Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/HLwCaWTZBcyzdDW85xkrQTTDQ1A.roa
File: HLwCaWTZBcyzdDW85xkrQTTDQ1A.roa (raw, json)
Hash identifier: vBbpcd9x6VmYUvBn/Bdib+7TSaSOnk2QIlX3xRfZuoc=
Subject key identifier: 1C:BC:02:69:64:D9:05:CC:B3:74:35:BC:E7:19:2B:41:34:C3:43:50
Certificate issuer: /CN=1e5b334965788794d6f147a2f004d13be3257dc4
Certificate serial: 018CCA2BE0A0D709FBC00645A6647EEFF167
Authority key identifier: 1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/HLwCaWTZBcyzdDW85xkrQTTDQ1A.roa
Signing time: Tue 02 Jan 2024 12:35:22 +0000
ROA not before: Tue 02 Jan 2024 12:35:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210122
IP address blocks: 152.89.195.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 08 Jan 2024 06:53:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:e0:a0:d7:09:fb:c0:06:45:a6:64:7e:ef:f1:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e5b334965788794d6f147a2f004d13be3257dc4
Validity
Not Before: Jan 2 12:35:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1cbc026964d905ccb37435bce7192b4134c34350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:72:ae:f4:8d:10:28:45:8e:53:2b:0d:25:c4:
2a:0f:24:ae:8c:8e:ff:7c:ce:83:50:53:ea:8f:9a:
4b:de:fa:7f:47:72:66:13:b0:7c:7c:c3:05:c6:6e:
5c:36:48:f7:77:c7:a3:c3:71:cd:9c:9c:df:6f:16:
76:1f:b8:de:f2:6e:ed:f2:ce:33:4c:d7:13:18:ed:
c2:bb:44:58:9a:6f:c7:b5:06:ba:7e:4b:5c:23:3a:
3a:02:f7:40:3b:6a:bf:db:a7:53:eb:60:d5:4d:31:
64:67:3e:2f:1b:f6:9c:ab:4d:f4:80:dd:b6:ed:f9:
6c:d4:60:0f:ee:dc:4a:de:ce:db:70:c0:f6:87:df:
33:b3:b7:5f:4c:ec:ae:28:85:57:22:7f:f4:5f:4a:
0b:9d:22:99:04:64:a4:a5:3e:59:4b:f5:97:b8:e3:
6e:6e:93:99:f8:71:67:8b:0e:ef:76:98:06:a9:75:
de:b6:e8:8c:cf:8d:4f:37:7c:69:20:86:15:a8:79:
06:0e:87:88:f5:2b:a2:70:0a:9f:15:38:5f:64:45:
a6:ae:3d:09:03:26:44:f6:a5:95:19:3d:fd:5b:d5:
58:20:7e:94:05:ac:3b:02:28:3a:84:66:fb:47:c4:
e5:4a:6c:0b:14:69:0e:c6:08:99:54:ee:96:89:84:
7c:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:BC:02:69:64:D9:05:CC:B3:74:35:BC:E7:19:2B:41:34:C3:43:50
X509v3 Authority Key Identifier:
keyid:1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/HLwCaWTZBcyzdDW85xkrQTTDQ1A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/HlszSWV4h5TW8Uei8ATRO-MlfcQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.195.0/24
Signature Algorithm: sha256WithRSAEncryption
75:81:cb:6f:0f:1f:2d:ea:15:a1:21:1a:fe:c7:05:cf:25:72:
15:f6:9b:55:44:19:d9:25:14:a9:01:8e:b8:e8:f3:f7:59:bc:
70:d6:94:ea:79:71:f9:7f:22:7f:1c:9b:4f:ae:f7:49:fa:90:
6f:4d:68:7f:98:2d:1b:92:b0:81:1c:5b:18:f2:71:87:75:64:
24:b3:f7:5d:56:5f:15:fe:4f:14:dc:ba:7f:21:0d:f0:7e:eb:
63:0d:90:e3:43:39:45:6e:86:b9:30:6d:38:42:4a:02:85:d8:
eb:62:27:b9:15:92:b7:82:5a:9d:13:d8:7a:dd:12:7c:8e:4c:
1b:c2:84:cb:65:61:9c:47:3d:fd:3b:2a:8c:b8:3b:ca:ef:53:
97:9c:62:ed:6e:9a:e6:b9:43:4f:56:33:67:e5:85:6b:c8:36:
c0:a7:70:43:4b:7d:c2:11:1e:3c:42:ca:17:a2:cc:63:be:5c:
40:0f:8b:cc:12:5f:c3:e0:78:9c:29:00:9e:e0:6c:ac:d7:11:
df:44:d9:24:8f:99:24:7f:e8:f9:c7:38:60:97:91:71:74:30:
2d:47:17:88:e5:c4:b3:7b:5b:1c:5d:7c:e0:f9:0c:90:94:6d:
8e:f9:8a:d3:71:03:53:90:68:8e:0d:88:e6:8a:7c:8f:65:7e:
52:9d:32:1f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKK+Cg1wn7wAZFpmR+7/FnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlNWIzMzQ5NjU3ODg3OTRkNmYxNDdhMmYwMDRkMTNiZTMy
NTdkYzQwHhcNMjQwMTAyMTIzNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2JjMDI2OTY0ZDkwNWNjYjM3NDM1YmNlNzE5MmI0MTM0YzM0MzUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgnKu9I0QKEWOUysNJcQqDySujI7/
fM6DUFPqj5pL3vp/R3JmE7B8fMMFxm5cNkj3d8ejw3HNnJzfbxZ2H7je8m7t8s4z
TNcTGO3Cu0RYmm/HtQa6fktcIzo6AvdAO2q/26dT62DVTTFkZz4vG/acq030gN22
7fls1GAP7txK3s7bcMD2h98zs7dfTOyuKIVXIn/0X0oLnSKZBGSkpT5ZS/WXuONu
bpOZ+HFniw7vdpgGqXXetuiMz41PN3xpIIYVqHkGDoeI9SuicAqfFThfZEWmrj0J
AyZE9qWVGT39W9VYIH6UBaw7Aig6hGb7R8TlSmwLFGkOxgiZVO6WiYR8eQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBy8Amlk2QXMs3Q1vOcZK0E0w0NQMB8GA1UdIwQY
MBaAFB5bM0lleIeU1vFHovAE0TvjJX3EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDIt
OTk5MGUyZDllYWZlLzEvSEx3Q2FXVFpCY3l6ZERXODV4a3JRVFREUTFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDItOTk5MGUyZDllYWZl
LzEvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmFnDMA0G
CSqGSIb3DQEBCwUAA4IBAQB1gctvDx8t6hWhIRr+xwXPJXIV9ptVRBnZJRSpAY64
6PP3Wbxw1pTqeXH5fyJ/HJtPrvdJ+pBvTWh/mC0bkrCBHFsY8nGHdWQks/ddVl8V
/k8U3Lp/IQ3wfutjDZDjQzlFboa5MG04QkoChdjrYie5FZK3glqdE9h63RJ8jkwb
woTLZWGcRz39OyqMuDvK71OXnGLtbprmuUNPVjNn5YVryDbAp3BDS33CER48QsoX
osxjvlxAD4vMEl/D4HicKQCe4Gys1xHfRNkkj5kkf+j5xzhgl5FxdDAtRxeI5cSz
e1scXXzg+QyQlG2O+YrTcQNTkGiODYjminyPZX5SnTIf
-----END CERTIFICATE-----
Generated at Mon Jan 8 09:35:56 2024 by rpki-client on console-ams.rpki-client.org