Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/d34acf-3a5f-464f-95ee-908bba12b21a/1/HQOS3hcCxUwYlJS5MgVXatIKqmY.roa
File: HQOS3hcCxUwYlJS5MgVXatIKqmY.roa (raw, json)
Hash identifier: CwXoEVcZAjcBHGVCTsSvwYuDuXF3gcQTAZUHom5o33c=
Subject key identifier: 1D:03:92:DE:17:02:C5:4C:18:94:94:B9:32:05:57:6A:D2:0A:AA:66
Certificate issuer: /CN=1d5af3ae21f97ec4ec75d51a85a3e162ed7a9ed7
Certificate serial: 01856E5D622883496E244A3265C50F16D3F5
Authority key identifier: 1D:5A:F3:AE:21:F9:7E:C4:EC:75:D5:1A:85:A3:E1:62:ED:7A:9E:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HVrzriH5fsTsddUahaPhYu16ntc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/d34acf-3a5f-464f-95ee-908bba12b21a/1/HQOS3hcCxUwYlJS5MgVXatIKqmY.roa
Signing time: Sun 01 Jan 2023 17:24:51 +0000
ROA not before: Sun 01 Jan 2023 17:24:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44486
IP address blocks: 45.146.163.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:5d:62:28:83:49:6e:24:4a:32:65:c5:0f:16:d3:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d5af3ae21f97ec4ec75d51a85a3e162ed7a9ed7
Validity
Not Before: Jan 1 17:24:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1d0392de1702c54c189494b93205576ad20aaa66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:f6:2d:3e:e4:c7:e3:fd:fd:a1:dc:b7:e7:70:
18:2f:2a:38:ec:47:46:58:f3:12:ab:81:48:36:72:
6e:5b:08:04:86:b9:c0:c1:16:1e:d1:68:94:d6:1d:
2a:68:ff:b5:9c:33:e1:87:6a:49:af:ae:72:bb:0f:
8c:4a:10:b2:64:ce:82:75:21:00:fb:09:e7:25:59:
d2:8f:2c:9e:b9:2a:5f:04:f9:cb:a0:bf:93:9b:58:
1d:aa:58:55:1e:5e:87:04:f6:e4:51:eb:45:79:c2:
3b:13:c4:00:5d:cc:91:dd:5d:92:59:90:9c:47:b1:
d2:ed:f3:ef:64:cb:8b:b2:ed:2e:f5:a5:fe:36:06:
99:80:3a:4f:4d:82:8d:d8:fd:68:15:d9:3d:6b:20:
97:bf:13:34:2b:6a:a1:52:82:9f:c3:75:c8:79:7c:
8c:3f:1b:e2:2e:e8:40:89:49:9a:51:f8:57:bc:2a:
82:b9:da:a0:9b:f5:86:7e:8a:4c:e7:79:9e:be:49:
3c:ed:81:93:58:31:4c:97:2e:95:c0:a3:cf:09:bd:
cf:dd:0d:4e:74:1e:01:20:52:25:84:3b:ab:9d:90:
7a:3e:52:d8:02:cf:e0:66:c7:d8:6b:07:a7:71:3e:
86:1a:10:6e:b6:2f:ab:0c:4e:87:80:b4:9f:6e:22:
8c:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:03:92:DE:17:02:C5:4C:18:94:94:B9:32:05:57:6A:D2:0A:AA:66
X509v3 Authority Key Identifier:
keyid:1D:5A:F3:AE:21:F9:7E:C4:EC:75:D5:1A:85:A3:E1:62:ED:7A:9E:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HVrzriH5fsTsddUahaPhYu16ntc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/d34acf-3a5f-464f-95ee-908bba12b21a/1/HQOS3hcCxUwYlJS5MgVXatIKqmY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/d34acf-3a5f-464f-95ee-908bba12b21a/1/HVrzriH5fsTsddUahaPhYu16ntc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.163.0/24
