrrM.roa
File: 1-2zegdsn_5E5Y9PY6WOokImPrrM.roa (raw, json)
Hash identifier: pMPWOMng7d0dbfSiUlo6Vto5ixyL4pMuSHGmlHBTajg=
Subject key identifier: FB:6C:DE:81:DB:27:FF:91:39:63:D3:D8:E9:63:A8:90:89:8F:AE:B3
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018CC5DCDE896341F273125AF51BD373B73F
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/1-2zegdsn_5E5Y9PY6WOokImPrrM.roa
Signing time: Mon 01 Jan 2024 16:30:35 +0000
ROA not before: Mon 01 Jan 2024 16:30:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 5.102.96.0/20 maxlen: 24
5.102.96.0/21 maxlen: 24
5.102.108.0/22 maxlen: 22
31.186.180.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 13:23:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:de:89:63:41:f2:73:12:5a:f5:1b:d3:73:b7:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Jan 1 16:30:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fb6cde81db27ff913963d3d8e963a890898faeb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:34:87:24:77:87:8d:8c:87:6e:8d:c0:26:6b:
44:0d:76:c7:b5:39:49:ae:f4:ba:17:f3:f7:b0:ab:
0f:88:0c:3c:30:08:87:b7:aa:86:99:5a:30:af:50:
ae:97:2f:3c:db:c0:a0:a1:8c:98:19:63:84:67:cf:
e1:b2:30:16:db:a8:27:2c:d6:d4:02:01:3d:78:e3:
79:91:91:38:60:34:ea:63:ed:ba:3a:be:d3:74:46:
07:ef:65:a6:2f:80:2e:d1:86:ba:64:02:d6:e9:ef:
5a:00:b1:ff:8b:aa:56:84:8b:2e:e0:81:ce:52:aa:
0b:b8:10:c4:2a:82:00:be:4c:a1:74:33:c3:e2:19:
20:b8:25:85:c3:dd:10:e8:95:59:32:7a:19:05:e8:
6d:46:fe:cb:17:34:03:95:68:37:b1:0b:be:66:4d:
e8:2e:3a:af:a7:00:ca:86:40:f2:5e:c8:de:7e:53:
49:8e:63:47:4d:31:84:b7:ff:26:b1:ff:ec:22:bd:
72:16:ac:02:9d:5c:74:a9:90:41:3b:62:4b:36:4c:
50:ec:6a:ff:9b:43:dc:4b:94:6f:fe:ec:6d:fb:56:
80:a7:51:9e:64:91:4f:4e:d5:3c:41:70:83:ae:c5:
b8:78:51:92:96:87:83:c7:a4:85:7a:9e:96:66:99:
ce:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:6C:DE:81:DB:27:FF:91:39:63:D3:D8:E9:63:A8:90:89:8F:AE:B3
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/1-2zegdsn_5E5Y9PY6WOokImPrrM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0/20
31.186.180.0/22
Signature Algorithm: sha256WithRSAEncryption
2d:44:1f:04:cf:4f:62:58:84:10:1a:09:36:a8:c4:ef:c1:d1:
21:de:51:39:17:a6:c3:f9:bb:77:dc:b0:59:80:b2:58:e0:60:
80:9c:83:69:0a:31:67:a1:09:fe:8b:11:d2:62:3e:d9:dd:24:
04:b7:36:44:d2:e9:aa:de:55:1e:ae:9b:3f:9f:32:2c:a2:00:
fe:b9:ba:84:ac:1c:ca:c0:fe:7a:2d:f8:ad:c6:1a:81:75:f9:
41:48:fd:93:95:89:71:ed:ae:75:3c:b1:0f:60:ed:b0:86:85:
e3:3e:37:45:4d:2c:ca:28:2f:b9:ce:dc:f2:d3:be:7a:7a:6e:
b7:71:b6:29:12:34:43:bb:88:3d:df:5a:1c:5a:57:d2:76:62:
d0:9a:45:bf:7d:e1:e4:7b:97:dc:de:c9:9f:41:58:21:53:7a:
71:e2:6f:cd:02:86:ce:ee:a0:74:d0:d4:3a:01:a5:86:84:91:
1b:dc:8b:c6:9b:c6:b3:07:32:5e:89:e8:4e:6c:db:33:eb:79:
5c:7e:3b:dd:97:b5:c4:b9:d4:d1:af:53:24:75:ed:af:57:c9:
4b:1d:44:f5:2c:c5:f2:82:e1:f0:5a:b6:c2:f4:9a:f2:b0:a4:
95:f8:ca:9e:65:7f:2f:7f:b8:a7:6a:f7:d3:0f:ba:d8:66:fd:
3e:ee:90:4c
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYzF3N6JY0HycxJa9RvTc7c/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQwMTAxMTYzMDM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjZjZGU4MWRiMjdmZjkxMzk2M2QzZDhlOTYzYTg5MDg5OGZhZWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAozSHJHeHjYyHbo3AJmtEDXbHtTlJ
rvS6F/P3sKsPiAw8MAiHt6qGmVowr1Culy8828CgoYyYGWOEZ8/hsjAW26gnLNbU
AgE9eON5kZE4YDTqY+26Or7TdEYH72WmL4Au0Ya6ZALW6e9aALH/i6pWhIsu4IHO
UqoLuBDEKoIAvkyhdDPD4hkguCWFw90Q6JVZMnoZBehtRv7LFzQDlWg3sQu+Zk3o
LjqvpwDKhkDyXsjeflNJjmNHTTGEt/8msf/sIr1yFqwCnVx0qZBBO2JLNkxQ7Gr/
m0PcS5Rv/uxt+1aAp1GeZJFPTtU8QXCDrsW4eFGSloeDx6SFep6WZpnODwIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPts3oHbJ/+ROWPT2OljqJCJj66zMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvMS0yemVnZHNuXzVFNVk5UFk2V09va0ltUHJyTS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvNjZmMDVjLTc0MWMtNDcyMC1iYzdlLTg5NzE0YTdlOGQ1
OC8xL2hzemdibkRmbHcyUXFfNDh2bi1vZ3ZSbnNlUS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEBAVmYAME
Ah+6tDANBgkqhkiG9w0BAQsFAAOCAQEALUQfBM9PYliEEBoJNqjE78HRId5RORem
w/m7d9ywWYCyWOBggJyDaQoxZ6EJ/osR0mI+2d0kBLc2RNLpqt5VHq6bP58yLKIA
/rm6hKwcysD+ei34rcYagXX5QUj9k5WJce2udTyxD2DtsIaF4z43RU0syigvuc7c
8tO+enput3G2KRI0Q7uIPd9aHFpX0nZi0JpFv33h5HuX3N7Jn0FYIVN6ceJvzQKG
zu6gdNDUOgGlhoSRG9yLxpvGswcyXonoTmzbM+t5XH473Ze1xLnU0a9TJHXtr1fJ
Sx1E9SzF8oLh8Fq2wvSa8rCklfjKnmV/L3+4p2r30w+62Gb9Pu6QTA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:46 2024 by rpki-client on console-ams.rpki-client.org