Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/hlz-dkrn7XSpfabPybybH1Zeq6s.roa
File: hlz-dkrn7XSpfabPybybH1Zeq6s.roa (raw, json)
Hash identifier: bf++czOeg/Mz0k7Jv56AeZIwhSzDwXT55tPhQ65PmJY=
Subject key identifier: 86:5C:FE:76:4A:E7:ED:74:A9:7D:A6:CF:C9:BC:9B:1F:56:5E:AB:AB
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 0186D5A56BE27FA758B54804C29CEA63FC4F
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/hlz-dkrn7XSpfabPybybH1Zeq6s.roa
Signing time: Sun 12 Mar 2023 11:47:13 +0000
ROA not before: Sun 12 Mar 2023 11:47:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207326
IP address blocks: 185.225.170.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 11 Apr 2023 17:59:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:d5:a5:6b:e2:7f:a7:58:b5:48:04:c2:9c:ea:63:fc:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Mar 12 11:47:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=865cfe764ae7ed74a97da6cfc9bc9b1f565eabab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:f3:7c:8e:e1:c1:01:74:bb:92:2d:d7:db:41:
5e:ff:90:64:a6:ae:82:02:36:95:4d:2e:15:0d:96:
29:04:bd:03:09:3d:97:8c:59:70:7c:94:79:9b:9a:
d6:a7:4d:07:9a:39:65:db:bc:29:ef:26:0b:07:a3:
c5:55:d9:85:d6:4f:c3:ae:9b:8d:44:fe:ed:9b:9f:
be:2a:80:e0:1e:de:c4:93:45:ad:a7:88:02:13:15:
ca:8b:b8:02:62:b3:9f:8a:61:da:09:23:34:3e:23:
bd:e4:71:50:bb:11:1b:35:cc:85:d3:a5:00:9e:2e:
82:44:22:38:f0:54:4a:20:db:b7:91:b4:71:aa:4d:
90:f9:1a:80:7b:c1:30:64:42:e8:aa:50:82:89:e7:
03:6c:28:53:13:9d:90:95:2b:c0:24:0d:24:4b:c9:
35:a0:97:b4:4a:77:78:9f:ee:f5:1f:b7:e1:de:94:
9c:eb:d3:12:26:bb:84:c8:e4:6f:79:61:a0:19:ba:
55:0c:1e:a1:2d:36:82:9f:68:c2:a9:b3:d2:b7:34:
49:92:b8:d3:6c:5f:d2:49:9e:53:dc:31:ec:96:44:
9b:2f:27:8f:34:21:99:23:08:f8:a7:09:30:6c:c6:
34:e4:61:4f:5a:43:2d:18:b3:d7:9a:8f:32:e4:0e:
58:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:5C:FE:76:4A:E7:ED:74:A9:7D:A6:CF:C9:BC:9B:1F:56:5E:AB:AB
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/hlz-dkrn7XSpfabPybybH1Zeq6s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.225.170.0/23
Signature Algorithm: sha256WithRSAEncryption
b5:a6:14:43:10:8f:55:8b:8e:45:ba:af:6b:39:13:71:ae:c1:
9c:a1:51:c5:de:0c:3b:9f:99:85:53:8a:4a:03:4b:83:87:1f:
4a:40:37:5e:2e:a3:a5:46:f4:36:5c:e5:ed:8c:50:42:09:93:
8b:3c:32:de:40:32:3b:bd:d7:e6:72:13:66:ae:e9:5d:b9:ff:
21:9b:24:7c:a5:9c:d5:c7:fc:d0:2c:d5:b0:fb:be:eb:24:86:
bb:f5:cc:a0:ef:ff:1a:c9:dd:6d:23:17:50:4a:15:f0:db:4d:
5b:31:a5:0b:be:a9:90:58:da:68:9c:a4:f9:c4:65:59:ff:1a:
1f:ea:a6:2b:f5:3b:f4:f4:8b:3f:f5:33:43:6f:8f:77:6e:00:
68:d8:16:64:98:42:81:6f:09:6d:68:87:6d:a8:6c:2c:a0:dc:
cb:36:8b:e3:9c:7a:4f:e1:12:d8:68:b9:ce:5d:3a:80:4a:6b:
e7:91:90:1c:d5:1a:a1:5f:c7:fd:50:62:d9:cb:c7:35:77:ad:
11:7c:0b:be:4b:d2:49:b4:12:22:a7:af:c3:4c:e7:d5:f0:13:
ce:6a:9c:4c:98:8b:a0:3d:60:38:d9:4d:cb:5e:12:e2:a8:fa:
10:a0:7a:ac:f4:f9:ab:2c:33:1b:2a:9b:84:fa:7d:67:b2:b9:
ac:6a:0a:09
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYbVpWvif6dYtUgEwpzqY/xPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjMwMzEyMTE0NzEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjVjZmU3NjRhZTdlZDc0YTk3ZGE2Y2ZjOWJjOWIxZjU2NWVhYmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjPN8juHBAXS7ki3X20Fe/5Bkpq6C
AjaVTS4VDZYpBL0DCT2XjFlwfJR5m5rWp00Hmjll27wp7yYLB6PFVdmF1k/DrpuN
RP7tm5++KoDgHt7Ek0Wtp4gCExXKi7gCYrOfimHaCSM0PiO95HFQuxEbNcyF06UA
ni6CRCI48FRKINu3kbRxqk2Q+RqAe8EwZELoqlCCiecDbChTE52QlSvAJA0kS8k1
oJe0Snd4n+71H7fh3pSc69MSJruEyORveWGgGbpVDB6hLTaCn2jCqbPStzRJkrjT
bF/SSZ5T3DHslkSbLyePNCGZIwj4pwkwbMY05GFPWkMtGLPXmo8y5A5YCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIZc/nZK5+10qX2mz8m8mx9WXqurMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvaGx6LWRrcm43WFNwZmFiUHlieWJIMVplcTZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBueGqMA0G
CSqGSIb3DQEBCwUAA4IBAQC1phRDEI9Vi45Fuq9rORNxrsGcoVHF3gw7n5mFU4pK
A0uDhx9KQDdeLqOlRvQ2XOXtjFBCCZOLPDLeQDI7vdfmchNmrulduf8hmyR8pZzV
x/zQLNWw+77rJIa79cyg7/8ayd1tIxdQShXw201bMaULvqmQWNponKT5xGVZ/xof
6qYr9Tv09Is/9TNDb493bgBo2BZkmEKBbwltaIdtqGwsoNzLNovjnHpP4RLYaLnO
XTqASmvnkZAc1RqhX8f9UGLZy8c1d60RfAu+S9JJtBIip6/DTOfV8BPOapxMmIug
PWA42U3LXhLiqPoQoHqs9PmrLDMbKpuE+n1nsrmsagoJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:35 2024 by rpki-client on console-ams.rpki-client.org