Signature Algorithm: sha256WithRSAEncryption
10:4c:9b:bf:28:f6:0b:de:4e:e0:44:e2:36:ec:d2:0b:98:8a:
73:12:b1:de:a2:35:0f:77:c9:48:90:05:fa:f5:1f:ed:51:99:
db:0e:28:70:d9:22:21:df:79:39:8a:2d:90:99:54:91:ae:53:
76:8d:d5:2c:c2:38:8a:f0:88:2b:29:69:4a:4f:ff:3a:90:5c:
5b:86:28:3f:76:cb:4d:24:01:a2:2d:1d:87:1d:06:b7:7f:01:
3b:f6:49:1b:2d:5f:e3:7d:aa:9d:e5:6c:47:7e:23:8b:9c:2e:
88:b5:da:e3:f3:d0:6f:ce:f4:db:5b:b5:80:f1:1c:ca:50:19:
48:22:c4:80:e8:d8:8e:f8:f4:35:54:3c:11:fe:c9:c8:40:5d:
cb:12:7d:b4:a9:d3:59:32:9e:03:da:82:d5:d3:59:27:66:6f:
6d:34:27:2e:f8:d9:6b:40:d6:ef:72:21:f8:03:b6:44:77:4a:
5d:06:41:93:fe:7d:b3:99:af:d8:02:69:5f:20:e4:56:10:a9:
5b:52:92:92:8b:df:f4:ce:94:cb:59:ff:83:94:48:0a:38:08:
5a:f6:2b:31:7a:f4:db:34:1c:4a:5f:6d:ff:e7:b4:c8:43:a2:
10:ba:b6:f7:97:30:86:f9:f0:d8:ce:4c:95:ab:ae:36:a9:f7:
5d:38:6d:4f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuXWIog0luJEoyZcUPFtP1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkNWFmM2FlMjFmOTdlYzRlYzc1ZDUxYTg1YTNlMTYyZWQ3
YTllZDcwHhcNMjMwMTAxMTcyNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDAzOTJkZTE3MDJjNTRjMTg5NDk0YjkzMjA1NTc2YWQyMGFhYTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy/YtPuTH4/39ody353AYLyo47EdG
WPMSq4FINnJuWwgEhrnAwRYe0WiU1h0qaP+1nDPhh2pJr65yuw+MShCyZM6CdSEA
+wnnJVnSjyyeuSpfBPnLoL+Tm1gdqlhVHl6HBPbkUetFecI7E8QAXcyR3V2SWZCc
R7HS7fPvZMuLsu0u9aX+NgaZgDpPTYKN2P1oFdk9ayCXvxM0K2qhUoKfw3XIeXyM
PxviLuhAiUmaUfhXvCqCudqgm/WGfopM53mevkk87YGTWDFMly6VwKPPCb3P3Q1O
dB4BIFIlhDurnZB6PlLYAs/gZsfYawencT6GGhButi+rDE6HgLSfbiKMmQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB0Dkt4XAsVMGJSUuTIFV2rSCqpmMB8GA1UdIwQY
MBaAFB1a864h+X7E7HXVGoWj4WLtep7XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFZyenJpSDVmc1RzZGRVYWhhUGhZdTE2bnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9kMzRhY2YtM2E1Zi00NjRmLTk1ZWUt
OTA4YmJhMTJiMjFhLzEvSFFPUzNoY0N4VXdZbEpTNU1nVlhhdElLcW1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9kMzRhY2YtM2E1Zi00NjRmLTk1ZWUtOTA4YmJhMTJiMjFh
LzEvSFZyenJpSDVmc1RzZGRVYWhhUGhZdTE2bnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZKjMA0G
CSqGSIb3DQEBCwUAA4IBAQAQTJu/KPYL3k7gROI27NILmIpzErHeojUPd8lIkAX6
9R/tUZnbDihw2SIh33k5ii2QmVSRrlN2jdUswjiK8IgrKWlKT/86kFxbhig/dstN
JAGiLR2HHQa3fwE79kkbLV/jfaqd5WxHfiOLnC6Itdrj89BvzvTbW7WA8RzKUBlI
IsSA6NiO+PQ1VDwR/snIQF3LEn20qdNZMp4D2oLV01knZm9tNCcu+NlrQNbvciH4
A7ZEd0pdBkGT/n2zma/YAmlfIORWEKlbUpKSi9/0zpTLWf+DlEgKOAha9isxevTb
NBxKX23/57TIQ6IQurb3lzCG+fDYzkyVq642qfddOG1P
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:53 2023 by rpki-client on console-ams.rpki-client.org