Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/vrNcwWlggJHEKx4M31SLJbpZi20.roa
File: vrNcwWlggJHEKx4M31SLJbpZi20.roa (raw, json)
Hash identifier: 9+Mqct09mSCUnCJpu20KzOCzP2Em7/GZrmFHDR0iYn0=
Subject key identifier: BE:B3:5C:C1:69:60:80:91:C4:2B:1E:0C:DF:54:8B:25:BA:59:8B:6D
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018C91C779818E2160A013EB9602BCF4B570
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/vrNcwWlggJHEKx4M31SLJbpZi20.roa
Signing time: Fri 22 Dec 2023 13:46:58 +0000
ROA not before: Fri 22 Dec 2023 13:46:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 37.218.208.0/21 maxlen: 24
149.126.88.0/22 maxlen: 24
5.102.96.0/20 maxlen: 24
5.102.96.0/21 maxlen: 24
31.186.180.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sat 23 Dec 2023 08:37:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:91:c7:79:81:8e:21:60:a0:13:eb:96:02:bc:f4:b5:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Dec 22 13:46:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=beb35cc169608091c42b1e0cdf548b25ba598b6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:33:f9:8a:65:61:6a:0a:f5:1e:d2:9d:6a:f7:
81:80:14:db:02:e4:d3:db:39:f2:ea:a5:26:07:83:
b3:16:f8:13:9b:b1:dc:70:f6:03:8a:9d:6d:40:78:
12:03:9f:66:3e:92:fd:c3:51:c0:fa:89:a7:37:93:
93:fd:05:7f:b2:fb:68:a4:b5:a8:d5:cb:74:65:2e:
b1:af:39:14:b6:3c:2c:8d:69:6d:28:bd:11:f9:50:
cf:40:66:ec:02:29:6b:10:c3:a8:07:28:f5:58:a8:
61:49:81:d7:1d:34:9a:4f:66:2c:55:bf:a4:12:8f:
98:31:95:f0:aa:67:f1:fa:0a:5d:dc:0a:6a:03:f2:
de:a1:a2:02:d4:a1:e7:2a:c2:77:17:68:1e:5a:89:
e0:a4:96:5d:3e:45:a7:78:ad:37:73:b4:98:14:33:
5d:5b:7f:7c:74:c1:f6:35:34:57:33:9b:85:73:18:
e4:ec:63:46:34:e9:2d:e1:b2:1b:56:b7:04:af:2f:
1e:ac:78:0d:8c:8a:8f:e5:59:eb:45:d3:6f:8e:68:
6e:c0:0a:07:37:b5:5e:2a:9a:cb:d5:8a:2a:b6:dc:
70:f0:3c:56:9d:53:28:64:79:70:2f:8b:4c:af:18:
e1:f9:7f:c0:d5:22:75:fe:06:94:61:76:fb:8b:71:
0d:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:B3:5C:C1:69:60:80:91:C4:2B:1E:0C:DF:54:8B:25:BA:59:8B:6D
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/vrNcwWlggJHEKx4M31SLJbpZi20.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0/20
31.186.180.0/22
37.218.208.0/21
149.126.88.0/22
Signature Algorithm: sha256WithRSAEncryption
5b:4f:06:21:da:cd:df:13:20:ae:b2:b7:23:8e:80:7c:86:a5:
b9:86:f0:48:35:a6:d9:98:ea:d3:57:e5:6a:36:5e:22:8f:b1:
77:4a:8e:77:54:6b:30:65:51:73:a9:3f:e4:1a:e2:85:78:d8:
49:0f:7d:3f:d9:e1:dc:18:e1:7c:af:13:83:2c:33:bc:00:99:
37:1d:f4:06:43:91:38:cc:03:92:64:5d:4d:ba:af:68:34:2f:
28:3b:9a:83:39:fa:67:db:f1:1e:ea:8c:50:6e:32:b5:f6:eb:
8f:81:f9:94:37:15:cd:84:fb:c9:de:68:db:91:88:6f:61:f8:
53:de:6e:f9:a5:e3:b8:4b:67:32:be:d1:3e:bf:20:0b:47:57:
5c:72:64:22:e4:b7:da:34:32:aa:e9:91:2a:59:3f:a4:9d:07:
1f:ca:b4:8b:fb:12:0a:5c:95:61:f6:72:37:a2:e6:09:42:62:
88:53:c7:f4:e3:e7:9d:36:ad:84:ac:dd:3a:7f:cf:9c:bf:fe:
5f:1b:af:ec:af:71:bd:d5:a1:47:25:af:09:4f:36:bc:97:99:
83:bf:67:8f:39:77:f6:d9:8f:53:74:90:d9:d5:72:48:74:fd:
a8:e1:44:c9:e4:1f:87:4a:03:ca:f4:db:4a:e8:df:d6:cc:08:
b2:82:d7:fd
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYyRx3mBjiFgoBPrlgK89LVwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMxMjIyMTM0NjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZWIzNWNjMTY5NjA4MDkxYzQyYjFlMGNkZjU0OGIyNWJhNTk4YjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApTP5imVhagr1HtKdaveBgBTbAuTT
2zny6qUmB4OzFvgTm7HccPYDip1tQHgSA59mPpL9w1HA+omnN5OT/QV/svtopLWo
1ct0ZS6xrzkUtjwsjWltKL0R+VDPQGbsAilrEMOoByj1WKhhSYHXHTSaT2YsVb+k
Eo+YMZXwqmfx+gpd3ApqA/LeoaIC1KHnKsJ3F2geWongpJZdPkWneK03c7SYFDNd
W398dMH2NTRXM5uFcxjk7GNGNOkt4bIbVrcEry8erHgNjIqP5VnrRdNvjmhuwAoH
N7VeKprL1Yoqttxw8DxWnVMoZHlwL4tMrxjh+X/A1SJ1/gaUYXb7i3EN6wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFL6zXMFpYICRxCseDN9UiyW6WYttMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvdnJOY3dXbGdnSkhFS3g0TTMxU0xKYnBaaTIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQEBWZgAwQC
H7q0AwQDJdrQAwQClX5YMA0GCSqGSIb3DQEBCwUAA4IBAQBbTwYh2s3fEyCusrcj
joB8hqW5hvBINabZmOrTV+VqNl4ij7F3So53VGswZVFzqT/kGuKFeNhJD30/2eHc
GOF8rxODLDO8AJk3HfQGQ5E4zAOSZF1Nuq9oNC8oO5qDOfpn2/Ee6oxQbjK19uuP
gfmUNxXNhPvJ3mjbkYhvYfhT3m75peO4S2cyvtE+vyALR1dccmQi5LfaNDKq6ZEq
WT+knQcfyrSL+xIKXJVh9nI3ouYJQmKIU8f04+edNq2ErN06f8+cv/5fG6/sr3G9
1aFHJa8JTza8l5mDv2ePOXf22Y9TdJDZ1XJIdP2o4UTJ5B+HSgPK9NtK6N/WzAiy
gtf9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:39 2024 by rpki-client on console-fra.rpki-client.org