Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/0af199-fe47-4f5b-9c68-15b944577c86/1/hlGyzJYGvBbcE7AokXPUiQyOOGw.roa
File: hlGyzJYGvBbcE7AokXPUiQyOOGw.roa (raw, json)
Hash identifier: gIghUHjP+qMlGW+7Q9987G+C4+fvyMm04j1LSPK0PMc=
Subject key identifier: 86:51:B2:CC:96:06:BC:16:DC:13:B0:28:91:73:D4:89:0C:8E:38:6C
Certificate issuer: /CN=c224b69ed4a23b7b3e0674a3f994601d73b7baff
Certificate serial: 018E23856BC72C96363CDA0446523E9DE637
Authority key identifier: C2:24:B6:9E:D4:A2:3B:7B:3E:06:74:A3:F9:94:60:1D:73:B7:BA:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wiS2ntSiO3s-BnSj-ZRgHXO3uv8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/0af199-fe47-4f5b-9c68-15b944577c86/1/hlGyzJYGvBbcE7AokXPUiQyOOGw.roa
Signing time: Sat 09 Mar 2024 14:02:09 +0000
ROA not before: Sat 09 Mar 2024 14:02:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51297
IP address blocks: 178.255.200.0/24 maxlen: 24
178.255.201.0/24 maxlen: 24
178.255.202.0/23 maxlen: 23
178.255.203.0/24 maxlen: 24
178.255.205.0/24 maxlen: 24
178.255.206.0/24 maxlen: 24
2a01:a440:2::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 06 Apr 2024 07:53:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:23:85:6b:c7:2c:96:36:3c:da:04:46:52:3e:9d:e6:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c224b69ed4a23b7b3e0674a3f994601d73b7baff
Validity
Not Before: Mar 9 14:02:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8651b2cc9606bc16dc13b0289173d4890c8e386c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:8e:f0:9d:48:b8:40:3d:a8:bd:56:40:58:82:
43:f0:9f:48:69:1b:73:65:78:d7:3e:90:32:d1:01:
7c:18:be:1d:d1:fa:e5:21:b2:57:12:5a:5d:09:63:
88:d6:3d:4a:01:4d:fd:b3:48:c4:f1:ad:e7:84:51:
04:16:eb:bd:e3:61:44:0d:04:98:89:eb:a3:2c:07:
6a:45:0a:b8:fb:6a:b1:b1:b7:65:a2:4c:73:49:c5:
76:d4:6d:01:b6:aa:8c:fc:1e:60:1f:a8:1c:85:99:
17:98:38:45:fa:4c:8e:fc:91:f1:73:a0:6b:c3:c9:
d6:c8:ee:20:fa:b1:dd:6c:3e:04:c2:d1:ff:f2:0e:
b4:8f:5b:12:e6:c6:17:77:b8:8f:b1:1b:26:3d:b6:
b0:4a:85:d1:ec:f5:d2:e6:a6:5d:3c:63:ae:8e:73:
10:60:55:d2:91:cb:e0:56:73:45:d8:f2:5b:4d:85:
d1:c2:02:99:17:39:4b:12:ef:ae:ae:af:01:e9:f2:
be:c5:12:85:33:7b:aa:45:fc:30:21:0b:75:33:37:
91:fe:d3:66:67:5a:ea:79:5f:ca:91:3c:37:74:17:
69:52:4f:37:3b:92:3b:e6:5f:54:ae:f5:c8:ea:43:
27:d7:e8:66:88:e3:ac:49:e1:5e:6b:70:90:cd:ba:
66:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:51:B2:CC:96:06:BC:16:DC:13:B0:28:91:73:D4:89:0C:8E:38:6C
X509v3 Authority Key Identifier:
keyid:C2:24:B6:9E:D4:A2:3B:7B:3E:06:74:A3:F9:94:60:1D:73:B7:BA:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wiS2ntSiO3s-BnSj-ZRgHXO3uv8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/0af199-fe47-4f5b-9c68-15b944577c86/1/hlGyzJYGvBbcE7AokXPUiQyOOGw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/0af199-fe47-4f5b-9c68-15b944577c86/1/wiS2ntSiO3s-BnSj-ZRgHXO3uv8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.255.200.0/22
