Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/ICGHZRwwM_IvR7qLi__fSGbJH54.roa
File: ICGHZRwwM_IvR7qLi__fSGbJH54.roa (raw, json)
Hash identifier: dqbkV8+Yq4jSOT1Mpk/NI45Y4NsotwaM+ZkJC/18O78=
Subject key identifier: 20:21:87:65:1C:30:33:F2:2F:47:BA:8B:8B:FF:DF:48:66:C9:1F:9E
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018D1155521D2BE567BB33971EAF8C356D5C
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/ICGHZRwwM_IvR7qLi__fSGbJH54.roa
Signing time: Tue 16 Jan 2024 08:13:40 +0000
ROA not before: Tue 16 Jan 2024 08:13:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 5.102.96.0/20 maxlen: 24
5.102.96.0/21 maxlen: 24
Validation: Failed, certificate revoked on Wed 31 Jan 2024 19:58:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:11:55:52:1d:2b:e5:67:bb:33:97:1e:af:8c:35:6d:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Jan 16 08:13:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=202187651c3033f22f47ba8b8bffdf4866c91f9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:e4:f9:23:26:bd:16:20:d6:91:e3:ed:0b:5c:
ad:a6:ae:ad:65:fd:55:70:1c:35:03:b3:90:60:01:
85:0b:ac:2c:a2:b4:8e:ff:8d:68:80:a2:bf:81:f5:
91:da:ed:77:5c:41:e2:77:bb:f3:7c:c5:2a:34:78:
49:7a:bf:9e:be:f8:88:10:ac:96:91:94:ea:1b:9c:
1e:81:4b:8e:9d:27:e6:85:93:0f:96:44:e2:ea:56:
c8:82:74:96:36:5d:8b:63:d2:9d:17:c2:cb:b9:4f:
90:c1:22:22:bc:e0:28:e4:e9:49:99:46:33:5b:59:
d6:7d:4d:e0:0c:d0:ba:33:96:4b:58:5f:8c:f2:52:
9a:32:2c:6c:25:48:87:1d:39:4e:a8:d9:3b:22:99:
be:da:d6:90:6d:72:f4:24:9e:4f:07:97:fc:a1:86:
a0:9d:b3:77:31:b3:46:c7:e1:23:84:14:a9:37:ba:
de:e0:89:71:99:7f:b4:ed:56:eb:50:42:7c:38:29:
b1:2c:54:28:d1:48:59:f9:b0:67:04:61:49:1e:f1:
3a:57:1f:6b:66:e7:05:ee:61:9d:49:ed:6e:0f:d1:
ea:33:95:95:e8:34:fa:e8:0b:d9:63:4e:d3:f3:e0:
5c:82:53:34:9c:c8:7e:83:d6:76:8c:d4:aa:e8:1f:
42:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:21:87:65:1C:30:33:F2:2F:47:BA:8B:8B:FF:DF:48:66:C9:1F:9E
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/ICGHZRwwM_IvR7qLi__fSGbJH54.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0/20
Signature Algorithm: sha256WithRSAEncryption
8f:9a:07:c4:70:8c:99:53:e6:40:0f:10:10:e0:7e:e5:c6:b9:
04:ac:f6:d1:0a:ff:93:57:be:5c:1e:23:c1:ce:eb:fb:56:06:
ca:ec:6f:de:3f:60:75:e2:54:67:39:e7:5a:29:80:c8:86:bb:
39:6f:aa:68:03:d7:06:46:6f:2a:16:a2:01:14:b3:6d:63:d0:
a9:50:49:42:41:3a:fc:da:b3:4d:5b:b0:9a:ba:5e:ac:81:c7:
ac:47:be:e5:ba:61:20:40:f0:74:0c:44:06:b0:79:7f:e2:72:
bf:5c:65:41:88:ff:f1:da:05:2e:ac:29:b6:9f:e3:a3:36:b9:
26:d0:40:78:57:1c:a0:1b:7d:4f:c3:00:3b:cc:0d:72:7d:5b:
95:43:2d:47:2c:29:d9:d1:80:f7:48:e2:35:08:a4:c8:da:13:
ce:91:ff:08:18:95:a3:8c:a5:09:5c:fb:49:42:77:20:94:c2:
b7:23:44:f3:92:58:00:a6:9b:60:17:31:a2:4b:42:2f:fb:1b:
38:57:08:24:d3:61:af:79:d2:c5:30:a7:82:9e:78:a0:5a:75:
2a:db:61:51:78:b3:28:c1:24:d0:d8:6e:77:8b:f3:b3:3f:0c:
50:a4:a9:2c:46:ea:7a:c2:4c:e6:5c:43:6c:39:c6:c6:7c:ed:
b6:2a:42:15
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0RVVIdK+VnuzOXHq+MNW1cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQwMTE2MDgxMzQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDIxODc2NTFjMzAzM2YyMmY0N2JhOGI4YmZmZGY0ODY2YzkxZjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr+T5Iya9FiDWkePtC1ytpq6tZf1V
cBw1A7OQYAGFC6wsorSO/41ogKK/gfWR2u13XEHid7vzfMUqNHhJer+evviIEKyW
kZTqG5wegUuOnSfmhZMPlkTi6lbIgnSWNl2LY9KdF8LLuU+QwSIivOAo5OlJmUYz
W1nWfU3gDNC6M5ZLWF+M8lKaMixsJUiHHTlOqNk7Ipm+2taQbXL0JJ5PB5f8oYag
nbN3MbNGx+EjhBSpN7re4IlxmX+07VbrUEJ8OCmxLFQo0UhZ+bBnBGFJHvE6Vx9r
ZucF7mGdSe1uD9HqM5WV6DT66AvZY07T8+BcglM0nMh+g9Z2jNSq6B9C4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCAhh2UcMDPyL0e6i4v/30hmyR+eMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvSUNHSFpSd3dNX0l2UjdxTGlfX2ZTR2JKSDU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEBWZgMA0G
CSqGSIb3DQEBCwUAA4IBAQCPmgfEcIyZU+ZADxAQ4H7lxrkErPbRCv+TV75cHiPB
zuv7VgbK7G/eP2B14lRnOedaKYDIhrs5b6poA9cGRm8qFqIBFLNtY9CpUElCQTr8
2rNNW7Caul6sgcesR77lumEgQPB0DEQGsHl/4nK/XGVBiP/x2gUurCm2n+OjNrkm
0EB4VxygG31PwwA7zA1yfVuVQy1HLCnZ0YD3SOI1CKTI2hPOkf8IGJWjjKUJXPtJ
QncglMK3I0TzklgApptgFzGiS0Iv+xs4Vwgk02GvedLFMKeCnnigWnUq22FReLMo
wSTQ2G53i/OzPwxQpKksRup6wkzmXENsOcbGfO22KkIV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:35 2024 by rpki-client on console-fra.rpki-client.org