Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/BvIe2RZqXIynBm5n9j-pirL4dTM.roa
File: BvIe2RZqXIynBm5n9j-pirL4dTM.roa (raw, json)
Hash identifier: djrrBx/AmkDbLwbd5XbP5wi2KHfbwkiPFHAE6mlj6NU=
Subject key identifier: 06:F2:1E:D9:16:6A:5C:8C:A7:06:6E:67:F6:3F:A9:8A:B2:F8:75:33
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018F24C563C2AE0B41CE1178D51045DBCE02
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/BvIe2RZqXIynBm5n9j-pirL4dTM.roa
Signing time: Sun 28 Apr 2024 12:54:26 +0000
ROA not before: Sun 28 Apr 2024 12:54:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 5.102.96.0/20 maxlen: 24
5.102.96.0/21 maxlen: 24
Validation: Failed, certificate revoked on Tue 14 May 2024 11:49:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:24:c5:63:c2:ae:0b:41:ce:11:78:d5:10:45:db:ce:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Apr 28 12:54:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=06f21ed9166a5c8ca7066e67f63fa98ab2f87533
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:83:3a:e9:6d:d6:b2:80:dd:61:7f:35:0c:de:
3b:73:5a:ad:c3:5a:03:e6:60:04:67:19:ef:85:e3:
0f:fd:61:9e:36:a3:31:07:87:94:db:d6:d9:6e:e1:
12:26:7e:0f:e3:09:8a:f1:70:a6:fc:11:37:46:ec:
fd:09:1a:1c:56:13:02:a3:7a:34:28:13:f7:25:8b:
83:d8:1d:97:48:f8:c0:9e:29:72:e4:1d:db:c6:39:
2a:a7:79:c3:aa:55:79:62:4d:48:31:34:52:ef:cd:
49:d3:5b:b6:f2:2c:da:44:7e:b5:5e:31:fa:06:08:
10:c7:63:c6:a5:b1:37:ed:78:af:97:66:ff:f4:bb:
e3:80:d0:4f:b0:0b:d7:2a:de:c5:fd:1d:c3:e4:4a:
5d:d0:b8:8b:65:ae:c7:00:d0:68:b4:1f:44:e4:34:
54:32:8b:7c:64:65:3c:e7:89:cd:df:c1:c1:13:9a:
de:37:a2:76:f2:2e:6c:37:e8:e9:60:33:1b:b2:06:
96:b9:48:f9:f8:21:3c:d5:b1:3c:12:30:90:33:b4:
cb:d1:cd:e6:d8:fd:70:3d:76:05:e1:4f:00:d7:92:
16:df:82:94:84:08:50:4e:9d:8a:63:90:27:7d:4c:
70:c0:1a:d6:12:02:7b:d5:5c:67:75:6d:03:1f:fe:
63:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:F2:1E:D9:16:6A:5C:8C:A7:06:6E:67:F6:3F:A9:8A:B2:F8:75:33
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/BvIe2RZqXIynBm5n9j-pirL4dTM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0/20
Signature Algorithm: sha256WithRSAEncryption
2c:e2:f3:74:f5:8d:aa:3c:2e:6b:93:d2:b6:d8:a7:7e:90:9c:
72:2c:e9:6e:50:e2:de:0a:d7:5b:09:db:ed:84:97:9b:12:fe:
68:3a:a3:1a:f1:c2:88:f5:87:bf:74:ec:43:42:6c:10:6f:a7:
2f:2b:db:07:18:bb:5c:e2:7b:e3:af:23:09:60:07:dc:a6:63:
cb:c1:5d:86:db:01:f0:0c:a0:d7:34:35:5d:f1:59:72:f8:6b:
fe:78:6f:d7:a5:ee:f1:b7:5a:e3:db:f7:f9:26:30:05:29:c5:
0c:11:cc:ec:fa:29:17:c4:12:83:51:a2:82:72:70:3e:65:5a:
bb:be:17:97:a9:e0:69:a1:26:6f:ec:9b:90:a9:fb:76:88:55:
79:96:50:94:e1:44:a1:3f:00:a1:52:a0:60:4a:22:0c:ba:0d:
3e:86:37:89:2d:dd:47:09:d5:ba:1c:c5:d9:2e:11:8e:09:61:
16:b1:03:5f:2c:8e:3c:c0:dc:ba:dd:b7:6d:de:72:27:f1:4c:
57:20:a2:aa:32:27:0e:53:c1:97:98:af:19:21:a9:bd:09:64:
94:e0:68:54:b6:ba:80:b6:bd:fd:43:d7:7f:fb:98:25:00:fe:
0e:c6:38:df:a1:29:77:f9:15:f1:24:bd:43:a1:06:78:74:51:
37:87:9c:7f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY8kxWPCrgtBzhF41RBF284CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQwNDI4MTI1NDI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmYyMWVkOTE2NmE1YzhjYTcwNjZlNjdmNjNmYTk4YWIyZjg3NTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl4M66W3WsoDdYX81DN47c1qtw1oD
5mAEZxnvheMP/WGeNqMxB4eU29bZbuESJn4P4wmK8XCm/BE3Ruz9CRocVhMCo3o0
KBP3JYuD2B2XSPjAnily5B3bxjkqp3nDqlV5Yk1IMTRS781J01u28izaRH61XjH6
BggQx2PGpbE37Xivl2b/9LvjgNBPsAvXKt7F/R3D5Epd0LiLZa7HANBotB9E5DRU
Mot8ZGU854nN38HBE5reN6J28i5sN+jpYDMbsgaWuUj5+CE81bE8EjCQM7TL0c3m
2P1wPXYF4U8A15IW34KUhAhQTp2KY5AnfUxwwBrWEgJ71VxndW0DH/5jwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAbyHtkWalyMpwZuZ/Y/qYqy+HUzMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvQnZJZTJSWnFYSXluQm01bjlqLXBpckw0ZFRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEBWZgMA0G
CSqGSIb3DQEBCwUAA4IBAQAs4vN09Y2qPC5rk9K22Kd+kJxyLOluUOLeCtdbCdvt
hJebEv5oOqMa8cKI9Ye/dOxDQmwQb6cvK9sHGLtc4nvjryMJYAfcpmPLwV2G2wHw
DKDXNDVd8Vly+Gv+eG/Xpe7xt1rj2/f5JjAFKcUMEczs+ikXxBKDUaKCcnA+ZVq7
vheXqeBpoSZv7JuQqft2iFV5llCU4UShPwChUqBgSiIMug0+hjeJLd1HCdW6HMXZ
LhGOCWEWsQNfLI48wNy63bdt3nIn8UxXIKKqMicOU8GXmK8ZIam9CWSU4GhUtrqA
tr39Q9d/+5glAP4OxjjfoSl3+RXxJL1DoQZ4dFE3h5x/
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:47 2024 by rpki-client on console-ams.rpki-client.org