Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/HDRQT-51HZ81DNiOjPVB1HLTwXI.roa
File: HDRQT-51HZ81DNiOjPVB1HLTwXI.roa (raw, json)
Hash identifier: QyKNEr2UNdxqoKSIygEGpU1OWXqHQ5ApQT2TnJ8eSfM=
Subject key identifier: 1C:34:50:4F:EE:75:1D:9F:35:0C:D8:8E:8C:F5:41:D4:72:D3:C1:72
Certificate issuer: /CN=cec5afe769b94346e1cd362eb85f875b23b17277
Certificate serial: 018C53D7CA652ACE7097BDD504C1E5E41420
Authority key identifier: CE:C5:AF:E7:69:B9:43:46:E1:CD:36:2E:B8:5F:87:5B:23:B1:72:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zsWv52m5Q0bhzTYuuF-HWyOxcnc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/HDRQT-51HZ81DNiOjPVB1HLTwXI.roa
Signing time: Sun 10 Dec 2023 13:08:20 +0000
ROA not before: Sun 10 Dec 2023 13:08:20 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 45.145.152.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:53:d7:ca:65:2a:ce:70:97:bd:d5:04:c1:e5:e4:14:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cec5afe769b94346e1cd362eb85f875b23b17277
Validity
Not Before: Dec 10 13:08:20 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1c34504fee751d9f350cd88e8cf541d472d3c172
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:d4:8f:e8:1d:0a:a3:c5:0b:0e:45:2f:bc:d7:
d6:d7:c5:d8:0a:62:16:4d:c5:9d:ac:27:9c:d1:29:
2a:37:79:ee:6d:41:87:96:29:36:e2:9a:0d:78:b0:
06:49:a8:bb:56:af:99:e3:52:60:8f:9e:94:20:00:
d0:55:19:08:72:df:0d:0f:2b:61:e7:59:b5:07:11:
14:c0:e8:9f:a4:72:bf:cf:12:77:60:b7:17:a4:c5:
85:4b:be:9f:9d:fb:45:da:18:7a:22:d2:5b:74:17:
31:59:9b:1f:d3:2f:43:06:a4:6e:83:3d:ac:78:bf:
53:5c:20:a4:24:c4:cd:6e:00:2f:37:01:27:1c:3e:
40:9a:f4:98:ec:45:21:91:82:5b:b4:fd:d8:45:f8:
8a:14:2a:2a:da:e6:ea:56:15:7d:73:3f:79:c1:aa:
fe:5d:5d:ca:0b:f8:01:15:e5:3e:ea:41:19:3e:7b:
51:e8:99:92:ec:2f:99:14:39:81:26:50:99:05:7a:
bc:95:f3:22:35:36:14:e8:10:2d:62:07:c1:93:af:
90:1f:5c:de:3d:94:55:fa:b1:f3:7c:70:ba:28:c3:
d0:11:f3:f8:67:56:61:4d:b5:e0:1b:c7:66:79:2a:
f0:89:9c:49:71:65:24:f9:f3:38:78:52:25:99:9d:
e9:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:34:50:4F:EE:75:1D:9F:35:0C:D8:8E:8C:F5:41:D4:72:D3:C1:72
X509v3 Authority Key Identifier:
keyid:CE:C5:AF:E7:69:B9:43:46:E1:CD:36:2E:B8:5F:87:5B:23:B1:72:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zsWv52m5Q0bhzTYuuF-HWyOxcnc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/HDRQT-51HZ81DNiOjPVB1HLTwXI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/zsWv52m5Q0bhzTYuuF-HWyOxcnc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.145.152.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:4e:bb:68:06:81:f8:43:c9:d2:be:de:5c:d9:68:ea:30:d6:
