Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/rB4Tz30CtqTXXMlQ4EIX95oFfv4.roa
File: rB4Tz30CtqTXXMlQ4EIX95oFfv4.roa (raw, json)
Hash identifier: aiAibvqhWvDv+7FqlfoXt60mtTzel/JJVul6Ns3l7O8=
Subject key identifier: AC:1E:13:CF:7D:02:B6:A4:D7:5C:C9:50:E0:42:17:F7:9A:05:7E:FE
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018CBEE5C49F5611D56518C12AA6229D1C72
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/rB4Tz30CtqTXXMlQ4EIX95oFfv4.roa
Signing time: Sun 31 Dec 2023 08:02:58 +0000
ROA not before: Sun 31 Dec 2023 08:02:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 5.102.96.0/20 maxlen: 24
5.102.96.0/21 maxlen: 24
5.102.108.0/22 maxlen: 22
31.186.180.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:30:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:be:e5:c4:9f:56:11:d5:65:18:c1:2a:a6:22:9d:1c:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Dec 31 08:02:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ac1e13cf7d02b6a4d75cc950e04217f79a057efe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:1c:9a:28:4f:70:70:1b:e5:97:5c:b6:6b:cb:
8e:47:9f:b8:5b:44:ae:e8:c9:41:f1:60:b1:8d:f3:
14:ff:a1:16:2e:a5:2f:eb:a0:19:9d:72:14:a0:6f:
e2:1e:c8:37:58:69:c5:d5:de:3c:2a:5b:9e:32:68:
e2:b0:51:d0:35:e5:6d:81:1d:e1:39:13:db:66:f9:
ea:81:08:62:2b:64:77:2e:ca:3c:e0:7d:ac:3e:84:
57:67:e9:1a:95:ba:10:af:25:50:eb:f5:c2:5d:0f:
5d:18:e3:7e:76:f0:f1:fd:39:f5:ed:97:00:23:59:
a9:2b:ad:07:06:8a:92:96:e7:2a:78:7e:6a:ba:d8:
ee:e6:56:ec:3f:0b:e0:dd:df:20:02:d2:4e:b4:e6:
c7:84:2d:0c:08:7f:48:2a:90:07:e7:b2:40:01:ab:
49:2d:13:6d:2b:65:9a:af:0b:b1:51:68:c9:65:a2:
8c:c4:72:87:9a:50:e7:6f:07:af:49:90:6a:a6:e3:
34:18:6f:47:d6:a6:24:00:3a:97:52:ba:c2:c0:ed:
16:39:7d:d2:b4:a4:62:48:58:de:10:04:eb:86:07:
c1:bc:44:3b:55:75:27:03:6b:77:c8:7f:a6:d6:67:
6c:9e:7f:67:c2:2b:38:a7:f6:1b:78:a1:6e:ec:d4:
ab:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:1E:13:CF:7D:02:B6:A4:D7:5C:C9:50:E0:42:17:F7:9A:05:7E:FE
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/rB4Tz30CtqTXXMlQ4EIX95oFfv4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0/20
31.186.180.0/22
Signature Algorithm: sha256WithRSAEncryption
22:a6:c4:b9:15:01:1d:16:a0:39:81:71:9b:89:ef:9e:3c:a3:
ff:cf:af:4a:8f:dd:73:98:f1:72:ef:4f:a2:06:fc:59:2f:70:
0d:88:c5:be:eb:5e:4b:67:2f:8f:ec:9e:72:5c:35:b3:20:f7:
a1:8a:41:c3:f7:c4:e6:5a:a6:17:de:39:fd:d9:61:86:81:19:
ab:1c:bd:41:c7:b8:1a:17:71:70:58:1a:b3:c9:27:52:81:75:
c8:ca:ec:2c:99:34:3a:5c:1c:71:48:11:2e:ba:21:1f:c5:28:
23:cc:9e:28:c5:a2:36:cc:db:4b:31:fb:54:bf:6c:07:75:1e:
fa:7e:bf:59:f3:b2:dc:10:b8:a8:02:48:25:9f:b4:1b:c3:48:
3f:11:fc:0a:01:a5:45:37:96:7d:b1:98:c3:0b:8b:bb:4d:ac:
44:cd:63:d3:64:5e:10:9a:b4:8c:27:6d:2e:dc:a2:f1:39:75:
ad:9c:ba:df:97:5e:ac:50:2f:fa:39:52:9f:2c:80:ac:0a:96:
73:3a:02:1d:c0:28:49:aa:87:48:b2:b7:89:e8:7c:3e:bf:0e:
96:32:59:f8:bc:e0:19:62:e6:8f:d6:03:51:4f:f6:20:c7:20:
c7:e0:32:d9:1b:31:41:5b:62:64:cf:da:b6:3f:ea:ec:c8:0d:
64:6d:e1:de
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYy+5cSfVhHVZRjBKqYinRxyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMxMjMxMDgwMjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzFlMTNjZjdkMDJiNmE0ZDc1Y2M5NTBlMDQyMTdmNzlhMDU3ZWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgRyaKE9wcBvll1y2a8uOR5+4W0Su
6MlB8WCxjfMU/6EWLqUv66AZnXIUoG/iHsg3WGnF1d48KlueMmjisFHQNeVtgR3h
ORPbZvnqgQhiK2R3Lso84H2sPoRXZ+kalboQryVQ6/XCXQ9dGON+dvDx/Tn17ZcA
I1mpK60HBoqSlucqeH5qutju5lbsPwvg3d8gAtJOtObHhC0MCH9IKpAH57JAAatJ
LRNtK2WarwuxUWjJZaKMxHKHmlDnbwevSZBqpuM0GG9H1qYkADqXUrrCwO0WOX3S
tKRiSFjeEATrhgfBvEQ7VXUnA2t3yH+m1mdsnn9nwis4p/YbeKFu7NSrpwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKweE899Arak11zJUOBCF/eaBX7+MB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvckI0VHozMEN0cVRYWE1sUTRFSVg5NW9GZnY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEBWZgAwQC
H7q0MA0GCSqGSIb3DQEBCwUAA4IBAQAipsS5FQEdFqA5gXGbie+ePKP/z69Kj91z
mPFy70+iBvxZL3ANiMW+615LZy+P7J5yXDWzIPehikHD98TmWqYX3jn92WGGgRmr
HL1Bx7gaF3FwWBqzySdSgXXIyuwsmTQ6XBxxSBEuuiEfxSgjzJ4oxaI2zNtLMftU
v2wHdR76fr9Z87LcELioAkgln7Qbw0g/EfwKAaVFN5Z9sZjDC4u7TaxEzWPTZF4Q
mrSMJ20u3KLxOXWtnLrfl16sUC/6OVKfLICsCpZzOgIdwChJqodIsreJ6Hw+vw6W
Mln4vOAZYuaP1gNRT/YgxyDH4DLZGzFBW2Jkz9q2P+rsyA1kbeHe
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:39 2024 by rpki-client on console-fra.rpki-client.org