Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/673b1d-6d14-4df5-99ad-2ee2b7295dff/1/hlmaKR0IwWpvUFK5sNXUdHYBMsk.roa
File: hlmaKR0IwWpvUFK5sNXUdHYBMsk.roa (raw, json)
Hash identifier: wEzb/Aa54fgdvbZU/lyU/5U8Twa1DZ66dwj2lEbQ5Go=
Subject key identifier: 86:59:9A:29:1D:08:C1:6A:6F:50:52:B9:B0:D5:D4:74:76:01:32:C9
Certificate issuer: /CN=46d9a0a4b57a0eec7c4e52a119db4b1c656f4db4
Certificate serial: 018CC5005EB3AA1A5CBB6A77504058F4C2C6
Authority key identifier: 46:D9:A0:A4:B5:7A:0E:EC:7C:4E:52:A1:19:DB:4B:1C:65:6F:4D:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RtmgpLV6Dux8TlKhGdtLHGVvTbQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/673b1d-6d14-4df5-99ad-2ee2b7295dff/1/hlmaKR0IwWpvUFK5sNXUdHYBMsk.roa
Signing time: Mon 01 Jan 2024 12:29:44 +0000
ROA not before: Mon 01 Jan 2024 12:29:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 83.137.245.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:48:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:5e:b3:aa:1a:5c:bb:6a:77:50:40:58:f4:c2:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46d9a0a4b57a0eec7c4e52a119db4b1c656f4db4
Validity
Not Before: Jan 1 12:29:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=86599a291d08c16a6f5052b9b0d5d474760132c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:1e:01:9c:5f:7e:b7:a2:b5:81:8d:ef:d1:5a:
50:b5:c1:28:66:85:10:1b:17:c6:6a:a8:c1:30:7c:
73:83:2f:ab:fa:bd:ed:07:d4:ce:ac:15:30:d5:72:
c5:88:bb:e8:ad:5d:a2:8d:b7:c2:55:69:99:30:aa:
d7:94:6f:a2:86:f4:96:4b:a6:59:7f:de:8a:6b:f2:
78:00:1f:86:b7:f0:e8:7f:da:6a:9e:13:95:90:13:
d1:f5:53:db:54:e0:73:b4:6b:e3:bf:5c:fe:42:c8:
08:b2:47:56:07:d6:a3:e4:f8:d0:f2:e0:0a:d7:a3:
98:46:14:2a:9b:d9:72:f4:5b:e7:af:91:78:89:32:
fd:4e:73:27:20:88:6e:61:1c:e6:9f:65:94:71:78:
36:85:19:05:b6:f6:fa:98:23:2e:77:cc:0e:a7:62:
a9:59:a2:04:5d:23:e3:07:74:65:48:ca:74:1a:b0:
98:7e:9f:5d:cb:73:f8:3b:50:07:51:d0:29:ab:18:
a5:d0:19:7e:90:0f:6b:f0:30:52:a8:d1:a7:ba:eb:
28:9d:20:ef:13:98:53:ee:16:b0:a6:3a:6d:3f:3a:
22:43:5d:0e:bc:af:56:6d:96:a8:4d:fb:23:f2:f3:
39:ca:15:3d:f3:92:c5:dc:5d:10:c7:11:c1:b4:20:
fe:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:59:9A:29:1D:08:C1:6A:6F:50:52:B9:B0:D5:D4:74:76:01:32:C9
X509v3 Authority Key Identifier:
keyid:46:D9:A0:A4:B5:7A:0E:EC:7C:4E:52:A1:19:DB:4B:1C:65:6F:4D:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RtmgpLV6Dux8TlKhGdtLHGVvTbQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/673b1d-6d14-4df5-99ad-2ee2b7295dff/1/hlmaKR0IwWpvUFK5sNXUdHYBMsk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/673b1d-6d14-4df5-99ad-2ee2b7295dff/1/RtmgpLV6Dux8TlKhGdtLHGVvTbQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.137.245.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:2f:5b:f3:13:7b:c9:8f:3a:a9:af:9b:b4:2f:ed:2f:25:86:
