Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/d6c86d-6c65-4a25-a8fa-38d4f3211896/1/HLBqL1Utasb5Xniz6f_U8C9Bxy4.roa
File: HLBqL1Utasb5Xniz6f_U8C9Bxy4.roa (raw, json)
Hash identifier: RrSy1EJUUEMHJMjtajwbQ1m+EUY5kGhNC9/eG5GdTT8=
Subject key identifier: 1C:B0:6A:2F:55:2D:6A:C6:F9:5E:78:B3:E9:FF:D4:F0:2F:41:C7:2E
Certificate issuer: /CN=1a4f8001c30cac546e3f92103b4b12732dfcbf52
Certificate serial: 018CC725776649727B482D4188148E11882E
Authority key identifier: 1A:4F:80:01:C3:0C:AC:54:6E:3F:92:10:3B:4B:12:73:2D:FC:BF:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gk-AAcMMrFRuP5IQO0sScy38v1I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/d6c86d-6c65-4a25-a8fa-38d4f3211896/1/HLBqL1Utasb5Xniz6f_U8C9Bxy4.roa
Signing time: Mon 01 Jan 2024 22:29:30 +0000
ROA not before: Mon 01 Jan 2024 22:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12735
IP address blocks: 195.49.239.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:49:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:25:77:66:49:72:7b:48:2d:41:88:14:8e:11:88:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a4f8001c30cac546e3f92103b4b12732dfcbf52
Validity
Not Before: Jan 1 22:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1cb06a2f552d6ac6f95e78b3e9ffd4f02f41c72e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:a9:b5:dd:47:e3:10:79:59:ca:96:bf:4a:6b:
9d:22:ac:96:12:4d:b8:61:71:a9:7c:50:14:0f:17:
5b:40:91:ae:ea:45:7e:65:52:77:9b:ff:b5:9b:fd:
45:54:99:a9:31:f5:75:f9:f1:8d:c4:1c:98:f1:f5:
dd:8d:29:f0:32:e0:5d:ab:bb:48:1e:70:8e:df:8d:
53:c5:78:15:3b:2f:c9:c6:44:49:95:7b:06:a0:a6:
60:8e:70:69:07:49:48:af:26:72:36:cd:50:15:f9:
67:21:c1:ff:82:93:0a:79:ee:f9:1a:a3:ed:f7:41:
40:96:5c:60:6e:3d:f5:1f:a7:75:38:81:a8:5a:1d:
0d:7d:e7:0e:64:9a:23:fe:9f:be:20:31:ae:10:56:
44:5b:5a:d8:8a:8b:f9:24:d5:b6:e1:c1:0c:8b:e7:
f6:03:2e:50:3c:3b:01:75:d7:34:1e:ba:9c:88:18:
76:a3:c8:a6:ff:0b:e6:29:92:d5:56:35:78:b9:7a:
97:e3:31:e7:59:6e:7f:54:8a:06:c6:5e:77:c6:88:
95:3d:8a:e1:e5:79:f4:91:8b:b9:26:d0:bd:74:ce:
d9:26:98:32:4d:d7:62:e8:47:ee:8b:84:55:3e:2e:
95:e3:2e:e0:ec:7e:b6:a0:7e:a4:98:fb:21:d7:6d:
56:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:B0:6A:2F:55:2D:6A:C6:F9:5E:78:B3:E9:FF:D4:F0:2F:41:C7:2E
X509v3 Authority Key Identifier:
keyid:1A:4F:80:01:C3:0C:AC:54:6E:3F:92:10:3B:4B:12:73:2D:FC:BF:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gk-AAcMMrFRuP5IQO0sScy38v1I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/d6c86d-6c65-4a25-a8fa-38d4f3211896/1/HLBqL1Utasb5Xniz6f_U8C9Bxy4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/d6c86d-6c65-4a25-a8fa-38d4f3211896/1/Gk-AAcMMrFRuP5IQO0sScy38v1I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.49.239.0/24
