Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/uGEDArHMv2tbRyQR_OevHPunFkE.roa
File: uGEDArHMv2tbRyQR_OevHPunFkE.roa (raw, json)
Hash identifier: hhg2PW/ZR5KeRNB/As+RbzJmuwjjpz/5pRV/ciVr/Nw=
Subject key identifier: B8:61:03:02:B1:CC:BF:6B:5B:47:24:11:FC:E7:AF:1C:FB:A7:16:41
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018C9AC6F19B54F64A68E055C07213227937
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/uGEDArHMv2tbRyQR_OevHPunFkE.roa
Signing time: Sun 24 Dec 2023 07:42:58 +0000
ROA not before: Sun 24 Dec 2023 07:42:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 5.102.96.0/20 maxlen: 24
5.102.96.0/21 maxlen: 24
5.102.116.0/22 maxlen: 22
31.186.180.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 28 Dec 2023 07:23:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:9a:c6:f1:9b:54:f6:4a:68:e0:55:c0:72:13:22:79:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Dec 24 07:42:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b8610302b1ccbf6b5b472411fce7af1cfba71641
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:c2:8d:09:66:8f:1b:17:7f:dc:ba:53:8b:cc:
a7:a9:3b:7c:95:d3:cd:34:97:75:8f:ba:cc:f3:8d:
3f:61:2f:df:37:01:f5:dc:61:c3:e6:61:88:f0:6d:
4e:4e:c2:84:1e:c6:f0:d6:b0:c1:e2:b0:7d:57:9d:
c4:a2:b3:60:a6:4b:c9:54:cf:8c:d7:c6:54:a7:58:
1d:53:d8:a1:b7:ca:19:6f:51:3b:ed:ed:f5:ff:8c:
45:23:02:1c:c0:8f:bd:ff:f0:8b:51:5e:1b:0b:d1:
3c:fc:13:a3:02:86:94:36:89:64:be:6b:54:d1:76:
4e:95:e7:22:f7:39:0c:11:d8:63:79:fb:b3:89:86:
a9:d6:de:80:eb:82:cb:6a:53:65:de:7e:89:af:b5:
4f:fc:d5:f4:5a:af:ff:6b:fd:56:ab:4d:ad:5f:71:
d0:ea:c7:3b:b3:a9:f0:26:4a:8f:58:3d:4f:9b:65:
7f:4e:b6:50:43:b8:04:90:19:67:cf:06:12:c1:55:
bb:2c:6c:64:76:5d:3f:fb:ab:3e:ce:6f:d5:31:fe:
c2:7d:e7:27:30:c0:5c:f7:57:2f:63:22:74:90:b9:
12:d4:48:cb:61:ab:83:d2:56:f2:85:34:b3:5d:2d:
a5:f4:bb:1a:38:15:fb:d8:db:ab:fc:74:61:0c:0d:
bc:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:61:03:02:B1:CC:BF:6B:5B:47:24:11:FC:E7:AF:1C:FB:A7:16:41
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/uGEDArHMv2tbRyQR_OevHPunFkE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0/20
5.102.116.0/22
31.186.180.0/22
Signature Algorithm: sha256WithRSAEncryption
9a:7b:54:e6:23:5e:23:32:6f:d4:30:d4:15:9f:59:e7:7b:ad:
dc:58:09:df:cd:0b:e1:01:d9:0c:e6:11:67:11:99:23:74:64:
ae:c6:1c:7f:28:3d:00:7a:95:c7:18:bd:8b:aa:87:be:98:19:
a7:bd:04:59:bf:f3:00:b8:60:50:fa:6a:b6:13:ab:33:76:b5:
52:2d:94:0e:0e:90:95:10:e8:73:a0:38:ce:51:3e:42:9b:80:
e2:ba:d6:ab:ca:5f:1d:19:8c:8f:1e:04:4b:f7:6d:3b:84:f4:
16:55:aa:3e:ad:32:88:97:69:07:d2:18:c6:7b:01:f5:94:ab:
04:b3:1d:5e:2c:01:5a:3f:53:e5:18:6e:15:de:a0:e4:53:8d:
09:c7:d7:26:98:4a:ec:ad:e3:aa:6f:9b:f4:67:9f:90:c6:f1:
c4:e1:25:1f:7f:46:ad:dc:0b:4f:81:79:8b:8e:e9:e7:15:75:
99:95:4d:ad:8f:57:76:3b:11:2f:fe:1f:cd:27:dd:97:4f:67:
45:e1:90:42:90:f8:3f:d1:0d:79:c2:9f:34:50:38:f2:87:0b:
cd:c0:ef:aa:db:2d:b2:91:bd:55:6a:83:ca:95:ce:a9:12:3e:
9d:40:fc:d9:5a:2b:16:c0:6a:f3:ee:38:05:10:fc:0f:e4:dc:
63:ce:64:fa
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYyaxvGbVPZKaOBVwHITInk3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMxMjI0MDc0MjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODYxMDMwMmIxY2NiZjZiNWI0NzI0MTFmY2U3YWYxY2ZiYTcxNjQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn8KNCWaPGxd/3LpTi8ynqTt8ldPN
NJd1j7rM840/YS/fNwH13GHD5mGI8G1OTsKEHsbw1rDB4rB9V53EorNgpkvJVM+M
18ZUp1gdU9iht8oZb1E77e31/4xFIwIcwI+9//CLUV4bC9E8/BOjAoaUNolkvmtU
0XZOleci9zkMEdhjefuziYap1t6A64LLalNl3n6Jr7VP/NX0Wq//a/1Wq02tX3HQ
6sc7s6nwJkqPWD1Pm2V/TrZQQ7gEkBlnzwYSwVW7LGxkdl0/+6s+zm/VMf7Cfecn
MMBc91cvYyJ0kLkS1EjLYauD0lbyhTSzXS2l9LsaOBX72Nur/HRhDA28lwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLhhAwKxzL9rW0ckEfznrxz7pxZBMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvdUdFREFySE12MnRiUnlRUl9PZXZIUHVuRmtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEBWZgAwQC
BWZ0AwQCH7q0MA0GCSqGSIb3DQEBCwUAA4IBAQCae1TmI14jMm/UMNQVn1nne63c
WAnfzQvhAdkM5hFnEZkjdGSuxhx/KD0AepXHGL2Lqoe+mBmnvQRZv/MAuGBQ+mq2
E6szdrVSLZQODpCVEOhzoDjOUT5Cm4Diutaryl8dGYyPHgRL9207hPQWVao+rTKI
l2kH0hjGewH1lKsEsx1eLAFaP1PlGG4V3qDkU40Jx9cmmErsreOqb5v0Z5+QxvHE
4SUff0at3AtPgXmLjunnFXWZlU2tj1d2OxEv/h/NJ92XT2dF4ZBCkPg/0Q15wp80
UDjyhwvNwO+q2y2ykb1VaoPKlc6pEj6dQPzZWisWwGrz7jgFEPwP5NxjzmT6
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:47 2024 by rpki-client on console-ams.rpki-client.org