Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/1a18e1-67c8-492e-8fba-fb5c62e42f6b/1/HGt-lg249LygZDLgOJuma4rgl54.roa
File: HGt-lg249LygZDLgOJuma4rgl54.roa (raw, json)
Hash identifier: V8/ApRLT9v1DHFsb20Isb8SCyyWa+gtNLUNXrpKwxAg=
Subject key identifier: 1C:6B:7E:96:0D:B8:F4:BC:A0:64:32:E0:38:9B:A6:6B:8A:E0:97:9E
Certificate issuer: /CN=c5a2f42407f21c9d7690fb30fd8cdb2bfdf6d030
Certificate serial: 018D68AA1FCF40F1CC0D05D96822BBE47F2F
Authority key identifier: C5:A2:F4:24:07:F2:1C:9D:76:90:FB:30:FD:8C:DB:2B:FD:F6:D0:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xaL0JAfyHJ12kPsw_YzbK_320DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/1a18e1-67c8-492e-8fba-fb5c62e42f6b/1/HGt-lg249LygZDLgOJuma4rgl54.roa
Signing time: Fri 02 Feb 2024 07:13:16 +0000
ROA not before: Fri 02 Feb 2024 07:13:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15967
IP address blocks: 31.172.168.0/22 maxlen: 22
31.172.168.0/24 maxlen: 24
31.172.169.0/24 maxlen: 24
31.172.170.0/23 maxlen: 23
77.55.0.0/16 maxlen: 16
77.55.0.0/18 maxlen: 18
77.55.64.0/22 maxlen: 22
77.55.68.0/22 maxlen: 22
77.55.72.0/22 maxlen: 22
77.55.76.0/23 maxlen: 23
77.55.78.0/23 maxlen: 23
77.55.84.0/22 maxlen: 22
77.55.88.0/23 maxlen: 23
77.55.90.0/23 maxlen: 23
77.55.96.0/22 maxlen: 22
77.55.100.0/22 maxlen: 22
77.55.104.0/23 maxlen: 23
77.55.106.0/23 maxlen: 23
77.55.108.0/22 maxlen: 22
77.55.112.0/23 maxlen: 23
77.55.114.0/23 maxlen: 23
77.55.116.0/23 maxlen: 23
77.55.118.0/23 maxlen: 23
77.55.120.0/24 maxlen: 24
77.55.121.0/24 maxlen: 24
77.55.122.0/23 maxlen: 23
77.55.124.0/24 maxlen: 24
77.55.125.0/24 maxlen: 24
77.55.126.0/24 maxlen: 24
77.55.127.0/24 maxlen: 24
77.55.128.0/20 maxlen: 20
77.55.144.0/21 maxlen: 21
77.55.152.0/24 maxlen: 24
77.55.153.0/24 maxlen: 24
77.55.154.0/24 maxlen: 24
77.55.155.0/24 maxlen: 24
77.55.156.0/23 maxlen: 23
77.55.158.0/24 maxlen: 24
77.55.159.0/24 maxlen: 24
77.55.160.0/20 maxlen: 20
77.55.160.0/23 maxlen: 23
77.55.162.0/23 maxlen: 23
77.55.164.0/23 maxlen: 23
77.55.166.0/24 maxlen: 24
77.55.167.0/24 maxlen: 24
77.55.168.0/23 maxlen: 23
77.55.170.0/23 maxlen: 23
77.55.172.0/23 maxlen: 23
77.55.174.0/23 maxlen: 23
77.55.176.0/21 maxlen: 21
77.55.176.0/23 maxlen: 23
77.55.176.0/24 maxlen: 24
77.55.177.0/24 maxlen: 24
77.55.178.0/24 maxlen: 24
77.55.179.0/24 maxlen: 24
77.55.180.0/23 maxlen: 23
77.55.182.0/23 maxlen: 23
77.55.184.0/23 maxlen: 23
77.55.186.0/23 maxlen: 23
77.55.188.0/23 maxlen: 23
77.55.190.0/23 maxlen: 23
77.55.192.0/20 maxlen: 20
77.55.208.0/20 maxlen: 20
77.55.224.0/20 maxlen: 20
77.55.240.0/23 maxlen: 23
77.55.242.0/23 maxlen: 23
77.55.246.0/24 maxlen: 24
