Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/1Hwd-BG933EudCyznD55QTAfyVE.roa
File: 1Hwd-BG933EudCyznD55QTAfyVE.roa (raw, json)
Hash identifier: MYhmxsWEjmjOMMTZYxdLxJvU0PfTj16MzozO+9xI1ak=
Subject key identifier: D4:7C:1D:F8:11:BD:DF:71:2E:74:2C:B3:9C:3E:79:41:30:1F:C9:51
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018CCA2A03737976E34AB695DDEF2EA293FA
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/1Hwd-BG933EudCyznD55QTAfyVE.roa
Signing time: Tue 02 Jan 2024 12:33:20 +0000
ROA not before: Tue 02 Jan 2024 12:33:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49393
IP address blocks: 93.171.153.0/24 maxlen: 24
31.148.22.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:49:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:03:73:79:76:e3:4a:b6:95:dd:ef:2e:a2:93:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 12:33:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d47c1df811bddf712e742cb39c3e7941301fc951
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:4f:7d:1b:30:73:72:39:fc:1b:55:fc:be:79:
19:bc:e8:ee:98:14:d1:aa:77:ae:b2:32:b5:7a:ee:
51:4f:25:b9:89:5d:d7:e5:4b:93:05:47:1f:0d:83:
eb:c9:77:33:e0:37:63:61:4d:f5:19:41:c7:a0:87:
60:11:5e:fc:a5:f4:19:60:80:99:58:f0:08:2c:58:
e6:f2:52:0e:a3:ad:5f:9d:34:a7:3d:d0:8f:23:21:
77:8e:ec:41:ef:15:73:e6:fd:e2:da:a9:d0:dc:15:
41:c1:06:4a:ef:07:eb:02:24:f7:aa:7e:a3:c7:14:
c8:4d:d3:55:65:a8:12:33:31:8c:b2:9c:a4:0f:47:
88:5c:83:7c:24:eb:ad:37:fd:ad:7e:4b:fe:9c:db:
55:2c:1d:8a:96:7f:30:d0:5b:c9:fc:85:ee:96:18:
7c:4b:11:04:3d:7b:1e:66:5f:0f:ea:65:5a:21:79:
70:bf:7c:57:df:34:36:07:0f:a2:50:f9:42:28:50:
6b:28:9f:74:23:d4:a4:6f:2b:b1:21:85:d3:4f:d4:
bf:e9:c8:d7:e1:0a:de:b4:85:ea:54:62:85:2a:ff:
7d:2c:ec:ef:63:60:95:a5:8a:d1:a1:8f:07:15:df:
34:62:77:f1:a3:ec:2a:d2:37:e1:e7:6e:5e:ca:d4:
48:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:7C:1D:F8:11:BD:DF:71:2E:74:2C:B3:9C:3E:79:41:30:1F:C9:51
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/1Hwd-BG933EudCyznD55QTAfyVE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.22.0/24
93.171.153.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:ff:c9:a3:f0:24:fb:2a:2d:c8:8c:42:7f:90:5c:36:27:4a:
b7:da:31:b2:cf:ae:2e:c4:11:ce:fd:e3:ca:45:02:4e:3a:10:
59:35:2a:81:5e:f6:e8:e3:46:26:cb:af:82:d0:bc:b7:7d:b9:
37:5f:95:83:93:78:20:ce:56:bc:83:7f:a0:d0:d4:a1:84:17:
3c:2f:32:ed:e3:02:de:b4:0c:7b:b2:df:23:1d:e1:ef:1b:2e:
a4:ef:55:4d:7c:3f:bd:61:e8:7f:9d:10:16:20:28:b3:87:3f:
a9:76:5e:88:a7:fa:0a:91:68:05:ab:20:23:9b:09:2c:f4:b5:
17:cb:1c:01:2c:6d:e0:ea:e5:f5:19:2f:64:40:22:de:87:e8:
7c:4a:50:48:43:eb:e5:b0:c7:bc:fc:3c:23:27:6f:f9:4e:25:
a1:e6:0b:bf:8e:58:72:d1:4c:e7:9e:39:18:ad:29:35:c0:62:
e2:93:1a:1e:4e:8e:ca:3b:47:cc:b6:bf:39:d2:96:2e:6a:2f:
c9:d7:b9:2d:e0:3b:5c:1a:85:aa:68:e7:d1:09:51:21:3f:59:
9c:f6:d5:4b:66:e0:94:79:8b:19:e4:0a:a1:d8:93:51:45:36:
ba:b0:fc:bc:d8:1a:88:a6:a4:55:93:7f:cd:32:cf:7f:99:46:
1f:aa:74:30
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzKKgNzeXbjSraV3e8uopP6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjQwMTAyMTIzMzIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDdjMWRmODExYmRkZjcxMmU3NDJjYjM5YzNlNzk0MTMwMWZjOTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApU99GzBzcjn8G1X8vnkZvOjumBTR
qneusjK1eu5RTyW5iV3X5UuTBUcfDYPryXcz4DdjYU31GUHHoIdgEV78pfQZYICZ
WPAILFjm8lIOo61fnTSnPdCPIyF3juxB7xVz5v3i2qnQ3BVBwQZK7wfrAiT3qn6j
xxTITdNVZagSMzGMspykD0eIXIN8JOutN/2tfkv+nNtVLB2Kln8w0FvJ/IXulhh8
SxEEPXseZl8P6mVaIXlwv3xX3zQ2Bw+iUPlCKFBrKJ90I9SkbyuxIYXTT9S/6cjX
4QretIXqVGKFKv99LOzvY2CVpYrRoY8HFd80Ynfxo+wq0jfh525eytRIkQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNR8HfgRvd9xLnQss5w+eUEwH8lRMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvMUh3ZC1CRzkzM0V1ZEN5em5ENTVRVEFmeVZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAH5QWAwQA
XauZMA0GCSqGSIb3DQEBCwUAA4IBAQBa/8mj8CT7Ki3IjEJ/kFw2J0q32jGyz64u
xBHO/ePKRQJOOhBZNSqBXvbo40Ymy6+C0Ly3fbk3X5WDk3ggzla8g3+g0NShhBc8
LzLt4wLetAx7st8jHeHvGy6k71VNfD+9Yeh/nRAWICizhz+pdl6Ip/oKkWgFqyAj
mwks9LUXyxwBLG3g6uX1GS9kQCLeh+h8SlBIQ+vlsMe8/DwjJ2/5TiWh5gu/jlhy
0UznnjkYrSk1wGLikxoeTo7KO0fMtr850pYuai/J17kt4DtcGoWqaOfRCVEhP1mc
9tVLZuCUeYsZ5Aqh2JNRRTa6sPy82BqIpqRVk3/NMs9/mUYfqnQw
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:53:50 2025 by rpki-client