Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/jvwdq660-dTsVTaIBxaLJntPMfU.roa
File: jvwdq660-dTsVTaIBxaLJntPMfU.roa (raw, json)
Hash identifier: 4niEyLexzuySp57mBa3l0xpzdAgd4pYa75wSt85tP3Q=
Subject key identifier: 8E:FC:1D:AB:AE:B4:F9:D4:EC:55:36:88:07:16:8B:26:7B:4F:31:F5
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018DFB50BA5687B2CDBA95DF92DBCFDC3A83
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/jvwdq660-dTsVTaIBxaLJntPMfU.roa
Signing time: Fri 01 Mar 2024 18:39:48 +0000
ROA not before: Fri 01 Mar 2024 18:39:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 5.102.96.0/20 maxlen: 24
5.102.96.0/21 maxlen: 24
31.186.180.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 12 Mar 2024 07:49:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:fb:50:ba:56:87:b2:cd:ba:95:df:92:db:cf:dc:3a:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Mar 1 18:39:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8efc1dabaeb4f9d4ec55368807168b267b4f31f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:3d:38:09:51:bc:12:12:1a:3f:35:84:b0:57:
21:f0:8d:59:35:ba:e8:45:96:ea:73:2e:2a:2c:22:
7c:25:1f:e2:b4:12:74:ad:70:dd:29:43:52:99:d1:
fe:56:a5:de:1f:c6:c1:21:87:16:e9:fa:96:b8:09:
eb:94:6b:01:7c:91:16:46:c1:b1:ee:db:f5:78:0a:
b3:65:49:72:31:c8:58:8a:00:92:02:3f:86:56:d6:
46:c2:53:0f:45:a4:4d:f8:36:51:8b:61:ad:5d:91:
a3:24:ee:84:db:c0:69:9a:aa:e8:76:d4:95:e9:83:
11:f2:37:c9:a6:ec:d4:d8:79:65:52:ea:0b:d9:07:
df:4c:c5:d4:20:ad:52:3e:dc:9d:b9:c7:a3:d5:42:
46:55:37:1f:50:29:0f:ef:b2:ec:b1:3a:b3:9c:cc:
68:63:80:94:08:01:58:65:f0:e4:f5:87:79:23:57:
71:0c:01:3d:33:36:01:66:f0:42:02:39:83:1c:0b:
ac:94:51:5b:99:f4:e5:c5:fe:9c:81:4b:41:ea:b1:
b5:91:5b:e9:c2:8e:c0:36:5b:1f:71:af:b5:90:0e:
b5:4c:a2:51:51:40:fa:20:e9:f5:7d:62:5d:e0:b6:
fb:fe:dc:35:5c:ba:5b:f7:53:09:77:71:22:7c:15:
8d:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:FC:1D:AB:AE:B4:F9:D4:EC:55:36:88:07:16:8B:26:7B:4F:31:F5
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/jvwdq660-dTsVTaIBxaLJntPMfU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0/20
31.186.180.0/22
Signature Algorithm: sha256WithRSAEncryption
6a:b8:1c:c3:1a:05:7b:63:05:04:e0:49:aa:09:9d:0c:39:f7:
01:87:35:ed:6c:c3:74:23:04:20:10:77:59:d5:02:3d:3a:bf:
65:97:74:f2:e5:91:cc:40:c0:15:6f:08:80:47:b9:09:b0:03:
e9:be:d7:b0:24:dd:56:f5:54:30:66:96:40:28:0a:1f:57:a1:
e3:b4:b9:c4:90:b4:06:35:f1:38:c2:ee:70:08:f0:ef:f0:b2:
50:65:3a:8a:13:68:12:4b:53:dc:76:c3:5a:29:9c:8e:9c:ff:
9b:5c:29:73:11:95:ef:e7:12:7b:fe:a8:d5:f8:6a:4e:95:8f:
67:29:c5:13:be:24:05:d0:c6:4b:df:71:ad:50:eb:ad:27:75:
7c:7f:a7:78:f0:6a:ad:c0:e6:71:37:be:4e:c9:87:a4:d7:16:
12:ae:81:43:61:9f:90:93:8b:7e:ed:60:b1:ca:46:41:96:ec:
bb:f2:9a:0e:d1:7f:d6:ba:92:04:cd:22:af:4d:ea:73:01:1c:
e8:f3:3f:50:48:67:ef:b0:ef:19:87:86:90:c5:38:69:bc:26:
02:33:84:93:04:5f:69:3d:f9:20:7b:a5:19:04:4c:54:68:c0:
ab:82:62:b9:64:ec:0c:14:54:4a:63:c8:e7:32:35:12:15:c1:
42:7e:1c:6b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY37ULpWh7LNupXfktvP3DqDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQwMzAxMTgzOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWZjMWRhYmFlYjRmOWQ0ZWM1NTM2ODgwNzE2OGIyNjdiNGYzMWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmD04CVG8EhIaPzWEsFch8I1ZNbro
RZbqcy4qLCJ8JR/itBJ0rXDdKUNSmdH+VqXeH8bBIYcW6fqWuAnrlGsBfJEWRsGx
7tv1eAqzZUlyMchYigCSAj+GVtZGwlMPRaRN+DZRi2GtXZGjJO6E28BpmqrodtSV
6YMR8jfJpuzU2HllUuoL2QffTMXUIK1SPtyducej1UJGVTcfUCkP77LssTqznMxo
Y4CUCAFYZfDk9Yd5I1dxDAE9MzYBZvBCAjmDHAuslFFbmfTlxf6cgUtB6rG1kVvp
wo7ANlsfca+1kA61TKJRUUD6IOn1fWJd4Lb7/tw1XLpb91MJd3EifBWNkwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFI78HauutPnU7FU2iAcWiyZ7TzH1MB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvanZ3ZHE2NjAtZFRzVlRhSUJ4YUxKbnRQTWZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEBWZgAwQC
H7q0MA0GCSqGSIb3DQEBCwUAA4IBAQBquBzDGgV7YwUE4EmqCZ0MOfcBhzXtbMN0
IwQgEHdZ1QI9Or9ll3Ty5ZHMQMAVbwiAR7kJsAPpvtewJN1W9VQwZpZAKAofV6Hj
tLnEkLQGNfE4wu5wCPDv8LJQZTqKE2gSS1PcdsNaKZyOnP+bXClzEZXv5xJ7/qjV
+GpOlY9nKcUTviQF0MZL33GtUOutJ3V8f6d48GqtwOZxN75OyYek1xYSroFDYZ+Q
k4t+7WCxykZBluy78poO0X/WupIEzSKvTepzARzo8z9QSGfvsO8Zh4aQxThpvCYC
M4STBF9pPfkge6UZBExUaMCrgmK5ZOwMFFRKY8jnMjUSFcFCfhxr
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:36 2024 by rpki-client on console-fra.rpki-client.org