77.55.247.0/24 maxlen: 24
77.55.248.0/22 maxlen: 22
77.55.252.0/23 maxlen: 23
85.128.128.0/17 maxlen: 17
85.128.128.0/24 maxlen: 24
85.128.129.0/24 maxlen: 24
85.128.130.0/24 maxlen: 24
85.128.131.0/24 maxlen: 24
85.128.132.0/23 maxlen: 23
85.128.134.0/24 maxlen: 24
85.128.135.0/24 maxlen: 24
85.128.136.0/22 maxlen: 22
85.128.140.0/23 maxlen: 23
85.128.142.0/24 maxlen: 24
85.128.143.0/24 maxlen: 24
85.128.144.0/20 maxlen: 20
85.128.160.0/19 maxlen: 19
85.128.192.0/18 maxlen: 18
2a01:6100::/32 maxlen: 32
2a01:6100::/48 maxlen: 48
2a01:6100:111::/48 maxlen: 48
2a01:6100:fe00::/48 maxlen: 48
2a01:6100:fe01::/48 maxlen: 48
2a01:6100:fe02::/48 maxlen: 48
2a01:6100:fe10::/48 maxlen: 48
2a01:6100:fe11::/48 maxlen: 48
2a01:6100:fe12::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 02 Feb 2024 13:52:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:68:aa:1f:cf:40:f1:cc:0d:05:d9:68:22:bb:e4:7f:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c5a2f42407f21c9d7690fb30fd8cdb2bfdf6d030
Validity
Not Before: Feb 2 07:13:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1c6b7e960db8f4bca06432e0389ba66b8ae0979e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:e5:85:55:34:98:9e:90:29:d5:2f:a6:91:2c:
1d:6c:91:b8:c2:95:f9:f2:da:90:ca:3f:a9:5e:51:
fe:5b:65:68:f2:c3:63:74:7b:36:94:12:95:29:33:
72:ac:bd:a5:20:a6:8e:51:a5:7a:bf:34:6d:54:a3:
2f:02:c2:02:1e:4c:d3:92:fa:3b:00:d9:2d:b1:58:
dc:32:76:4b:c7:ac:c2:f4:4d:a0:a5:32:49:18:ca:
32:d4:86:73:ff:17:50:25:12:c9:b2:35:5c:1d:96:
c7:16:98:7d:3e:8e:c7:fa:fa:88:df:4b:ec:9f:05:
f2:c1:41:ce:12:a7:13:74:58:6b:73:c2:d8:10:73:
ac:bc:fb:b7:60:0b:53:76:9d:d7:f3:6a:1c:a4:9b:
ca:4d:2f:0b:72:a7:ff:c4:9a:9a:21:cf:53:ba:ec:
d5:ff:dc:34:06:04:f2:56:f1:e6:f8:52:ed:33:cf:
69:6d:8e:68:15:a3:d5:73:99:68:e9:61:bc:20:54:
dc:f8:e7:61:ce:c2:51:12:e4:3b:63:32:ad:a3:2d:
39:c9:76:c4:37:de:bb:c1:1c:81:c7:82:a3:6c:98:
cb:14:1b:6a:8f:e2:f0:37:4c:89:7b:08:38:fa:dd:
6b:46:70:03:0f:78:ce:5e:b1:73:9a:1b:17:ad:1d:
05:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:6B:7E:96:0D:B8:F4:BC:A0:64:32:E0:38:9B:A6:6B:8A:E0:97:9E
X509v3 Authority Key Identifier:
keyid:C5:A2:F4:24:07:F2:1C:9D:76:90:FB:30:FD:8C:DB:2B:FD:F6:D0:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xaL0JAfyHJ12kPsw_YzbK_320DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/1a18e1-67c8-492e-8fba-fb5c62e42f6b/1/HGt-lg249LygZDLgOJuma4rgl54.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/1a18e1-67c8-492e-8fba-fb5c62e42f6b/1/xaL0JAfyHJ12kPsw_YzbK_320DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.172.168.0/22
77.55.0.0/16
85.128.128.0/17
IPv6:
2a01:6100::/32
