Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/c64d50-fcdd-4a9f-9047-293f6122a19d/1/HwOKKU66qAg9sRJAeFRM_Cb5wH0.roa
File: HwOKKU66qAg9sRJAeFRM_Cb5wH0.roa (raw, json)
Hash identifier: s7lMdy75Nq7rPdCQjpu+vj7za3ZxsyI78TFETbU3Z7o=
Subject key identifier: 1F:03:8A:29:4E:BA:A8:08:3D:B1:12:40:78:54:4C:FC:26:F9:C0:7D
Certificate issuer: /CN=92fb8fa10dff3473e653dbf61c9a86432180a5c7
Certificate serial: 018CC4934B7849DDF840C7CC055624CDACAE
Authority key identifier: 92:FB:8F:A1:0D:FF:34:73:E6:53:DB:F6:1C:9A:86:43:21:80:A5:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kvuPoQ3_NHPmU9v2HJqGQyGApcc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/c64d50-fcdd-4a9f-9047-293f6122a19d/1/HwOKKU66qAg9sRJAeFRM_Cb5wH0.roa
Signing time: Mon 01 Jan 2024 10:30:36 +0000
ROA not before: Mon 01 Jan 2024 10:30:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 185.119.10.0/24 maxlen: 24
185.119.11.0/24 maxlen: 24
2a10:80c0::/48 maxlen: 48
2a10:80c0:1000::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:49:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:4b:78:49:dd:f8:40:c7:cc:05:56:24:cd:ac:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92fb8fa10dff3473e653dbf61c9a86432180a5c7
Validity
Not Before: Jan 1 10:30:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1f038a294ebaa8083db1124078544cfc26f9c07d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:6a:12:b9:61:45:03:60:13:f1:9e:33:4e:9b:
eb:92:ac:f7:0c:1c:ab:c1:4d:af:8f:31:f9:75:e8:
7c:c2:3e:2f:b0:31:4c:de:d8:46:af:9e:3b:18:6a:
da:a2:51:1b:71:fd:77:a9:22:24:6b:e1:2b:c4:65:
8f:09:f7:50:22:75:6c:5c:1c:f6:e5:52:01:d5:0d:
b8:1e:20:cc:32:c5:14:6f:ae:30:d5:cb:2c:96:cc:
47:68:b2:ac:21:d3:0c:60:c4:a8:1b:89:c6:1f:e2:
8f:76:33:f9:88:d4:f3:2e:f9:76:d3:5d:75:30:b5:
64:5f:56:ec:e3:0a:be:60:45:0a:73:c9:01:e4:39:
59:71:74:54:3c:f9:fd:17:25:48:05:b0:28:48:dd:
b5:1e:59:88:65:21:13:4f:5d:f4:f2:e3:e1:d9:81:
09:7c:d4:5a:89:ff:fd:1f:d7:4b:57:f5:6b:dd:21:
ac:ce:bc:6d:d8:e3:7f:f3:9c:ca:4b:50:9f:8d:ad:
55:6b:13:04:f8:9a:e5:d4:70:f1:88:a1:88:e1:8a:
1f:13:b5:79:95:56:2a:b1:86:de:66:44:5d:be:2d:
61:5c:e1:19:64:d9:49:78:01:7f:ec:4d:9f:43:a6:
86:af:0d:4b:b8:c3:64:3e:76:80:cb:b7:cc:5f:17:
3c:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:03:8A:29:4E:BA:A8:08:3D:B1:12:40:78:54:4C:FC:26:F9:C0:7D
X509v3 Authority Key Identifier:
keyid:92:FB:8F:A1:0D:FF:34:73:E6:53:DB:F6:1C:9A:86:43:21:80:A5:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kvuPoQ3_NHPmU9v2HJqGQyGApcc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/c64d50-fcdd-4a9f-9047-293f6122a19d/1/HwOKKU66qAg9sRJAeFRM_Cb5wH0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/c64d50-fcdd-4a9f-9047-293f6122a19d/1/kvuPoQ3_NHPmU9v2HJqGQyGApcc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.119.10.0/23
