Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/5a32bc-0836-47ec-b5b3-2f5b6a83faf3/1/hb-lb3Cnc0OHsEg4g7ifpqUkQq4.roa
File: hb-lb3Cnc0OHsEg4g7ifpqUkQq4.roa (raw, json)
Hash identifier: QgPz2EG1obPVE/zBYXiNpIdW7JSIgsBhba4rdmNNH1s=
Subject key identifier: 85:BF:A5:6F:70:A7:73:43:87:B0:48:38:83:B8:9F:A6:A5:24:42:AE
Certificate issuer: /CN=36900183cf08a6e5bc807846294a46062e190e3b
Certificate serial: 01856FF95B6C4B9D2D93A3500F390041DFA7
Authority key identifier: 36:90:01:83:CF:08:A6:E5:BC:80:78:46:29:4A:46:06:2E:19:0E:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NpABg88IpuW8gHhGKUpGBi4ZDjs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/5a32bc-0836-47ec-b5b3-2f5b6a83faf3/1/hb-lb3Cnc0OHsEg4g7ifpqUkQq4.roa
Signing time: Mon 02 Jan 2023 00:54:50 +0000
ROA not before: Mon 02 Jan 2023 00:54:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48266
IP address blocks: 45.11.185.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f9:5b:6c:4b:9d:2d:93:a3:50:0f:39:00:41:df:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36900183cf08a6e5bc807846294a46062e190e3b
Validity
Not Before: Jan 2 00:54:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=85bfa56f70a7734387b0483883b89fa6a52442ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:b0:43:4c:ab:cd:6c:10:d9:55:bd:cb:9c:8b:
b5:23:8c:03:de:9e:0c:ff:46:05:53:4b:b6:d2:88:
20:03:85:97:45:83:00:a2:10:1e:8f:73:43:70:e8:
f6:ff:63:38:f3:1c:0e:04:97:0d:89:87:d7:9b:66:
ee:d8:43:0c:ac:cb:1a:7a:87:e2:77:60:7b:92:5a:
57:6f:a1:ab:ab:3e:74:6e:ca:d4:94:ed:63:c6:aa:
2d:26:35:5e:3f:96:ad:29:b5:90:09:cb:14:d7:4c:
d1:c2:d6:d8:d7:5b:de:f4:fa:d9:6f:9e:c8:e0:13:
3f:ff:da:c4:08:1b:43:88:e4:e5:6c:71:b8:a6:6c:
e6:b5:17:17:80:d7:70:0d:ad:3b:25:d6:cb:88:28:
02:c9:9a:50:9f:1a:f4:1c:91:d5:7d:a0:8e:89:58:
9f:4a:02:7c:42:7c:c8:d6:9a:b4:2c:92:ff:3a:ff:
d3:5d:6f:cb:00:63:67:32:b0:e8:83:b6:db:1e:a6:
53:8b:0e:31:2e:6f:b3:46:37:b7:97:16:e4:ae:9c:
a5:de:05:b8:4f:16:71:46:d6:79:32:dc:9c:69:1a:
88:de:fc:80:35:ad:8a:a1:07:82:73:dd:9d:03:35:
a8:9c:ad:ee:43:8e:b9:cd:7a:be:08:88:a0:be:6e:
4f:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:BF:A5:6F:70:A7:73:43:87:B0:48:38:83:B8:9F:A6:A5:24:42:AE
X509v3 Authority Key Identifier:
keyid:36:90:01:83:CF:08:A6:E5:BC:80:78:46:29:4A:46:06:2E:19:0E:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NpABg88IpuW8gHhGKUpGBi4ZDjs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/5a32bc-0836-47ec-b5b3-2f5b6a83faf3/1/hb-lb3Cnc0OHsEg4g7ifpqUkQq4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/5a32bc-0836-47ec-b5b3-2f5b6a83faf3/1/NpABg88IpuW8gHhGKUpGBi4ZDjs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.185.0/24
