Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/LZniuENumE0bENbg5AdKY3qPvnE.roa
File: LZniuENumE0bENbg5AdKY3qPvnE.roa (raw, json)
Hash identifier: csLidtg7fGWDeU2Tny+ZKsOaoERUB7Qqpxu/WOmdSoE=
Subject key identifier: 2D:99:E2:B8:43:6E:98:4D:1B:10:D6:E0:E4:07:4A:63:7A:8F:BE:71
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 01902F49591CC279FB2C1FA2A38AFD8C5753
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/LZniuENumE0bENbg5AdKY3qPvnE.roa
Signing time: Wed 19 Jun 2024 06:57:34 +0000
ROA not before: Wed 19 Jun 2024 06:57:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 5.102.96.0/20 maxlen: 24
5.102.96.0/21 maxlen: 24
82.163.54.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jul 2024 08:45:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:2f:49:59:1c:c2:79:fb:2c:1f:a2:a3:8a:fd:8c:57:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Jun 19 06:57:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2d99e2b8436e984d1b10d6e0e4074a637a8fbe71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:43:4f:40:2a:14:dd:fb:8d:f6:49:ec:fc:c9:
99:e5:79:c9:e5:1f:8e:95:6b:b3:bf:82:12:b6:1a:
2a:3e:66:96:09:8f:d8:7a:d7:15:8b:c6:10:e4:1d:
c4:91:1c:63:af:c7:cd:10:39:83:4a:f6:28:74:90:
bd:39:2d:8c:ca:8d:af:81:f0:47:d4:c2:69:fd:c2:
f7:36:84:16:6d:e7:49:a7:af:32:c8:e4:4e:4f:4d:
7e:81:2b:e1:1c:63:05:ec:e1:96:17:1c:e6:a7:3f:
d9:42:d6:30:d2:e4:04:d7:3b:a9:a2:84:a5:46:5f:
08:73:9b:eb:14:c8:29:03:69:86:f3:10:18:bc:4d:
f0:1d:1f:49:d4:28:5a:08:11:b8:62:f4:5f:25:cb:
7b:0b:03:35:46:e0:3e:06:18:10:80:b6:29:bb:e8:
d0:cf:83:a4:31:69:4e:64:02:0d:6e:f5:0c:d8:58:
93:90:73:82:c2:9b:41:62:1e:31:9c:66:5e:7d:0f:
b9:e1:46:f4:1b:da:2e:a6:3b:17:76:a6:98:c4:7c:
9b:eb:4d:3a:6b:07:a1:cb:5b:a8:7f:fb:65:96:62:
69:4f:ea:91:8f:35:b8:39:ff:63:56:4a:f0:cf:94:
91:e0:8f:75:ac:d2:96:af:ce:6b:38:99:cd:ed:4e:
b6:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:99:E2:B8:43:6E:98:4D:1B:10:D6:E0:E4:07:4A:63:7A:8F:BE:71
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/LZniuENumE0bENbg5AdKY3qPvnE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0/20
82.163.54.0/23
Signature Algorithm: sha256WithRSAEncryption
17:c7:df:24:0b:bf:ea:f0:0f:a6:ad:36:53:de:62:12:13:10:
90:17:a0:f8:16:72:ac:f2:7d:ea:7b:52:9c:b7:e4:66:01:e8:
63:ca:64:0b:97:2b:19:43:3b:c1:2a:80:c2:ce:cc:f0:bd:10:
f4:74:b2:fa:6a:5f:ef:fd:50:31:19:f4:52:14:e0:7a:46:07:
35:83:b0:60:a6:5d:f3:b0:21:59:0f:8a:21:9b:cb:04:8b:7c:
54:f2:da:4f:53:67:6a:33:ac:2a:38:26:ef:78:15:cc:9a:62:
a1:e8:c5:30:eb:14:3f:47:66:3b:b9:9c:9f:da:20:80:74:1d:
b8:58:80:77:93:0d:26:df:4b:69:a5:eb:33:c9:a2:eb:d1:7a:
4d:a6:05:49:ed:55:9e:3c:e0:b4:75:84:00:99:c8:80:fc:79:
4e:2b:2a:e4:1a:76:16:cd:8a:47:8a:3f:0f:e8:4e:25:a0:e0:
4d:b4:02:3d:62:70:91:0f:53:42:58:61:e4:24:8f:97:c5:cb:
66:35:e2:5f:33:d1:5c:bf:99:a9:06:47:78:66:c6:3b:bc:3a:
59:11:56:06:87:d9:c6:b7:5a:0a:f2:a9:a1:80:a5:42:8b:82:
67:a6:ee:b0:c6:26:b2:96:65:8f:3e:e7:52:88:9b:0d:03:eb:
d2:46:04:98
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZAvSVkcwnn7LB+io4r9jFdTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQwNjE5MDY1NzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDk5ZTJiODQzNmU5ODRkMWIxMGQ2ZTBlNDA3NGE2MzdhOGZiZTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnkNPQCoU3fuN9kns/MmZ5XnJ5R+O
lWuzv4ISthoqPmaWCY/YetcVi8YQ5B3EkRxjr8fNEDmDSvYodJC9OS2Myo2vgfBH
1MJp/cL3NoQWbedJp68yyOROT01+gSvhHGMF7OGWFxzmpz/ZQtYw0uQE1zupooSl
Rl8Ic5vrFMgpA2mG8xAYvE3wHR9J1ChaCBG4YvRfJct7CwM1RuA+BhgQgLYpu+jQ
z4OkMWlOZAINbvUM2FiTkHOCwptBYh4xnGZefQ+54Ub0G9oupjsXdqaYxHyb6006
awehy1uof/tllmJpT+qRjzW4Of9jVkrwz5SR4I91rNKWr85rOJnN7U62ewIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFC2Z4rhDbphNGxDW4OQHSmN6j75xMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvTFpuaXVFTnVtRTBiRU5iZzVBZEtZM3FQdm5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEBWZgAwQB
UqM2MA0GCSqGSIb3DQEBCwUAA4IBAQAXx98kC7/q8A+mrTZT3mISExCQF6D4FnKs
8n3qe1Kct+RmAehjymQLlysZQzvBKoDCzszwvRD0dLL6al/v/VAxGfRSFOB6Rgc1
g7Bgpl3zsCFZD4ohm8sEi3xU8tpPU2dqM6wqOCbveBXMmmKh6MUw6xQ/R2Y7uZyf
2iCAdB24WIB3kw0m30tppeszyaLr0XpNpgVJ7VWePOC0dYQAmciA/HlOKyrkGnYW
zYpHij8P6E4loOBNtAI9YnCRD1NCWGHkJI+XxctmNeJfM9Fcv5mpBkd4ZsY7vDpZ
EVYGh9nGt1oK8qmhgKVCi4Jnpu6wxiaylmWPPudSiJsNA+vSRgSY
-----END CERTIFICATE-----
Generated at Mon Jul 1 10:53:26 2024 by rpki-client on console-ams.rpki-client.org