IPv6:
2a10:80c0::/48
2a10:80c0:1000::/48
Signature Algorithm: sha256WithRSAEncryption
06:13:09:0f:b3:71:e9:4d:8e:81:d4:bb:cf:69:f7:80:a3:7a:
fe:52:cf:07:c4:fd:96:38:1e:48:92:d8:3e:9d:d5:44:34:7d:
c2:09:a0:66:97:23:37:e2:2a:30:94:5f:55:e6:31:d6:03:60:
57:d0:67:01:79:ab:be:6c:04:16:53:85:75:28:cf:e7:d7:72:
6b:cb:2c:cb:47:ea:fb:86:b7:65:a9:5a:9f:99:23:54:ef:52:
57:87:3d:d9:75:56:41:a5:46:51:22:71:5d:28:fc:53:ed:c1:
a0:bb:f5:78:9a:1c:23:de:84:90:c9:85:30:e1:4e:55:fa:83:
44:73:51:ad:74:70:01:fc:cc:22:b5:49:53:07:fb:38:b4:63:
02:f4:cd:54:f4:da:83:07:99:54:57:14:57:d1:db:37:18:4c:
34:92:d4:59:24:61:e1:21:fc:f5:7f:d0:c6:d3:9b:da:85:66:
1f:0b:59:d3:58:66:a0:54:c3:70:93:ed:ac:06:24:6e:8a:3e:
8c:ae:6a:b4:42:74:45:87:61:4d:1c:a0:05:75:64:7d:f0:0e:
9c:da:3f:c2:a4:f9:1f:f9:08:61:8c:d6:0d:c9:57:b8:b9:34:
7f:39:4c:ad:e8:36:41:07:60:f6:0f:5d:cc:2b:28:38:da:59:
95:5a:e0:b9
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzEk0t4Sd34QMfMBVYkzayuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZmI4ZmExMGRmZjM0NzNlNjUzZGJmNjFjOWE4NjQzMjE4
MGE1YzcwHhcNMjQwMTAxMTAzMDM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjAzOGEyOTRlYmFhODA4M2RiMTEyNDA3ODU0NGNmYzI2ZjljMDdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAomoSuWFFA2AT8Z4zTpvrkqz3DByr
wU2vjzH5deh8wj4vsDFM3thGr547GGraolEbcf13qSIka+ErxGWPCfdQInVsXBz2
5VIB1Q24HiDMMsUUb64w1csslsxHaLKsIdMMYMSoG4nGH+KPdjP5iNTzLvl20111
MLVkX1bs4wq+YEUKc8kB5DlZcXRUPPn9FyVIBbAoSN21HlmIZSETT1308uPh2YEJ
fNRaif/9H9dLV/Vr3SGszrxt2ON/85zKS1Cfja1VaxME+Jrl1HDxiKGI4YofE7V5
lVYqsYbeZkRdvi1hXOEZZNlJeAF/7E2fQ6aGrw1LuMNkPnaAy7fMXxc80wIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFB8DiilOuqgIPbESQHhUTPwm+cB9MB8GA1UdIwQY
MBaAFJL7j6EN/zRz5lPb9hyahkMhgKXHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3Z1UG9RM19OSFBtVTl2MkhKcUdReUdBcGNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9jNjRkNTAtZmNkZC00YTlmLTkwNDct
MjkzZjYxMjJhMTlkLzEvSHdPS0tVNjZxQWc5c1JKQWVGUk1fQ2I1d0gwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9jNjRkNTAtZmNkZC00YTlmLTkwNDctMjkzZjYxMjJhMTlk
LzEva3Z1UG9RM19OSFBtVTl2MkhKcUdReUdBcGNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQBuXcKMBgE
AgACMBIDBwAqEIDAAAADBwAqEIDAEAAwDQYJKoZIhvcNAQELBQADggEBAAYTCQ+z
celNjoHUu89p94Cjev5SzwfE/ZY4HkiS2D6d1UQ0fcIJoGaXIzfiKjCUX1XmMdYD
YFfQZwF5q75sBBZThXUoz+fXcmvLLMtH6vuGt2WpWp+ZI1TvUleHPdl1VkGlRlEi
cV0o/FPtwaC79XiaHCPehJDJhTDhTlX6g0RzUa10cAH8zCK1SVMH+zi0YwL0zVT0
2oMHmVRXFFfR2zcYTDSS1FkkYeEh/PV/0MbTm9qFZh8LWdNYZqBUw3CT7awGJG6K
PoyuarRCdEWHYU0coAV1ZH3wDpzaP8Kk+R/5CGGM1g3JV7i5NH85TK3oNkEHYPYP
XcwrKDjaWZVa4Lk=
-----END CERTIFICATE-----
Generated at Tue Apr 15 19:51:27 2025 by rpki-client