Signature Algorithm: sha256WithRSAEncryption
98:d3:86:e4:18:0a:99:69:3f:74:24:f6:95:1d:bf:45:90:f9:
bd:69:fd:87:e7:ad:7d:c2:75:02:4a:8c:b3:fb:de:8e:87:0a:
3e:17:9d:50:c0:4a:67:a7:fe:6e:2d:83:2b:59:e2:03:14:f9:
99:56:d4:a9:61:21:2b:34:ab:99:61:3c:58:67:3d:39:44:71:
70:f7:fe:1e:c2:6b:c7:2d:79:f8:e0:4f:93:54:37:20:9c:ec:
9f:82:c5:da:fd:04:5d:ce:f3:ca:89:09:fc:c0:bd:94:17:30:
e5:41:94:76:35:a1:02:98:16:b7:53:62:6a:c0:ee:c9:1f:26:
24:9c:09:8a:68:07:7b:b7:0e:54:59:8a:f7:5d:c7:1e:5b:fb:
2d:10:4c:d8:8c:28:57:5c:bf:45:ba:e0:f7:36:af:ae:29:4f:
04:23:03:a8:5f:4e:f8:29:b0:20:5f:bd:3f:8c:fd:89:bb:33:
e8:64:49:64:d3:24:62:ce:36:76:7e:16:c8:53:9f:6e:0b:1f:
60:20:7d:13:e9:31:00:de:6c:f0:c6:37:e1:3d:6e:4d:80:67:
02:41:0c:13:59:06:8b:88:02:1b:b4:12:5d:c4:75:1e:7c:b9:
e6:84:3a:ec:c7:b9:a9:14:eb:4b:48:e2:39:9b:ec:b4:52:eb:
cd:7d:ec:99
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv+VtsS50tk6NQDzkAQd+nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OTAwMTgzY2YwOGE2ZTViYzgwNzg0NjI5NGE0NjA2MmUx
OTBlM2IwHhcNMjMwMTAyMDA1NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWJmYTU2ZjcwYTc3MzQzODdiMDQ4Mzg4M2I4OWZhNmE1MjQ0MmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkbBDTKvNbBDZVb3LnIu1I4wD3p4M
/0YFU0u20oggA4WXRYMAohAej3NDcOj2/2M48xwOBJcNiYfXm2bu2EMMrMsaeofi
d2B7klpXb6Grqz50bsrUlO1jxqotJjVeP5atKbWQCcsU10zRwtbY11ve9PrZb57I
4BM//9rECBtDiOTlbHG4pmzmtRcXgNdwDa07JdbLiCgCyZpQnxr0HJHVfaCOiVif
SgJ8QnzI1pq0LJL/Ov/TXW/LAGNnMrDog7bbHqZTiw4xLm+zRje3lxbkrpyl3gW4
TxZxRtZ5MtycaRqI3vyANa2KoQeCc92dAzWonK3uQ465zXq+CIigvm5PhwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIW/pW9wp3NDh7BIOIO4n6alJEKuMB8GA1UdIwQY
MBaAFDaQAYPPCKblvIB4RilKRgYuGQ47MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnBBQmc4OElwdVc4Z0hoR0tVcEdCaTRaRGpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC81YTMyYmMtMDgzNi00N2VjLWI1YjMt
MmY1YjZhODNmYWYzLzEvaGItbGIzQ25jME9Ic0VnNGc3aWZwcVVrUXE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC81YTMyYmMtMDgzNi00N2VjLWI1YjMtMmY1YjZhODNmYWYz
LzEvTnBBQmc4OElwdVc4Z0hoR0tVcEdCaTRaRGpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQu5MA0G
CSqGSIb3DQEBCwUAA4IBAQCY04bkGAqZaT90JPaVHb9FkPm9af2H5619wnUCSoyz
+96Ohwo+F51QwEpnp/5uLYMrWeIDFPmZVtSpYSErNKuZYTxYZz05RHFw9/4ewmvH
LXn44E+TVDcgnOyfgsXa/QRdzvPKiQn8wL2UFzDlQZR2NaECmBa3U2JqwO7JHyYk
nAmKaAd7tw5UWYr3XcceW/stEEzYjChXXL9FuuD3Nq+uKU8EIwOoX074KbAgX70/
jP2JuzPoZElk0yRizjZ2fhbIU59uCx9gIH0T6TEA3mzwxjfhPW5NgGcCQQwTWQaL
iAIbtBJdxHUefLnmhDrsx7mpFOtLSOI5m+y0UuvNfeyZ
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:09 2023 by rpki-client on console-fra.rpki-client.org