5f:dd:63:f3:b9:3e:fb:07:e7:89:c2:0b:89:c5:6d:c2:72:75:
bb:c6:e7:9a:39:a8:d4:c7:eb:7e:71:63:98:60:fb:94:8c:2f:
1f:72:fc:d4:e4:12:87:f2:1a:38:3a:b2:7a:43:eb:e9:f8:6a:
67:b3:01:9e:33:44:71:ce:8b:f4:76:39:de:5b:74:1a:6b:50:
6f:2e:59:d8:33:a2:80:57:4b:63:bd:f1:ab:80:af:67:0a:e4:
e7:58:fd:8f:86:99:40:81:5b:7f:a2:b4:de:65:de:31:9a:99:
3f:52:81:9f:55:e2:01:54:28:c2:ec:bb:c5:a7:e9:11:79:aa:
8b:b0:44:9a:f9:25:c2:57:6e:7e:1d:18:97:0c:45:b0:a6:97:
6b:7a:17:63:fd:82:c4:0d:e8:f3:b6:9e:7e:3c:02:6f:2a:34:
1a:92:e2:90:83:3c:78:8f:b7:55:ff:4a:d4:d3:37:3a:bb:f8:
06:b2:a5:84:e5:e8:1d:d8:fd:e5:54:f7:52:d0:9b:07:83:3f:
b9:72:2a:7e:38:73:c8:15:81:4f:bd:18:3a:ad:db:7b:02:9d:
08:52:b4:c7:b0:c5:be:89:92:16:43:df:8b:03:81:0d:52:20:
53:97:08:40
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFAF6zqhpcu2p3UEBY9MLGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2ZDlhMGE0YjU3YTBlZWM3YzRlNTJhMTE5ZGI0YjFjNjU2
ZjRkYjQwHhcNMjQwMTAxMTIyOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjU5OWEyOTFkMDhjMTZhNmY1MDUyYjliMGQ1ZDQ3NDc2MDEzMmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgh4BnF9+t6K1gY3v0VpQtcEoZoUQ
GxfGaqjBMHxzgy+r+r3tB9TOrBUw1XLFiLvorV2ijbfCVWmZMKrXlG+ihvSWS6ZZ
f96Ka/J4AB+Gt/Dof9pqnhOVkBPR9VPbVOBztGvjv1z+QsgIskdWB9aj5PjQ8uAK
16OYRhQqm9ly9Fvnr5F4iTL9TnMnIIhuYRzmn2WUcXg2hRkFtvb6mCMud8wOp2Kp
WaIEXSPjB3RlSMp0GrCYfp9dy3P4O1AHUdApqxil0Bl+kA9r8DBSqNGnuusonSDv
E5hT7hawpjptPzoiQ10OvK9WbZaoTfsj8vM5yhU985LF3F0QxxHBtCD+jQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIZZmikdCMFqb1BSubDV1HR2ATLJMB8GA1UdIwQY
MBaAFEbZoKS1eg7sfE5SoRnbSxxlb020MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnRtZ3BMVjZEdXg4VGxLaEdkdExIR1Z2VGJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS82NzNiMWQtNmQxNC00ZGY1LTk5YWQt
MmVlMmI3Mjk1ZGZmLzEvaGxtYUtSMEl3V3B2VUZLNXNOWFVkSFlCTXNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS82NzNiMWQtNmQxNC00ZGY1LTk5YWQtMmVlMmI3Mjk1ZGZm
LzEvUnRtZ3BMVjZEdXg4VGxLaEdkdExIR1Z2VGJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAU4n1MA0G
CSqGSIb3DQEBCwUAA4IBAQBKL1vzE3vJjzqpr5u0L+0vJYZf3WPzuT77B+eJwguJ
xW3CcnW7xueaOajUx+t+cWOYYPuUjC8fcvzU5BKH8ho4OrJ6Q+vp+GpnswGeM0Rx
zov0djneW3Qaa1BvLlnYM6KAV0tjvfGrgK9nCuTnWP2PhplAgVt/orTeZd4xmpk/
UoGfVeIBVCjC7LvFp+kReaqLsESa+SXCV25+HRiXDEWwppdrehdj/YLEDejztp5+
PAJvKjQakuKQgzx4j7dV/0rU0zc6u/gGsqWE5egd2P3lVPdS0JsHgz+5cip+OHPI
FYFPvRg6rdt7Ap0IUrTHsMW+iZIWQ9+LA4ENUiBTlwhA
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:45:18 2025 by rpki-client