d7:41:40:cc:09:c4:64:2c:d6:ee:8e:83:17:f5:ca:a2:c4:44:
e9:4f:4b:bc:6e:a7:0f:1e:10:16:d3:89:e5:43:1a:e3:d2:f0:
95:56:0d:0c:95:17:8f:be:1f:29:7b:04:59:f4:61:27:d1:5f:
4f:32:31:a8:24:66:5c:31:37:34:61:c7:0c:a6:a7:a8:ee:96:
cd:85:86:08:bf:a8:77:84:4f:10:c2:45:d2:e6:fa:0f:47:dd:
cc:2b:3a:a7:42:42:4c:5f:f3:91:73:f6:68:b2:7c:41:a6:09:
75:26:81:99:2b:47:3e:f9:9e:b8:8b:2c:b8:bf:9a:1c:ce:ba:
74:37:1a:14:4d:3b:44:2a:ee:21:b8:c1:ef:07:90:14:a5:b0:
85:53:fe:34:fa:e8:f9:c3:dc:80:6d:7c:b6:d7:26:d7:cf:ef:
2b:cd:52:fc:32:f0:fc:ac:b5:37:d0:96:61:4c:1d:a3:e3:24:
e5:a4:72:50:00:9e:0e:cc:18:77:03:91:06:e0:20:8f:dc:e4:
1d:f4:b6:3d:a4:df:c3:78:db:70:25:34:b4:60:14:f5:e3:5c:
89:4e:c9:92:b2:72:a2:45:e7:9d:7a:f1:99:73:dd:4f:96:a8:
e0:23:03:dd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxT18plKs5wl73VBMHl5BQgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlYzVhZmU3NjliOTQzNDZlMWNkMzYyZWI4NWY4NzViMjNi
MTcyNzcwHhcNMjMxMjEwMTMwODIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzM0NTA0ZmVlNzUxZDlmMzUwY2Q4OGU4Y2Y1NDFkNDcyZDNjMTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmdSP6B0Ko8ULDkUvvNfW18XYCmIW
TcWdrCec0SkqN3nubUGHlik24poNeLAGSai7Vq+Z41Jgj56UIADQVRkIct8NDyth
51m1BxEUwOifpHK/zxJ3YLcXpMWFS76fnftF2hh6ItJbdBcxWZsf0y9DBqRugz2s
eL9TXCCkJMTNbgAvNwEnHD5AmvSY7EUhkYJbtP3YRfiKFCoq2ubqVhV9cz95war+
XV3KC/gBFeU+6kEZPntR6JmS7C+ZFDmBJlCZBXq8lfMiNTYU6BAtYgfBk6+QH1ze
PZRV+rHzfHC6KMPQEfP4Z1ZhTbXgG8dmeSrwiZxJcWUk+fM4eFIlmZ3pXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBw0UE/udR2fNQzYjoz1QdRy08FyMB8GA1UdIwQY
MBaAFM7Fr+dpuUNG4c02Lrhfh1sjsXJ3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenNXdjUybTVRMGJoelRZdXVGLUhXeU94Y25jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi8zZDU2OWMtMTkwNy00ZDJjLWFjZWQt
MzMyNDdjOGUxYzFmLzEvSERSUVQtNTFIWjgxRE5pT2pQVkIxSExUd1hJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi8zZDU2OWMtMTkwNy00ZDJjLWFjZWQtMzMyNDdjOGUxYzFm
LzEvenNXdjUybTVRMGJoelRZdXVGLUhXeU94Y25jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZGYMA0G
CSqGSIb3DQEBCwUAA4IBAQBKTrtoBoH4Q8nSvt5c2WjqMNbXQUDMCcRkLNbujoMX
9cqixETpT0u8bqcPHhAW04nlQxrj0vCVVg0MlRePvh8pewRZ9GEn0V9PMjGoJGZc
MTc0YccMpqeo7pbNhYYIv6h3hE8QwkXS5voPR93MKzqnQkJMX/ORc/ZosnxBpgl1
JoGZK0c++Z64iyy4v5oczrp0NxoUTTtEKu4huMHvB5AUpbCFU/40+uj5w9yAbXy2
1ybXz+8rzVL8MvD8rLU30JZhTB2j4yTlpHJQAJ4OzBh3A5EG4CCP3OQd9LY9pN/D
eNtwJTS0YBT141yJTsmSsnKiReedevGZc91PlqjgIwPd
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:23:00 2024 by rpki-client on console-fra.rpki-client.org