Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/Jz0aLuuVJYxwd19WUmxdLT1F9xI.roa
File: Jz0aLuuVJYxwd19WUmxdLT1F9xI.roa (raw, json)
Hash identifier: WMm7N4wHbvyKOaa6mam+gWKnqmxUnNmqJ8ZdSUI0c/E=
Subject key identifier: 27:3D:1A:2E:EB:95:25:8C:70:77:5F:56:52:6C:5D:2D:3D:45:F7:12
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 0192CD02F93B7FDE5D0F7FD5F102F37CB6B4
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/Jz0aLuuVJYxwd19WUmxdLT1F9xI.roa
Signing time: Sun 27 Oct 2024 08:06:16 +0000
ROA not before: Sun 27 Oct 2024 08:06:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 5.102.96.0/20 maxlen: 24
5.102.96.0/21 maxlen: 24
5.102.96.0/22 maxlen: 24
5.102.100.0/22 maxlen: 24
5.102.116.0/22 maxlen: 24
82.163.96.0/21 maxlen: 24
Validation: Failed, certificate revoked on Mon 28 Oct 2024 07:30:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:cd:02:f9:3b:7f:de:5d:0f:7f:d5:f1:02:f3:7c:b6:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Oct 27 08:06:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=273d1a2eeb95258c70775f56526c5d2d3d45f712
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:9b:c3:91:ab:3b:58:db:eb:82:d1:36:64:10:
6c:af:6e:ac:6e:8b:ac:aa:bd:f1:14:7f:aa:bc:9d:
72:1a:01:64:28:18:0d:11:b6:02:91:1a:d8:08:8c:
1e:c3:01:57:28:d3:22:41:f1:96:f7:e5:b8:41:3f:
b8:62:ef:6c:3d:1b:55:43:ac:06:5b:76:ba:e3:f9:
39:e2:0d:a9:62:f4:bc:11:ba:a6:9f:65:be:b0:38:
38:64:7b:22:e5:2e:fc:bb:bf:a1:4a:5d:98:36:12:
7a:65:8a:ad:ca:8b:cc:31:3b:52:3c:1e:04:7b:fa:
b8:e4:8c:fc:4b:96:dd:71:bc:85:b2:4e:9f:b5:3b:
4f:51:4a:06:b4:eb:d0:20:7e:bc:c0:ab:81:50:c0:
d4:d9:af:93:19:d2:c4:1d:ab:c2:a4:15:1e:07:db:
a3:aa:1e:9f:a2:6d:51:d2:70:78:a9:a5:fc:03:9a:
fb:ff:26:61:34:b9:7e:93:8a:9f:0a:ee:18:6d:ea:
fd:46:2f:ea:3c:a2:2d:07:8c:1a:9a:aa:52:29:0f:
8f:44:87:f6:f5:3a:5b:b3:2e:7c:7b:af:be:0a:81:
ee:2e:a4:6d:51:65:d2:ec:f6:b6:aa:7e:25:f0:21:
45:46:aa:91:4d:88:72:c7:3b:9e:f0:c4:2a:b1:7d:
ea:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:3D:1A:2E:EB:95:25:8C:70:77:5F:56:52:6C:5D:2D:3D:45:F7:12
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/Jz0aLuuVJYxwd19WUmxdLT1F9xI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0/20
5.102.116.0/22
82.163.96.0/21
Signature Algorithm: sha256WithRSAEncryption
13:bb:5a:31:9a:c1:30:39:2f:e3:66:55:e7:8a:3a:71:4a:73:
6f:3d:6a:4a:67:5e:19:a0:6d:87:87:a5:4c:93:b1:5e:b7:66:
f6:04:c6:e0:fd:d5:da:99:c9:fb:3f:0a:38:9b:e4:7e:72:d7:
04:52:f2:14:4c:15:1f:a9:c2:8d:84:b3:0e:eb:f1:7f:f5:9c:
6d:fb:d8:fb:48:53:32:9f:0a:11:99:bd:52:e0:b7:83:ce:22:
cf:89:82:52:f0:f5:7d:04:16:bd:f7:2d:48:13:7c:de:9d:6d:
52:38:9f:0b:67:d7:d0:d4:72:d5:fc:95:fd:e9:b4:5c:dc:01:
02:1d:a6:d1:c2:ca:80:15:0f:cb:e8:18:64:4e:cd:18:2e:c8:
aa:e1:32:e6:25:62:cd:0b:8e:74:6f:da:04:de:3f:91:c9:ca:
9f:10:a7:d0:a3:28:82:af:5b:63:96:35:e8:3a:b6:a4:cf:b1:
48:1a:0b:19:20:3d:2f:51:e3:aa:fd:1b:3b:e6:60:aa:06:c9:
aa:b5:4a:43:8f:fe:a4:fe:8b:a8:66:15:6a:4a:10:e2:4f:a3:
0b:b7:4d:13:43:e2:7a:88:83:79:65:35:2a:3d:9c:5c:1d:89:
d3:78:e3:1a:91:82:01:ec:8f:29:83:c7:1f:75:85:6c:88:a3:
45:de:58:bf
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZLNAvk7f95dD3/V8QLzfLa0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQxMDI3MDgwNjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzNkMWEyZWViOTUyNThjNzA3NzVmNTY1MjZjNWQyZDNkNDVmNzEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ZvDkas7WNvrgtE2ZBBsr26sbous
qr3xFH+qvJ1yGgFkKBgNEbYCkRrYCIwewwFXKNMiQfGW9+W4QT+4Yu9sPRtVQ6wG
W3a64/k54g2pYvS8Ebqmn2W+sDg4ZHsi5S78u7+hSl2YNhJ6ZYqtyovMMTtSPB4E
e/q45Iz8S5bdcbyFsk6ftTtPUUoGtOvQIH68wKuBUMDU2a+TGdLEHavCpBUeB9uj
qh6fom1R0nB4qaX8A5r7/yZhNLl+k4qfCu4Yber9Ri/qPKItB4wamqpSKQ+PRIf2
9Tpbsy58e6++CoHuLqRtUWXS7Pa2qn4l8CFFRqqRTYhyxzue8MQqsX3qwwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCc9Gi7rlSWMcHdfVlJsXS09RfcSMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvSnowYUx1dVZKWXh3ZDE5V1VteGRMVDFGOXhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEBWZgAwQC
BWZ0AwQDUqNgMA0GCSqGSIb3DQEBCwUAA4IBAQATu1oxmsEwOS/jZlXnijpxSnNv
PWpKZ14ZoG2Hh6VMk7Fet2b2BMbg/dXamcn7Pwo4m+R+ctcEUvIUTBUfqcKNhLMO
6/F/9Zxt+9j7SFMynwoRmb1S4LeDziLPiYJS8PV9BBa99y1IE3zenW1SOJ8LZ9fQ
1HLV/JX96bRc3AECHabRwsqAFQ/L6BhkTs0YLsiq4TLmJWLNC450b9oE3j+Rycqf
EKfQoyiCr1tjljXoOrakz7FIGgsZID0vUeOq/Rs75mCqBsmqtUpDj/6k/ouoZhVq
ShDiT6MLt00TQ+J6iIN5ZTUqPZxcHYnTeOMakYIB7I8pg8cfdYVsiKNF3li/
-----END CERTIFICATE-----
Generated at Mon Oct 28 08:56:18 2024 by rpki-client on console-fra.rpki-client.org