Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/55d10d-b448-4b47-ba58-147adc90ca0f/1/hLwPKAlovDWXKRMNpAx0aG1BMLM.roa
File: hLwPKAlovDWXKRMNpAx0aG1BMLM.roa (raw, json)
Hash identifier: guMPdYd5FIPHLqyClEmEVWy1QEckq1hQ2fxef9x74nw=
Subject key identifier: 84:BC:0F:28:09:68:BC:35:97:29:13:0D:A4:0C:74:68:6D:41:30:B3
Certificate issuer: /CN=949ff40831ca66f996c76ea466af49476fecd1ff
Certificate serial: 01856F671697EECCD50F76D9A00CDB22DF1E
Authority key identifier: 94:9F:F4:08:31:CA:66:F9:96:C7:6E:A4:66:AF:49:47:6F:EC:D1:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lJ_0CDHKZvmWx26kZq9JR2_s0f8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/55d10d-b448-4b47-ba58-147adc90ca0f/1/hLwPKAlovDWXKRMNpAx0aG1BMLM.roa
Signing time: Sun 01 Jan 2023 22:15:05 +0000
ROA not before: Sun 01 Jan 2023 22:15:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48131
IP address blocks: 193.33.140.0/24 maxlen: 24
37.221.116.0/24 maxlen: 24
2a09:500::/32 maxlen: 32
2a0f:ae80::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:67:16:97:ee:cc:d5:0f:76:d9:a0:0c:db:22:df:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=949ff40831ca66f996c76ea466af49476fecd1ff
Validity
Not Before: Jan 1 22:15:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=84bc0f280968bc359729130da40c74686d4130b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:01:2c:70:f5:ed:02:c2:f4:3b:c4:e3:bb:37:
ca:65:6c:12:a5:97:92:81:52:85:72:cf:6e:0b:2c:
a2:0e:40:ed:96:a7:34:c1:69:72:18:07:a1:c1:5f:
b2:35:80:79:ce:b6:1c:13:89:51:b7:1d:c6:7b:1f:
46:06:5a:6e:b9:de:ff:e7:fb:db:6e:5b:da:93:15:
e2:6f:3a:70:8f:20:e8:d6:17:29:90:1e:ca:09:4f:
68:54:d5:a1:fc:12:a8:e3:e9:d7:7f:43:2f:5b:27:
ed:14:8f:cb:c8:40:6a:6d:a2:77:c6:e6:e9:77:4f:
84:f3:a2:44:af:f4:9a:c9:d2:4d:d6:07:61:9e:6e:
3f:c9:82:e3:31:11:c9:1c:6b:5f:84:45:d2:31:6e:
a6:cb:2f:74:d7:9f:de:29:b3:be:fc:bd:f9:e0:5b:
d3:4d:c8:62:74:46:4f:0a:cf:a8:6e:d8:d4:50:ca:
d0:cf:04:e4:64:88:8d:a6:48:69:40:b1:d5:fc:9a:
25:eb:cf:90:27:3b:16:1a:24:dc:4f:c0:f9:e3:2c:
00:d0:49:c9:95:2d:56:75:73:4c:f3:c6:15:56:98:
7e:92:3d:f6:29:05:1e:b6:d4:4e:da:80:cf:f7:e8:
7d:be:b9:32:ed:d6:96:2f:38:87:b6:ed:17:32:ec:
1e:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:BC:0F:28:09:68:BC:35:97:29:13:0D:A4:0C:74:68:6D:41:30:B3
X509v3 Authority Key Identifier:
keyid:94:9F:F4:08:31:CA:66:F9:96:C7:6E:A4:66:AF:49:47:6F:EC:D1:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lJ_0CDHKZvmWx26kZq9JR2_s0f8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/55d10d-b448-4b47-ba58-147adc90ca0f/1/hLwPKAlovDWXKRMNpAx0aG1BMLM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/55d10d-b448-4b47-ba58-147adc90ca0f/1/lJ_0CDHKZvmWx26kZq9JR2_s0f8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.116.0/24
