Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/qhzBJ1rdcmXCM2lRD032vAjBo_I.roa
File: qhzBJ1rdcmXCM2lRD032vAjBo_I.roa (raw, json)
Hash identifier: qBkqjazraCv3m07wWMYSgXCm29QJdSuOEqqcJi6XVOk=
Subject key identifier: AA:1C:C1:27:5A:DD:72:65:C2:33:69:51:0F:4D:F6:BC:08:C1:A3:F2
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018FF6EF4933FE92C188FD8AE269B293B9A3
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/qhzBJ1rdcmXCM2lRD032vAjBo_I.roa
Signing time: Sat 08 Jun 2024 08:20:27 +0000
ROA not before: Sat 08 Jun 2024 08:20:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 5.102.108.0/22 maxlen: 22
92.114.40.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sun 07 Jul 2024 09:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:f6:ef:49:33:fe:92:c1:88:fd:8a:e2:69:b2:93:b9:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Jun 8 08:20:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aa1cc1275add7265c23369510f4df6bc08c1a3f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:1d:c3:30:aa:ba:ce:92:ca:9a:f2:40:3d:2d:
be:f9:ad:04:1c:45:2c:a9:91:5a:7c:82:61:5e:e7:
b1:28:11:33:7f:56:de:16:a0:f4:cf:e1:2c:a9:1d:
56:48:fd:53:f4:f5:80:40:28:1c:b0:24:4c:61:3a:
ad:a3:89:4d:cf:9c:4e:4e:f6:eb:81:a7:f2:58:c0:
cc:89:a6:de:5d:9c:bf:1e:f4:9c:f9:96:5d:18:e0:
30:8b:fa:cc:7a:cc:12:2e:8a:1c:c7:d9:65:19:f0:
93:58:b8:1d:42:62:da:58:7b:50:ea:5f:b9:da:ae:
a8:e0:73:6c:b4:93:71:f5:d2:60:95:30:b6:0d:4b:
e0:e5:4a:df:8d:22:40:23:25:3f:ee:63:ff:e6:0c:
b5:f9:07:c5:fc:56:aa:c5:07:e5:43:29:92:84:57:
47:e1:cd:36:ee:a5:4e:00:f0:50:7a:d0:82:cf:9c:
eb:3f:19:08:e6:02:f7:80:7e:88:cb:ab:4c:13:70:
72:e5:ee:6b:fb:d6:76:95:8f:8c:a1:72:2b:73:f9:
6c:e6:04:c1:41:9c:6d:a5:91:1b:c2:48:0d:72:94:
41:2e:97:5f:6b:cf:5a:3b:b8:27:2d:95:90:36:61:
ca:41:8e:10:4e:8b:34:8f:c6:19:0a:11:d7:00:98:
a0:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:1C:C1:27:5A:DD:72:65:C2:33:69:51:0F:4D:F6:BC:08:C1:A3:F2
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/qhzBJ1rdcmXCM2lRD032vAjBo_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.108.0/22
92.114.40.0/22
Signature Algorithm: sha256WithRSAEncryption
2a:15:1e:f6:13:15:73:e7:8c:7d:04:e5:72:e7:18:0e:66:00:
a5:27:1f:00:08:c0:de:c4:4b:1b:d8:10:c8:c7:7a:07:bc:3c:
41:3d:4b:dc:bb:94:a0:83:ca:db:1a:ad:a4:55:dc:30:1b:71:
3d:36:df:2d:e6:87:1c:71:bc:05:56:0c:2d:65:0e:40:d1:e6:
8a:d4:ab:3c:b8:74:5a:04:5b:4b:68:53:4d:39:16:4d:3a:26:
fd:51:df:23:48:4b:9a:92:4e:8b:e6:e1:a6:8b:c8:59:11:e3:
1b:9c:13:aa:4a:48:b3:8e:dc:ed:86:f0:ca:2c:71:68:01:df:
c3:12:d7:9b:5b:82:eb:ab:d3:f3:ab:7f:ef:a9:6c:d8:93:bb:
94:0a:33:4d:4a:35:ce:9e:d5:7f:00:57:4b:31:78:0a:7d:90:
50:70:de:dd:ba:42:cb:29:79:03:04:e7:b3:49:0a:3d:cf:db:
1a:a5:93:4d:78:29:2d:bf:bd:98:bb:43:02:1a:99:6d:ca:ee:
51:09:e4:56:88:6e:0e:5a:69:a3:2a:0a:31:23:e5:b5:b4:de:
c6:85:37:ae:d3:71:2b:a6:a2:24:fb:df:eb:1d:a8:a8:b6:e2:
18:5f:ad:f9:2f:82:a6:8c:08:29:89:fe:80:77:c5:1c:b4:64:
29:50:f9:de
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY/270kz/pLBiP2K4mmyk7mjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQwNjA4MDgyMDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTFjYzEyNzVhZGQ3MjY1YzIzMzY5NTEwZjRkZjZiYzA4YzFhM2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoR3DMKq6zpLKmvJAPS2++a0EHEUs
qZFafIJhXuexKBEzf1beFqD0z+EsqR1WSP1T9PWAQCgcsCRMYTqto4lNz5xOTvbr
gafyWMDMiabeXZy/HvSc+ZZdGOAwi/rMeswSLoocx9llGfCTWLgdQmLaWHtQ6l+5
2q6o4HNstJNx9dJglTC2DUvg5UrfjSJAIyU/7mP/5gy1+QfF/FaqxQflQymShFdH
4c027qVOAPBQetCCz5zrPxkI5gL3gH6Iy6tME3By5e5r+9Z2lY+MoXIrc/ls5gTB
QZxtpZEbwkgNcpRBLpdfa89aO7gnLZWQNmHKQY4QTos0j8YZChHXAJigDwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKocwSda3XJlwjNpUQ9N9rwIwaPyMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvcWh6QkoxcmRjbVhDTTJsUkQwMzJ2QWpCb19JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCBWZsAwQC
XHIoMA0GCSqGSIb3DQEBCwUAA4IBAQAqFR72ExVz54x9BOVy5xgOZgClJx8ACMDe
xEsb2BDIx3oHvDxBPUvcu5Sgg8rbGq2kVdwwG3E9Nt8t5occcbwFVgwtZQ5A0eaK
1Ks8uHRaBFtLaFNNORZNOib9Ud8jSEuakk6L5uGmi8hZEeMbnBOqSkizjtzthvDK
LHFoAd/DEtebW4Lrq9Pzq3/vqWzYk7uUCjNNSjXOntV/AFdLMXgKfZBQcN7dukLL
KXkDBOezSQo9z9sapZNNeCktv72Yu0MCGpltyu5RCeRWiG4OWmmjKgoxI+W1tN7G
hTeu03ErpqIk+9/rHaiotuIYX635L4KmjAgpif6Ad8UctGQpUPne
-----END CERTIFICATE-----
Generated at Sun Jul 7 09:46:35 2024 by rpki-client on console-ams.rpki-client.org