Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/4de889-dc9d-41e5-b3aa-0d7b551f828c/1/HKqrxR2eJcx8EG3_32OyHDaVaaw.roa
File: HKqrxR2eJcx8EG3_32OyHDaVaaw.roa (raw, json)
Hash identifier: sCpBKqHtfJNxpoLwaq7jNKcX85S5QUBSflZTgkZmI0g=
Subject key identifier: 1C:AA:AB:C5:1D:9E:25:CC:7C:10:6D:FF:DF:63:B2:1C:36:95:69:AC
Certificate issuer: /CN=5b2dd9fe628b6bc10141de0241766a1b7a63193f
Certificate serial: 01856CB85B2F3CC9EC3E3A6FDE9574FD6EF3
Authority key identifier: 5B:2D:D9:FE:62:8B:6B:C1:01:41:DE:02:41:76:6A:1B:7A:63:19:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wy3Z_mKLa8EBQd4CQXZqG3pjGT8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/4de889-dc9d-41e5-b3aa-0d7b551f828c/1/HKqrxR2eJcx8EG3_32OyHDaVaaw.roa
Signing time: Sun 01 Jan 2023 09:44:59 +0000
ROA not before: Sun 01 Jan 2023 09:44:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42960
IP address blocks: 185.106.176.0/24 maxlen: 24
2a06:5040:103::/48 maxlen: 48
2a06:5040:101::/48 maxlen: 48
2a06:5040:102::/48 maxlen: 48
2a06:5040:100::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:b8:5b:2f:3c:c9:ec:3e:3a:6f:de:95:74:fd:6e:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b2dd9fe628b6bc10141de0241766a1b7a63193f
Validity
Not Before: Jan 1 09:44:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1caaabc51d9e25cc7c106dffdf63b21c369569ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:81:2b:cd:a5:6a:cb:19:e2:32:2e:8d:41:d8:
13:54:fa:f4:04:96:5b:13:a1:10:8d:80:b9:ab:f8:
50:71:24:ac:f9:ae:4c:25:fa:cc:da:be:e5:92:9c:
15:5a:26:82:0b:a3:79:c5:8b:58:69:5f:1a:21:2c:
5d:08:39:88:e6:14:cd:09:4a:ba:b8:40:b3:fb:e0:
5b:07:62:b5:b8:c4:59:2b:fa:c2:ee:cf:bf:28:2f:
05:80:c3:21:96:9b:84:e8:9b:cd:23:83:ca:31:7b:
2f:14:f3:31:1c:73:74:84:05:b5:7e:4a:75:aa:7f:
9f:b5:21:44:34:fd:83:7d:ca:5f:af:eb:e0:b5:95:
f4:53:1f:19:6e:b0:95:2a:50:66:e8:5f:ef:51:70:
9c:78:31:b3:c5:8d:c1:05:71:c4:cf:1e:33:45:cd:
2f:49:58:39:78:ac:7e:a6:41:ee:96:71:83:7b:ed:
e1:a2:74:92:e9:75:d0:55:ee:71:71:5f:5e:27:fe:
c0:8b:de:51:e2:f2:e2:70:1d:ab:8d:24:31:9d:1e:
29:ba:ab:ab:33:f2:0e:28:9d:fa:3e:5c:a9:90:64:
02:d1:bf:e6:a6:fe:45:be:4f:a7:bd:86:54:97:de:
ff:55:2d:06:f1:06:1d:3b:8b:58:18:d8:2d:14:c6:
da:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:AA:AB:C5:1D:9E:25:CC:7C:10:6D:FF:DF:63:B2:1C:36:95:69:AC
X509v3 Authority Key Identifier:
keyid:5B:2D:D9:FE:62:8B:6B:C1:01:41:DE:02:41:76:6A:1B:7A:63:19:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wy3Z_mKLa8EBQd4CQXZqG3pjGT8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/4de889-dc9d-41e5-b3aa-0d7b551f828c/1/HKqrxR2eJcx8EG3_32OyHDaVaaw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/4de889-dc9d-41e5-b3aa-0d7b551f828c/1/Wy3Z_mKLa8EBQd4CQXZqG3pjGT8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.106.176.0/24
