Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/645b74-d8fb-4488-bbfd-c028d91ebc9c/1/HKzKLaEA_szmsMalXLBkpecuNPo.roa
File: HKzKLaEA_szmsMalXLBkpecuNPo.roa (raw, json)
Hash identifier: Vnbn/JOVJZP7Tb4z8ydifZ5MTQiPbrRix53uT7WiBaU=
Subject key identifier: 1C:AC:CA:2D:A1:00:FE:CC:E6:B0:C6:A5:5C:B0:64:A5:E7:2E:34:FA
Certificate issuer: /CN=2c887302d1e740f5f98481fb4b7a461696bfe5c1
Certificate serial: 018CC9BCE1269A337EE2707D1CB000E6C0A8
Authority key identifier: 2C:88:73:02:D1:E7:40:F5:F9:84:81:FB:4B:7A:46:16:96:BF:E5:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LIhzAtHnQPX5hIH7S3pGFpa_5cE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/645b74-d8fb-4488-bbfd-c028d91ebc9c/1/HKzKLaEA_szmsMalXLBkpecuNPo.roa
Signing time: Tue 02 Jan 2024 10:34:07 +0000
ROA not before: Tue 02 Jan 2024 10:34:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209631
IP address blocks: 194.116.112.0/24 maxlen: 24
194.116.116.0/24 maxlen: 24
194.116.118.0/24 maxlen: 24
194.116.113.0/24 maxlen: 24
194.116.112.0/21 maxlen: 24
194.116.119.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:47:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:e1:26:9a:33:7e:e2:70:7d:1c:b0:00:e6:c0:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c887302d1e740f5f98481fb4b7a461696bfe5c1
Validity
Not Before: Jan 2 10:34:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1cacca2da100fecce6b0c6a55cb064a5e72e34fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:2b:cc:9f:74:7e:90:1a:bc:db:17:71:e1:e3:
ac:72:03:03:07:f0:c0:3a:56:12:9c:5b:8c:1c:e2:
75:c3:9e:6a:f9:1b:51:e8:7e:7d:fd:40:d4:65:31:
7b:e3:6c:d6:e1:63:53:f6:34:bf:00:b5:41:15:d7:
fe:d5:e8:d2:17:1e:a7:98:7c:90:72:0d:44:61:b4:
0b:a0:95:8a:8f:ea:4d:ee:32:c2:0c:e8:ef:5e:15:
de:4a:a2:d2:14:87:29:86:4a:49:93:22:c2:5b:57:
ce:05:b1:17:0f:cf:b2:0a:96:ed:26:88:9e:47:4f:
c4:78:ea:9f:36:b9:8d:a0:96:6a:fb:cf:a9:66:f0:
72:92:20:55:99:41:f5:63:4f:cf:28:22:3f:a3:14:
2c:1c:15:ce:7e:fc:bf:e9:a5:ba:ea:2f:32:13:bc:
5e:63:81:93:25:da:99:32:b7:49:c6:06:10:9d:54:
fd:4a:29:32:4a:e1:f7:36:80:b2:b1:86:d7:21:da:
4f:05:fa:d5:d8:4d:22:e0:45:50:15:16:0b:5e:45:
62:58:71:ea:6b:2d:83:7e:eb:52:51:06:ef:5f:f2:
c8:6f:5e:9c:c2:87:d5:a3:fa:99:8c:2b:bd:b1:44:
5b:a2:97:5c:60:5e:60:92:5d:6a:ca:16:88:f7:c3:
ed:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:AC:CA:2D:A1:00:FE:CC:E6:B0:C6:A5:5C:B0:64:A5:E7:2E:34:FA
X509v3 Authority Key Identifier:
keyid:2C:88:73:02:D1:E7:40:F5:F9:84:81:FB:4B:7A:46:16:96:BF:E5:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LIhzAtHnQPX5hIH7S3pGFpa_5cE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/645b74-d8fb-4488-bbfd-c028d91ebc9c/1/HKzKLaEA_szmsMalXLBkpecuNPo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/645b74-d8fb-4488-bbfd-c028d91ebc9c/1/LIhzAtHnQPX5hIH7S3pGFpa_5cE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.116.112.0/21
