Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/FmbJ3Ew6-10UYGrhqFakC6L4xVU.roa
File: FmbJ3Ew6-10UYGrhqFakC6L4xVU.roa (raw, json)
Hash identifier: WAmsVlt5+xytVq2LErHVGJc+jktYmbGslbWOsgr2yLw=
Subject key identifier: 16:66:C9:DC:4C:3A:FB:5D:14:60:6A:E1:A8:56:A4:0B:A2:F8:C5:55
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018DBAFBD17C7A3A0918D1A08A8DF1086BB9
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/FmbJ3Ew6-10UYGrhqFakC6L4xVU.roa
Signing time: Sun 18 Feb 2024 06:51:21 +0000
ROA not before: Sun 18 Feb 2024 06:51:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 5.102.96.0/20 maxlen: 24
5.102.96.0/21 maxlen: 24
31.186.180.0/22 maxlen: 22
Validation: Failed, certificate revoked on Sat 24 Feb 2024 08:45:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ba:fb:d1:7c:7a:3a:09:18:d1:a0:8a:8d:f1:08:6b:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Feb 18 06:51:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1666c9dc4c3afb5d14606ae1a856a40ba2f8c555
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:34:3a:97:85:42:58:c6:8e:cb:c6:a6:aa:ae:
58:01:fd:28:95:cb:d2:c3:08:51:3b:13:f1:cc:b4:
ae:34:78:b3:82:14:77:6b:c7:a6:80:0c:9d:a9:c1:
e2:6e:dc:aa:3c:db:7c:9d:00:61:86:5e:f3:1a:29:
3b:24:7a:a3:03:62:ea:b9:a1:04:38:d9:fa:f8:e0:
d1:60:38:04:57:b9:2e:f3:4c:57:3e:25:f4:dc:07:
15:35:d1:fe:0f:83:0b:a6:82:70:33:25:01:ba:8f:
5c:32:d5:6f:56:bf:62:92:15:f5:de:53:d5:ea:61:
f9:7e:b2:86:39:5e:76:81:73:c1:e7:25:26:6d:10:
e3:49:50:35:55:a1:f4:e0:22:e4:20:e5:0e:ba:32:
97:98:10:95:6c:3e:13:35:d9:92:d5:d0:38:48:37:
fc:45:57:0c:49:67:7e:b6:cf:ff:a5:8b:88:f4:4e:
f6:29:95:eb:02:8d:e8:95:7e:5b:f5:c9:7e:3a:3c:
f0:fe:47:8c:5d:12:0b:87:ba:21:ed:8b:2b:5d:bd:
32:33:5c:fc:08:eb:61:2c:c8:88:78:4a:59:57:42:
76:bb:89:1b:47:11:e9:21:c9:e7:be:50:2e:a7:bb:
7c:a0:e5:3d:e6:f2:8e:0f:b7:8a:28:e3:f1:26:b0:
7d:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:66:C9:DC:4C:3A:FB:5D:14:60:6A:E1:A8:56:A4:0B:A2:F8:C5:55
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/FmbJ3Ew6-10UYGrhqFakC6L4xVU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0/20
31.186.180.0/22
Signature Algorithm: sha256WithRSAEncryption
27:7a:6d:b0:61:48:e7:76:c1:27:fb:78:9d:54:83:73:a7:38:
e1:33:e7:93:77:57:3b:10:64:b0:16:48:44:a4:48:ed:e0:f6:
e6:13:96:dc:5e:5d:57:54:7b:74:86:aa:76:da:ee:ce:0b:9b:
77:9e:bc:a5:67:0b:33:d8:31:42:be:2f:d4:f7:a3:9f:28:68:
61:35:cb:cc:0a:5f:8b:55:43:f3:75:eb:5b:e8:96:13:7e:a8:
49:2b:ca:b2:05:73:d5:00:85:20:10:da:ae:2c:70:8a:b8:5e:
3d:71:b6:9f:81:6e:36:01:1c:79:66:0a:56:6d:d7:de:92:02:
5c:44:9f:82:07:e1:4b:a4:44:1b:8d:e0:90:c1:0a:77:3b:cb:
f9:e4:53:b8:ef:16:cf:27:4e:27:3d:0e:58:3b:ff:0c:6a:1f:
26:3a:c6:d9:86:6a:5c:a8:d2:c7:37:b6:96:32:b8:50:b7:bc:
d4:0f:9d:9a:f1:de:cb:68:9a:98:80:b9:8f:49:12:53:cb:34:
ed:f9:9a:f7:9b:62:6d:4b:13:d3:23:90:e7:51:cc:eb:1e:e0:
98:05:da:81:09:16:e4:e1:f9:95:c7:fd:07:42:41:c1:87:18:
7b:9a:1c:b9:f9:26:14:37:5e:41:b8:61:d0:bc:18:46:31:b5:
60:9d:e8:c6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY26+9F8ejoJGNGgio3xCGu5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQwMjE4MDY1MTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjY2YzlkYzRjM2FmYjVkMTQ2MDZhZTFhODU2YTQwYmEyZjhjNTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4TQ6l4VCWMaOy8amqq5YAf0olcvS
wwhROxPxzLSuNHizghR3a8emgAydqcHibtyqPNt8nQBhhl7zGik7JHqjA2LquaEE
ONn6+ODRYDgEV7ku80xXPiX03AcVNdH+D4MLpoJwMyUBuo9cMtVvVr9ikhX13lPV
6mH5frKGOV52gXPB5yUmbRDjSVA1VaH04CLkIOUOujKXmBCVbD4TNdmS1dA4SDf8
RVcMSWd+ts//pYuI9E72KZXrAo3olX5b9cl+Ojzw/keMXRILh7oh7YsrXb0yM1z8
COthLMiIeEpZV0J2u4kbRxHpIcnnvlAup7t8oOU95vKOD7eKKOPxJrB9aQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBZmydxMOvtdFGBq4ahWpAui+MVVMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvRm1iSjNFdzYtMTBVWUdyaHFGYWtDNkw0eFZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEBWZgAwQC
H7q0MA0GCSqGSIb3DQEBCwUAA4IBAQAnem2wYUjndsEn+3idVINzpzjhM+eTd1c7
EGSwFkhEpEjt4PbmE5bcXl1XVHt0hqp22u7OC5t3nrylZwsz2DFCvi/U96OfKGhh
NcvMCl+LVUPzdetb6JYTfqhJK8qyBXPVAIUgENquLHCKuF49cbafgW42ARx5ZgpW
bdfekgJcRJ+CB+FLpEQbjeCQwQp3O8v55FO47xbPJ04nPQ5YO/8Mah8mOsbZhmpc
qNLHN7aWMrhQt7zUD52a8d7LaJqYgLmPSRJTyzTt+Zr3m2JtSxPTI5DnUczrHuCY
BdqBCRbk4fmVx/0HQkHBhxh7mhy5+SYUN15BuGHQvBhGMbVgnejG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:35 2024 by rpki-client on console-fra.rpki-client.org