Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/43pBOCzjgjwnGqyNTwrV2ObC1ds.roa
File: 43pBOCzjgjwnGqyNTwrV2ObC1ds.roa (raw, json)
Hash identifier: D5UmPLjx9IOZQiS5gnJLt0aJ1sYSutm/cBBBjIHSTKc=
Subject key identifier: E3:7A:41:38:2C:E3:82:3C:27:1A:AC:8D:4F:0A:D5:D8:E6:C2:D5:DB
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018CCA585FD53DFFC956720BF28590575B6E
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/43pBOCzjgjwnGqyNTwrV2ObC1ds.roa
Signing time: Tue 02 Jan 2024 13:23:58 +0000
ROA not before: Tue 02 Jan 2024 13:23:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 5.102.96.0/20 maxlen: 24
5.102.96.0/21 maxlen: 24
31.186.180.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sun 07 Jan 2024 09:22:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:58:5f:d5:3d:ff:c9:56:72:0b:f2:85:90:57:5b:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Jan 2 13:23:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e37a41382ce3823c271aac8d4f0ad5d8e6c2d5db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:34:8a:b8:7f:20:07:a9:67:10:59:5d:f2:08:
00:14:0f:ab:50:64:c5:80:f6:ec:4a:56:51:e3:cc:
cb:8a:de:c7:3b:a5:1b:f4:5b:7c:08:fe:cb:69:5c:
7f:23:f4:4e:42:0f:1a:b3:65:95:64:bb:85:44:82:
cf:3b:f7:70:01:0c:08:3b:d7:60:cb:1a:5a:f6:27:
a9:6e:4a:e2:99:a5:5c:df:03:a5:62:c9:a5:99:bb:
76:8a:31:a6:8a:cd:90:bf:cc:c8:b2:3b:19:36:d7:
a5:78:17:6e:7a:69:5d:0c:39:c0:fb:af:98:42:28:
0c:c4:7e:55:b4:36:45:cd:6b:f7:8d:c6:6f:12:a0:
5f:15:aa:d5:3f:f4:bf:16:25:2a:15:34:a6:ce:d6:
2f:1f:46:dc:0d:e7:f7:4c:41:15:ef:5d:84:9d:c4:
46:fe:87:d0:47:c1:22:23:52:a5:76:29:f2:c5:d5:
e8:fb:3f:88:7c:82:e7:d2:24:8e:27:4c:46:5f:e6:
b1:a7:b3:b7:9d:c2:48:cc:fe:1b:f2:d2:9f:38:b4:
8b:2d:a2:cc:30:7a:61:27:5d:0e:2c:47:7f:9c:b7:
18:4f:f6:ac:f0:54:44:8d:8a:e7:b1:7d:f8:99:bd:
24:18:03:dc:e5:54:73:86:8b:4d:8e:8a:e4:4f:91:
6d:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:7A:41:38:2C:E3:82:3C:27:1A:AC:8D:4F:0A:D5:D8:E6:C2:D5:DB
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/43pBOCzjgjwnGqyNTwrV2ObC1ds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0/20
31.186.180.0/22
Signature Algorithm: sha256WithRSAEncryption
4e:a1:73:99:4c:11:68:82:1f:f9:3e:4c:78:3a:86:bb:57:ac:
29:15:ed:56:3b:b9:58:53:cd:af:c8:cb:11:ac:fd:fa:8f:81:
88:fa:9c:a1:71:df:a8:37:02:13:d2:4c:bd:44:47:6f:11:b4:
ec:6c:b6:bc:b7:3a:f9:75:5c:84:17:fd:64:f9:5d:91:79:8d:
bc:b8:cf:22:1b:0a:0e:b8:83:2d:f8:49:b4:1e:07:fd:9b:40:
c4:2a:88:85:a2:20:bf:d2:90:5c:0f:95:13:ee:3f:97:c6:55:
34:3b:61:6f:ff:17:2a:2f:76:5e:d4:32:81:21:c0:36:95:72:
72:1b:a5:ed:d2:ff:ff:ae:7f:a8:cc:1a:02:e1:05:67:be:cf:
7f:54:79:e0:9b:74:f7:42:16:9b:64:2f:e1:01:f9:96:24:ad:
e8:18:df:6f:00:3f:9a:8f:a7:40:98:87:de:e2:d9:c1:17:63:
e2:9e:ad:f0:93:3e:65:28:f4:ca:33:9e:cf:b7:32:79:ca:7b:
a6:96:fd:b4:ef:5c:24:fa:40:ef:28:f7:55:6c:28:4c:3a:96:
82:16:af:cc:34:ce:b8:be:b7:2b:26:0f:2e:67:65:13:e9:d0:
3e:98:fb:fb:0d:66:cc:75:24:fc:70:2b:05:67:3b:28:f4:a3:
27:df:44:8d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzKWF/VPf/JVnIL8oWQV1tuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQwMTAyMTMyMzU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzdhNDEzODJjZTM4MjNjMjcxYWFjOGQ0ZjBhZDVkOGU2YzJkNWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApDSKuH8gB6lnEFld8ggAFA+rUGTF
gPbsSlZR48zLit7HO6Ub9Ft8CP7LaVx/I/ROQg8as2WVZLuFRILPO/dwAQwIO9dg
yxpa9iepbkrimaVc3wOlYsmlmbt2ijGmis2Qv8zIsjsZNteleBduemldDDnA+6+Y
QigMxH5VtDZFzWv3jcZvEqBfFarVP/S/FiUqFTSmztYvH0bcDef3TEEV712EncRG
/ofQR8EiI1KldinyxdXo+z+IfILn0iSOJ0xGX+axp7O3ncJIzP4b8tKfOLSLLaLM
MHphJ10OLEd/nLcYT/as8FREjYrnsX34mb0kGAPc5VRzhotNjorkT5FthQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFON6QTgs44I8JxqsjU8K1djmwtXbMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvNDNwQk9DempnanduR3F5TlR3clYyT2JDMWRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEBWZgAwQC
H7q0MA0GCSqGSIb3DQEBCwUAA4IBAQBOoXOZTBFogh/5Pkx4Ooa7V6wpFe1WO7lY
U82vyMsRrP36j4GI+pyhcd+oNwIT0ky9REdvEbTsbLa8tzr5dVyEF/1k+V2ReY28
uM8iGwoOuIMt+Em0Hgf9m0DEKoiFoiC/0pBcD5UT7j+XxlU0O2Fv/xcqL3Ze1DKB
IcA2lXJyG6Xt0v//rn+ozBoC4QVnvs9/VHngm3T3QhabZC/hAfmWJK3oGN9vAD+a
j6dAmIfe4tnBF2Pinq3wkz5lKPTKM57PtzJ5ynumlv2071wk+kDvKPdVbChMOpaC
Fq/MNM64vrcrJg8uZ2UT6dA+mPv7DWbMdST8cCsFZzso9KMn30SN
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:46 2024 by rpki-client on console-ams.rpki-client.org