Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/HLiNIcJLjVSRXb17tfU0ls92Ql8.roa
File: HLiNIcJLjVSRXb17tfU0ls92Ql8.roa (raw, json)
Hash identifier: WavixIZtcHObwEOXxmA50emVwT1M4LP0s9omi02sar8=
Subject key identifier: 1C:B8:8D:21:C2:4B:8D:54:91:5D:BD:7B:B5:F5:34:96:CF:76:42:5F
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 01936FEBE372698CBCA79AE53B6B9AE08662
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/HLiNIcJLjVSRXb17tfU0ls92Ql8.roa
Signing time: Wed 27 Nov 2024 23:19:10 +0000
ROA not before: Wed 27 Nov 2024 23:19:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30738
IP address blocks: 109.248.227.0/24 maxlen: 24
188.130.182.0/24 maxlen: 24
195.211.52.0/22 maxlen: 24
2001:1468::/32 maxlen: 33
2001:1468:8000::/36 maxlen: 36
Validation: Failed, certificate revoked on Tue 03 Dec 2024 11:37:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:6f:eb:e3:72:69:8c:bc:a7:9a:e5:3b:6b:9a:e0:86:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: Nov 27 23:19:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1cb88d21c24b8d54915dbd7bb5f53496cf76425f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:6a:c9:2d:14:9a:d2:d2:bd:b7:83:ab:31:47:
80:3d:1b:4d:4d:5a:2c:6a:64:b1:77:6f:7f:2e:d9:
dc:cd:d0:61:9c:6c:16:cc:9b:53:dd:30:74:4b:10:
98:5f:35:5e:3d:3f:ed:c4:00:9f:5c:a9:11:da:e2:
52:8d:3b:8e:f4:1f:44:23:73:be:00:5a:dc:83:61:
93:53:c6:eb:99:59:5a:b8:c0:d8:40:56:50:f4:da:
f9:67:00:ae:53:44:e1:e4:a2:80:02:40:e3:2d:00:
29:da:8c:8d:69:04:af:92:be:8c:58:f2:e0:7f:d5:
f8:b9:26:f6:f2:3c:3e:e6:0b:92:30:9b:d6:17:dd:
88:fe:05:20:79:b6:b3:82:b2:3b:13:74:4a:cf:38:
a2:f9:40:bf:f8:bd:6e:55:0e:9c:1e:4f:2c:10:2d:
0e:a2:a5:46:6f:91:5a:08:fb:ff:51:69:df:b3:c6:
ce:2a:21:fe:3e:62:7b:53:cb:b2:90:ea:ae:24:f2:
54:b7:17:19:0e:22:8a:7b:cd:a0:b5:46:d2:09:d9:
a4:11:40:74:e8:70:29:a5:60:72:87:29:6d:77:ec:
85:0e:18:34:35:89:b0:03:95:c0:03:a8:39:e2:5d:
f8:77:cc:49:94:9d:af:55:4b:74:dd:8e:a5:23:27:
90:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:B8:8D:21:C2:4B:8D:54:91:5D:BD:7B:B5:F5:34:96:CF:76:42:5F
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/HLiNIcJLjVSRXb17tfU0ls92Ql8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.248.227.0/24
188.130.182.0/24
195.211.52.0/22
IPv6:
2001:1468::/32
Signature Algorithm: sha256WithRSAEncryption
49:b3:f2:7c:2e:5d:b2:5c:24:bc:66:c4:95:b4:cb:52:3c:e8:
bf:18:e7:06:e6:a6:a7:b1:f8:aa:2f:52:9d:08:8f:04:5d:23:
75:aa:3d:00:26:20:16:e6:ef:bd:90:7a:37:8f:6f:33:d6:10:
eb:ad:b2:a7:ef:9e:a1:e1:e5:57:f5:66:c9:e9:e3:f4:df:2e:
1a:85:84:e1:45:81:c8:6e:a9:e3:54:ba:96:9a:a5:ca:44:e0:
1c:6a:e0:31:84:32:f0:cd:9b:b3:1f:6a:6f:4f:8c:65:5e:35:
03:df:48:2d:f0:18:44:a7:66:f6:fb:6b:02:8a:34:8b:ef:47:
1a:b0:28:00:f3:e1:10:7a:24:b3:50:a8:ff:18:1a:df:c4:5f:
30:25:ca:fd:90:e4:e2:b2:a4:99:53:77:8c:56:34:01:1c:b5:
be:af:7e:17:9a:39:2a:df:6a:cb:9b:42:d4:80:8a:9f:a3:4d:
fd:a5:5b:a2:9e:cd:40:cb:37:df:72:9d:6c:3f:31:e9:9e:68:
77:71:5c:ad:fe:fe:24:f1:83:a2:84:f7:7e:11:43:82:ba:8e:
28:44:96:8a:c2:20:31:7c:7d:e2:98:ab:33:50:76:f0:d8:15:
87:eb:aa:e1:b1:10:e0:ac:c6:47:dd:7b:91:20:cb:f8:88:ec:
c8:cb:2c:2d
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZNv6+NyaYy8p5rlO2ua4IZiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjQxMTI3MjMxOTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2I4OGQyMWMyNGI4ZDU0OTE1ZGJkN2JiNWY1MzQ5NmNmNzY0MjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlWrJLRSa0tK9t4OrMUeAPRtNTVos
amSxd29/LtnczdBhnGwWzJtT3TB0SxCYXzVePT/txACfXKkR2uJSjTuO9B9EI3O+
AFrcg2GTU8brmVlauMDYQFZQ9Nr5ZwCuU0Th5KKAAkDjLQAp2oyNaQSvkr6MWPLg
f9X4uSb28jw+5guSMJvWF92I/gUgebazgrI7E3RKzzii+UC/+L1uVQ6cHk8sEC0O
oqVGb5FaCPv/UWnfs8bOKiH+PmJ7U8uykOquJPJUtxcZDiKKe82gtUbSCdmkEUB0
6HAppWByhyltd+yFDhg0NYmwA5XAA6g54l34d8xJlJ2vVUt03Y6lIyeQXQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFBy4jSHCS41UkV29e7X1NJbPdkJfMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvSExpTkljSkxqVlNSWGIxN3RmVTBsczkyUWw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAbfjjAwQA
vIK2AwQCw9M0MA0EAgACMAcDBQAgARRoMA0GCSqGSIb3DQEBCwUAA4IBAQBJs/J8
Ll2yXCS8ZsSVtMtSPOi/GOcG5qansfiqL1KdCI8EXSN1qj0AJiAW5u+9kHo3j28z
1hDrrbKn756h4eVX9WbJ6eP03y4ahYThRYHIbqnjVLqWmqXKROAcauAxhDLwzZuz
H2pvT4xlXjUD30gt8BhEp2b2+2sCijSL70casCgA8+EQeiSzUKj/GBrfxF8wJcr9
kOTisqSZU3eMVjQBHLW+r34Xmjkq32rLm0LUgIqfo039pVuins1Ayzffcp1sPzHp
nmh3cVyt/v4k8YOihPd+EUOCuo4oRJaKwiAxfH3imKszUHbw2BWH66rhsRDgrMZH
3XuRIMv4iOzIyywt
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:24:16 2025 by rpki-client