Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/dda412-4545-48a6-bde2-9a37c6069bc1/1/hmtCCfaUF8C3HyU4iIEiWjJMSZ8.roa
File: hmtCCfaUF8C3HyU4iIEiWjJMSZ8.roa (raw, json)
Hash identifier: O7zj63TTosRLig91cyJTgHR2P+89rkx9kt0mTZoaPpk=
Subject key identifier: 86:6B:42:09:F6:94:17:C0:B7:1F:25:38:88:81:22:5A:32:4C:49:9F
Certificate issuer: /CN=0325034258f275b7c87e5f4f70706c0cf588efc3
Certificate serial: 0185714C0FD3DC86E5091089F6322F3ABD6F
Authority key identifier: 03:25:03:42:58:F2:75:B7:C8:7E:5F:4F:70:70:6C:0C:F5:88:EF:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AyUDQljydbfIfl9PcHBsDPWI78M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/dda412-4545-48a6-bde2-9a37c6069bc1/1/hmtCCfaUF8C3HyU4iIEiWjJMSZ8.roa
Signing time: Mon 02 Jan 2023 07:04:48 +0000
ROA not before: Mon 02 Jan 2023 07:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206706
IP address blocks: 185.126.32.0/24 maxlen: 24
2a10:18c0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:4c:0f:d3:dc:86:e5:09:10:89:f6:32:2f:3a:bd:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0325034258f275b7c87e5f4f70706c0cf588efc3
Validity
Not Before: Jan 2 07:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=866b4209f69417c0b71f25388881225a324c499f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:40:8a:a8:a5:48:7e:05:35:77:06:50:1a:b0:
4b:68:05:0f:f6:f6:26:d9:8f:81:17:d2:0c:27:1f:
38:54:14:da:12:c1:87:a8:17:f9:16:67:f1:49:97:
c2:4d:22:ba:c0:22:20:c1:26:8d:8b:b6:7b:8d:54:
e6:34:aa:ac:75:ea:6b:a2:53:f0:93:b4:f0:db:fe:
0f:ef:f3:ce:96:ec:9b:f4:c5:db:52:b1:8d:5e:a3:
82:14:80:a3:f0:b5:c5:b7:a2:fc:51:4a:ae:ed:fa:
23:4f:e1:45:24:ba:5a:55:45:42:45:9e:94:d5:94:
37:6d:a3:1f:df:c7:40:d2:86:1c:ab:5a:0f:cb:fa:
87:39:5c:5c:58:50:62:68:cf:7d:5d:ad:61:96:dd:
b5:1b:b8:75:1a:8c:fe:6c:34:80:07:37:70:a3:73:
04:69:b9:12:d9:b2:6c:f8:52:9d:73:7f:6e:20:1c:
42:14:59:f4:55:51:34:81:ba:a1:f5:db:e8:ef:55:
79:99:db:00:2e:6c:01:ef:55:dd:bb:a6:d6:24:ed:
52:79:7a:81:4d:c0:c9:ab:1b:95:13:89:17:53:b2:
4a:cb:9c:98:cd:cf:1f:01:71:ba:f2:2d:43:b2:40:
a2:a2:fd:17:56:f4:66:12:97:6e:91:da:c9:32:b2:
78:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:6B:42:09:F6:94:17:C0:B7:1F:25:38:88:81:22:5A:32:4C:49:9F
X509v3 Authority Key Identifier:
keyid:03:25:03:42:58:F2:75:B7:C8:7E:5F:4F:70:70:6C:0C:F5:88:EF:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AyUDQljydbfIfl9PcHBsDPWI78M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/dda412-4545-48a6-bde2-9a37c6069bc1/1/hmtCCfaUF8C3HyU4iIEiWjJMSZ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/dda412-4545-48a6-bde2-9a37c6069bc1/1/AyUDQljydbfIfl9PcHBsDPWI78M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.126.32.0/24