IPv6:
2a06:5040:100::/46
Signature Algorithm: sha256WithRSAEncryption
60:e2:c9:b5:a2:b3:41:fe:81:e7:a6:fc:c5:96:00:35:bb:95:
2e:c1:15:fb:68:b7:fd:8c:8a:5a:ba:e7:8d:d5:3e:fc:f0:5b:
ce:75:ca:42:91:71:6d:9f:30:76:b7:44:d4:36:35:0d:42:4b:
2c:27:c5:3a:bb:08:2a:14:c8:f6:17:f4:fc:24:6f:3b:c7:41:
63:9d:22:53:e6:1b:ec:f0:e4:91:c7:60:22:31:d5:88:d2:fb:
68:6d:17:7b:dd:2e:9f:a9:0b:fc:a0:da:8c:49:44:52:25:cc:
4d:d2:0a:14:a7:36:98:12:5b:cd:2f:fb:d7:86:65:4a:76:61:
f4:2f:84:1c:c7:53:4e:c8:40:38:27:9e:ec:ff:e1:3a:e6:36:
ea:01:3e:38:ce:29:cc:3e:c3:da:73:f3:f9:43:f6:a8:ed:ee:
ec:f5:ce:b8:ca:06:d5:bb:66:3f:76:b3:26:3b:3a:20:c5:f2:
67:63:01:60:74:e8:87:ec:5d:b1:3d:ff:50:91:c5:3b:77:06:
cd:fa:8a:cc:9e:00:53:a8:22:c4:e3:48:24:46:55:fc:9d:27:
f0:39:53:ca:7b:fd:10:7b:68:7e:0e:d1:9e:99:23:34:f0:f9:
c6:af:c7:03:98:4a:a2:71:d6:10:8b:b2:bd:80:b8:de:34:5c:
b4:8d:49:47
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVsuFsvPMnsPjpv3pV0/W7zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViMmRkOWZlNjI4YjZiYzEwMTQxZGUwMjQxNzY2YTFiN2E2
MzE5M2YwHhcNMjMwMTAxMDk0NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2FhYWJjNTFkOWUyNWNjN2MxMDZkZmZkZjYzYjIxYzM2OTU2OWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjYErzaVqyxniMi6NQdgTVPr0BJZb
E6EQjYC5q/hQcSSs+a5MJfrM2r7lkpwVWiaCC6N5xYtYaV8aISxdCDmI5hTNCUq6
uECz++BbB2K1uMRZK/rC7s+/KC8FgMMhlpuE6JvNI4PKMXsvFPMxHHN0hAW1fkp1
qn+ftSFENP2Dfcpfr+vgtZX0Ux8ZbrCVKlBm6F/vUXCceDGzxY3BBXHEzx4zRc0v
SVg5eKx+pkHulnGDe+3honSS6XXQVe5xcV9eJ/7Ai95R4vLicB2rjSQxnR4puqur
M/IOKJ36PlypkGQC0b/mpv5Fvk+nvYZUl97/VS0G8QYdO4tYGNgtFMbaOwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFByqq8UdniXMfBBt/99jshw2lWmsMB8GA1UdIwQY
MBaAFFst2f5ii2vBAUHeAkF2aht6Yxk/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3kzWl9tS0xhOEVCUWQ0Q1FYWnFHM3BqR1Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi80ZGU4ODktZGM5ZC00MWU1LWIzYWEt
MGQ3YjU1MWY4MjhjLzEvSEtxcnhSMmVKY3g4RUczXzMyT3lIRGFWYWF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi80ZGU4ODktZGM5ZC00MWU1LWIzYWEtMGQ3YjU1MWY4Mjhj
LzEvV3kzWl9tS0xhOEVCUWQ0Q1FYWnFHM3BqR1Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuWqwMA8E
AgACMAkDBwIqBlBAAQAwDQYJKoZIhvcNAQELBQADggEBAGDiybWis0H+geem/MWW
ADW7lS7BFftot/2Milq6543VPvzwW851ykKRcW2fMHa3RNQ2NQ1CSywnxTq7CCoU
yPYX9PwkbzvHQWOdIlPmG+zw5JHHYCIx1YjS+2htF3vdLp+pC/yg2oxJRFIlzE3S
ChSnNpgSW80v+9eGZUp2YfQvhBzHU07IQDgnnuz/4TrmNuoBPjjOKcw+w9pz8/lD
9qjt7uz1zrjKBtW7Zj92syY7OiDF8mdjAWB06IfsXbE9/1CRxTt3Bs36isyeAFOo
IsTjSCRGVfydJ/A5U8p7/RB7aH4O0Z6ZIzTw+cavxwOYSqJx1hCLsr2AuN40XLSN
SUc=
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:33:23 2024 by rpki-client on console-ams.rpki-client.org