Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/HedZG1Tj4OGXcY1vyluzO2RAQOE.roa
File: HedZG1Tj4OGXcY1vyluzO2RAQOE.roa (raw, json)
Hash identifier: 6nDtStVjgcog0HC1nZ17WWL4gbGDac1IepNk+8Mkbcs=
Subject key identifier: 1D:E7:59:1B:54:E3:E0:E1:97:71:8D:6F:CA:5B:B3:3B:64:40:40:E1
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 0185711E66E83F2737B65848FA16A1685100
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/HedZG1Tj4OGXcY1vyluzO2RAQOE.roa
Signing time: Mon 02 Jan 2023 06:14:55 +0000
ROA not before: Mon 02 Jan 2023 06:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208709
IP address blocks: 194.28.97.0/24 maxlen: 24
2a0c:b641:400::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:1e:66:e8:3f:27:37:b6:58:48:fa:16:a1:68:51:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 2 06:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1de7591b54e3e0e197718d6fca5bb33b644040e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:51:f7:8e:fb:24:78:b3:77:21:7a:a7:2e:0b:
cb:00:d5:29:cc:43:b1:9a:81:7d:fe:be:c3:d5:46:
a2:bf:49:18:a4:50:64:cd:91:23:a0:a4:90:b4:70:
e9:a5:50:65:f1:50:9d:e4:05:33:29:e4:22:34:b7:
52:4c:81:b3:22:15:0d:bd:8c:5b:98:c4:f5:2a:ae:
d8:7c:49:73:e8:58:7f:fe:27:0f:32:e7:ec:c8:77:
be:90:bf:f7:f2:00:cf:c2:fb:19:9f:7c:e0:5d:89:
88:9a:4a:53:08:ba:16:f6:33:82:61:4d:1b:af:f5:
fa:3b:6c:b2:b4:72:19:da:29:34:18:8c:01:ca:dc:
09:28:df:38:cd:80:4c:cc:da:4e:f1:b8:c6:93:36:
5c:d0:d0:d5:44:56:56:5a:78:52:52:92:3a:23:f4:
cf:6d:2b:d0:02:3d:6f:7c:c4:b2:a8:09:60:e7:c8:
15:af:8f:70:e9:42:3d:a8:dc:7e:eb:15:43:16:0d:
90:b3:f2:f1:8f:ad:61:32:dd:2b:6d:a0:a5:75:4c:
00:ca:25:cd:ee:24:9c:aa:28:56:5e:2a:7f:c4:87:
bc:1e:28:72:93:48:0d:28:40:f9:44:82:d9:69:8a:
08:89:83:bd:54:83:dd:8a:3c:54:fb:7e:a6:08:ea:
60:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:E7:59:1B:54:E3:E0:E1:97:71:8D:6F:CA:5B:B3:3B:64:40:40:E1
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/HedZG1Tj4OGXcY1vyluzO2RAQOE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.28.97.0/24
IPv6:
2a0c:b641:400::/44
Signature Algorithm: sha256WithRSAEncryption
00:82:02:83:45:c7:e0:44:a5:86:c9:6a:56:c0:a9:38:7c:7c:
d4:e0:d6:65:f1:eb:b3:de:37:3e:df:dd:96:23:81:4c:57:41:
fa:73:31:af:18:9e:03:09:9c:fa:8b:37:a0:40:1e:fb:8e:1c:
5d:0f:97:e2:1a:f8:43:e5:8e:d7:5b:37:37:cb:1b:04:ee:1c:
84:1e:45:12:ea:21:0c:e0:91:bc:57:7f:55:30:d4:53:0f:b9:
12:b6:40:b8:e1:64:f5:64:8e:8d:30:f2:76:2a:3f:a4:b4:e3:
e3:2f:78:14:5b:b8:7d:49:5a:0f:10:7b:2e:af:98:7c:2b:e0:
f0:18:ad:7e:85:b4:e8:9a:dc:ab:94:6c:70:a4:1a:58:a0:b2:
f5:86:ab:5b:29:16:1c:1f:f3:07:21:f4:6f:3f:e8:83:fc:33:
75:e4:d4:e2:37:70:17:48:8b:6b:59:ba:37:c0:31:02:90:9b:
7b:94:22:e4:28:36:28:8d:17:81:ab:23:f0:4d:75:05:3f:84:
13:e3:f6:78:b9:7c:2f:48:23:c0:66:f0:53:0f:e3:56:75:6f:
9f:74:65:31:ad:9b:87:d5:20:04:3b:74:bc:df:6c:bf:ef:af:
e6:6c:08:ea:bf:03:2d:95:a1:79:96:a2:f3:e6:ba:61:54:68:
13:93:f4:e5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVxHmboPyc3tlhI+hahaFEAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjMwMTAyMDYxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGU3NTkxYjU0ZTNlMGUxOTc3MThkNmZjYTViYjMzYjY0NDA0MGUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv1H3jvskeLN3IXqnLgvLANUpzEOx
moF9/r7D1Uaiv0kYpFBkzZEjoKSQtHDppVBl8VCd5AUzKeQiNLdSTIGzIhUNvYxb
mMT1Kq7YfElz6Fh//icPMufsyHe+kL/38gDPwvsZn3zgXYmImkpTCLoW9jOCYU0b
r/X6O2yytHIZ2ik0GIwBytwJKN84zYBMzNpO8bjGkzZc0NDVRFZWWnhSUpI6I/TP
bSvQAj1vfMSyqAlg58gVr49w6UI9qNx+6xVDFg2Qs/Lxj61hMt0rbaCldUwAyiXN
7iScqihWXip/xIe8Hihyk0gNKED5RILZaYoIiYO9VIPdijxU+36mCOpgTQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFB3nWRtU4+Dhl3GNb8pbsztkQEDhMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvSGVkWkcxVGo0T0dYY1kxdnlsdXpPMlJBUU9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwhxhMA8E
AgACMAkDBwQqDLZBBAAwDQYJKoZIhvcNAQELBQADggEBAACCAoNFx+BEpYbJalbA
qTh8fNTg1mXx67PeNz7f3ZYjgUxXQfpzMa8YngMJnPqLN6BAHvuOHF0Pl+Ia+EPl
jtdbNzfLGwTuHIQeRRLqIQzgkbxXf1Uw1FMPuRK2QLjhZPVkjo0w8nYqP6S04+Mv
eBRbuH1JWg8Qey6vmHwr4PAYrX6FtOia3KuUbHCkGligsvWGq1spFhwf8wch9G8/
6IP8M3Xk1OI3cBdIi2tZujfAMQKQm3uUIuQoNiiNF4GrI/BNdQU/hBPj9ni5fC9I
I8Bm8FMP41Z1b590ZTGtm4fVIAQ7dLzfbL/vr+ZsCOq/Ay2VoXmWovPmumFUaBOT
9OU=
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:32:01 2024 by rpki-client on console-ams.rpki-client.org