Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/VzlKkHFEAqUOp1JI4XbxtmJ8Lcc.roa
File: VzlKkHFEAqUOp1JI4XbxtmJ8Lcc.roa (raw, json)
Hash identifier: KY+io6xsNNECbwY6rr2VA8vltLegJlKVFwAEg5rSSgM=
Subject key identifier: 57:39:4A:90:71:44:02:A5:0E:A7:52:48:E1:76:F1:B6:62:7C:2D:C7
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018DAC7CD4D56094E344A7CCD28C4A6180E7
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/VzlKkHFEAqUOp1JI4XbxtmJ8Lcc.roa
Signing time: Thu 15 Feb 2024 11:17:58 +0000
ROA not before: Thu 15 Feb 2024 11:17:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 5.102.96.0/20 maxlen: 24
5.102.96.0/21 maxlen: 24
5.102.120.0/22 maxlen: 22
31.186.180.0/22 maxlen: 22
Validation: Failed, certificate revoked on Sun 18 Feb 2024 06:51:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ac:7c:d4:d5:60:94:e3:44:a7:cc:d2:8c:4a:61:80:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Feb 15 11:17:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=57394a90714402a50ea75248e176f1b6627c2dc7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:d0:59:39:4f:8f:ba:14:5b:ff:e2:76:4f:56:
71:b9:0e:a4:3f:5b:2a:c4:14:10:2d:a8:84:f3:f2:
58:7b:5f:12:a0:eb:95:db:18:cd:40:f2:ee:86:e2:
cf:63:e0:b8:5a:2e:28:af:88:30:b8:df:6c:34:04:
2a:e9:18:30:b2:d0:44:0a:c7:c9:b4:57:c0:55:53:
5d:e4:85:af:84:6f:92:45:2e:d4:bf:61:30:91:df:
65:af:eb:14:cb:98:dd:51:de:b6:d5:5f:dc:0a:b6:
ea:23:1f:fc:fb:c0:90:ed:2c:21:df:63:ae:74:3e:
a4:4a:61:b6:95:af:b9:a2:9c:98:a8:6d:de:f8:bb:
b0:22:5d:fb:e3:d2:1f:0a:68:70:01:6a:5b:a3:9e:
0c:0e:b1:38:1c:62:20:1b:b7:f8:55:8e:b0:1b:ff:
8f:93:5c:f3:d9:fe:77:9f:ca:42:b6:76:e6:9a:54:
6a:82:19:88:2f:98:08:84:b7:f0:c9:d8:8c:85:ec:
47:c8:53:e7:cb:32:5e:74:f4:6d:80:ad:2b:c2:34:
35:b8:9c:30:f3:cd:b2:74:0c:2b:2d:d4:e0:49:45:
bd:49:e0:f8:7d:e2:26:fc:8c:db:92:27:22:6d:f9:
7f:c3:13:a6:74:9a:0c:84:2f:86:fe:74:c4:b6:7a:
18:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:39:4A:90:71:44:02:A5:0E:A7:52:48:E1:76:F1:B6:62:7C:2D:C7
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/VzlKkHFEAqUOp1JI4XbxtmJ8Lcc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0/20
5.102.120.0/22
31.186.180.0/22
Signature Algorithm: sha256WithRSAEncryption
96:d1:eb:e2:fc:2a:ca:c1:a9:ca:66:c9:35:e1:a4:bf:f0:89:
41:61:ac:5d:cb:16:81:13:10:20:55:a4:20:bf:04:f3:7d:62:
8b:2d:cb:b9:5f:13:8d:01:7a:e0:0f:d8:13:51:87:24:94:36:
ab:c7:d8:42:42:d1:fc:48:45:34:d8:7e:4c:c3:44:8e:cd:61:
03:11:91:48:73:d0:f5:e5:16:ce:ee:e6:9f:be:57:7c:89:dd:
d7:f7:bc:17:08:53:21:73:bc:15:7b:83:6f:78:63:73:2e:82:
58:ab:31:6d:74:46:f0:ab:a3:bb:44:bd:53:42:61:d4:50:3f:
e5:7a:fe:c3:5a:33:51:5e:91:2d:46:5e:17:d6:98:46:38:25:
45:00:e6:ac:20:a4:c0:d0:d1:c0:6c:a9:a4:d2:02:47:42:ec:
d5:f7:3d:de:1f:48:6b:22:57:92:78:dd:64:d5:9b:41:29:10:
5f:33:11:0a:da:12:44:6f:e6:60:fd:38:f9:5e:44:2d:d6:8f:
16:2e:df:c6:0c:b0:00:03:9b:d0:22:4f:13:39:b8:d5:5e:bd:
b0:7b:86:3d:c3:7e:37:c9:58:76:42:db:98:aa:70:c3:e4:ef:
3c:0a:d9:e9:5c:22:33:aa:0b:f2:1c:50:d5:95:23:6b:58:33:
b6:7a:d1:f8
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY2sfNTVYJTjRKfM0oxKYYDnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQwMjE1MTExNzU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzM5NGE5MDcxNDQwMmE1MGVhNzUyNDhlMTc2ZjFiNjYyN2MyZGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg9BZOU+PuhRb/+J2T1ZxuQ6kP1sq
xBQQLaiE8/JYe18SoOuV2xjNQPLuhuLPY+C4Wi4or4gwuN9sNAQq6RgwstBECsfJ
tFfAVVNd5IWvhG+SRS7Uv2Ewkd9lr+sUy5jdUd621V/cCrbqIx/8+8CQ7Swh32Ou
dD6kSmG2la+5opyYqG3e+LuwIl3749IfCmhwAWpbo54MDrE4HGIgG7f4VY6wG/+P
k1zz2f53n8pCtnbmmlRqghmIL5gIhLfwydiMhexHyFPnyzJedPRtgK0rwjQ1uJww
882ydAwrLdTgSUW9SeD4feIm/Izbkicibfl/wxOmdJoMhC+G/nTEtnoYGQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFc5SpBxRAKlDqdSSOF28bZifC3HMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvVnpsS2tIRkVBcVVPcDFKSTRYYnh0bUo4TGNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEBWZgAwQC
BWZ4AwQCH7q0MA0GCSqGSIb3DQEBCwUAA4IBAQCW0evi/CrKwanKZsk14aS/8IlB
YaxdyxaBExAgVaQgvwTzfWKLLcu5XxONAXrgD9gTUYcklDarx9hCQtH8SEU02H5M
w0SOzWEDEZFIc9D15RbO7uafvld8id3X97wXCFMhc7wVe4NveGNzLoJYqzFtdEbw
q6O7RL1TQmHUUD/lev7DWjNRXpEtRl4X1phGOCVFAOasIKTA0NHAbKmk0gJHQuzV
9z3eH0hrIleSeN1k1ZtBKRBfMxEK2hJEb+Zg/Tj5XkQt1o8WLt/GDLAAA5vQIk8T
ObjVXr2we4Y9w343yVh2QtuYqnDD5O88CtnpXCIzqgvyHFDVlSNrWDO2etH4
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:47 2024 by rpki-client on console-ams.rpki-client.org