Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/UnZSs5iC4DqKrZ3jO1o4ZmxEWSY.roa
File: UnZSs5iC4DqKrZ3jO1o4ZmxEWSY.roa (raw, json)
Hash identifier: TyQ8TX5KqEnWUjkf0NOw7Xp9AttoRdhc3e7X2voMzcs=
Subject key identifier: 52:76:52:B3:98:82:E0:3A:8A:AD:9D:E3:3B:5A:38:66:6C:44:59:26
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018C5A495BC39689CDB7CB3B162EB76F4B34
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/UnZSs5iC4DqKrZ3jO1o4ZmxEWSY.roa
Signing time: Mon 11 Dec 2023 19:10:06 +0000
ROA not before: Mon 11 Dec 2023 19:10:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 5.102.96.0/19 maxlen: 24
5.102.96.0/20 maxlen: 24
5.102.112.0/20 maxlen: 24
31.186.180.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 15 Dec 2023 17:53:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:5a:49:5b:c3:96:89:cd:b7:cb:3b:16:2e:b7:6f:4b:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Dec 11 19:10:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=527652b39882e03a8aad9de33b5a38666c445926
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:f0:36:96:87:ce:d2:00:06:f9:c6:da:f3:86:
fe:e8:4c:31:62:94:d5:7b:30:1a:45:6a:4d:cb:89:
50:e9:fd:4a:f1:ca:4b:26:89:39:dc:7f:91:0b:7b:
2d:79:e3:0b:12:6e:3e:fa:67:b4:0d:2f:0e:5f:fa:
96:55:8d:5d:3c:72:81:51:60:cd:f9:1b:90:52:9c:
30:0b:c3:57:14:36:fc:33:47:44:b5:39:67:68:14:
19:b2:2a:8f:44:38:b2:2c:39:d5:09:09:fc:8b:1d:
fc:d4:d5:36:e2:55:26:47:f3:93:dc:0e:b6:9e:e8:
4f:c8:4f:38:0f:b0:b3:b9:c6:30:70:6f:fb:94:5c:
92:1f:44:61:dc:3d:41:bc:87:b6:75:ba:62:96:26:
96:78:4e:7a:d3:3e:05:bc:e3:d6:d3:88:42:0e:79:
3a:9d:fa:f5:bc:9b:c8:cd:b0:f7:07:13:d1:55:9e:
db:98:0e:f2:a5:d2:37:d8:6f:91:50:4d:2f:7d:7a:
07:59:f3:42:7c:ee:f6:87:44:0f:58:90:53:55:49:
d2:fd:95:c9:a2:21:6e:f0:3a:a9:49:70:2d:2b:3a:
55:0f:d9:22:ee:b6:22:fc:ec:9e:ac:6a:f3:eb:7d:
d4:3b:f5:ef:d4:70:2f:86:2a:14:7a:b5:f2:82:87:
7a:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:76:52:B3:98:82:E0:3A:8A:AD:9D:E3:3B:5A:38:66:6C:44:59:26
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/UnZSs5iC4DqKrZ3jO1o4ZmxEWSY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0/19
31.186.180.0/22
Signature Algorithm: sha256WithRSAEncryption
37:f3:f8:0d:60:af:0c:d1:52:16:14:8b:8b:90:70:f6:dd:fc:
2e:f4:06:a7:fd:57:ea:41:34:7f:71:fc:76:36:b2:d2:fe:47:
9c:29:95:7e:bb:fe:88:0c:26:f1:8c:f5:90:f0:f4:dc:59:cc:
0d:5c:4e:89:e2:ed:c3:ba:80:58:47:13:a9:4a:30:b2:f6:fa:
54:00:ac:64:ee:39:e7:97:2e:65:02:f5:8a:01:a2:cc:c6:1b:
ba:51:a8:c5:b7:0f:59:84:f9:7f:33:9e:1a:5b:e7:90:7b:8a:
84:c6:06:4c:2c:b6:c4:26:e8:bf:d5:e3:de:fd:94:cb:6d:29:
fc:78:d2:b9:0e:9b:a4:d9:06:67:f3:e6:3f:0f:90:62:89:87:
69:47:31:d1:c2:96:3f:7c:ac:c4:2c:c5:65:dd:2d:22:b9:9b:
46:93:63:27:50:0a:f3:b7:5a:d1:b8:84:e2:46:00:bd:06:0a:
95:cb:fa:54:0a:4b:f2:65:49:45:fe:03:2d:ce:f6:06:a0:76:
cd:d3:a4:2a:5d:e3:4c:0a:a3:a6:7c:0d:a8:81:d2:27:86:84:
77:ba:8e:db:4a:89:fd:5b:57:33:bd:8f:6b:64:31:59:88:5e:
37:ba:73:b8:d3:f2:36:d4:88:60:72:f0:3b:5f:c0:d5:e6:75:
14:31:59:ee
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYxaSVvDlonNt8s7Fi63b0s0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMxMjExMTkxMDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Mjc2NTJiMzk4ODJlMDNhOGFhZDlkZTMzYjVhMzg2NjZjNDQ1OTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxPA2lofO0gAG+cba84b+6EwxYpTV
ezAaRWpNy4lQ6f1K8cpLJok53H+RC3steeMLEm4++me0DS8OX/qWVY1dPHKBUWDN
+RuQUpwwC8NXFDb8M0dEtTlnaBQZsiqPRDiyLDnVCQn8ix381NU24lUmR/OT3A62
nuhPyE84D7CzucYwcG/7lFySH0Rh3D1BvIe2dbpiliaWeE560z4FvOPW04hCDnk6
nfr1vJvIzbD3BxPRVZ7bmA7ypdI32G+RUE0vfXoHWfNCfO72h0QPWJBTVUnS/ZXJ
oiFu8DqpSXAtKzpVD9ki7rYi/OyerGrz633UO/Xv1HAvhioUerXygod64QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFJ2UrOYguA6iq2d4ztaOGZsRFkmMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvVW5aU3M1aUM0RHFLclozak8xbzRabXhFV1NZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFBWZgAwQC
H7q0MA0GCSqGSIb3DQEBCwUAA4IBAQA38/gNYK8M0VIWFIuLkHD23fwu9Aan/Vfq
QTR/cfx2NrLS/kecKZV+u/6IDCbxjPWQ8PTcWcwNXE6J4u3DuoBYRxOpSjCy9vpU
AKxk7jnnly5lAvWKAaLMxhu6UajFtw9ZhPl/M54aW+eQe4qExgZMLLbEJui/1ePe
/ZTLbSn8eNK5Dpuk2QZn8+Y/D5BiiYdpRzHRwpY/fKzELMVl3S0iuZtGk2MnUArz
t1rRuITiRgC9BgqVy/pUCkvyZUlF/gMtzvYGoHbN06QqXeNMCqOmfA2ogdInhoR3
uo7bSon9W1czvY9rZDFZiF43unO40/I21IhgcvA7X8DV5nUUMVnu
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:35 2024 by rpki-client on console-fra.rpki-client.org