Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/AlkmiSGDrTRkQbbK4WWTmSHNjBg.roa
File: AlkmiSGDrTRkQbbK4WWTmSHNjBg.roa (raw, json)
Hash identifier: oHq77AWmSaMdAt+82ZnJQyaohFeaA0Epd4NM9oyP97U=
Subject key identifier: 02:59:26:89:21:83:AD:34:64:41:B6:CA:E1:65:93:99:21:CD:8C:18
Certificate issuer: /CN=1e5b334965788794d6f147a2f004d13be3257dc4
Certificate serial: 0185724C8DFAF787B50B271AA0A1226CAF12
Authority key identifier: 1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/AlkmiSGDrTRkQbbK4WWTmSHNjBg.roa
Signing time: Mon 02 Jan 2023 11:44:57 +0000
ROA not before: Mon 02 Jan 2023 11:44:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212609
IP address blocks: 171.33.240.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:4c:8d:fa:f7:87:b5:0b:27:1a:a0:a1:22:6c:af:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e5b334965788794d6f147a2f004d13be3257dc4
Validity
Not Before: Jan 2 11:44:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=025926892183ad346441b6cae165939921cd8c18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:82:2f:7e:1a:0a:02:d8:b8:ae:e5:82:b4:a3:
6a:83:1f:16:81:19:05:a4:bb:fb:9f:e8:68:65:d4:
65:13:09:90:69:32:63:69:43:78:a6:f7:71:2e:08:
d6:de:7a:e2:9c:d2:71:a9:77:ca:e0:5b:e9:d5:95:
21:8e:2f:f0:01:33:3d:d1:ba:15:63:ce:5c:b1:f7:
df:e2:e3:65:64:d3:86:87:b1:21:08:69:fd:96:0c:
c6:1e:3a:cb:eb:da:b2:73:3b:3b:19:9f:98:53:6a:
12:a1:c5:78:e2:ef:ec:18:90:af:fd:ab:35:9c:70:
0e:e8:70:d4:18:3c:00:70:6e:5d:85:1f:b3:b1:24:
56:4a:09:a9:c2:ce:8e:7d:4e:bd:fd:25:ed:75:fa:
b8:19:f1:e6:c4:00:dd:2b:a1:97:33:57:e6:32:fc:
f0:94:e3:2b:03:f2:5c:96:e7:9b:a2:c1:9b:50:37:
2e:62:b2:6f:6a:fa:df:6d:37:f3:fc:75:9f:7a:7a:
11:99:97:01:77:94:4a:c1:67:50:5e:ac:ef:a1:91:
7e:9c:d8:f5:c0:9a:98:ad:0b:4a:32:8e:45:ab:61:
6a:37:59:21:29:d4:77:e7:6c:cb:fb:3f:49:ce:0d:
7e:ac:f3:bc:f5:4a:db:18:f3:20:22:46:65:4d:db:
d1:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:59:26:89:21:83:AD:34:64:41:B6:CA:E1:65:93:99:21:CD:8C:18
X509v3 Authority Key Identifier:
keyid:1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/AlkmiSGDrTRkQbbK4WWTmSHNjBg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/HlszSWV4h5TW8Uei8ATRO-MlfcQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.33.240.0/24
Signature Algorithm: sha256WithRSAEncryption
27:36:0f:02:fd:33:59:9d:c7:c2:ba:06:cc:ea:08:fc:16:aa:
76:b7:58:e4:38:3a:07:b2:7b:7d:eb:ae:f0:57:63:8c:15:e4:
32:85:53:fa:8a:ab:ca:64:b6:77:96:7a:d7:28:82:30:76:cc:
29:01:84:c6:0a:c8:0e:db:3b:c6:46:7c:87:ef:aa:63:7b:a5:
65:f9:4d:c2:84:a6:ca:56:67:cb:6f:04:cc:ef:03:09:b7:da:
8c:b8:a8:6f:e5:98:af:03:a9:0b:9e:f9:89:76:5f:bb:e0:da:
f7:5c:1b:0c:de:d5:ce:da:b3:89:e6:51:f4:de:37:dd:84:77:
93:e9:0a:94:a5:d5:ef:24:10:0c:35:3c:68:77:5b:2a:6c:4b:
27:c0:2f:78:a1:69:2f:f9:e5:00:e4:c7:5c:95:0e:97:51:95:
04:ea:9f:7f:6f:b0:72:54:67:1e:8d:22:00:98:7a:51:40:5a:
b5:da:21:b5:62:ed:8d:ae:d7:56:0c:57:d1:5a:4b:9a:3c:5d:
c1:0d:c0:cb:f4:f6:5c:c9:62:87:5f:7f:d7:1b:f5:0e:9c:7f:
f3:97:9d:04:22:fc:37:c6:74:b0:6c:bc:0e:a3:d4:e0:c5:7d:
b9:2e:1b:9d:de:9b:cb:d5:a8:f7:66:a4:d1:b8:34:d3:aa:38:
f1:c4:e1:65
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyTI3694e1CycaoKEibK8SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlNWIzMzQ5NjU3ODg3OTRkNmYxNDdhMmYwMDRkMTNiZTMy
NTdkYzQwHhcNMjMwMTAyMTE0NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjU5MjY4OTIxODNhZDM0NjQ0MWI2Y2FlMTY1OTM5OTIxY2Q4YzE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnIIvfhoKAti4ruWCtKNqgx8WgRkF
pLv7n+hoZdRlEwmQaTJjaUN4pvdxLgjW3nrinNJxqXfK4Fvp1ZUhji/wATM90boV
Y85csfff4uNlZNOGh7EhCGn9lgzGHjrL69qyczs7GZ+YU2oSocV44u/sGJCv/as1
nHAO6HDUGDwAcG5dhR+zsSRWSgmpws6OfU69/SXtdfq4GfHmxADdK6GXM1fmMvzw
lOMrA/JcluebosGbUDcuYrJvavrfbTfz/HWfenoRmZcBd5RKwWdQXqzvoZF+nNj1
wJqYrQtKMo5Fq2FqN1khKdR352zL+z9Jzg1+rPO89UrbGPMgIkZlTdvRQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAJZJokhg600ZEG2yuFlk5khzYwYMB8GA1UdIwQY
MBaAFB5bM0lleIeU1vFHovAE0TvjJX3EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDIt
OTk5MGUyZDllYWZlLzEvQWxrbWlTR0RyVFJrUWJiSzRXV1RtU0hOakJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDItOTk5MGUyZDllYWZl
LzEvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAqyHwMA0G
CSqGSIb3DQEBCwUAA4IBAQAnNg8C/TNZncfCugbM6gj8Fqp2t1jkODoHsnt9667w
V2OMFeQyhVP6iqvKZLZ3lnrXKIIwdswpAYTGCsgO2zvGRnyH76pje6Vl+U3ChKbK
VmfLbwTM7wMJt9qMuKhv5ZivA6kLnvmJdl+74Nr3XBsM3tXO2rOJ5lH03jfdhHeT
6QqUpdXvJBAMNTxod1sqbEsnwC94oWkv+eUA5MdclQ6XUZUE6p9/b7ByVGcejSIA
mHpRQFq12iG1Yu2NrtdWDFfRWkuaPF3BDcDL9PZcyWKHX3/XG/UOnH/zl50EIvw3
xnSwbLwOo9TgxX25Lhud3pvL1aj3ZqTRuDTTqjjxxOFl
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:23:13 2024 by rpki-client on console-ams.rpki-client.org