178.255.205.0-178.255.206.255
IPv6:
2a01:a440:2::/48
Signature Algorithm: sha256WithRSAEncryption
9f:c8:c3:31:64:3c:7d:b4:de:87:1a:14:0d:ef:f2:75:fd:a5:
dc:a6:56:09:4c:44:d8:24:dd:9e:1b:c1:cf:9b:34:38:46:4c:
3e:72:69:05:7c:72:95:53:2f:17:1f:70:49:4e:ba:53:91:38:
0d:0b:98:2a:31:43:51:9c:81:4e:16:d6:6d:42:98:9c:33:46:
a9:d6:26:52:e3:f9:ba:9c:24:fb:b1:15:8a:af:bd:cc:e4:af:
88:f2:b9:07:ae:8b:de:4d:3f:6f:4a:9f:a3:01:45:cb:f5:e4:
02:f3:57:41:b8:a4:04:89:13:fb:2b:16:27:68:5c:4b:b3:b7:
0a:1b:cc:34:26:28:c8:f3:69:cc:2e:e1:5e:c6:42:4b:47:18:
09:aa:ea:89:6a:51:f8:c5:b5:32:ce:a5:d5:4f:b2:de:90:37:
01:f3:b8:02:7a:c0:9f:5f:0c:52:3d:de:79:57:dd:d4:d6:10:
48:60:48:78:27:af:1d:a5:b1:14:71:29:bb:69:07:ef:c6:f0:
68:a0:4e:9f:f3:19:64:f7:93:56:de:1b:5b:a6:a1:43:ea:9e:
d3:11:f8:8b:3b:59:15:e1:18:67:c9:68:51:9c:7c:7f:dd:09:
a5:a7:70:74:83:f3:fb:64:89:de:4e:59:83:5d:56:27:fa:7a:
d6:a6:2c:e8
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAY4jhWvHLJY2PNoERlI+neY3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyMjRiNjllZDRhMjNiN2IzZTA2NzRhM2Y5OTQ2MDFkNzNi
N2JhZmYwHhcNMjQwMzA5MTQwMjA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjUxYjJjYzk2MDZiYzE2ZGMxM2IwMjg5MTczZDQ4OTBjOGUzODZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmI7wnUi4QD2ovVZAWIJD8J9IaRtz
ZXjXPpAy0QF8GL4d0frlIbJXElpdCWOI1j1KAU39s0jE8a3nhFEEFuu942FEDQSY
ieujLAdqRQq4+2qxsbdlokxzScV21G0BtqqM/B5gH6gchZkXmDhF+kyO/JHxc6Br
w8nWyO4g+rHdbD4EwtH/8g60j1sS5sYXd7iPsRsmPbawSoXR7PXS5qZdPGOujnMQ
YFXSkcvgVnNF2PJbTYXRwgKZFzlLEu+urq8B6fK+xRKFM3uqRfwwIQt1MzeR/tNm
Z1rqeV/KkTw3dBdpUk83O5I75l9UrvXI6kMn1+hmiOOsSeFea3CQzbpmvQIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFIZRssyWBrwW3BOwKJFz1IkMjjhsMB8GA1UdIwQY
MBaAFMIktp7Uojt7PgZ0o/mUYB1zt7r/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2lTMm50U2lPM3MtQm5Tai1aUmdIWE8zdXY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8wYWYxOTktZmU0Ny00ZjViLTljNjgt
MTViOTQ0NTc3Yzg2LzEvaGxHeXpKWUd2QmJjRTdBb2tYUFVpUXlPT0d3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC8wYWYxOTktZmU0Ny00ZjViLTljNjgtMTViOTQ0NTc3Yzg2
LzEvd2lTMm50U2lPM3MtQm5Tai1aUmdIWE8zdXY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTAaBAIAATAUAwQCsv/IMAwD
BACy/80DBACy/84wDwQCAAIwCQMHACoBpEAAAjANBgkqhkiG9w0BAQsFAAOCAQEA
n8jDMWQ8fbTehxoUDe/ydf2l3KZWCUxE2CTdnhvBz5s0OEZMPnJpBXxylVMvFx9w
SU66U5E4DQuYKjFDUZyBThbWbUKYnDNGqdYmUuP5upwk+7EViq+9zOSviPK5B66L
3k0/b0qfowFFy/XkAvNXQbikBIkT+ysWJ2hcS7O3ChvMNCYoyPNpzC7hXsZCS0cY
CarqiWpR+MW1Ms6l1U+y3pA3AfO4AnrAn18MUj3eeVfd1NYQSGBIeCevHaWxFHEp
u2kH78bwaKBOn/MZZPeTVt4bW6ahQ+qe0xH4iztZFeEYZ8loUZx8f90JpadwdIPz
+2SJ3k5Zg11WJ/p61qYs6A==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:00:40 2025 by rpki-client