Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/ghCFzUHbOz2kAnNd5nMWUmYqnCw.roa
File: ghCFzUHbOz2kAnNd5nMWUmYqnCw.roa (raw, json)
Hash identifier: QymAXSZRkwKG3H96QAAuaCCOfgg7mkz6c6pXKkQ7Xsk=
Subject key identifier: 82:10:85:CD:41:DB:3B:3D:A4:02:73:5D:E6:73:16:52:66:2A:9C:2C
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 0194126383D56380B4A6B593C84DCC698D3C
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/ghCFzUHbOz2kAnNd5nMWUmYqnCw.roa
Signing time: Sun 29 Dec 2024 12:28:19 +0000
ROA not before: Sun 29 Dec 2024 12:28:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 5.102.116.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:50:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:12:63:83:d5:63:80:b4:a6:b5:93:c8:4d:cc:69:8d:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Dec 29 12:28:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=821085cd41db3b3da402735de6731652662a9c2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:6f:a0:bf:fa:d9:55:ba:6a:ed:ad:43:33:61:
e6:ed:25:68:4d:2e:be:49:b1:c4:de:d9:4a:6c:0d:
0a:2f:17:d3:6e:fc:bb:fb:c5:b6:85:57:2e:79:51:
47:7f:a2:3b:ca:53:33:ed:ec:aa:29:10:13:e5:63:
f3:12:a9:1e:d7:66:e1:e6:3b:90:87:33:a6:fa:06:
3e:a4:ba:af:b3:ea:8c:f7:33:96:99:07:4e:62:19:
b9:b9:a0:a3:d5:3d:b0:2a:a1:c5:9a:89:92:b1:ea:
bf:b0:f8:7b:27:a0:cd:b6:b4:3a:20:10:b1:cb:c1:
1d:83:dd:b9:62:d2:e3:86:10:b7:3d:f1:27:b9:77:
07:59:1c:f2:e8:39:c8:81:0e:9b:db:61:38:df:2f:
c6:b5:6e:95:2d:9b:75:c3:8a:23:e7:a7:e7:d9:06:
ce:84:61:19:b5:33:62:ee:8c:27:3d:ad:10:d3:85:
03:dc:23:dd:17:c4:9f:8b:08:4a:c1:ba:e2:57:f5:
22:39:95:44:b0:2c:12:38:67:81:3c:c4:51:7f:be:
b9:28:1e:8d:b7:a4:b3:3d:0b:25:11:6c:fc:df:4e:
e0:d6:26:29:72:86:23:61:d9:44:e0:51:d3:52:3f:
07:f2:6d:89:27:da:7d:e2:06:10:96:b2:8c:9c:f4:
49:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:10:85:CD:41:DB:3B:3D:A4:02:73:5D:E6:73:16:52:66:2A:9C:2C
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/ghCFzUHbOz2kAnNd5nMWUmYqnCw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.116.0/22
Signature Algorithm: sha256WithRSAEncryption
9c:89:0f:29:d3:db:fa:30:00:22:18:06:4c:1e:02:a0:14:d4:
0d:d5:59:ea:d0:c7:6e:e1:9e:29:2a:80:b4:ab:82:35:c9:3e:
27:70:bd:f4:85:37:51:b3:bb:f3:72:8a:27:73:0e:45:0b:c1:
8d:88:fa:cd:88:f7:4c:1c:22:c5:b0:42:2a:8f:ad:ae:d8:26:
66:ad:dc:bd:21:69:14:d2:7b:ad:27:23:50:98:d0:a6:a2:03:
48:cc:b8:1a:6b:7d:99:d3:96:ab:63:3f:50:00:e9:03:de:a0:
82:46:fe:7a:0c:6f:8d:18:7d:d4:7d:ce:36:87:7f:08:76:3f:
d4:c6:ea:26:6f:15:a6:57:f3:39:a7:ad:01:65:11:85:b7:be:
5b:86:7d:e6:9a:60:74:9d:bf:71:47:25:05:88:2f:42:4d:18:
09:30:b5:ea:76:a3:91:fc:8b:7c:8c:d0:46:84:88:a7:6e:03:
90:d0:81:00:f8:b0:d4:51:87:25:7d:44:d3:fe:f7:c7:54:b2:
49:f1:8b:2e:1f:c9:ed:2d:f7:4b:46:7d:b1:e7:07:87:68:91:
69:de:a2:9f:fe:ea:01:bb:79:bb:48:85:79:ad:17:46:a1:d1:
5c:82:68:d3:bc:98:e4:42:86:64:67:d5:a0:7e:9f:94:7d:ba:
c7:8c:9e:a7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQSY4PVY4C0prWTyE3MaY08MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQxMjI5MTIyODE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjEwODVjZDQxZGIzYjNkYTQwMjczNWRlNjczMTY1MjY2MmE5YzJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4m+gv/rZVbpq7a1DM2Hm7SVoTS6+
SbHE3tlKbA0KLxfTbvy7+8W2hVcueVFHf6I7ylMz7eyqKRAT5WPzEqke12bh5juQ
hzOm+gY+pLqvs+qM9zOWmQdOYhm5uaCj1T2wKqHFmomSseq/sPh7J6DNtrQ6IBCx
y8Edg925YtLjhhC3PfEnuXcHWRzy6DnIgQ6b22E43y/GtW6VLZt1w4oj56fn2QbO
hGEZtTNi7ownPa0Q04UD3CPdF8SfiwhKwbriV/UiOZVEsCwSOGeBPMRRf765KB6N
t6SzPQslEWz8307g1iYpcoYjYdlE4FHTUj8H8m2JJ9p94gYQlrKMnPRJiQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIIQhc1B2zs9pAJzXeZzFlJmKpwsMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvZ2hDRnpVSGJPejJrQW5OZDVuTVdVbVlxbkN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBWZ0MA0G
CSqGSIb3DQEBCwUAA4IBAQCciQ8p09v6MAAiGAZMHgKgFNQN1Vnq0Mdu4Z4pKoC0
q4I1yT4ncL30hTdRs7vzcooncw5FC8GNiPrNiPdMHCLFsEIqj62u2CZmrdy9IWkU
0nutJyNQmNCmogNIzLgaa32Z05arYz9QAOkD3qCCRv56DG+NGH3Ufc42h38Idj/U
xuombxWmV/M5p60BZRGFt75bhn3mmmB0nb9xRyUFiC9CTRgJMLXqdqOR/It8jNBG
hIinbgOQ0IEA+LDUUYclfUTT/vfHVLJJ8YsuH8ntLfdLRn2x5weHaJFp3qKf/uoB
u3m7SIV5rRdGodFcgmjTvJjkQoZkZ9Wgfp+UfbrHjJ6n
-----END CERTIFICATE-----
Generated at Sun May 11 20:20:54 2025 by rpki-client