Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/sK5epq9oOJaMJUdcjiBJUI5ENMI.roa
File: sK5epq9oOJaMJUdcjiBJUI5ENMI.roa (raw, json)
Hash identifier: qgmFLDiNbsn47ep2b3VKkxXPJDfjyzbpRqLbSQ/0kqw=
Subject key identifier: B0:AE:5E:A6:AF:68:38:96:8C:25:47:5C:8E:20:49:50:8E:44:34:C2
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018DDA4BAA6B8E4C5DC4BE70B59781EAB6D2
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/sK5epq9oOJaMJUdcjiBJUI5ENMI.roa
Signing time: Sat 24 Feb 2024 08:46:48 +0000
ROA not before: Sat 24 Feb 2024 08:46:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 5.102.96.0/20 maxlen: 24
5.102.96.0/21 maxlen: 24
5.102.96.0/22 maxlen: 24
31.186.180.0/22 maxlen: 22
149.126.88.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 27 Feb 2024 07:25:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:da:4b:aa:6b:8e:4c:5d:c4:be:70:b5:97:81:ea:b6:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Feb 24 08:46:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b0ae5ea6af6838968c25475c8e2049508e4434c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:36:70:b1:bb:26:bc:1d:90:31:e9:e9:4f:1c:
57:d6:ef:d8:e9:d4:c6:20:0f:b4:67:c1:54:dd:96:
78:e5:54:9a:cc:c2:e1:80:a7:7f:71:a8:da:e5:41:
1a:f3:98:35:b5:c4:82:25:84:8e:a0:30:9b:01:a7:
c3:9a:89:a2:5a:45:01:a8:cc:5b:a2:0f:e7:fe:5e:
ba:47:c9:29:4d:0d:25:70:19:9a:fc:15:c6:4b:97:
52:7c:b2:25:3e:73:0d:e5:85:ae:0d:02:2d:4c:9e:
81:b0:ab:04:b0:89:19:22:20:db:19:48:fe:93:fb:
e1:57:c8:2c:d0:8b:ac:96:d1:c4:e2:0b:02:73:81:
b2:23:97:8f:9c:48:55:c0:fc:5c:95:28:45:8a:9a:
a7:2e:be:24:d5:2a:e5:07:64:71:da:70:a2:9d:f2:
86:fc:11:c2:c1:43:6a:65:a2:35:f2:4c:01:38:57:
72:25:49:4b:2e:8d:8f:c9:03:22:84:12:75:ff:be:
49:bd:01:25:cd:91:98:e6:ef:41:68:8c:d8:c3:62:
67:b0:a0:a5:55:28:bc:86:75:25:80:44:32:2f:62:
f0:fe:b6:80:5a:e5:02:04:d3:13:6c:ce:14:26:3a:
18:23:e4:ef:23:f8:71:74:74:02:4c:f1:fb:40:5a:
1b:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:AE:5E:A6:AF:68:38:96:8C:25:47:5C:8E:20:49:50:8E:44:34:C2
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/sK5epq9oOJaMJUdcjiBJUI5ENMI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0/20
31.186.180.0/22
149.126.88.0/22
Signature Algorithm: sha256WithRSAEncryption
41:b9:0c:70:c5:0e:f9:d8:04:88:ad:66:07:15:58:3f:60:a9:
ae:70:e2:c9:e4:f8:8d:36:bd:ab:6f:ea:16:38:8a:95:aa:51:
f3:9e:41:83:73:fa:7e:ed:17:ca:7a:de:8c:d3:c9:68:46:9e:
ab:cd:bd:92:0e:d8:09:06:4f:b9:1f:82:16:bd:4d:e5:8f:fe:
08:78:b8:19:8d:3c:bc:08:dd:cd:63:31:0d:0b:ce:64:04:2d:
c9:39:ed:9c:0f:18:fd:12:77:7a:1b:e8:8e:15:ca:7c:88:14:
74:d7:2d:3e:e0:02:0a:f4:66:3f:c1:87:b9:f0:37:db:bf:36:
d4:2b:ff:4c:bd:ee:eb:7a:ec:bb:7e:bd:3a:fa:56:b8:13:3e:
e2:e8:98:6c:84:c5:96:cb:57:b0:7b:7d:53:a9:83:67:0d:0a:
05:4f:2b:23:ec:4f:12:66:35:2a:b6:77:3e:fe:9f:1e:ce:27:
cc:23:9c:60:08:e1:3f:53:33:da:26:cf:46:f2:58:ac:f0:93:
a4:b0:e4:66:1a:a8:80:8d:0b:0c:b0:55:ef:85:00:f6:5c:79:
16:57:42:81:e5:07:66:f8:3f:34:96:ca:69:b6:46:09:3c:9e:
99:d4:d1:f3:af:4a:5b:73:70:5d:60:d7:28:5e:32:04:e9:cc:
5d:15:97:05
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY3aS6prjkxdxL5wtZeB6rbSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQwMjI0MDg0NjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGFlNWVhNmFmNjgzODk2OGMyNTQ3NWM4ZTIwNDk1MDhlNDQzNGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlTZwsbsmvB2QMenpTxxX1u/Y6dTG
IA+0Z8FU3ZZ45VSazMLhgKd/caja5UEa85g1tcSCJYSOoDCbAafDmomiWkUBqMxb
og/n/l66R8kpTQ0lcBma/BXGS5dSfLIlPnMN5YWuDQItTJ6BsKsEsIkZIiDbGUj+
k/vhV8gs0IusltHE4gsCc4GyI5ePnEhVwPxclShFipqnLr4k1SrlB2Rx2nCinfKG
/BHCwUNqZaI18kwBOFdyJUlLLo2PyQMihBJ1/75JvQElzZGY5u9BaIzYw2JnsKCl
VSi8hnUlgEQyL2Lw/raAWuUCBNMTbM4UJjoYI+TvI/hxdHQCTPH7QFobaQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLCuXqavaDiWjCVHXI4gSVCORDTCMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvc0s1ZXBxOW9PSmFNSlVkY2ppQkpVSTVFTk1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEBWZgAwQC
H7q0AwQClX5YMA0GCSqGSIb3DQEBCwUAA4IBAQBBuQxwxQ752ASIrWYHFVg/YKmu
cOLJ5PiNNr2rb+oWOIqVqlHznkGDc/p+7RfKet6M08loRp6rzb2SDtgJBk+5H4IW
vU3lj/4IeLgZjTy8CN3NYzENC85kBC3JOe2cDxj9End6G+iOFcp8iBR01y0+4AIK
9GY/wYe58DfbvzbUK/9Mve7reuy7fr06+la4Ez7i6JhshMWWy1ewe31TqYNnDQoF
Tysj7E8SZjUqtnc+/p8ezifMI5xgCOE/UzPaJs9G8lis8JOksORmGqiAjQsMsFXv
hQD2XHkWV0KB5Qdm+D80lspptkYJPJ6Z1NHzr0pbc3BdYNcoXjIE6cxdFZcF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:39 2024 by rpki-client on console-fra.rpki-client.org