Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/HZgAFD_iyamyyd3-7LVLxC3GMyA.roa
File: HZgAFD_iyamyyd3-7LVLxC3GMyA.roa (raw, json)
Hash identifier: m7izFMvsc1CJryQnzCZjkXf0EaiJerfWmrnPHBrXd88=
Subject key identifier: 1D:98:00:14:3F:E2:C9:A9:B2:C9:DD:FE:EC:B5:4B:C4:2D:C6:33:20
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 018570FBB82E2484F8FDC380E67751DB823C
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/HZgAFD_iyamyyd3-7LVLxC3GMyA.roa
Signing time: Mon 02 Jan 2023 05:37:02 +0000
ROA not before: Mon 02 Jan 2023 05:37:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30823
IP address blocks: 178.251.228.0/24 maxlen: 32
178.251.228.0/23 maxlen: 32
5.1.74.0/24 maxlen: 32
5.1.81.0/24 maxlen: 32
2a01:367::/32 maxlen: 32
2a01:367:c204::/48 maxlen: 48
2a00:f826:3::/48 maxlen: 48
2a01:366::/32 maxlen: 32
2a01:363::/32 maxlen: 32
2a01:367:cff3::/48 maxlen: 48
2a01:367:dead::/48 maxlen: 48
2a01:365::/32 maxlen: 32
2a01:364::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:fb:b8:2e:24:84:f8:fd:c3:80:e6:77:51:db:82:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Jan 2 05:37:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1d9800143fe2c9a9b2c9ddfeecb54bc42dc63320
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:a5:ed:4f:d3:1f:9b:f7:f8:29:8f:54:04:57:
b1:75:25:cd:09:d7:4a:87:0b:e7:1b:b0:3e:39:7d:
24:8f:93:16:eb:1f:4f:0e:c2:d6:22:f4:e9:85:00:
fc:46:85:21:83:d6:9c:23:ab:b3:fd:22:cb:c4:62:
66:dd:b7:26:da:9f:70:5f:33:18:35:10:f7:c4:ba:
93:26:b8:6d:50:90:b0:11:96:20:99:f0:02:58:45:
ad:28:df:14:7b:7a:12:4c:6a:70:90:8b:b9:0a:9d:
7e:91:ae:30:f7:c2:46:29:1c:15:15:ed:b7:88:ca:
1a:5a:0a:1e:a1:57:6a:55:31:0a:ea:81:ad:16:59:
75:02:dd:93:a9:5f:2b:2b:b5:e2:bd:e2:11:f0:52:
b3:22:5d:ec:1e:31:11:21:6e:b1:50:8a:93:db:87:
cd:0b:dd:dc:ad:5b:d5:b5:75:67:84:85:59:0e:40:
92:70:7f:c3:19:93:5c:c7:43:96:dc:bc:38:de:1c:
c4:27:be:df:55:86:e3:c3:fb:60:be:dc:53:cd:9b:
e5:ef:82:51:e5:ad:0d:e5:09:c3:c8:ed:a6:5b:e3:
b3:42:a6:ef:2d:9f:7d:bd:7c:46:c7:0e:b0:18:e8:
12:a8:52:04:5f:93:ec:19:8e:66:7f:f5:b4:3d:a0:
45:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:98:00:14:3F:E2:C9:A9:B2:C9:DD:FE:EC:B5:4B:C4:2D:C6:33:20
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/HZgAFD_iyamyyd3-7LVLxC3GMyA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.1.74.0/24
5.1.81.0/24
178.251.228.0/23
IPv6:
2a00:f826:3::/48