IPv6:
2a10:18c0::/29
Signature Algorithm: sha256WithRSAEncryption
7c:97:4e:f4:6b:a6:f7:75:4f:af:c4:04:5f:9a:f8:f0:c1:c7:
64:d8:5d:04:f9:a3:fe:eb:b6:1d:80:57:6d:ef:ab:df:68:f5:
36:26:56:60:05:ea:61:60:b7:76:25:8b:25:80:b8:22:ba:10:
be:e8:4e:9a:59:8d:5d:a0:31:27:7b:97:e4:02:d1:b0:98:86:
f3:22:7f:9a:4c:cf:8b:f5:13:52:a5:89:64:0a:19:d1:f9:b1:
d2:e2:96:1a:42:54:a9:36:01:6c:0b:f2:a9:08:43:a6:34:fb:
68:94:c9:08:82:89:12:1f:38:50:b8:cd:c3:26:c0:6d:34:60:
55:12:c0:99:44:b9:68:20:ee:18:58:79:b3:62:51:74:a0:1d:
44:c1:1a:89:69:32:6d:1c:ad:0a:fb:3a:17:38:e2:2f:30:0a:
0d:77:00:50:d0:76:35:0d:9f:a1:f3:d6:1a:aa:0e:2f:41:9d:
f7:67:2f:92:64:e7:fc:8b:87:17:f9:41:6b:6e:45:34:df:8a:
0b:64:80:8c:c3:3f:27:2e:01:31:8f:cb:2f:98:d7:02:20:60:
9f:64:53:dc:6b:9d:31:80:e0:8f:ae:07:df:2c:50:34:2d:4b:
c4:97:80:b0:98:09:63:6e:11:24:ae:53:3c:9f:9c:17:ab:12:
56:5b:5d:0e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxTA/T3IblCRCJ9jIvOr1vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzMjUwMzQyNThmMjc1YjdjODdlNWY0ZjcwNzA2YzBjZjU4
OGVmYzMwHhcNMjMwMTAyMDcwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjZiNDIwOWY2OTQxN2MwYjcxZjI1Mzg4ODgxMjI1YTMyNGM0OTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAikCKqKVIfgU1dwZQGrBLaAUP9vYm
2Y+BF9IMJx84VBTaEsGHqBf5FmfxSZfCTSK6wCIgwSaNi7Z7jVTmNKqsdeprolPw
k7Tw2/4P7/POluyb9MXbUrGNXqOCFICj8LXFt6L8UUqu7fojT+FFJLpaVUVCRZ6U
1ZQ3baMf38dA0oYcq1oPy/qHOVxcWFBiaM99Xa1hlt21G7h1Goz+bDSABzdwo3ME
abkS2bJs+FKdc39uIBxCFFn0VVE0gbqh9dvo71V5mdsALmwB71Xdu6bWJO1SeXqB
TcDJqxuVE4kXU7JKy5yYzc8fAXG68i1DskCiov0XVvRmEpdukdrJMrJ4GQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIZrQgn2lBfAtx8lOIiBIloyTEmfMB8GA1UdIwQY
MBaAFAMlA0JY8nW3yH5fT3BwbAz1iO/DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXlVRFFsanlkYmZJZmw5UGNIQnNEUFdJNzhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi9kZGE0MTItNDU0NS00OGE2LWJkZTIt
OWEzN2M2MDY5YmMxLzEvaG10Q0NmYVVGOEMzSHlVNGlJRWlXakpNU1o4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi9kZGE0MTItNDU0NS00OGE2LWJkZTItOWEzN2M2MDY5YmMx
LzEvQXlVRFFsanlkYmZJZmw5UGNIQnNEUFdJNzhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuX4gMA0E
AgACMAcDBQMqEBjAMA0GCSqGSIb3DQEBCwUAA4IBAQB8l070a6b3dU+vxARfmvjw
wcdk2F0E+aP+67YdgFdt76vfaPU2JlZgBephYLd2JYslgLgiuhC+6E6aWY1doDEn
e5fkAtGwmIbzIn+aTM+L9RNSpYlkChnR+bHS4pYaQlSpNgFsC/KpCEOmNPtolMkI
gokSHzhQuM3DJsBtNGBVEsCZRLloIO4YWHmzYlF0oB1EwRqJaTJtHK0K+zoXOOIv
MAoNdwBQ0HY1DZ+h89Yaqg4vQZ33Zy+SZOf8i4cX+UFrbkU034oLZICMwz8nLgEx
j8svmNcCIGCfZFPca50xgOCPrgffLFA0LUvEl4CwmAljbhEkrlM8n5wXqxJWW10O
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:02:58 2024 by rpki-client on console-ams.rpki-client.org