Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/ji5KLX0tIR-vNrPKzB4zITRHoCw.roa
File: ji5KLX0tIR-vNrPKzB4zITRHoCw.roa (raw, json)
Hash identifier: e+YsXkERA0KFUMNkeUF3mMRfHppG8vL9ubIuSpPbqBA=
Subject key identifier: 8E:2E:4A:2D:7D:2D:21:1F:AF:36:B3:CA:CC:1E:33:21:34:47:A0:2C
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018C299B6EEB5B33B5B61467FEDF9D41BDCF
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/ji5KLX0tIR-vNrPKzB4zITRHoCw.roa
Signing time: Sat 02 Dec 2023 08:18:21 +0000
ROA not before: Sat 02 Dec 2023 08:18:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 92.114.40.0/22 maxlen: 24
5.102.96.0/19 maxlen: 24
5.102.96.0/20 maxlen: 24
5.102.112.0/20 maxlen: 24
Validation: Failed, certificate revoked on Sun 03 Dec 2023 12:54:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:29:9b:6e:eb:5b:33:b5:b6:14:67:fe:df:9d:41:bd:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Dec 2 08:18:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8e2e4a2d7d2d211faf36b3cacc1e33213447a02c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:63:58:94:27:eb:6a:f2:d7:34:4d:2c:d0:c9:
57:d1:29:e9:c5:22:05:72:aa:9c:47:88:d9:05:9f:
21:81:ad:e7:e2:dd:f0:43:e5:66:ac:8a:dd:68:8b:
49:f8:99:1c:67:08:a7:1c:1f:92:77:52:08:04:bd:
90:98:7a:a0:c3:51:aa:d9:ca:01:7f:4a:0b:87:65:
2a:90:df:1d:6e:0f:33:da:f6:e5:83:6f:8a:26:e0:
1b:84:96:22:0b:9d:e1:2b:b6:15:f8:cc:80:4b:1e:
25:fc:51:19:3a:32:ef:a1:9f:07:66:c0:5b:3d:97:
11:91:dd:6e:76:6b:12:6a:cb:80:31:af:b6:6f:8f:
e2:85:8b:54:d2:40:f5:4d:34:26:60:60:2e:17:ce:
81:02:9b:10:3d:28:4a:2d:f4:fe:1b:b4:c0:ae:60:
c3:4e:4a:fb:8f:c3:9f:64:ef:e4:ba:5d:00:0c:b6:
b0:93:1e:48:79:7c:47:ab:e5:7d:9e:d8:ba:ba:46:
4c:d4:81:5a:4a:0d:5c:70:0a:b4:ee:35:a2:d5:e1:
99:f1:a5:2f:89:a9:b8:65:c7:fb:7c:10:6d:83:ea:
7c:f2:f2:1e:6c:18:8f:40:9f:0e:6c:85:e3:d7:2e:
31:dc:b2:c0:6c:30:86:b8:32:52:89:e1:81:96:d7:
c9:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:2E:4A:2D:7D:2D:21:1F:AF:36:B3:CA:CC:1E:33:21:34:47:A0:2C
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/ji5KLX0tIR-vNrPKzB4zITRHoCw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0/19
92.114.40.0/22
Signature Algorithm: sha256WithRSAEncryption
48:0c:c9:1e:3e:5e:7d:27:e0:68:fa:99:5b:c4:d0:83:66:5f:
6a:53:da:d2:80:7d:88:67:3a:f1:b1:1c:16:bd:70:0a:97:9d:
c4:be:a4:17:c1:cd:b3:ab:60:fc:18:ab:58:62:ae:37:1f:6e:
8e:50:5e:e8:ee:ec:69:45:b5:2b:d5:5b:21:b8:0b:cb:47:76:
cb:3f:ba:51:2c:09:6f:4b:a3:95:d5:cf:0c:a9:52:2b:1e:7c:
1a:04:6a:f6:17:19:2e:c4:4b:e6:4c:ee:ae:7a:3e:33:cb:59:
58:65:5c:96:5d:2d:29:f7:5d:89:c2:73:8a:eb:a4:7e:4e:e9:
52:67:98:58:92:97:78:72:eb:2b:90:75:2c:8d:16:a3:86:ed:
d6:e2:0d:31:09:ec:e0:f4:a5:e1:09:b1:91:ee:91:6e:7a:08:
75:78:e7:ea:1d:3b:c4:b0:68:52:3c:3c:e1:db:3b:14:ae:f6:
b1:e8:f9:01:52:06:92:d9:2d:f9:36:41:12:9d:7b:b8:35:b1:
3f:ef:81:15:74:58:84:11:dd:1c:35:86:3f:bc:eb:ca:c2:60:
77:2c:4c:21:33:2e:6a:11:f6:ea:2a:7b:38:22:1e:ef:c2:28:
57:b0:0c:10:a1:8d:c1:ce:98:a1:37:90:64:ed:51:23:49:3f:
0a:9b:f6:c5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYwpm27rWzO1thRn/t+dQb3PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMxMjAyMDgxODIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTJlNGEyZDdkMmQyMTFmYWYzNmIzY2FjYzFlMzMyMTM0NDdhMDJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiWNYlCfravLXNE0s0MlX0SnpxSIF
cqqcR4jZBZ8hga3n4t3wQ+VmrIrdaItJ+JkcZwinHB+Sd1IIBL2QmHqgw1Gq2coB
f0oLh2UqkN8dbg8z2vblg2+KJuAbhJYiC53hK7YV+MyASx4l/FEZOjLvoZ8HZsBb
PZcRkd1udmsSasuAMa+2b4/ihYtU0kD1TTQmYGAuF86BApsQPShKLfT+G7TArmDD
Tkr7j8OfZO/kul0ADLawkx5IeXxHq+V9nti6ukZM1IFaSg1ccAq07jWi1eGZ8aUv
iam4Zcf7fBBtg+p88vIebBiPQJ8ObIXj1y4x3LLAbDCGuDJSieGBltfJ4QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFI4uSi19LSEfrzazysweMyE0R6AsMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvamk1S0xYMHRJUi12TnJQS3pCNHpJVFJIb0N3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFBWZgAwQC
XHIoMA0GCSqGSIb3DQEBCwUAA4IBAQBIDMkePl59J+Bo+plbxNCDZl9qU9rSgH2I
ZzrxsRwWvXAKl53EvqQXwc2zq2D8GKtYYq43H26OUF7o7uxpRbUr1VshuAvLR3bL
P7pRLAlvS6OV1c8MqVIrHnwaBGr2FxkuxEvmTO6uej4zy1lYZVyWXS0p912JwnOK
66R+TulSZ5hYkpd4cusrkHUsjRajhu3W4g0xCezg9KXhCbGR7pFuegh1eOfqHTvE
sGhSPDzh2zsUrvax6PkBUgaS2S35NkESnXu4NbE/74EVdFiEEd0cNYY/vOvKwmB3
LEwhMy5qEfbqKns4Ih7vwihXsAwQoY3BzpihN5Bk7VEjST8Km/bF
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:47 2024 by rpki-client on console-ams.rpki-client.org