Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/60951e-7ab5-45d8-9015-95ecd6718887/1/HLAawi-IrMn-rGRYjuyyCABE1nU.roa
File: HLAawi-IrMn-rGRYjuyyCABE1nU.roa (raw, json)
Hash identifier: kJzwpJkRuO9LMe2v3opzqWtg651OdUH/QHD3xFPQR14=
Subject key identifier: 1C:B0:1A:C2:2F:88:AC:C9:FE:AC:64:58:8E:EC:B2:08:00:44:D6:75
Certificate issuer: /CN=d1220866da48e0c7cffbe8c73a351c2a47b1a4db
Certificate serial: 019179A994FA714BA07B3E988EA82BCC3674
Authority key identifier: D1:22:08:66:DA:48:E0:C7:CF:FB:E8:C7:3A:35:1C:2A:47:B1:A4:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0SIIZtpI4MfP--jHOjUcKkexpNs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/60951e-7ab5-45d8-9015-95ecd6718887/1/HLAawi-IrMn-rGRYjuyyCABE1nU.roa
Signing time: Thu 22 Aug 2024 10:37:22 +0000
ROA not before: Thu 22 Aug 2024 10:37:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20539
IP address blocks: 31.135.128.0/19 maxlen: 19
31.135.128.0/21 maxlen: 21
31.135.136.0/21 maxlen: 21
31.135.136.0/22 maxlen: 22
31.135.144.0/22 maxlen: 22
31.135.148.0/22 maxlen: 22
31.135.152.0/23 maxlen: 23
31.135.154.0/23 maxlen: 23
91.201.224.0/22 maxlen: 22
91.201.224.0/24 maxlen: 24
91.201.225.0/24 maxlen: 24
91.201.226.0/24 maxlen: 24
91.201.227.0/24 maxlen: 24
193.178.228.0/23 maxlen: 23
193.178.228.0/24 maxlen: 24
193.178.229.0/24 maxlen: 24
194.146.228.0/22 maxlen: 22
194.146.228.0/24 maxlen: 24
194.146.229.0/24 maxlen: 24
194.146.230.0/24 maxlen: 24
194.146.231.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:47:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:79:a9:94:fa:71:4b:a0:7b:3e:98:8e:a8:2b:cc:36:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1220866da48e0c7cffbe8c73a351c2a47b1a4db
Validity
Not Before: Aug 22 10:37:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1cb01ac22f88acc9feac64588eecb2080044d675
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:fb:c8:ce:76:8e:eb:ac:a5:4d:7e:48:7a:2f:
ba:cc:d7:d9:8e:dc:f3:77:cb:3b:48:9f:d9:10:c8:
ce:ef:8c:25:e4:30:b4:1a:f7:3a:70:f7:e3:92:29:
64:4c:ce:53:4a:01:0c:ac:7e:ae:e0:09:dd:b7:ce:
c0:22:76:ef:c8:8d:1c:88:52:e9:40:d4:28:91:51:
1e:70:8f:0e:30:32:50:92:c8:b2:61:15:41:73:ab:
f1:65:79:1f:67:b2:58:48:73:d1:79:d9:ba:bb:0c:
83:aa:47:36:3c:e1:6b:88:10:39:3a:b3:23:23:8f:
82:9a:e8:30:c3:b7:a3:43:74:c4:85:16:6a:a6:9b:
b5:ae:ea:c8:95:cf:80:05:cb:ea:b0:2c:23:2d:cd:
06:61:5e:16:59:84:72:99:a6:6c:57:bc:d6:34:c2:
75:36:7d:33:d0:74:dc:a2:56:6c:0d:c0:6a:e3:f6:
e5:4b:8e:22:97:32:d9:1c:20:e1:bf:57:c5:86:0e:
a8:f3:45:84:aa:cd:9f:71:b7:3b:39:04:0d:dc:58:
ea:02:ee:73:0b:82:91:1a:4d:d5:75:c4:d9:0f:90:
2a:fc:5d:ff:8f:e4:37:1f:37:83:a0:bd:15:1d:ed:
c9:92:d2:5e:1d:3f:1c:d2:c7:5c:34:05:e1:ab:35:
08:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:B0:1A:C2:2F:88:AC:C9:FE:AC:64:58:8E:EC:B2:08:00:44:D6:75
X509v3 Authority Key Identifier:
