Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/SdZuyHmKPsFdnpEmly7HuO7_nv4.roa
File: SdZuyHmKPsFdnpEmly7HuO7_nv4.roa (raw, json)
Hash identifier: RUDGtuqsFKK0FzVKIBDMU3t/bHmuwGYST63NuiNlPjU=
Subject key identifier: 49:D6:6E:C8:79:8A:3E:C1:5D:9E:91:26:97:2E:C7:B8:EE:FF:9E:FE
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 0192DCFCA2381062780BB6993ECB7FD47527
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/SdZuyHmKPsFdnpEmly7HuO7_nv4.roa
Signing time: Wed 30 Oct 2024 10:33:17 +0000
ROA not before: Wed 30 Oct 2024 10:33:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29802
IP address blocks: 5.102.104.0/22 maxlen: 24
5.102.116.0/22 maxlen: 22
31.186.180.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 01 Nov 2024 18:57:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:dc:fc:a2:38:10:62:78:0b:b6:99:3e:cb:7f:d4:75:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Oct 30 10:33:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=49d66ec8798a3ec15d9e9126972ec7b8eeff9efe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:ae:bf:2a:9a:8d:2c:9c:fb:6f:32:ce:ce:02:
6a:d0:54:13:15:53:c5:5d:96:83:2b:24:11:bf:4c:
7c:58:1f:40:93:8a:22:cf:14:be:11:c6:28:aa:41:
9b:5d:e4:f2:8c:2e:57:5d:a1:74:e6:a2:a8:97:85:
14:74:8f:e8:d4:10:3c:c1:f1:65:bf:d8:43:24:c7:
5b:b6:51:ad:48:0e:2b:d5:34:6a:4b:89:eb:09:26:
c5:7c:f9:66:76:5e:36:d1:a2:71:7a:10:01:9f:d7:
9e:b1:74:1d:4e:5a:f8:ce:aa:f9:60:a6:7e:10:7c:
71:50:e2:3f:a1:16:3d:bd:df:79:6f:86:77:99:70:
ce:cb:b2:76:b2:a2:33:06:77:35:99:a6:b7:3e:be:
7d:08:7b:5c:8d:59:c6:13:60:56:6b:b4:f4:6a:bc:
1b:62:61:b4:41:2c:d7:a5:bd:b1:2f:95:19:bf:ce:
ee:93:03:d8:64:c5:81:a7:9f:54:21:07:96:73:58:
21:e8:4e:a3:02:c9:08:83:8b:f3:90:6c:38:3c:a7:
cb:c9:75:41:05:16:48:62:a2:19:75:8d:dc:52:b3:
20:c0:c3:7e:18:47:8a:85:10:36:ab:fb:12:21:f2:
c5:8a:0f:bd:b7:3a:8d:a6:2c:86:42:6f:af:e3:84:
60:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:D6:6E:C8:79:8A:3E:C1:5D:9E:91:26:97:2E:C7:B8:EE:FF:9E:FE
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/SdZuyHmKPsFdnpEmly7HuO7_nv4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.104.0/22
5.102.116.0/22
31.186.180.0/22
Signature Algorithm: sha256WithRSAEncryption
41:3a:b1:c5:0e:51:25:02:e9:c0:f6:fb:3f:b8:b3:d8:97:c1:
b3:f0:e4:52:d3:40:f0:58:e9:6c:a5:eb:4f:b2:02:e7:77:69:
b7:c4:b3:bc:8b:10:f8:5b:07:47:e1:bc:d9:5d:a3:cd:3b:46:
54:d6:60:e4:4c:c7:35:d0:d3:11:9a:61:65:db:35:16:7a:d4:
03:89:33:02:e5:e5:be:f0:5d:66:90:f3:aa:54:7c:83:2c:f9:
cb:b7:f6:0d:59:68:e3:39:93:bd:9d:f3:17:f3:18:b8:25:73:
2d:74:b2:fa:b1:44:e9:50:92:3e:a1:31:d1:a6:7c:a5:bf:a1:
45:1f:a5:a6:68:20:91:52:46:84:b0:b3:9f:13:84:cb:0a:3f:
72:8b:67:15:9d:82:24:c6:aa:6f:3f:1f:b3:ea:a4:ff:00:32:
3e:e6:94:05:17:08:4a:59:63:7b:2b:d5:61:c5:fb:3c:ed:4b:
c6:25:ea:34:83:2c:5b:a8:9e:00:df:93:f4:6c:bb:fe:53:29:
a3:a7:f5:68:ac:06:ea:31:29:70:a4:39:17:85:09:10:eb:0a:
2a:9e:e8:84:e1:77:f0:16:6c:32:04:82:72:04:75:7c:5d:05:
b9:c9:9e:f6:c7:9c:e7:89:e0:de:84:79:c8:f8:98:b4:f3:7d:
fd:05:5a:a4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZLc/KI4EGJ4C7aZPst/1HUnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQxMDMwMTAzMzE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWQ2NmVjODc5OGEzZWMxNWQ5ZTkxMjY5NzJlYzdiOGVlZmY5ZWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuq6/KpqNLJz7bzLOzgJq0FQTFVPF
XZaDKyQRv0x8WB9Ak4oizxS+EcYoqkGbXeTyjC5XXaF05qKol4UUdI/o1BA8wfFl
v9hDJMdbtlGtSA4r1TRqS4nrCSbFfPlmdl420aJxehABn9eesXQdTlr4zqr5YKZ+
EHxxUOI/oRY9vd95b4Z3mXDOy7J2sqIzBnc1maa3Pr59CHtcjVnGE2BWa7T0arwb
YmG0QSzXpb2xL5UZv87ukwPYZMWBp59UIQeWc1gh6E6jAskIg4vzkGw4PKfLyXVB
BRZIYqIZdY3cUrMgwMN+GEeKhRA2q/sSIfLFig+9tzqNpiyGQm+v44RgowIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEnWbsh5ij7BXZ6RJpcux7ju/57+MB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvU2RadXlIbUtQc0ZkbnBFbWx5N0h1TzdfbnY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCBWZoAwQC
BWZ0AwQCH7q0MA0GCSqGSIb3DQEBCwUAA4IBAQBBOrHFDlElAunA9vs/uLPYl8Gz
8ORS00DwWOlspetPsgLnd2m3xLO8ixD4WwdH4bzZXaPNO0ZU1mDkTMc10NMRmmFl
2zUWetQDiTMC5eW+8F1mkPOqVHyDLPnLt/YNWWjjOZO9nfMX8xi4JXMtdLL6sUTp
UJI+oTHRpnylv6FFH6WmaCCRUkaEsLOfE4TLCj9yi2cVnYIkxqpvPx+z6qT/ADI+
5pQFFwhKWWN7K9Vhxfs87UvGJeo0gyxbqJ4A35P0bLv+Uymjp/VorAbqMSlwpDkX
hQkQ6woqnuiE4XfwFmwyBIJyBHV8XQW5yZ72x5znieDehHnI+Ji08339BVqk
-----END CERTIFICATE-----
Generated at Fri Nov 1 20:38:00 2024 by rpki-client on console-ams.rpki-client.org