193.33.140.0/24
IPv6:
2a09:500::/32
2a0f:ae80::/32
Signature Algorithm: sha256WithRSAEncryption
7b:df:e1:c3:2b:96:76:d4:21:72:a6:62:b5:2b:4f:7f:68:e5:
b9:1d:ec:14:4b:80:42:c9:4e:1b:bd:51:da:01:dc:cc:2d:ec:
a7:cf:0b:77:a1:0f:87:2a:00:6b:d1:66:c8:cf:fc:36:18:a3:
e8:b1:f6:9f:7a:02:82:61:d3:9c:2d:05:f9:dc:6c:4d:9f:23:
c2:60:fa:a4:94:cf:4d:8c:dc:67:de:38:10:23:10:af:8e:9c:
e7:ef:81:5c:5b:0f:85:f6:0e:15:21:31:73:aa:6a:6e:d9:56:
d3:0e:97:84:d8:38:63:cb:32:c2:fa:25:37:2a:17:db:3a:ae:
e7:c5:b4:3d:ce:53:55:a3:29:7a:8c:8b:bf:da:fe:18:14:df:
6a:a1:44:03:0c:9b:25:b1:73:96:44:ae:8f:31:78:2d:39:33:
fa:08:b0:b5:eb:2b:20:e8:a6:24:28:d0:4a:f1:5a:42:fc:6f:
a8:a2:ed:78:36:67:42:45:b7:ff:52:e0:37:c8:a4:c2:3c:d1:
39:91:4b:9a:da:98:44:6a:17:12:32:1b:e1:18:ac:90:02:e1:
8f:15:f0:bb:fb:f4:a9:bb:2d:92:24:f5:5e:b4:2c:4f:9c:05:
64:a9:57:6f:71:f9:69:9b:19:35:cd:cc:30:01:b6:41:e3:26:
3c:9f:82:c7
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYVvZxaX7szVD3bZoAzbIt8eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0OWZmNDA4MzFjYTY2Zjk5NmM3NmVhNDY2YWY0OTQ3NmZl
Y2QxZmYwHhcNMjMwMTAxMjIxNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGJjMGYyODA5NjhiYzM1OTcyOTEzMGRhNDBjNzQ2ODZkNDEzMGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhgEscPXtAsL0O8TjuzfKZWwSpZeS
gVKFcs9uCyyiDkDtlqc0wWlyGAehwV+yNYB5zrYcE4lRtx3Gex9GBlpuud7/5/vb
blvakxXibzpwjyDo1hcpkB7KCU9oVNWh/BKo4+nXf0MvWyftFI/LyEBqbaJ3xubp
d0+E86JEr/SaydJN1gdhnm4/yYLjMRHJHGtfhEXSMW6myy9015/eKbO+/L354FvT
TchidEZPCs+obtjUUMrQzwTkZIiNpkhpQLHV/Jol68+QJzsWGiTcT8D54ywA0EnJ
lS1WdXNM88YVVph+kj32KQUettRO2oDP9+h9vrky7daWLziHtu0XMuwepQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFIS8DygJaLw1lykTDaQMdGhtQTCzMB8GA1UdIwQY
MBaAFJSf9Agxymb5lsdupGavSUdv7NH/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEpfMENESEtadm1XeDI2a1pxOUpSMl9zMGY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS81NWQxMGQtYjQ0OC00YjQ3LWJhNTgt
MTQ3YWRjOTBjYTBmLzEvaEx3UEtBbG92RFdYS1JNTnBBeDBhRzFCTUxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS81NWQxMGQtYjQ0OC00YjQ3LWJhNTgtMTQ3YWRjOTBjYTBm
LzEvbEpfMENESEtadm1XeDI2a1pxOUpSMl9zMGY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQAJd10AwQA
wSGMMBQEAgACMA4DBQAqCQUAAwUAKg+ugDANBgkqhkiG9w0BAQsFAAOCAQEAe9/h
wyuWdtQhcqZitStPf2jluR3sFEuAQslOG71R2gHczC3sp88Ld6EPhyoAa9FmyM/8
Nhij6LH2n3oCgmHTnC0F+dxsTZ8jwmD6pJTPTYzcZ944ECMQr46c5++BXFsPhfYO
FSExc6pqbtlW0w6XhNg4Y8sywvolNyoX2zqu58W0Pc5TVaMpeoyLv9r+GBTfaqFE
AwybJbFzlkSujzF4LTkz+giwtesrIOimJCjQSvFaQvxvqKLteDZnQkW3/1LgN8ik
wjzROZFLmtqYRGoXEjIb4RiskALhjxXwu/v0qbstkiT1XrQsT5wFZKlXb3H5aZsZ
Nc3MMAG2QeMmPJ+Cxw==
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:14:19 2024 by rpki-client on console.sobornost.net