keyid:D1:22:08:66:DA:48:E0:C7:CF:FB:E8:C7:3A:35:1C:2A:47:B1:A4:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0SIIZtpI4MfP--jHOjUcKkexpNs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/60951e-7ab5-45d8-9015-95ecd6718887/1/HLAawi-IrMn-rGRYjuyyCABE1nU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/60951e-7ab5-45d8-9015-95ecd6718887/1/0SIIZtpI4MfP--jHOjUcKkexpNs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.135.128.0/19
91.201.224.0/22
193.178.228.0/23
194.146.228.0/22
Signature Algorithm: sha256WithRSAEncryption
33:0d:85:47:ae:0d:05:6d:c3:e1:f1:ff:94:52:0b:82:07:7c:
ed:f6:0b:c5:22:85:60:77:08:e6:43:6c:9d:91:23:6f:40:57:
0f:85:a7:4f:d7:02:86:7f:08:ad:c0:97:f1:05:1c:3a:ed:9f:
81:bf:f1:53:e0:8e:e3:1e:b6:f2:5d:d9:32:19:a6:a6:f0:68:
d8:64:49:e2:ab:0e:b3:d6:ca:03:22:ef:26:c0:15:d5:33:18:
fa:f9:b6:04:38:17:88:d0:e8:1d:76:be:1c:08:47:bc:32:36:
7a:69:82:f8:4e:64:45:6b:4c:f7:5b:ee:c2:52:ce:b4:c3:5d:
bf:93:2e:ea:ba:d9:21:0c:30:cb:75:a1:f4:63:e8:f6:f4:23:
c0:1e:77:e7:0f:a5:d9:7b:f9:d4:94:93:02:ce:c6:06:3a:56:
fb:c7:50:4b:40:03:99:c8:bd:3e:af:d8:48:5d:54:79:ec:eb:
84:63:1c:ee:e6:62:16:f8:8e:4c:0a:b4:af:2a:e7:9b:73:78:
50:27:09:7d:4a:c2:25:06:dc:b6:b3:dc:bc:d6:b4:50:18:1f:
41:31:12:f3:17:e7:34:9c:f1:73:d5:5e:11:0e:ad:8c:1f:91:
0a:ce:0e:c6:53:0b:eb:b2:8e:38:13:57:e5:95:10:8b:4a:5a:
ef:a3:77:e6
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZF5qZT6cUugez6YjqgrzDZ0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxMjIwODY2ZGE0OGUwYzdjZmZiZThjNzNhMzUxYzJhNDdi
MWE0ZGIwHhcNMjQwODIyMTAzNzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2IwMWFjMjJmODhhY2M5ZmVhYzY0NTg4ZWVjYjIwODAwNDRkNjc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAifvIznaO66ylTX5Iei+6zNfZjtzz
d8s7SJ/ZEMjO74wl5DC0Gvc6cPfjkilkTM5TSgEMrH6u4Andt87AInbvyI0ciFLp
QNQokVEecI8OMDJQksiyYRVBc6vxZXkfZ7JYSHPRedm6uwyDqkc2POFriBA5OrMj
I4+Cmugww7ejQ3TEhRZqppu1rurIlc+ABcvqsCwjLc0GYV4WWYRymaZsV7zWNMJ1
Nn0z0HTcolZsDcBq4/blS44ilzLZHCDhv1fFhg6o80WEqs2fcbc7OQQN3FjqAu5z
C4KRGk3VdcTZD5Aq/F3/j+Q3HzeDoL0VHe3JktJeHT8c0sdcNAXhqzUIaQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBywGsIviKzJ/qxkWI7ssggARNZ1MB8GA1UdIwQY
MBaAFNEiCGbaSODHz/voxzo1HCpHsaTbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMFNJSVp0cEk0TWZQLS1qSE9qVWNLa2V4cE5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS82MDk1MWUtN2FiNS00NWQ4LTkwMTUt
OTVlY2Q2NzE4ODg3LzEvSExBYXdpLUlyTW4tckdSWWp1eXlDQUJFMW5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS82MDk1MWUtN2FiNS00NWQ4LTkwMTUtOTVlY2Q2NzE4ODg3
LzEvMFNJSVp0cEk0TWZQLS1qSE9qVWNLa2V4cE5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQFH4eAAwQC
W8ngAwQBwbLkAwQCwpLkMA0GCSqGSIb3DQEBCwUAA4IBAQAzDYVHrg0FbcPh8f+U
UguCB3zt9gvFIoVgdwjmQ2ydkSNvQFcPhadP1wKGfwitwJfxBRw67Z+Bv/FT4I7j
HrbyXdkyGaam8GjYZEniqw6z1soDIu8mwBXVMxj6+bYEOBeI0Ogddr4cCEe8MjZ6
aYL4TmRFa0z3W+7CUs60w12/ky7qutkhDDDLdaH0Y+j29CPAHnfnD6XZe/nUlJMC
zsYGOlb7x1BLQAOZyL0+r9hIXVR57OuEYxzu5mIW+I5MCrSvKuebc3hQJwl9SsIl
Bty2s9y81rRQGB9BMRLzF+c0nPFz1V4RDq2MH5EKzg7GUwvrso44E1fllRCLSlrv
o3fm
-----END CERTIFICATE-----
Generated at Fri Apr 18 16:51:38 2025 by rpki-client