Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/a146c7-81e9-4862-974f-e0ecd5342ed8/1/HLEsv1LH-ZcJONl_FTiic0dk9Hs.roa
File: HLEsv1LH-ZcJONl_FTiic0dk9Hs.roa (raw, json)
Hash identifier: dYV41CQHi+pOODgAs8tyNJAV/1zwGUl2mbJ5UtpaLTc=
Subject key identifier: 1C:B1:2C:BF:52:C7:F9:97:09:38:D9:7F:15:38:A2:73:47:64:F4:7B
Certificate issuer: /CN=dfa68d14863a454b89547b59b5cc3415cd2d8f37
Certificate serial: 01856E41C676CD355B123A4519223937B7CD
Authority key identifier: DF:A6:8D:14:86:3A:45:4B:89:54:7B:59:B5:CC:34:15:CD:2D:8F:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/36aNFIY6RUuJVHtZtcw0Fc0tjzc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/a146c7-81e9-4862-974f-e0ecd5342ed8/1/HLEsv1LH-ZcJONl_FTiic0dk9Hs.roa
Signing time: Sun 01 Jan 2023 16:54:42 +0000
ROA not before: Sun 01 Jan 2023 16:54:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60940
IP address blocks: 185.23.93.0/24 maxlen: 24
185.23.94.0/23 maxlen: 23
185.23.92.0/24 maxlen: 24
2a04:2500::/32 maxlen: 32
2a04:2500::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:41:c6:76:cd:35:5b:12:3a:45:19:22:39:37:b7:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dfa68d14863a454b89547b59b5cc3415cd2d8f37
Validity
Not Before: Jan 1 16:54:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1cb12cbf52c7f9970938d97f1538a2734764f47b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:4d:0a:b2:6e:7d:2a:3e:2d:b5:52:9c:93:57:
87:c7:46:ca:8b:f6:b8:43:66:39:e5:19:a5:7e:4e:
2d:4b:96:a2:88:c9:02:a5:e5:5e:0c:d9:a1:89:ba:
18:01:5c:d1:fc:86:ee:47:5b:f9:a2:9d:2b:eb:0f:
bd:e6:79:16:75:b9:0b:b4:a9:20:e0:1e:74:25:a3:
b2:0d:51:75:b7:37:3b:16:90:a9:47:e5:48:39:af:
eb:bd:fd:7a:f6:50:f5:a2:47:97:ea:2b:1f:ed:00:
b6:b1:4c:62:df:65:90:0b:06:da:16:39:21:8f:ce:
3f:d9:c2:e6:6d:9b:a6:cd:d2:ec:e9:74:f8:30:b4:
c5:cf:10:f4:70:fb:44:b5:05:7f:7c:48:11:c1:16:
21:b5:63:e2:02:f1:02:25:65:4b:73:e6:e2:de:d4:
62:4f:9b:93:c8:e6:2f:28:ee:98:54:68:1e:82:da:
6d:86:32:b9:ea:f7:e0:61:cd:82:6d:90:76:f6:7f:
fd:a0:b4:3b:64:53:82:28:f9:bc:83:f1:d6:7f:cf:
54:ae:fc:5c:11:47:46:90:2a:63:37:b1:5a:17:78:
01:b3:0b:2f:d6:f3:b8:52:63:19:51:2d:12:f3:42:
48:62:26:be:9f:63:8a:02:28:e8:a1:20:c7:b9:87:
0e:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:B1:2C:BF:52:C7:F9:97:09:38:D9:7F:15:38:A2:73:47:64:F4:7B
X509v3 Authority Key Identifier:
keyid:DF:A6:8D:14:86:3A:45:4B:89:54:7B:59:B5:CC:34:15:CD:2D:8F:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/36aNFIY6RUuJVHtZtcw0Fc0tjzc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/a146c7-81e9-4862-974f-e0ecd5342ed8/1/HLEsv1LH-ZcJONl_FTiic0dk9Hs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/a146c7-81e9-4862-974f-e0ecd5342ed8/1/36aNFIY6RUuJVHtZtcw0Fc0tjzc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.23.92.0/22
