Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/PiidKi_dCKG6vT1dygZrQof1Pvs.roa
File: PiidKi_dCKG6vT1dygZrQof1Pvs.roa (raw, json)
Hash identifier: VbMasHNkQ9c1qusafsu58KlJYQBtPHAJLOvCR5OUXq0=
Subject key identifier: 3E:28:9D:2A:2F:DD:08:A1:BA:BD:3D:5D:CA:06:6B:42:87:F5:3E:FB
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018D046407895931CCA7479679556CC4FEBC
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/PiidKi_dCKG6vT1dygZrQof1Pvs.roa
Signing time: Sat 13 Jan 2024 19:54:40 +0000
ROA not before: Sat 13 Jan 2024 19:54:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 5.102.96.0/20 maxlen: 24
5.102.96.0/21 maxlen: 24
31.186.180.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 16 Jan 2024 08:13:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:04:64:07:89:59:31:cc:a7:47:96:79:55:6c:c4:fe:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Jan 13 19:54:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3e289d2a2fdd08a1babd3d5dca066b4287f53efb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:21:a1:c0:6f:90:8d:cd:e3:d8:89:0e:c3:32:
80:8d:17:17:dc:5b:f3:06:9b:f2:36:b3:0b:28:df:
6d:b0:37:32:4d:7b:94:dc:b2:1d:91:5b:9c:b3:50:
cd:f2:38:ec:e2:25:7f:dc:77:4f:88:f8:ca:c4:da:
29:65:62:a3:6c:c0:e8:02:75:6d:b3:8a:50:f0:e6:
af:0f:8a:73:b9:18:70:54:f4:31:72:02:b0:e1:09:
99:a9:e4:c8:1c:ed:4f:ad:f0:b2:e5:30:62:54:78:
fe:69:85:44:0c:e0:2b:5e:3d:db:5f:d2:74:a5:a2:
fc:23:f0:33:a8:66:da:65:b7:9e:c8:53:b4:11:ac:
07:75:25:2e:d6:d8:6a:ba:9b:ab:98:8a:20:ff:62:
c5:6a:aa:ad:3c:51:2c:75:5e:bf:d9:04:f4:4c:4e:
f3:73:91:1a:67:ee:f6:fd:4e:f8:72:25:c9:ca:ef:
3b:a8:16:01:2a:c6:20:d6:b2:aa:3f:50:2b:e6:56:
c3:3d:1e:7b:68:27:96:bf:39:6a:b9:44:95:b2:43:
1a:67:59:5f:a5:f7:52:43:fe:38:71:57:ab:66:74:
0f:74:00:a6:10:d9:90:ff:ca:d3:78:4c:24:a0:d3:
9f:ed:d1:01:d2:7a:c4:e7:bb:7d:58:10:37:d9:81:
c3:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:28:9D:2A:2F:DD:08:A1:BA:BD:3D:5D:CA:06:6B:42:87:F5:3E:FB
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/PiidKi_dCKG6vT1dygZrQof1Pvs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0/20
31.186.180.0/22
Signature Algorithm: sha256WithRSAEncryption
7b:84:f0:b7:3c:f2:ad:6f:94:a5:9e:2c:f6:01:1a:f1:ce:1c:
c2:43:3f:46:d0:d1:94:e5:95:ab:a5:b4:65:02:90:b4:47:4c:
cf:e5:3d:3d:1b:9b:9c:ca:28:8a:44:65:38:88:60:03:2d:36:
f9:65:46:f9:4f:21:3c:10:db:6e:82:25:60:28:b6:a2:83:31:
c3:25:ba:40:51:7e:d5:0d:a0:0d:4c:0f:48:8f:a2:ee:1a:45:
5f:05:3b:31:6c:ab:79:8c:99:76:04:78:e6:76:23:15:d0:78:
27:c2:5b:ce:9f:2d:4d:89:35:65:c5:ee:50:41:c6:b5:09:94:
eb:07:ed:e5:9d:ac:50:72:fd:69:6c:ef:87:21:70:eb:61:01:
00:be:4f:1e:81:ee:47:b5:7a:91:94:cc:f3:cf:13:9a:5e:ee:
74:52:da:b1:84:c6:bc:2f:76:30:4d:35:79:ce:2d:ec:05:62:
2f:80:0a:4c:83:f8:0f:6d:1f:32:fd:79:98:6e:6d:1b:8d:a0:
26:6c:7b:13:11:18:e3:0f:32:ba:50:b0:1f:35:a1:8f:9d:c0:
02:e9:23:28:92:4d:ab:36:2f:d4:e0:be:e8:d7:dd:66:2b:40:
3e:22:2f:41:67:3a:5e:f7:2e:4e:2c:77:33:9e:41:23:d4:c0:
f3:84:7d:92
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY0EZAeJWTHMp0eWeVVsxP68MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQwMTEzMTk1NDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTI4OWQyYTJmZGQwOGExYmFiZDNkNWRjYTA2NmI0Mjg3ZjUzZWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoyGhwG+Qjc3j2IkOwzKAjRcX3Fvz
BpvyNrMLKN9tsDcyTXuU3LIdkVucs1DN8jjs4iV/3HdPiPjKxNopZWKjbMDoAnVt
s4pQ8OavD4pzuRhwVPQxcgKw4QmZqeTIHO1PrfCy5TBiVHj+aYVEDOArXj3bX9J0
paL8I/AzqGbaZbeeyFO0EawHdSUu1thqupurmIog/2LFaqqtPFEsdV6/2QT0TE7z
c5EaZ+72/U74ciXJyu87qBYBKsYg1rKqP1Ar5lbDPR57aCeWvzlquUSVskMaZ1lf
pfdSQ/44cVerZnQPdACmENmQ/8rTeEwkoNOf7dEB0nrE57t9WBA32YHD0wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFD4onSov3Qihur09XcoGa0KH9T77MB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvUGlpZEtpX2RDS0c2dlQxZHlnWnJRb2YxUHZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEBWZgAwQC
H7q0MA0GCSqGSIb3DQEBCwUAA4IBAQB7hPC3PPKtb5Slniz2ARrxzhzCQz9G0NGU
5ZWrpbRlApC0R0zP5T09G5ucyiiKRGU4iGADLTb5ZUb5TyE8ENtugiVgKLaigzHD
JbpAUX7VDaANTA9Ij6LuGkVfBTsxbKt5jJl2BHjmdiMV0HgnwlvOny1NiTVlxe5Q
Qca1CZTrB+3lnaxQcv1pbO+HIXDrYQEAvk8ege5HtXqRlMzzzxOaXu50UtqxhMa8
L3YwTTV5zi3sBWIvgApMg/gPbR8y/XmYbm0bjaAmbHsTERjjDzK6ULAfNaGPncAC
6SMokk2rNi/U4L7o191mK0A+Ii9BZzpe9y5OLHcznkEj1MDzhH2S
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:47 2024 by rpki-client on console-ams.rpki-client.org