Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/FWCyFtR7DmUNnJj9LjhGHc8DLMU.roa
File: FWCyFtR7DmUNnJj9LjhGHc8DLMU.roa (raw, json)
Hash identifier: fT7lZi76pnWUqWsGUdRcNsbfU1yIo78dwoJpHApo+nA=
Subject key identifier: 15:60:B2:16:D4:7B:0E:65:0D:9C:98:FD:2E:38:46:1D:CF:03:2C:C5
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018D6119C9167D60F5B1CFE385F1F40164FB
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/FWCyFtR7DmUNnJj9LjhGHc8DLMU.roa
Signing time: Wed 31 Jan 2024 19:58:16 +0000
ROA not before: Wed 31 Jan 2024 19:58:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 5.102.96.0/20 maxlen: 24
5.102.96.0/21 maxlen: 24
5.102.124.0/22 maxlen: 22
Validation: Failed, certificate revoked on Sat 03 Feb 2024 07:50:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:61:19:c9:16:7d:60:f5:b1:cf:e3:85:f1:f4:01:64:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Jan 31 19:58:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1560b216d47b0e650d9c98fd2e38461dcf032cc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:00:b3:cc:68:5f:11:a0:e0:ff:7f:bc:1a:98:
4b:8e:a1:a4:dc:f1:ca:9b:9b:68:fb:80:14:03:6c:
cc:91:39:3b:b6:89:be:75:53:da:04:8a:2f:b1:0f:
60:a7:2d:bd:5a:38:ac:b4:d8:24:98:11:c7:3e:58:
45:04:33:f1:fe:be:9a:81:03:e5:11:1a:05:02:a8:
82:6c:07:4d:60:7c:00:24:03:b7:c3:81:0d:74:25:
f1:53:f2:5f:8a:28:15:5d:25:95:3f:15:57:86:9f:
73:26:76:94:15:9c:f3:54:7d:c2:71:1a:48:30:ec:
fe:8c:a2:60:7e:79:5e:1d:1d:92:f7:56:4d:00:de:
24:de:4b:de:bc:16:5c:df:17:e9:ce:f2:f9:8a:fe:
eb:80:71:11:86:da:70:ab:70:99:37:84:63:cc:a8:
d9:2e:82:d5:73:2a:31:a9:b7:95:44:36:30:a4:4f:
55:b9:d4:f1:dd:e5:65:df:cd:6e:62:76:3d:d2:83:
93:f0:08:4e:f6:53:6f:ca:6e:49:57:51:b0:83:1b:
a3:53:53:7d:73:9c:8b:12:7b:5a:e5:80:f1:4a:8d:
98:49:f1:c9:d6:78:cc:22:3a:b4:41:c1:e9:5f:d5:
fc:cd:6e:79:bd:59:ca:b5:1d:c3:32:2f:8c:ee:f0:
ea:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:60:B2:16:D4:7B:0E:65:0D:9C:98:FD:2E:38:46:1D:CF:03:2C:C5
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/FWCyFtR7DmUNnJj9LjhGHc8DLMU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0/20
5.102.124.0/22
Signature Algorithm: sha256WithRSAEncryption
6c:21:db:59:0a:02:2f:ba:44:d3:7c:76:75:95:54:bd:f1:be:
92:28:46:30:99:d8:40:0c:6e:6e:76:71:3d:42:00:8e:b7:9a:
eb:88:3b:fe:d5:b5:42:c1:cd:6b:18:71:62:82:15:87:c4:2f:
9f:17:2c:2d:49:e4:f3:c9:77:11:e2:b4:a8:bb:10:d9:44:71:
51:2a:53:fd:1c:33:4d:01:b6:87:07:16:38:8e:36:52:2f:dd:
b2:0d:e2:1d:cb:38:50:58:56:09:7d:da:cf:86:7c:3f:6a:93:
48:14:4f:24:81:ff:ba:71:6d:20:d0:fb:55:62:93:15:21:02:
91:ef:c0:c7:14:b3:bd:d6:7c:09:4d:63:ae:ff:81:fb:23:12:
b3:f5:04:6d:f6:ac:bb:06:85:8c:b6:85:75:87:a4:80:60:ab:
92:6f:bd:f2:18:07:97:e2:ea:04:b3:50:2d:53:6a:d0:71:0f:
2d:fc:1a:8f:8e:75:2f:be:a4:d3:e1:dc:1f:aa:9f:2f:d5:df:
c5:e1:67:e0:2f:2d:41:84:11:87:98:fe:ac:9d:c6:d7:a2:d6:
bc:73:e7:4d:d3:32:9d:f3:d8:90:c7:86:76:bf:8e:d5:a4:a1:
a8:8b:4a:6c:a6:80:16:ba:a1:3c:9a:d2:97:e3:7d:cd:5a:d0:
25:ee:2c:ea
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY1hGckWfWD1sc/jhfH0AWT7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQwMTMxMTk1ODE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTYwYjIxNmQ0N2IwZTY1MGQ5Yzk4ZmQyZTM4NDYxZGNmMDMyY2M1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkACzzGhfEaDg/3+8GphLjqGk3PHK
m5to+4AUA2zMkTk7tom+dVPaBIovsQ9gpy29WjistNgkmBHHPlhFBDPx/r6agQPl
ERoFAqiCbAdNYHwAJAO3w4ENdCXxU/JfiigVXSWVPxVXhp9zJnaUFZzzVH3CcRpI
MOz+jKJgfnleHR2S91ZNAN4k3kvevBZc3xfpzvL5iv7rgHERhtpwq3CZN4RjzKjZ
LoLVcyoxqbeVRDYwpE9VudTx3eVl381uYnY90oOT8AhO9lNvym5JV1GwgxujU1N9
c5yLEnta5YDxSo2YSfHJ1njMIjq0QcHpX9X8zW55vVnKtR3DMi+M7vDqtwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBVgshbUew5lDZyY/S44Rh3PAyzFMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvRldDeUZ0UjdEbVVObkpqOUxqaEdIYzhETE1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEBWZgAwQC
BWZ8MA0GCSqGSIb3DQEBCwUAA4IBAQBsIdtZCgIvukTTfHZ1lVS98b6SKEYwmdhA
DG5udnE9QgCOt5rriDv+1bVCwc1rGHFighWHxC+fFywtSeTzyXcR4rSouxDZRHFR
KlP9HDNNAbaHBxY4jjZSL92yDeIdyzhQWFYJfdrPhnw/apNIFE8kgf+6cW0g0PtV
YpMVIQKR78DHFLO91nwJTWOu/4H7IxKz9QRt9qy7BoWMtoV1h6SAYKuSb73yGAeX
4uoEs1AtU2rQcQ8t/BqPjnUvvqTT4dwfqp8v1d/F4WfgLy1BhBGHmP6sncbXota8
c+dN0zKd89iQx4Z2v47VpKGoi0pspoAWuqE8mtKX433NWtAl7izq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:47 2024 by rpki-client on console-ams.rpki-client.org