Signature Algorithm: sha256WithRSAEncryption
1d:42:d7:a5:89:e0:8d:4e:88:48:93:97:c3:13:11:27:e7:37:
6d:79:b5:66:64:50:26:52:bc:ca:7c:dc:99:d3:e2:03:3a:7b:
fa:7e:28:ec:70:1c:3a:70:d9:ed:8f:80:ed:db:31:1c:4d:17:
7e:32:4a:ac:2e:31:09:75:ed:65:80:b0:ee:27:88:a2:29:24:
af:27:1f:35:c9:2b:0e:92:27:c2:8f:d3:38:98:f4:21:e7:a2:
f6:45:e6:be:4f:6c:f2:6d:8d:40:63:17:b4:f8:b5:9a:20:1c:
21:85:cb:31:72:d0:08:1c:86:ed:2e:f1:a9:b2:19:14:34:68:
07:20:cd:62:00:7f:dd:b3:22:0c:1c:7a:10:2b:2d:71:4f:00:
28:c5:95:5a:25:41:22:2a:a2:0f:ff:ae:89:5d:6c:6b:10:db:
1d:38:c9:f9:89:8d:2b:da:cd:17:94:55:2e:d7:64:82:a1:61:
7b:9c:8e:a9:b7:eb:3f:18:3c:76:2a:b9:c1:08:cf:f7:d7:03:
57:ac:14:da:a5:f7:0c:a4:2d:08:7c:ea:d4:d8:69:fa:fd:3a:
75:79:5e:52:99:2b:9c:c0:43:55:a5:ae:a4:ad:bd:21:b8:48:
ce:3f:09:47:5f:c3:6a:87:18:24:14:71:1e:f1:63:d1:9c:a2:
2b:2e:78:17
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJvOEmmjN+4nB9HLAA5sCoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjODg3MzAyZDFlNzQwZjVmOTg0ODFmYjRiN2E0NjE2OTZi
ZmU1YzEwHhcNMjQwMTAyMTAzNDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2FjY2EyZGExMDBmZWNjZTZiMGM2YTU1Y2IwNjRhNWU3MmUzNGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiyvMn3R+kBq82xdx4eOscgMDB/DA
OlYSnFuMHOJ1w55q+RtR6H59/UDUZTF742zW4WNT9jS/ALVBFdf+1ejSFx6nmHyQ
cg1EYbQLoJWKj+pN7jLCDOjvXhXeSqLSFIcphkpJkyLCW1fOBbEXD8+yCpbtJoie
R0/EeOqfNrmNoJZq+8+pZvBykiBVmUH1Y0/PKCI/oxQsHBXOfvy/6aW66i8yE7xe
Y4GTJdqZMrdJxgYQnVT9SikySuH3NoCysYbXIdpPBfrV2E0i4EVQFRYLXkViWHHq
ay2DfutSUQbvX/LIb16cwofVo/qZjCu9sURbopdcYF5gkl1qyhaI98PtzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBysyi2hAP7M5rDGpVywZKXnLjT6MB8GA1UdIwQY
MBaAFCyIcwLR50D1+YSB+0t6RhaWv+XBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEloekF0SG5RUFg1aElIN1MzcEdGcGFfNWNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS82NDViNzQtZDhmYi00NDg4LWJiZmQt
YzAyOGQ5MWViYzljLzEvSEt6S0xhRUFfc3ptc01hbFhMQmtwZWN1TlBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS82NDViNzQtZDhmYi00NDg4LWJiZmQtYzAyOGQ5MWViYzlj
LzEvTEloekF0SG5RUFg1aElIN1MzcEdGcGFfNWNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDwnRwMA0G
CSqGSIb3DQEBCwUAA4IBAQAdQtelieCNTohIk5fDExEn5zdtebVmZFAmUrzKfNyZ
0+IDOnv6fijscBw6cNntj4Dt2zEcTRd+MkqsLjEJde1lgLDuJ4iiKSSvJx81ySsO
kifCj9M4mPQh56L2Rea+T2zybY1AYxe0+LWaIBwhhcsxctAIHIbtLvGpshkUNGgH
IM1iAH/dsyIMHHoQKy1xTwAoxZVaJUEiKqIP/66JXWxrENsdOMn5iY0r2s0XlFUu
12SCoWF7nI6pt+s/GDx2KrnBCM/31wNXrBTapfcMpC0IfOrU2Gn6/Tp1eV5SmSuc
wENVpa6krb0huEjOPwlHX8NqhxgkFHEe8WPRnKIrLngX
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:27:58 2025 by rpki-client