2a01:363::-2a01:367:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
00:aa:77:01:46:a8:3c:f3:7b:ef:1a:6b:82:48:17:1c:cf:8b:
bf:6d:9f:b7:e0:f2:1b:3b:ea:2a:e0:75:3d:62:1d:92:2a:32:
96:28:a4:b5:95:4a:f1:ee:f6:86:a0:25:ab:c4:4d:ad:72:ed:
9e:98:22:e7:c6:14:3a:2c:52:9c:0a:98:69:86:4c:e6:d7:04:
a9:f8:65:36:fd:1c:b8:46:9c:e1:1a:94:12:58:75:cf:77:73:
6d:77:d1:17:68:65:44:dd:cb:30:4e:66:5b:ee:79:91:51:37:
25:2d:cc:84:3c:36:e9:c1:d7:c9:92:04:61:9d:33:90:61:47:
ff:f2:83:af:2a:30:5d:6f:80:0a:e1:02:83:28:a3:b2:d3:2b:
d1:86:83:af:09:1f:01:e1:e0:22:2c:46:3c:60:16:08:99:18:
3f:27:ac:7d:69:67:ba:0b:32:9e:70:7a:d7:86:62:bc:82:78:
58:eb:63:05:c9:4e:dd:39:d2:05:dc:68:3b:d7:3a:ad:6b:54:
08:ab:e8:4e:98:bb:f3:b6:15:20:b7:7c:ca:c4:f1:ca:2f:3a:
a4:fe:f4:d4:4d:49:dd:0c:88:80:f1:a0:2c:a3:d8:36:2c:a9:
da:53:66:b8:51:a7:f6:00:87:8d:d6:7a:81:dd:b6:58:49:7f:
ef:7b:06:6c
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYVw+7guJIT4/cOA5ndR24I8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi
MGZhZGIwHhcNMjMwMTAyMDUzNzAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDk4MDAxNDNmZTJjOWE5YjJjOWRkZmVlY2I1NGJjNDJkYzYzMzIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwKXtT9Mfm/f4KY9UBFexdSXNCddK
hwvnG7A+OX0kj5MW6x9PDsLWIvTphQD8RoUhg9acI6uz/SLLxGJm3bcm2p9wXzMY
NRD3xLqTJrhtUJCwEZYgmfACWEWtKN8Ue3oSTGpwkIu5Cp1+ka4w98JGKRwVFe23
iMoaWgoeoVdqVTEK6oGtFll1At2TqV8rK7XiveIR8FKzIl3sHjERIW6xUIqT24fN
C93crVvVtXVnhIVZDkCScH/DGZNcx0OW3Lw43hzEJ77fVYbjw/tgvtxTzZvl74JR
5a0N5QnDyO2mW+OzQqbvLZ99vXxGxw6wGOgSqFIEX5PsGY5mf/W0PaBFcwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFB2YABQ/4smpssnd/uy1S8QtxjMgMB8GA1UdIwQY
MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt
NThiMzhmNWFjODBiLzEvSFpnQUZEX2l5YW15eWQzLTdMVkx4QzNHTXlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi
LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAYBAIAATASAwQABQFKAwQA
BQFRAwQBsvvkMB8EAgACMBkDBwAqAPgmAAMwDgMFACoBA2MDBQMqAQNgMA0GCSqG
SIb3DQEBCwUAA4IBAQAAqncBRqg883vvGmuCSBccz4u/bZ+34PIbO+oq4HU9Yh2S
KjKWKKS1lUrx7vaGoCWrxE2tcu2emCLnxhQ6LFKcCphphkzm1wSp+GU2/Ry4Rpzh
GpQSWHXPd3Ntd9EXaGVE3cswTmZb7nmRUTclLcyEPDbpwdfJkgRhnTOQYUf/8oOv
KjBdb4AK4QKDKKOy0yvRhoOvCR8B4eAiLEY8YBYImRg/J6x9aWe6CzKecHrXhmK8
gnhY62MFyU7dOdIF3Gg71zqta1QIq+hOmLvzthUgt3zKxPHKLzqk/vTUTUndDIiA
8aAso9g2LKnaU2a4Uaf2AIeN1nqB3bZYSX/vewZs
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:19:57 2024 by rpki-client on console-ams.rpki-client.org