Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/jCE2BsP6Pyjq9xerq4sTlKl4TnE.roa
File: jCE2BsP6Pyjq9xerq4sTlKl4TnE.roa (raw, json)
Hash identifier: yXTZ040ulTYio+CM3Rh9LJS1QlsBrG28a5EK5Wn+XE8=
Subject key identifier: 8C:21:36:06:C3:FA:3F:28:EA:F7:17:AB:AB:8B:13:94:A9:78:4E:71
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018A25F88AA432A0E1C80519DD31E4702674
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/jCE2BsP6Pyjq9xerq4sTlKl4TnE.roa
Signing time: Thu 24 Aug 2023 05:15:59 +0000
ROA not before: Thu 24 Aug 2023 05:15:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 188.215.120.0/22 maxlen: 24
5.102.96.0/19 maxlen: 24
5.102.96.0/20 maxlen: 24
5.102.112.0/20 maxlen: 24
Validation: Failed, certificate revoked on Mon 28 Aug 2023 10:13:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:25:f8:8a:a4:32:a0:e1:c8:05:19:dd:31:e4:70:26:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Aug 24 05:15:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8c213606c3fa3f28eaf717abab8b1394a9784e71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:07:aa:10:06:5a:58:70:d2:2b:16:77:98:d7:
01:43:de:24:1a:a7:fe:e0:df:88:24:56:da:dc:0b:
1a:9f:a6:37:f3:77:e2:3b:bd:52:f0:5f:3c:20:e4:
14:2f:66:cb:57:1e:d1:88:95:6d:10:77:92:bd:ef:
ee:7a:7b:6f:7d:8e:af:17:55:be:a1:8b:b3:73:65:
ff:1e:05:20:43:d3:57:b4:f1:dd:28:7e:33:8f:c8:
94:f3:74:d2:cd:1b:7d:2f:dd:7c:70:f9:1d:46:30:
f3:8b:6d:b6:be:f9:f9:fe:44:d2:b6:e4:7f:f3:c9:
e5:fa:e4:c4:0e:6f:0d:63:04:ef:30:00:26:d4:d7:
d0:8f:a7:02:dd:66:85:36:0d:ed:d5:c6:10:7d:04:
26:e2:79:2d:97:a3:c7:f5:14:68:5d:4a:b5:a6:54:
b2:48:bb:d9:c9:f2:2b:e4:72:7a:ff:e7:06:66:9c:
95:fe:52:6d:e3:fc:1a:6b:7d:be:84:3a:0a:f7:41:
84:0b:69:7a:bc:2a:68:5f:1b:c7:26:73:99:01:87:
f1:1c:8c:08:ee:ea:4e:d0:a7:ec:86:9e:d5:49:f6:
9d:a9:2e:3b:b8:8b:c3:3d:91:02:8d:c7:21:0a:04:
11:24:f4:3a:71:a6:60:e0:ca:98:1d:45:21:b2:08:
03:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:21:36:06:C3:FA:3F:28:EA:F7:17:AB:AB:8B:13:94:A9:78:4E:71
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/jCE2BsP6Pyjq9xerq4sTlKl4TnE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0/19
188.215.120.0/22
Signature Algorithm: sha256WithRSAEncryption
4a:b8:7f:c2:a2:b7:60:93:c3:c7:c1:da:98:c2:61:32:0b:f7:
46:6d:ce:24:93:7f:25:0f:d1:e6:da:05:ac:93:19:16:1c:ef:
90:52:c7:72:da:ff:a9:1d:c3:1b:e3:55:ea:e6:50:23:c3:2d:
74:10:c1:c7:37:e0:2f:2e:f5:75:6e:17:de:45:ca:4b:91:fe:
03:f4:1d:dd:f5:08:45:0b:b0:5f:d8:a9:20:ce:2a:12:7c:f9:
bf:ff:1f:10:51:45:22:c3:1c:40:6d:19:4c:6f:cb:cf:0e:59:
51:5a:f7:10:45:b8:71:a1:f2:07:c9:9a:58:61:f3:f9:87:68:
d3:4b:94:07:69:7d:19:a3:30:01:c4:6a:a4:4d:3d:04:9e:75:
6b:f7:a0:9c:85:d7:26:61:c9:59:01:3c:fe:a6:13:2b:18:0b:
84:88:5a:30:09:42:42:70:5e:e0:b5:ff:32:e1:d8:67:8c:ac:
d2:60:d2:cd:84:bc:50:da:8a:ba:32:1f:99:62:19:96:ee:6c:
91:05:e7:5e:b3:41:e8:4b:e2:19:fb:98:8f:0b:ca:3a:3b:fa:
79:bf:d8:fe:b8:de:b4:c9:e6:ff:83:d1:90:0f:e9:de:76:49:
09:4d:a7:96:23:8b:6d:3c:41:ea:ab:93:96:f3:dd:59:f5:34:
04:c6:92:63
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYol+IqkMqDhyAUZ3THkcCZ0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMwODI0MDUxNTU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzIxMzYwNmMzZmEzZjI4ZWFmNzE3YWJhYjhiMTM5NGE5Nzg0ZTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhgeqEAZaWHDSKxZ3mNcBQ94kGqf+
4N+IJFba3Asan6Y383fiO71S8F88IOQUL2bLVx7RiJVtEHeSve/uentvfY6vF1W+
oYuzc2X/HgUgQ9NXtPHdKH4zj8iU83TSzRt9L918cPkdRjDzi222vvn5/kTStuR/
88nl+uTEDm8NYwTvMAAm1NfQj6cC3WaFNg3t1cYQfQQm4nktl6PH9RRoXUq1plSy
SLvZyfIr5HJ6/+cGZpyV/lJt4/waa32+hDoK90GEC2l6vCpoXxvHJnOZAYfxHIwI
7upO0Kfshp7VSfadqS47uIvDPZECjcchCgQRJPQ6caZg4MqYHUUhsggDswIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIwhNgbD+j8o6vcXq6uLE5SpeE5xMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvakNFMkJzUDZQeWpxOXhlcnE0c1RsS2w0VG5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFBWZgAwQC
vNd4MA0GCSqGSIb3DQEBCwUAA4IBAQBKuH/Cordgk8PHwdqYwmEyC/dGbc4kk38l
D9Hm2gWskxkWHO+QUsdy2v+pHcMb41Xq5lAjwy10EMHHN+AvLvV1bhfeRcpLkf4D
9B3d9QhFC7Bf2KkgzioSfPm//x8QUUUiwxxAbRlMb8vPDllRWvcQRbhxofIHyZpY
YfP5h2jTS5QHaX0ZozABxGqkTT0EnnVr96CchdcmYclZATz+phMrGAuEiFowCUJC
cF7gtf8y4dhnjKzSYNLNhLxQ2oq6Mh+ZYhmW7myRBedes0HoS+IZ+5iPC8o6O/p5
v9j+uN60yeb/g9GQD+nedkkJTaeWI4ttPEHqq5OW891Z9TQExpJj
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:47 2024 by rpki-client on console-ams.rpki-client.org