Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/43lFo1qtDO-gITCoJRc81Kkz4Mo.roa
File: 43lFo1qtDO-gITCoJRc81Kkz4Mo.roa (raw, json)
Hash identifier: zDJKVmpwJs2HYWMU00KWKX6mwewB6kEQq4rcPohhbo8=
Subject key identifier: E3:79:45:A3:5A:AD:0C:EF:A0:21:30:A8:25:17:3C:D4:A9:33:E0:CA
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018E31A38AAB8021F22FAA5EAC027D9A00DA
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/43lFo1qtDO-gITCoJRc81Kkz4Mo.roa
Signing time: Tue 12 Mar 2024 07:49:45 +0000
ROA not before: Tue 12 Mar 2024 07:49:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29802
IP address blocks: 5.102.104.0/22 maxlen: 24
31.186.180.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 30 Oct 2024 10:32:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:31:a3:8a:ab:80:21:f2:2f:aa:5e:ac:02:7d:9a:00:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Mar 12 07:49:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e37945a35aad0cefa02130a825173cd4a933e0ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:42:5c:10:c1:04:f8:ca:f2:f3:3c:cf:67:86:
f3:61:e5:60:fb:05:21:af:29:6c:c7:7d:8b:fe:51:
f3:c2:0b:ea:69:1d:98:05:4f:63:db:48:47:8f:52:
ad:98:a8:bb:c5:7f:98:ce:ef:ce:e7:58:ab:ef:9a:
71:86:5e:a4:18:81:c6:e2:02:04:7b:73:80:14:c9:
24:67:d1:51:e3:87:37:19:66:47:2a:89:d0:07:52:
11:57:5a:91:6a:81:e1:fd:d2:2b:8d:71:25:c8:f6:
95:a5:55:21:a8:7e:48:90:5b:28:8c:04:c6:1d:c6:
b5:e6:09:d3:40:bd:62:c0:c6:d4:19:d0:70:8b:83:
c9:f9:35:cf:29:5a:de:d6:f2:6b:fc:78:85:e0:ae:
bf:9e:cb:97:a0:1d:10:45:df:ea:73:58:6a:7e:00:
20:26:ee:46:93:fc:8c:99:04:dd:5e:2d:f3:69:33:
1b:90:d0:98:0c:77:2c:2d:bc:2c:ee:53:9e:1f:87:
95:06:eb:17:d9:e2:35:32:d7:91:1a:40:de:87:c5:
b4:fb:bf:cd:66:35:c7:1a:4b:d8:cd:da:89:53:82:
94:11:23:b8:a4:b0:e4:f5:88:f3:80:9a:b3:1e:74:
7c:b4:8b:b6:18:c5:fb:cd:d9:ff:4e:4c:b9:f6:ba:
69:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:79:45:A3:5A:AD:0C:EF:A0:21:30:A8:25:17:3C:D4:A9:33:E0:CA
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/43lFo1qtDO-gITCoJRc81Kkz4Mo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.104.0/22
31.186.180.0/22
Signature Algorithm: sha256WithRSAEncryption
9f:f1:61:40:81:38:ab:39:f5:98:5e:af:25:f7:18:12:43:5c:
0b:b2:89:98:b0:15:35:4c:c3:31:21:55:3e:37:01:a5:9c:e3:
24:60:5c:48:69:4d:f6:e3:de:ec:88:46:9a:58:90:c5:f7:4e:
1d:ee:fd:f2:86:8d:97:51:6b:48:19:4a:9e:30:23:fd:fc:46:
0e:97:ce:eb:43:18:28:ac:70:02:75:44:d4:a7:31:4d:51:72:
30:aa:15:5e:74:5e:b5:f6:cc:67:8f:5f:85:de:a3:2d:e3:15:
42:88:bf:50:82:e7:aa:d7:0a:05:6d:2f:a5:aa:3b:f1:4a:cd:
73:fa:3c:ca:b4:c8:ee:ea:50:dd:2f:99:cb:ca:c8:fe:54:94:
d1:73:83:53:a0:e9:b4:ac:aa:58:de:55:f4:3c:76:65:06:da:
2e:bd:39:4a:fb:2e:c2:7a:55:d8:90:8d:55:51:03:ea:65:90:
42:28:06:3e:06:35:76:12:fd:08:47:ac:a8:60:4d:52:f2:f3:
a5:66:09:e5:fd:df:fe:c6:0d:26:c6:d1:16:a9:b6:1f:22:7e:
6f:43:6b:55:14:85:d2:e4:c8:f9:24:94:86:a0:6e:4d:38:3a:
55:13:d5:e0:92:52:6e:32:0c:f6:ff:d6:14:13:de:c3:a7:fa:
1e:f9:09:dc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY4xo4qrgCHyL6perAJ9mgDaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQwMzEyMDc0OTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzc5NDVhMzVhYWQwY2VmYTAyMTMwYTgyNTE3M2NkNGE5MzNlMGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp0JcEMEE+Mry8zzPZ4bzYeVg+wUh
rylsx32L/lHzwgvqaR2YBU9j20hHj1KtmKi7xX+Yzu/O51ir75pxhl6kGIHG4gIE
e3OAFMkkZ9FR44c3GWZHKonQB1IRV1qRaoHh/dIrjXElyPaVpVUhqH5IkFsojATG
Hca15gnTQL1iwMbUGdBwi4PJ+TXPKVre1vJr/HiF4K6/nsuXoB0QRd/qc1hqfgAg
Ju5Gk/yMmQTdXi3zaTMbkNCYDHcsLbws7lOeH4eVBusX2eI1MteRGkDeh8W0+7/N
ZjXHGkvYzdqJU4KUESO4pLDk9YjzgJqzHnR8tIu2GMX7zdn/Tky59rppTQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFON5RaNarQzvoCEwqCUXPNSpM+DKMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvNDNsRm8xcXRETy1nSVRDb0pSYzgxS2t6NE1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCBWZoAwQC
H7q0MA0GCSqGSIb3DQEBCwUAA4IBAQCf8WFAgTirOfWYXq8l9xgSQ1wLsomYsBU1
TMMxIVU+NwGlnOMkYFxIaU32497siEaaWJDF904d7v3yho2XUWtIGUqeMCP9/EYO
l87rQxgorHACdUTUpzFNUXIwqhVedF619sxnj1+F3qMt4xVCiL9Qgueq1woFbS+l
qjvxSs1z+jzKtMju6lDdL5nLysj+VJTRc4NToOm0rKpY3lX0PHZlBtouvTlK+y7C
elXYkI1VUQPqZZBCKAY+BjV2Ev0IR6yoYE1S8vOlZgnl/d/+xg0mxtEWqbYfIn5v
Q2tVFIXS5Mj5JJSGoG5NODpVE9XgklJuMgz2/9YUE97Dp/oe+Qnc
-----END CERTIFICATE-----
Generated at Wed Oct 30 13:28:29 2024 by rpki-client on console-ams.rpki-client.org