Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/n-qbOQrNufkv-gsfPp3P8wKjgNg.roa
File: n-qbOQrNufkv-gsfPp3P8wKjgNg.roa (raw, json)
Hash identifier: jyb5k+yMGJpiZxXPSvDE7Mu5+mtx31ByivkL1QSrRKs=
Subject key identifier: 9F:EA:9B:39:0A:CD:B9:F9:2F:FA:0B:1F:3E:9D:CF:F3:02:A3:80:D8
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018DE97495FF54E738E29A8EF57ACDC26BC7
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/n-qbOQrNufkv-gsfPp3P8wKjgNg.roa
Signing time: Tue 27 Feb 2024 07:25:48 +0000
ROA not before: Tue 27 Feb 2024 07:25:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 5.102.96.0/20 maxlen: 24
5.102.96.0/21 maxlen: 24
31.186.180.0/22 maxlen: 22
149.126.88.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 01 Mar 2024 18:39:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:e9:74:95:ff:54:e7:38:e2:9a:8e:f5:7a:cd:c2:6b:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Feb 27 07:25:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9fea9b390acdb9f92ffa0b1f3e9dcff302a380d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:f3:10:04:7d:2b:07:1d:5c:24:74:e7:06:cd:
ca:28:7e:9d:9b:2a:0b:d3:e9:50:c9:e2:e2:49:04:
50:42:c6:52:de:dc:e7:81:ed:f1:e9:ab:91:09:7b:
c3:11:ed:f3:58:af:6e:7d:e0:5b:c9:bc:f0:64:e2:
32:b0:aa:fa:65:0a:39:ec:da:f3:fb:f3:4d:91:fb:
ed:f4:15:47:fe:f2:98:d5:84:8f:fd:51:9a:87:ae:
d7:b8:a3:d6:0d:f9:60:80:84:64:30:5d:27:02:cf:
32:e2:c6:45:02:53:aa:2c:bd:27:c9:38:73:0a:bc:
c1:79:c2:75:8c:f2:54:4a:e1:c9:e9:f0:81:1e:16:
7f:60:99:6c:51:68:11:a3:04:db:48:63:9c:9a:ec:
ec:13:5e:7e:11:32:87:85:78:ac:e9:4c:53:ea:e3:
f0:36:df:f7:65:4d:e1:bf:6c:cf:c5:55:83:0e:f3:
96:df:21:5b:d5:8d:b2:64:5c:ce:91:63:0a:03:c0:
60:d3:e5:2b:7b:7d:df:73:1c:2c:b9:31:c7:76:28:
7a:95:e9:81:c6:2c:c2:d6:13:15:64:b4:b1:d2:c2:
14:22:63:28:10:d5:17:fd:1a:2d:ed:bf:dc:3b:b0:
20:40:2a:e7:fc:19:d4:88:95:a3:fe:c7:65:2b:83:
0d:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:EA:9B:39:0A:CD:B9:F9:2F:FA:0B:1F:3E:9D:CF:F3:02:A3:80:D8
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/n-qbOQrNufkv-gsfPp3P8wKjgNg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0/20
31.186.180.0/22
149.126.88.0/22
Signature Algorithm: sha256WithRSAEncryption
2e:eb:9e:cf:20:4f:c2:32:61:b1:ca:be:b1:6c:46:83:41:cc:
00:85:66:b6:42:59:f8:7a:a6:6f:90:3a:b9:50:63:72:4c:6a:
29:8c:39:fb:ed:c5:1a:da:6d:f8:8f:6a:89:38:25:25:0c:29:
77:19:91:12:3d:ea:03:c6:ed:28:d4:25:2d:fe:ea:c2:27:ba:
4b:1c:d3:d1:50:84:65:04:93:dc:a6:ba:84:6d:bb:95:bb:fb:
7e:49:fa:ac:39:5e:50:b1:be:70:93:0a:30:67:5c:15:82:53:
21:38:af:83:70:43:ef:a2:d2:3f:61:cd:4d:7c:6b:c7:b8:b8:
d0:b2:d6:be:d6:5d:a1:29:af:f7:b8:a3:0c:e2:8c:fa:2f:ff:
5a:8c:63:4b:33:bf:5c:5d:53:99:aa:30:5e:48:e1:f9:31:16:
a5:18:59:6a:04:ac:86:44:60:79:23:bb:bd:4d:ad:0a:5d:e5:
88:ce:91:5a:f2:81:cf:91:11:25:52:27:0b:76:66:85:74:c4:
6d:8c:ac:ed:07:41:d2:ba:1c:37:7b:d9:2e:36:fb:12:3e:17:
17:f2:0e:1c:78:52:55:a8:ca:c6:40:5a:12:c2:41:5b:6f:8a:
3d:b5:34:be:68:bc:ed:94:9e:cb:8e:81:6a:f6:0e:01:77:6f:
17:49:eb:45
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY3pdJX/VOc44pqO9XrNwmvHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQwMjI3MDcyNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmVhOWIzOTBhY2RiOWY5MmZmYTBiMWYzZTlkY2ZmMzAyYTM4MGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnfMQBH0rBx1cJHTnBs3KKH6dmyoL
0+lQyeLiSQRQQsZS3tznge3x6auRCXvDEe3zWK9ufeBbybzwZOIysKr6ZQo57Nrz
+/NNkfvt9BVH/vKY1YSP/VGah67XuKPWDflggIRkMF0nAs8y4sZFAlOqLL0nyThz
CrzBecJ1jPJUSuHJ6fCBHhZ/YJlsUWgRowTbSGOcmuzsE15+ETKHhXis6UxT6uPw
Nt/3ZU3hv2zPxVWDDvOW3yFb1Y2yZFzOkWMKA8Bg0+Ure33fcxwsuTHHdih6lemB
xizC1hMVZLSx0sIUImMoENUX/Rot7b/cO7AgQCrn/BnUiJWj/sdlK4MNewIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJ/qmzkKzbn5L/oLHz6dz/MCo4DYMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvbi1xYk9Rck51Zmt2LWdzZlBwM1A4d0tqZ05nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEBWZgAwQC
H7q0AwQClX5YMA0GCSqGSIb3DQEBCwUAA4IBAQAu657PIE/CMmGxyr6xbEaDQcwA
hWa2Qln4eqZvkDq5UGNyTGopjDn77cUa2m34j2qJOCUlDCl3GZESPeoDxu0o1CUt
/urCJ7pLHNPRUIRlBJPcprqEbbuVu/t+SfqsOV5Qsb5wkwowZ1wVglMhOK+DcEPv
otI/Yc1NfGvHuLjQsta+1l2hKa/3uKMM4oz6L/9ajGNLM79cXVOZqjBeSOH5MRal
GFlqBKyGRGB5I7u9Ta0KXeWIzpFa8oHPkRElUicLdmaFdMRtjKztB0HSuhw3e9ku
NvsSPhcX8g4ceFJVqMrGQFoSwkFbb4o9tTS+aLztlJ7LjoFq9g4Bd28XSetF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:36 2024 by rpki-client on console-fra.rpki-client.org