Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/7SUrMI537RfQj1_Yevyj-tse9TE.roa
File: 7SUrMI537RfQj1_Yevyj-tse9TE.roa (raw, json)
Hash identifier: D1OSbmzrPKgbnrn2SwNIR3JvNCliAuCT7TX2FibiQIw=
Subject key identifier: ED:25:2B:30:8E:77:ED:17:D0:8F:5F:D8:7A:FC:A3:FA:DB:1E:F5:31
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018CAF4EFCB8A2A46D99000874E84D957994
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/7SUrMI537RfQj1_Yevyj-tse9TE.roa
Signing time: Thu 28 Dec 2023 07:23:58 +0000
ROA not before: Thu 28 Dec 2023 07:23:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 397630
IP address blocks: 5.102.100.0/22 maxlen: 24
5.102.116.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:30:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:af:4e:fc:b8:a2:a4:6d:99:00:08:74:e8:4d:95:79:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Dec 28 07:23:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ed252b308e77ed17d08f5fd87afca3fadb1ef531
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:de:63:d5:54:b2:b7:97:f6:45:81:40:ad:8b:
62:6f:bf:7e:71:21:25:43:03:80:ad:47:97:32:8d:
35:bd:ea:86:fa:3c:9f:b9:8c:cc:20:4e:29:2f:6b:
f7:67:b9:96:9d:65:3c:74:c4:09:9c:a1:ad:7e:e6:
ba:1c:76:c2:48:0f:94:c5:d6:a0:0c:18:5a:34:5d:
78:05:2c:28:d6:30:73:1a:1c:ec:be:8d:f1:2b:d1:
be:43:f8:3a:21:00:ab:51:71:6a:4e:61:be:ca:91:
71:b6:59:0e:d2:33:47:b8:8f:91:92:7c:c7:db:75:
83:e4:a9:ae:a5:09:58:04:15:4e:d0:1d:61:bf:cb:
07:0c:29:24:ba:b4:49:34:fe:97:8d:66:ef:bc:08:
6a:71:28:93:53:1f:39:65:98:f5:6a:19:ac:39:68:
cf:47:89:16:82:4a:e2:1f:3c:3d:af:9f:21:b0:ae:
8f:cd:8e:f7:ed:10:4b:e0:d4:66:c4:5e:7e:5f:fe:
8e:99:42:23:db:a8:f0:b1:3c:12:ec:4b:93:81:86:
51:d3:ed:e1:8f:ad:ed:80:22:e2:d2:72:58:07:42:
4c:e4:cc:24:c5:b5:bb:da:0e:6f:15:91:ab:a6:9b:
10:fa:bb:47:a9:8a:9a:2a:a8:86:19:fb:15:48:81:
ec:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:25:2B:30:8E:77:ED:17:D0:8F:5F:D8:7A:FC:A3:FA:DB:1E:F5:31
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/7SUrMI537RfQj1_Yevyj-tse9TE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.100.0/22
5.102.116.0/22
Signature Algorithm: sha256WithRSAEncryption
04:a3:3c:35:ed:aa:55:b6:59:b9:4a:ce:bf:87:80:64:46:f4:
3b:03:dd:3a:1e:7b:10:78:ef:49:b7:8e:8a:57:a8:eb:d6:f3:
71:b3:6e:45:40:9c:e8:70:0c:03:06:27:8c:65:93:6e:aa:7b:
5b:1d:19:58:50:8c:8a:9b:41:ac:c9:4d:07:cc:86:be:1e:79:
55:da:76:0f:47:ce:72:1c:78:be:98:ef:7f:be:2a:05:c3:3b:
e5:13:44:e7:db:ab:f2:20:1c:20:f9:e0:d1:31:5a:87:56:dd:
04:60:cf:77:72:ca:78:2f:02:62:60:c6:68:71:d5:75:1d:09:
66:b4:dd:81:df:c7:76:80:ea:a5:48:4d:3c:aa:46:cc:fc:e7:
17:6a:0c:65:f3:82:7a:48:20:4e:52:c0:c6:7b:2e:73:33:83:
6a:fb:7a:d9:e4:92:19:29:a5:64:18:db:7c:1e:e3:ff:26:40:
d7:f4:5f:43:9f:98:a3:bf:c1:e4:e3:0c:b5:56:f4:55:f7:ed:
86:e7:46:63:f1:5a:b1:b3:0c:7d:32:fa:bd:a8:e0:5a:42:dc:
3d:05:16:8d:67:c7:bd:11:d1:5d:f3:a7:cb:40:c1:aa:94:f1:
f1:0a:2c:4e:71:ea:be:97:07:da:34:2d:c6:bb:ce:b7:1f:d6:
9e:a9:72:be
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYyvTvy4oqRtmQAIdOhNlXmUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMxMjI4MDcyMzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDI1MmIzMDhlNzdlZDE3ZDA4ZjVmZDg3YWZjYTNmYWRiMWVmNTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqN5j1VSyt5f2RYFArYtib79+cSEl
QwOArUeXMo01veqG+jyfuYzMIE4pL2v3Z7mWnWU8dMQJnKGtfua6HHbCSA+Uxdag
DBhaNF14BSwo1jBzGhzsvo3xK9G+Q/g6IQCrUXFqTmG+ypFxtlkO0jNHuI+RknzH
23WD5KmupQlYBBVO0B1hv8sHDCkkurRJNP6XjWbvvAhqcSiTUx85ZZj1ahmsOWjP
R4kWgkriHzw9r58hsK6PzY737RBL4NRmxF5+X/6OmUIj26jwsTwS7EuTgYZR0+3h
j63tgCLi0nJYB0JM5MwkxbW72g5vFZGrppsQ+rtHqYqaKqiGGfsVSIHs1QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFO0lKzCOd+0X0I9f2Hr8o/rbHvUxMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvN1NVck1JNTM3UmZRajFfWWV2eWotdHNlOVRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCBWZkAwQC
BWZ0MA0GCSqGSIb3DQEBCwUAA4IBAQAEozw17apVtlm5Ss6/h4BkRvQ7A906HnsQ
eO9Jt46KV6jr1vNxs25FQJzocAwDBieMZZNuqntbHRlYUIyKm0GsyU0HzIa+HnlV
2nYPR85yHHi+mO9/vioFwzvlE0Tn26vyIBwg+eDRMVqHVt0EYM93csp4LwJiYMZo
cdV1HQlmtN2B38d2gOqlSE08qkbM/OcXagxl84J6SCBOUsDGey5zM4Nq+3rZ5JIZ
KaVkGNt8HuP/JkDX9F9Dn5ijv8Hk4wy1VvRV9+2G50Zj8Vqxswx9Mvq9qOBaQtw9
BRaNZ8e9EdFd86fLQMGqlPHxCixOceq+lwfaNC3Gu863H9aeqXK+
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:46 2024 by rpki-client on console-ams.rpki-client.org