Signature Algorithm: sha256WithRSAEncryption
0d:8a:94:7e:a8:91:56:9b:0b:6c:01:f0:66:c0:69:cc:88:b8:
f4:76:32:ed:d7:a9:af:50:40:60:1e:7e:76:e7:1f:74:77:51:
68:cf:01:65:3b:fd:20:1c:a7:c7:df:e0:81:8f:b3:35:ac:53:
06:a7:50:ea:ef:c5:8a:bd:2a:0f:f3:72:ba:f8:8f:4f:66:a1:
b8:55:3a:56:13:68:c3:42:2a:97:40:94:61:72:b7:e5:8f:a1:
32:ba:02:06:c0:fe:eb:cd:fc:d3:19:0a:44:2d:09:37:d1:00:
98:36:47:61:15:af:4f:35:5e:54:29:2c:3a:58:d4:f3:37:a6:
89:80:f2:8d:e1:92:8f:d0:b1:90:17:33:09:ed:db:a5:b4:65:
38:c9:c4:6b:b9:fc:c2:f8:11:21:b5:b6:92:61:be:30:84:53:
f7:3f:ec:9c:00:0e:3d:d3:94:ca:12:29:3b:40:6e:06:60:7b:
dd:91:1c:ca:a0:22:e5:c0:5e:98:90:89:b5:62:34:21:a5:e0:
60:df:6a:6d:23:94:d3:fd:59:f4:35:20:42:a7:2c:3b:db:53:
b8:f2:cb:58:fc:95:aa:30:6e:db:e3:02:6a:6c:20:dd:2b:55:
4c:20:10:e1:d1:77:a9:ba:4e:58:cd:27:f0:1a:7d:e4:01:04:
8b:fc:05:8c
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAY1oqh/PQPHMDQXZaCK75H8vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1YTJmNDI0MDdmMjFjOWQ3NjkwZmIzMGZkOGNkYjJiZmRm
NmQwMzAwHhcNMjQwMjAyMDcxMzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzZiN2U5NjBkYjhmNGJjYTA2NDMyZTAzODliYTY2YjhhZTA5NzllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAguWFVTSYnpAp1S+mkSwdbJG4wpX5
8tqQyj+pXlH+W2Vo8sNjdHs2lBKVKTNyrL2lIKaOUaV6vzRtVKMvAsICHkzTkvo7
ANktsVjcMnZLx6zC9E2gpTJJGMoy1IZz/xdQJRLJsjVcHZbHFph9Po7H+vqI30vs
nwXywUHOEqcTdFhrc8LYEHOsvPu3YAtTdp3X82ocpJvKTS8Lcqf/xJqaIc9TuuzV
/9w0BgTyVvHm+FLtM89pbY5oFaPVc5lo6WG8IFTc+OdhzsJREuQ7YzKtoy05yXbE
N967wRyBx4KjbJjLFBtqj+LwN0yJewg4+t1rRnADD3jOXrFzmhsXrR0FTQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFBxrfpYNuPS8oGQy4DibpmuK4JeeMB8GA1UdIwQY
MBaAFMWi9CQH8hyddpD7MP2M2yv99tAwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGFMMEpBZnlISjEya1Bzd19ZemJLXzMyMERBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8xYTE4ZTEtNjdjOC00OTJlLThmYmEt
ZmI1YzYyZTQyZjZiLzEvSEd0LWxnMjQ5THlnWkRMZ09KdW1hNHJnbDU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8xYTE4ZTEtNjdjOC00OTJlLThmYmEtZmI1YzYyZTQyZjZi
LzEveGFMMEpBZnlISjEya1Bzd19ZemJLXzMyMERBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAXBAIAATARAwQCH6yoAwMA
TTcDBAdVgIAwDQQCAAIwBwMFACoBYQAwDQYJKoZIhvcNAQELBQADggEBAA2KlH6o
kVabC2wB8GbAacyIuPR2Mu3Xqa9QQGAefnbnH3R3UWjPAWU7/SAcp8ff4IGPszWs
UwanUOrvxYq9Kg/zcrr4j09mobhVOlYTaMNCKpdAlGFyt+WPoTK6AgbA/uvN/NMZ
CkQtCTfRAJg2R2EVr081XlQpLDpY1PM3pomA8o3hko/QsZAXMwnt26W0ZTjJxGu5
/ML4ESG1tpJhvjCEU/c/7JwADj3TlMoSKTtAbgZge92RHMqgIuXAXpiQibViNCGl
4GDfam0jlNP9WfQ1IEKnLDvbU7jyy1j8laowbtvjAmpsIN0rVUwgEOHRd6m6TljN
J/AafeQBBIv8BYw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:10 2024 by rpki-client on console-ams.rpki-client.org