Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/09d72e-8267-4393-8363-89f1815d4c19/1/HaSpWzGayawyvDLeR94k7382SEc.roa
File: HaSpWzGayawyvDLeR94k7382SEc.roa (raw, json)
Hash identifier: rERJY7mgYhQj5JyPuumpCWpGwfYEiwHNoZYmffKwzwU=
Subject key identifier: 1D:A4:A9:5B:31:9A:C9:AC:32:BC:32:DE:47:DE:24:EF:7F:36:48:47
Certificate issuer: /CN=d5af20c026de104d96f17acbaf4e787ef9d30206
Certificate serial: 01856DCAC308346CCBBFF8AA7ED2914BC59E
Authority key identifier: D5:AF:20:C0:26:DE:10:4D:96:F1:7A:CB:AF:4E:78:7E:F9:D3:02:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1a8gwCbeEE2W8XrLr054fvnTAgY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/09d72e-8267-4393-8363-89f1815d4c19/1/HaSpWzGayawyvDLeR94k7382SEc.roa
Signing time: Sun 01 Jan 2023 14:44:42 +0000
ROA not before: Sun 01 Jan 2023 14:44:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29119
IP address blocks: 185.154.161.0/24 maxlen: 24
185.154.160.0/24 maxlen: 24
185.154.162.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ca:c3:08:34:6c:cb:bf:f8:aa:7e:d2:91:4b:c5:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5af20c026de104d96f17acbaf4e787ef9d30206
Validity
Not Before: Jan 1 14:44:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1da4a95b319ac9ac32bc32de47de24ef7f364847
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:55:8f:dc:db:35:b8:14:e5:92:8c:0f:d4:09:
67:34:55:8c:2b:33:ea:15:c5:f3:cb:38:f9:1f:c8:
6a:b0:d8:e4:5d:15:c5:4b:aa:14:b6:ac:27:bf:1c:
14:22:dc:68:e7:c9:c8:bf:a0:ef:e1:16:7a:c3:6e:
8a:ae:d0:f9:b5:03:ec:46:64:83:a6:39:dd:ef:15:
9f:c1:91:01:41:2d:de:07:da:45:d4:e7:50:85:1e:
63:3f:0a:51:af:50:5b:30:0e:7c:12:b8:ea:48:53:
d7:fb:3a:63:8c:fe:47:31:14:f1:86:ac:ea:90:85:
1e:32:5c:54:d6:c5:ea:27:60:56:44:51:03:30:f0:
91:18:eb:91:e1:29:e2:f3:29:a8:35:c6:1c:f5:0c:
b4:7c:47:a4:76:41:90:1e:ff:49:75:80:8f:85:e1:
58:43:a3:d5:fa:19:5a:6f:eb:33:37:cf:d4:33:a6:
75:75:cc:3a:15:75:ac:69:b8:0e:f3:c3:70:f8:e6:
ce:1d:8a:74:83:99:bf:9a:ca:a7:99:71:e7:5c:b3:
56:4e:8a:48:2b:14:d6:ae:f8:80:8a:73:ea:a5:03:
b1:d4:ab:47:cd:a7:52:45:2f:b2:03:38:b8:f0:5a:
3c:f4:d4:5a:d5:c6:26:ce:32:1c:f9:b8:cc:fd:f7:
67:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:A4:A9:5B:31:9A:C9:AC:32:BC:32:DE:47:DE:24:EF:7F:36:48:47
X509v3 Authority Key Identifier:
keyid:D5:AF:20:C0:26:DE:10:4D:96:F1:7A:CB:AF:4E:78:7E:F9:D3:02:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a8gwCbeEE2W8XrLr054fvnTAgY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/09d72e-8267-4393-8363-89f1815d4c19/1/HaSpWzGayawyvDLeR94k7382SEc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/09d72e-8267-4393-8363-89f1815d4c19/1/1a8gwCbeEE2W8XrLr054fvnTAgY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.154.160.0-185.154.162.255
