Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/vJSpGUOZOufXTaCr62IdO3R0kMM.roa
File: vJSpGUOZOufXTaCr62IdO3R0kMM.roa (raw, json)
Hash identifier: N1JzZEXsnw7aNT/KRT9EcJxV1eUgRbPDEi4VJS0EDmQ=
Subject key identifier: BC:94:A9:19:43:99:3A:E7:D7:4D:A0:AB:EB:62:1D:3B:74:74:90:C3
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018CAF4EFC2F47BD3324171A724B0A29BFB6
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/vJSpGUOZOufXTaCr62IdO3R0kMM.roa
Signing time: Thu 28 Dec 2023 07:23:58 +0000
ROA not before: Thu 28 Dec 2023 07:23:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 5.102.96.0/20 maxlen: 24
5.102.96.0/21 maxlen: 24
31.186.180.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sat 30 Dec 2023 08:35:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:af:4e:fc:2f:47:bd:33:24:17:1a:72:4b:0a:29:bf:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Dec 28 07:23:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bc94a91943993ae7d74da0abeb621d3b747490c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:50:67:af:ee:22:f9:f8:b1:b7:b4:af:20:fc:
49:e4:d4:5b:82:87:bd:0d:1f:b2:75:b3:69:cf:1d:
44:e9:f7:17:56:5d:fc:9a:81:43:94:c2:c9:22:9b:
fa:60:29:f7:c9:1e:26:3e:76:20:c1:ac:e8:c3:f7:
6a:dd:f0:87:1c:2b:2e:13:84:46:ab:b4:9a:bb:56:
33:fd:63:00:d5:89:1d:b9:0c:fe:52:10:09:31:1a:
14:6f:a9:cb:b8:86:2b:2b:e4:79:b3:65:98:f3:fe:
e4:53:02:ec:91:12:92:51:06:be:88:16:78:e6:d3:
4b:1c:1f:1a:1a:2f:fe:73:34:66:21:90:57:05:02:
d2:0b:2c:21:33:b7:ad:19:ae:b6:00:cb:45:05:08:
ec:89:53:f7:bf:2d:89:76:4a:a7:c0:03:65:ce:88:
be:bc:4c:83:15:23:d9:b0:03:64:22:51:2e:2a:25:
22:59:e0:96:a2:c2:54:e8:77:c4:09:e8:6a:8f:7a:
75:75:4a:fd:c6:fe:a7:1a:c5:56:d7:da:a9:bd:9d:
a4:5c:8a:8c:15:69:ff:8e:96:b9:e1:53:f2:eb:1c:
e5:df:c4:fa:68:d3:aa:a3:56:f8:e6:25:f9:5f:60:
cb:4e:e5:e9:f0:32:fe:8e:2d:6c:09:16:04:c2:5e:
b9:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:94:A9:19:43:99:3A:E7:D7:4D:A0:AB:EB:62:1D:3B:74:74:90:C3
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/vJSpGUOZOufXTaCr62IdO3R0kMM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0/20
31.186.180.0/22
Signature Algorithm: sha256WithRSAEncryption
95:ac:fa:96:be:69:74:82:6a:79:dd:c9:6e:20:ab:7a:c1:32:
c0:92:dd:d5:c7:2b:65:6d:0a:1e:d6:84:97:54:e9:6c:40:47:
55:4e:01:8b:fc:4a:2a:31:e8:54:7e:24:54:24:cd:b9:7c:54:
dd:d6:24:36:ef:41:f3:c1:d8:00:8b:bb:07:4e:d8:4d:69:ae:
d3:1d:e7:57:23:ed:9c:52:83:06:56:89:a4:cf:b0:ac:bd:b6:
88:d0:f2:36:2a:d1:4e:7b:32:b4:6f:15:82:cb:ca:08:67:01:
36:81:62:f7:ba:4c:a1:5e:75:a3:79:f7:f3:47:f0:88:6d:f6:
5a:e4:fd:3a:30:e6:0f:c1:a3:de:9c:50:d3:f8:74:45:dc:00:
d8:94:f6:32:e7:42:43:8e:b1:43:d9:1d:19:17:6c:9a:a1:b8:
a9:bb:9a:97:b1:e5:bd:7f:d2:cd:a2:b4:39:dc:f2:b6:c1:5a:
86:a0:73:cd:ae:2d:ea:2f:8b:2d:89:03:06:61:31:8f:55:84:
0b:9c:28:9e:d0:3a:f7:ad:8e:e6:06:bd:19:1b:cb:44:8e:13:
08:e9:2b:34:f7:e6:0e:63:dc:95:fd:82:de:b6:da:10:60:db:
eb:74:a9:d3:8a:68:34:dd:b7:e6:86:2f:01:17:3e:59:6d:a0:
3f:7a:6f:02
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYyvTvwvR70zJBcacksKKb+2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMxMjI4MDcyMzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzk0YTkxOTQzOTkzYWU3ZDc0ZGEwYWJlYjYyMWQzYjc0NzQ5MGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAglBnr+4i+fixt7SvIPxJ5NRbgoe9
DR+ydbNpzx1E6fcXVl38moFDlMLJIpv6YCn3yR4mPnYgwazow/dq3fCHHCsuE4RG
q7Sau1Yz/WMA1YkduQz+UhAJMRoUb6nLuIYrK+R5s2WY8/7kUwLskRKSUQa+iBZ4
5tNLHB8aGi/+czRmIZBXBQLSCywhM7etGa62AMtFBQjsiVP3vy2JdkqnwANlzoi+
vEyDFSPZsANkIlEuKiUiWeCWosJU6HfECehqj3p1dUr9xv6nGsVW19qpvZ2kXIqM
FWn/jpa54VPy6xzl38T6aNOqo1b45iX5X2DLTuXp8DL+ji1sCRYEwl65xQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLyUqRlDmTrn102gq+tiHTt0dJDDMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvdkpTcEdVT1pPdWZYVGFDcjYySWRPM1Iwa01NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEBWZgAwQC
H7q0MA0GCSqGSIb3DQEBCwUAA4IBAQCVrPqWvml0gmp53cluIKt6wTLAkt3Vxytl
bQoe1oSXVOlsQEdVTgGL/EoqMehUfiRUJM25fFTd1iQ270HzwdgAi7sHTthNaa7T
HedXI+2cUoMGVomkz7CsvbaI0PI2KtFOezK0bxWCy8oIZwE2gWL3ukyhXnWjeffz
R/CIbfZa5P06MOYPwaPenFDT+HRF3ADYlPYy50JDjrFD2R0ZF2yaobipu5qXseW9
f9LNorQ53PK2wVqGoHPNri3qL4stiQMGYTGPVYQLnCie0Dr3rY7mBr0ZG8tEjhMI
6Ss09+YOY9yV/YLettoQYNvrdKnTimg03bfmhi8BFz5ZbaA/em8C
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:39 2024 by rpki-client on console-fra.rpki-client.org