Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/RIcAA5Xfoivcq8Vz9CImKaGN2aU.roa
File: RIcAA5Xfoivcq8Vz9CImKaGN2aU.roa (raw, json)
Hash identifier: NIN1YpEA/RrlYCuRWhy8rfOfbEUdcHbjrkeD+PHPD7o=
Subject key identifier: 44:87:00:03:95:DF:A2:2B:DC:AB:C5:73:F4:22:26:29:A1:8D:D9:A5
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018F76EF9D03F2E1893CD17F16999E8AE68C
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/RIcAA5Xfoivcq8Vz9CImKaGN2aU.roa
Signing time: Tue 14 May 2024 11:49:25 +0000
ROA not before: Tue 14 May 2024 11:49:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 5.102.108.0/22 maxlen: 22
5.102.124.0/22 maxlen: 22
92.114.40.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sat 08 Jun 2024 08:20:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:76:ef:9d:03:f2:e1:89:3c:d1:7f:16:99:9e:8a:e6:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: May 14 11:49:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4487000395dfa22bdcabc573f4222629a18dd9a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:5c:f9:cb:51:74:7c:19:44:c8:32:5a:7c:95:
ef:e4:d1:a3:bc:7b:a1:a8:1b:2b:ff:6f:1a:60:7f:
2b:1a:ae:a5:2f:bb:61:dd:af:65:5b:6c:4e:26:a2:
08:e1:2c:87:c0:ce:dc:d1:00:2f:df:44:f5:a4:12:
87:96:49:32:cc:ff:5e:34:aa:74:5d:22:47:ff:5a:
c8:e5:78:65:00:c9:12:24:ee:3e:8d:a4:73:2e:c5:
8e:8d:e9:3a:55:30:5d:7e:f7:ec:73:a2:cd:07:f4:
3d:b6:9d:13:7a:e8:65:25:6e:00:2c:d7:8c:59:d0:
46:ef:9e:87:3d:c4:d5:c7:3a:d1:50:73:0c:07:c9:
ac:59:57:ad:db:e8:ff:94:b1:0a:ba:c5:94:4e:5c:
56:9a:6a:9c:fe:24:6a:5a:25:5a:16:fa:1b:e3:27:
89:50:7c:3d:d3:f2:af:e6:a7:cf:90:b6:ab:ff:5e:
86:36:26:8f:10:ca:a8:6f:60:57:65:d6:ef:17:62:
da:1f:01:2b:33:b2:f1:a6:1b:21:d3:cb:e1:ff:b9:
54:93:99:a2:ce:58:cf:e8:53:d2:60:91:59:c4:3c:
f5:39:2a:4e:c5:26:20:5c:4a:12:8f:bc:4e:2f:9d:
48:b5:f1:ae:8b:fa:78:ef:fd:6e:14:57:a0:9a:fc:
a6:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:87:00:03:95:DF:A2:2B:DC:AB:C5:73:F4:22:26:29:A1:8D:D9:A5
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/RIcAA5Xfoivcq8Vz9CImKaGN2aU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.108.0/22
5.102.124.0/22
92.114.40.0/22
Signature Algorithm: sha256WithRSAEncryption
9a:fd:5a:6e:15:e9:dd:9c:bb:18:3b:4d:60:90:f2:1f:cd:57:
06:3a:55:5f:d3:3d:77:d0:6f:65:8a:72:b6:d3:37:79:92:e8:
3d:21:f3:a0:55:11:4b:aa:6f:0a:e7:36:41:86:a2:e3:e6:5a:
36:20:8b:b5:67:1f:b1:8b:b8:26:7a:50:0c:72:36:6e:e3:66:
92:71:21:dd:08:53:28:14:69:db:4c:80:8a:f8:6e:25:43:91:
1b:a6:09:97:1c:e5:b7:61:4a:3e:36:5f:97:56:31:12:ee:84:
5c:63:9e:af:e2:82:e3:6a:f5:9d:7e:e2:fa:fa:a6:2a:5f:e2:
57:4c:74:03:b4:b6:1a:bf:13:36:82:d9:63:63:c7:1f:e8:fd:
9e:94:ab:4a:e1:f5:c7:09:9f:ea:2d:4d:5e:07:a5:e6:a0:17:
cb:00:af:83:56:9d:2d:12:9c:c7:21:45:12:5a:27:32:e0:ca:
e0:1b:72:f6:62:74:f0:8c:2f:49:08:61:a3:4b:d2:ea:0b:31:
43:33:2b:a2:79:61:de:64:50:3f:8a:db:2b:ec:13:c3:4e:b5:
77:95:7c:20:57:77:55:e5:28:1e:ec:4c:f0:cc:30:38:38:b0:
0e:a5:33:dc:ca:83:c4:65:2c:dc:b3:26:be:3e:4b:9a:b8:98:
e2:30:7f:06
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY92750D8uGJPNF/FpmeiuaMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQwNTE0MTE0OTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDg3MDAwMzk1ZGZhMjJiZGNhYmM1NzNmNDIyMjYyOWExOGRkOWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwlz5y1F0fBlEyDJafJXv5NGjvHuh
qBsr/28aYH8rGq6lL7th3a9lW2xOJqII4SyHwM7c0QAv30T1pBKHlkkyzP9eNKp0
XSJH/1rI5XhlAMkSJO4+jaRzLsWOjek6VTBdfvfsc6LNB/Q9tp0TeuhlJW4ALNeM
WdBG756HPcTVxzrRUHMMB8msWVet2+j/lLEKusWUTlxWmmqc/iRqWiVaFvob4yeJ
UHw90/Kv5qfPkLar/16GNiaPEMqob2BXZdbvF2LaHwErM7Lxphsh08vh/7lUk5mi
zljP6FPSYJFZxDz1OSpOxSYgXEoSj7xOL51ItfGui/p47/1uFFegmvymZwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFESHAAOV36Ir3KvFc/QiJimhjdmlMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvUkljQUE1WGZvaXZjcThWejlDSW1LYUdOMmFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCBWZsAwQC
BWZ8AwQCXHIoMA0GCSqGSIb3DQEBCwUAA4IBAQCa/VpuFendnLsYO01gkPIfzVcG
OlVf0z130G9linK20zd5kug9IfOgVRFLqm8K5zZBhqLj5lo2IIu1Zx+xi7gmelAM
cjZu42aScSHdCFMoFGnbTICK+G4lQ5EbpgmXHOW3YUo+Nl+XVjES7oRcY56v4oLj
avWdfuL6+qYqX+JXTHQDtLYavxM2gtljY8cf6P2elKtK4fXHCZ/qLU1eB6XmoBfL
AK+DVp0tEpzHIUUSWicy4MrgG3L2YnTwjC9JCGGjS9LqCzFDMyuieWHeZFA/itsr
7BPDTrV3lXwgV3dV5Sge7EzwzDA4OLAOpTPcyoPEZSzcsya+PkuauJjiMH8G
-----END CERTIFICATE-----
Generated at Sat Jun 8 11:51:19 2024 by rpki-client on console-ams.rpki-client.org