Signature Algorithm: sha256WithRSAEncryption
a4:2f:6a:6f:9c:d3:12:af:e2:55:ae:63:f8:83:f1:1c:a0:3a:
1a:35:cf:ec:73:4e:93:51:0d:d3:9b:47:cd:f0:88:e7:1e:5f:
e9:05:56:95:6f:16:ce:77:3b:50:69:c7:54:14:76:2a:f6:06:
49:bf:a3:b1:5d:9f:ff:2c:8d:8a:0d:da:5c:09:11:39:00:52:
50:4a:71:ae:f6:36:74:72:ae:9d:76:8b:cf:9b:5a:15:38:50:
11:7c:6f:3d:b0:a1:24:08:97:9e:4e:8e:d1:b3:9d:28:a6:6e:
d4:a9:b9:72:5f:ad:c8:24:60:4c:67:80:10:87:8e:82:63:f7:
13:22:a7:c5:81:75:3b:08:87:a7:e3:d2:93:ec:b6:c4:b8:7e:
e6:5f:07:96:12:bc:a7:98:02:49:1e:e8:50:71:98:8b:96:9b:
ce:96:b9:47:4c:4d:35:6e:59:54:1f:38:b4:9a:28:9e:34:26:
0c:5f:d1:4a:dc:fb:e1:68:c1:b6:d4:e1:d3:01:29:28:92:84:
8d:9f:79:e5:06:84:0c:7c:45:9d:45:ae:d4:79:a2:68:23:d1:
25:c8:92:cd:bd:8e:c3:9b:be:19:3d:f9:04:d8:df:a7:ea:4e:
ce:51:7f:b2:bc:0c:ad:b8:9e:50:cc:99:d9:1a:1e:eb:54:7c:
aa:f5:c7:6b
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVtysMINGzLv/iqftKRS8WeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1YWYyMGMwMjZkZTEwNGQ5NmYxN2FjYmFmNGU3ODdlZjlk
MzAyMDYwHhcNMjMwMTAxMTQ0NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGE0YTk1YjMxOWFjOWFjMzJiYzMyZGU0N2RlMjRlZjdmMzY0ODQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmlWP3Ns1uBTlkowP1AlnNFWMKzPq
FcXzyzj5H8hqsNjkXRXFS6oUtqwnvxwUItxo58nIv6Dv4RZ6w26KrtD5tQPsRmSD
pjnd7xWfwZEBQS3eB9pF1OdQhR5jPwpRr1BbMA58ErjqSFPX+zpjjP5HMRTxhqzq
kIUeMlxU1sXqJ2BWRFEDMPCRGOuR4Sni8ymoNcYc9Qy0fEekdkGQHv9JdYCPheFY
Q6PV+hlab+szN8/UM6Z1dcw6FXWsabgO88Nw+ObOHYp0g5m/msqnmXHnXLNWTopI
KxTWrviAinPqpQOx1KtHzadSRS+yAzi48Fo89NRa1cYmzjIc+bjM/fdnbQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFB2kqVsxmsmsMrwy3kfeJO9/NkhHMB8GA1UdIwQY
MBaAFNWvIMAm3hBNlvF6y69OeH750wIGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWE4Z3dDYmVFRTJXOFhyTHIwNTRmdm5UQWdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8wOWQ3MmUtODI2Ny00MzkzLTgzNjMt
ODlmMTgxNWQ0YzE5LzEvSGFTcFd6R2F5YXd5dkRMZVI5NGs3MzgyU0VjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8wOWQ3MmUtODI2Ny00MzkzLTgzNjMtODlmMTgxNWQ0YzE5
LzEvMWE4Z3dDYmVFRTJXOFhyTHIwNTRmdm5UQWdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAW5mqAD
BAC5mqIwDQYJKoZIhvcNAQELBQADggEBAKQvam+c0xKv4lWuY/iD8RygOho1z+xz
TpNRDdObR83wiOceX+kFVpVvFs53O1Bpx1QUdir2Bkm/o7Fdn/8sjYoN2lwJETkA
UlBKca72NnRyrp12i8+bWhU4UBF8bz2woSQIl55OjtGznSimbtSpuXJfrcgkYExn
gBCHjoJj9xMip8WBdTsIh6fj0pPstsS4fuZfB5YSvKeYAkke6FBxmIuWm86WuUdM
TTVuWVQfOLSaKJ40Jgxf0Urc++FowbbU4dMBKSiShI2feeUGhAx8RZ1FrtR5omgj
0SXIks29jsObvhk9+QTY36fqTs5Rf7K8DK24nlDMmdkaHutUfKr1x2s=
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:16:54 2024 by rpki-client on console-ams.rpki-client.org