Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/N2jplfqlZOai3OrZ1OOk1dbcRgM.roa
File: N2jplfqlZOai3OrZ1OOk1dbcRgM.roa (raw, json)
Hash identifier: avybr4fQmmn9nqxfpZ+7YgjBWsObaXd3/gYGDxm5xTY=
Subject key identifier: 37:68:E9:95:FA:A5:64:E6:A2:DC:EA:D9:D4:E3:A4:D5:D6:DC:46:03
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018C540A75CEAC72CFD5BE9D0B498EF29D95
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/N2jplfqlZOai3OrZ1OOk1dbcRgM.roa
Signing time: Sun 10 Dec 2023 14:03:40 +0000
ROA not before: Sun 10 Dec 2023 14:03:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 82.163.104.0/21 maxlen: 24
5.102.96.0/19 maxlen: 24
5.102.96.0/20 maxlen: 24
5.102.112.0/20 maxlen: 24
Validation: Failed, certificate revoked on Mon 11 Dec 2023 19:08:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:54:0a:75:ce:ac:72:cf:d5:be:9d:0b:49:8e:f2:9d:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Dec 10 14:03:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3768e995faa564e6a2dcead9d4e3a4d5d6dc4603
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:45:04:31:62:ed:0b:39:31:95:20:09:99:28:
64:7d:8c:0b:4d:a1:14:a4:16:8b:22:23:4a:59:4c:
12:dc:1c:4e:4f:bc:cd:ba:e8:69:14:fc:06:6b:fd:
24:4b:dd:3f:2a:18:b7:17:75:74:c7:e8:4e:c5:bf:
3f:31:9e:e8:87:9b:ff:81:e8:fe:cf:fa:a6:24:f9:
bf:40:86:38:66:d9:01:e3:e3:e9:2b:07:cb:d5:05:
c9:00:d5:10:da:5d:d9:09:07:a4:9e:84:9d:df:8a:
f1:5d:73:21:fd:ca:a4:7d:62:e0:8a:2a:fa:5a:87:
4f:cf:c2:0b:7c:16:0c:ec:90:01:1e:1a:f8:23:03:
b3:b6:bb:45:d5:fc:7c:cf:c6:15:9c:ac:61:14:fd:
68:d0:b9:0e:9a:d9:5f:b0:9f:21:b1:9e:86:86:e7:
fa:4b:50:2c:79:da:6b:c3:60:94:1a:3b:39:81:60:
b6:a7:99:18:ab:cf:3e:60:cf:a0:fb:ee:73:a1:79:
e0:ad:3f:35:b9:b1:8f:7b:6e:15:95:93:2b:25:1c:
3e:a0:ff:3b:d2:ce:98:fe:fd:68:cb:6e:7a:0f:6e:
60:c5:47:80:24:3a:5b:c6:8e:6e:d0:7d:cd:7a:3a:
97:6e:19:d4:7b:34:ac:f4:aa:e3:2b:8e:1a:1d:29:
62:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:68:E9:95:FA:A5:64:E6:A2:DC:EA:D9:D4:E3:A4:D5:D6:DC:46:03
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/N2jplfqlZOai3OrZ1OOk1dbcRgM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0/19
82.163.104.0/21
Signature Algorithm: sha256WithRSAEncryption
44:e3:7f:3a:dc:12:1e:89:8e:ec:22:c2:79:c9:dd:70:8c:eb:
0b:3b:1b:a8:73:e3:94:87:4c:cd:c6:d9:ea:82:d7:6c:2d:11:
91:86:7b:dd:94:32:3d:0b:ec:69:e2:63:e9:d5:3e:33:73:40:
2b:2b:e5:50:21:45:f5:f0:3e:36:c2:59:1b:c9:73:69:b6:60:
5f:89:a0:0e:34:d4:f4:63:ac:03:00:9f:e4:9c:56:13:74:1a:
91:de:d3:49:de:89:10:51:41:0f:ee:f3:f5:86:dc:72:95:0f:
c9:41:b9:4e:c4:a2:cb:13:b7:e3:5d:20:85:51:98:e9:67:a2:
4f:cb:52:21:86:d9:67:6d:87:57:da:a3:93:2e:43:05:e2:5c:
3a:50:d1:86:97:4e:97:dd:2e:4a:73:06:f3:30:c0:ea:eb:aa:
52:b5:62:d9:de:c6:2a:a7:35:46:37:ee:ec:0d:66:a9:15:38:
bf:38:9b:a2:e7:d6:10:dc:ef:59:88:62:bf:db:92:31:f8:b8:
fb:e5:ca:53:ff:80:40:f1:7f:72:70:f5:48:b6:4c:d9:89:6a:
88:4e:ba:00:45:11:3d:44:dc:2a:e0:08:e4:33:66:80:f3:13:
32:a5:d1:48:17:05:50:41:68:e4:88:bf:fa:65:e5:7d:a9:b3:
58:03:c3:4c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYxUCnXOrHLP1b6dC0mO8p2VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMxMjEwMTQwMzQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzY4ZTk5NWZhYTU2NGU2YTJkY2VhZDlkNGUzYTRkNWQ2ZGM0NjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmEUEMWLtCzkxlSAJmShkfYwLTaEU
pBaLIiNKWUwS3BxOT7zNuuhpFPwGa/0kS90/Khi3F3V0x+hOxb8/MZ7oh5v/gej+
z/qmJPm/QIY4ZtkB4+PpKwfL1QXJANUQ2l3ZCQeknoSd34rxXXMh/cqkfWLgiir6
WodPz8ILfBYM7JABHhr4IwOztrtF1fx8z8YVnKxhFP1o0LkOmtlfsJ8hsZ6Ghuf6
S1Asedprw2CUGjs5gWC2p5kYq88+YM+g++5zoXngrT81ubGPe24VlZMrJRw+oP87
0s6Y/v1oy256D25gxUeAJDpbxo5u0H3NejqXbhnUezSs9KrjK44aHSlixwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDdo6ZX6pWTmotzq2dTjpNXW3EYDMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvTjJqcGxmcWxaT2FpM09yWjFPT2sxZGJjUmdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFBWZgAwQD
UqNoMA0GCSqGSIb3DQEBCwUAA4IBAQBE43863BIeiY7sIsJ5yd1wjOsLOxuoc+OU
h0zNxtnqgtdsLRGRhnvdlDI9C+xp4mPp1T4zc0ArK+VQIUX18D42wlkbyXNptmBf
iaAONNT0Y6wDAJ/knFYTdBqR3tNJ3okQUUEP7vP1htxylQ/JQblOxKLLE7fjXSCF
UZjpZ6JPy1IhhtlnbYdX2qOTLkMF4lw6UNGGl06X3S5KcwbzMMDq66pStWLZ3sYq
pzVGN+7sDWapFTi/OJui59YQ3O9ZiGK/25Ix+Lj75cpT/4BA8X9ycPVItkzZiWqI
TroARRE9RNwq4AjkM2aA8xMypdFIFwVQQWjkiL/6ZeV9qbNYA8NM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:35 2024 by rpki-client on console-fra.rpki-client.org