Signature Algorithm: sha256WithRSAEncryption
bc:3b:f7:9e:16:da:a1:26:e8:37:c5:e6:2d:c2:cf:5c:ff:78:
b3:93:4e:f5:d7:1a:3d:eb:0d:a8:13:46:96:71:95:2d:f1:71:
50:69:7a:24:92:e0:1c:5f:8a:f0:13:08:d9:c5:16:a8:3b:d8:
80:78:ba:3c:11:2e:be:63:14:68:e4:9f:d8:b7:b8:ce:14:a9:
94:6d:7d:ff:4e:39:53:18:63:3e:fa:67:d0:d1:ad:28:c4:e4:
94:b5:28:7d:a0:23:35:39:62:ef:f1:a4:0b:19:c2:31:fc:27:
68:58:50:5a:ce:9d:d8:8f:ad:b1:fe:61:e0:b3:2d:04:1c:44:
33:45:e5:99:c8:36:07:fe:aa:be:0b:b7:2e:05:85:11:e2:db:
ab:68:f3:dc:c2:05:07:15:20:c7:c2:e6:72:1b:30:6f:fd:ac:
4b:45:18:6f:7c:df:51:72:fc:19:36:00:04:00:b3:99:51:6a:
da:58:ef:3e:1b:07:4e:18:12:eb:92:18:e2:51:1a:96:34:9e:
75:9e:b6:e0:40:cd:34:67:94:14:bf:6f:49:92:82:2c:30:05:
d7:7d:25:1c:18:56:f9:c3:63:b5:f5:db:f9:40:b9:a0:bb:98:
ea:b9:3f:8c:c6:76:af:6c:62:11:22:e7:74:f2:09:e3:37:ab:
57:ab:fc:b4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHJXdmSXJ7SC1BiBSOEYguMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhNGY4MDAxYzMwY2FjNTQ2ZTNmOTIxMDNiNGIxMjczMmRm
Y2JmNTIwHhcNMjQwMTAxMjIyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2IwNmEyZjU1MmQ2YWM2Zjk1ZTc4YjNlOWZmZDRmMDJmNDFjNzJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkqm13UfjEHlZypa/SmudIqyWEk24
YXGpfFAUDxdbQJGu6kV+ZVJ3m/+1m/1FVJmpMfV1+fGNxByY8fXdjSnwMuBdq7tI
HnCO341TxXgVOy/JxkRJlXsGoKZgjnBpB0lIryZyNs1QFflnIcH/gpMKee75GqPt
90FAllxgbj31H6d1OIGoWh0NfecOZJoj/p++IDGuEFZEW1rYiov5JNW24cEMi+f2
Ay5QPDsBddc0HrqciBh2o8im/wvmKZLVVjV4uXqX4zHnWW5/VIoGxl53xoiVPYrh
5Xn0kYu5JtC9dM7ZJpgyTddi6Efui4RVPi6V4y7g7H62oH6kmPsh121WvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBywai9VLWrG+V54s+n/1PAvQccuMB8GA1UdIwQY
MBaAFBpPgAHDDKxUbj+SEDtLEnMt/L9SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2stQUFjTU1yRlJ1UDVJUU8wc1NjeTM4djFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9kNmM4NmQtNmM2NS00YTI1LWE4ZmEt
MzhkNGYzMjExODk2LzEvSExCcUwxVXRhc2I1WG5pejZmX1U4QzlCeHk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9kNmM4NmQtNmM2NS00YTI1LWE4ZmEtMzhkNGYzMjExODk2
LzEvR2stQUFjTU1yRlJ1UDVJUU8wc1NjeTM4djFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwzHvMA0G
CSqGSIb3DQEBCwUAA4IBAQC8O/eeFtqhJug3xeYtws9c/3izk0711xo96w2oE0aW
cZUt8XFQaXokkuAcX4rwEwjZxRaoO9iAeLo8ES6+YxRo5J/Yt7jOFKmUbX3/TjlT
GGM++mfQ0a0oxOSUtSh9oCM1OWLv8aQLGcIx/CdoWFBazp3Yj62x/mHgsy0EHEQz
ReWZyDYH/qq+C7cuBYUR4turaPPcwgUHFSDHwuZyGzBv/axLRRhvfN9RcvwZNgAE
ALOZUWraWO8+GwdOGBLrkhjiURqWNJ51nrbgQM00Z5QUv29JkoIsMAXXfSUcGFb5
w2O19dv5QLmgu5jquT+MxnavbGIRIud08gnjN6tXq/y0
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:11:57 2025 by rpki-client