IPv6:
2a04:2500::/32
Signature Algorithm: sha256WithRSAEncryption
a2:d9:44:51:a4:c5:da:74:f4:d5:32:d4:df:31:f7:66:fe:5b:
82:82:97:4c:1b:fa:00:a2:36:b7:1e:91:1e:e9:0a:69:09:0c:
3d:cf:d1:7d:f7:9f:1a:59:e3:1f:66:64:21:cd:29:c0:81:9c:
39:69:04:fe:ea:06:a1:54:51:e6:8c:b1:18:df:70:8d:a6:26:
01:f4:4f:a7:c1:da:6a:2a:14:a4:14:e5:95:66:61:2d:8d:c2:
7d:75:47:bc:df:18:49:83:a1:a2:c0:49:a5:7c:6d:9e:1c:ab:
01:1d:9f:f8:b7:43:69:df:04:8c:8d:2a:c9:a3:0d:28:4f:c1:
21:6d:aa:fb:93:9a:48:a1:13:17:4b:f2:d4:87:69:66:18:52:
e7:ee:03:2d:d7:5c:4b:1d:04:16:79:a7:1e:c6:4b:f7:dc:02:
fd:7f:ee:30:ae:b3:05:a2:a0:d0:7e:e7:f8:e8:7d:bb:e6:d1:
01:d3:0a:43:ec:ab:ff:5b:58:a1:ed:ea:c0:10:c5:60:65:1f:
f9:be:91:57:e3:75:8e:36:43:9a:51:b7:41:02:9b:28:be:80:
fc:4e:18:a3:d3:c4:bd:1e:09:03:90:5d:a2:06:47:22:a7:09:
05:0c:6b:cd:2d:ff:26:64:16:13:e1:60:ae:08:76:e8:39:ef:
71:3e:86:74
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVuQcZ2zTVbEjpFGSI5N7fNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmYTY4ZDE0ODYzYTQ1NGI4OTU0N2I1OWI1Y2MzNDE1Y2Qy
ZDhmMzcwHhcNMjMwMTAxMTY1NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2IxMmNiZjUyYzdmOTk3MDkzOGQ5N2YxNTM4YTI3MzQ3NjRmNDdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmE0Ksm59Kj4ttVKck1eHx0bKi/a4
Q2Y55Rmlfk4tS5aiiMkCpeVeDNmhiboYAVzR/IbuR1v5op0r6w+95nkWdbkLtKkg
4B50JaOyDVF1tzc7FpCpR+VIOa/rvf169lD1okeX6isf7QC2sUxi32WQCwbaFjkh
j84/2cLmbZumzdLs6XT4MLTFzxD0cPtEtQV/fEgRwRYhtWPiAvECJWVLc+bi3tRi
T5uTyOYvKO6YVGgegtpthjK56vfgYc2CbZB29n/9oLQ7ZFOCKPm8g/HWf89Urvxc
EUdGkCpjN7FaF3gBswsv1vO4UmMZUS0S80JIYia+n2OKAijooSDHuYcOqQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFByxLL9Sx/mXCTjZfxU4onNHZPR7MB8GA1UdIwQY
MBaAFN+mjRSGOkVLiVR7WbXMNBXNLY83MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzZhTkZJWTZSVXVKVkh0WnRjdzBGYzB0anpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9hMTQ2YzctODFlOS00ODYyLTk3NGYt
ZTBlY2Q1MzQyZWQ4LzEvSExFc3YxTEgtWmNKT05sX0ZUaWljMGRrOUhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9hMTQ2YzctODFlOS00ODYyLTk3NGYtZTBlY2Q1MzQyZWQ4
LzEvMzZhTkZJWTZSVXVKVkh0WnRjdzBGYzB0anpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuRdcMA0E
AgACMAcDBQAqBCUAMA0GCSqGSIb3DQEBCwUAA4IBAQCi2URRpMXadPTVMtTfMfdm
/luCgpdMG/oAoja3HpEe6QppCQw9z9F9958aWeMfZmQhzSnAgZw5aQT+6gahVFHm
jLEY33CNpiYB9E+nwdpqKhSkFOWVZmEtjcJ9dUe83xhJg6GiwEmlfG2eHKsBHZ/4
t0Np3wSMjSrJow0oT8Ehbar7k5pIoRMXS/LUh2lmGFLn7gMt11xLHQQWeacexkv3
3AL9f+4wrrMFoqDQfuf46H275tEB0wpD7Kv/W1ih7erAEMVgZR/5vpFX43WONkOa
UbdBApsovoD8Thij08S9HgkDkF2iBkcipwkFDGvNLf8mZBYT4WCuCHboOe9xPoZ0
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:10:47 2024 by rpki-client on console-ams.rpki-client.org