Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/85f02e-f1ac-44fb-92eb-f05aa229d638/1/HZEZVBIGZFpxiCdJ8bJj2t3wd3o.roa
File: HZEZVBIGZFpxiCdJ8bJj2t3wd3o.roa (raw, json)
Hash identifier: ZMh/Ohef/GZ2OT0sj4ZicPYrU1P4UKxfrWUq2R3oaXc=
Subject key identifier: 1D:91:19:54:12:06:64:5A:71:88:27:49:F1:B2:63:DA:DD:F0:77:7A
Certificate issuer: /CN=d2622fdec8fadfca58e7575c29f10e73ae775715
Certificate serial: 01936C07C9F36379F2C03124FCA3B5FB10D3
Authority key identifier: D2:62:2F:DE:C8:FA:DF:CA:58:E7:57:5C:29:F1:0E:73:AE:77:57:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0mIv3sj638pY51dcKfEOc653VxU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/85f02e-f1ac-44fb-92eb-f05aa229d638/1/HZEZVBIGZFpxiCdJ8bJj2t3wd3o.roa
Signing time: Wed 27 Nov 2024 05:11:09 +0000
ROA not before: Wed 27 Nov 2024 05:11:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199173
IP address blocks: 151.237.66.0/24 maxlen: 24
151.237.80.0/22 maxlen: 22
151.237.88.0/23 maxlen: 23
151.237.90.0/24 maxlen: 24
194.69.203.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 27 Nov 2024 16:56:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:6c:07:c9:f3:63:79:f2:c0:31:24:fc:a3:b5:fb:10:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2622fdec8fadfca58e7575c29f10e73ae775715
Validity
Not Before: Nov 27 05:11:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1d9119541206645a71882749f1b263daddf0777a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:3f:c3:34:32:e5:e8:35:30:cd:eb:a5:1a:9d:
cc:ff:c3:8a:ce:62:62:9b:20:0c:ef:a9:22:fd:2a:
76:29:96:90:e5:62:ae:7a:2d:80:45:9a:d2:43:e4:
f6:93:8f:3c:a1:b6:a9:08:0b:82:18:ec:0b:06:48:
e0:65:09:ee:7f:05:b1:1f:70:df:ed:57:de:23:9e:
34:0b:97:f9:d4:ac:88:4b:b4:b8:83:0b:8a:61:02:
2b:40:5d:3f:ff:cf:f8:65:be:87:76:8b:58:f5:cd:
6d:fd:60:1b:83:bb:8a:d3:3f:6b:8a:3c:0b:72:58:
51:41:5f:bd:81:59:ce:eb:83:6f:af:3a:6b:e0:07:
e7:4b:1d:b0:25:eb:eb:f8:b0:0b:ce:01:37:f4:68:
84:5b:85:34:78:2b:1e:74:3b:65:06:1f:4a:96:64:
20:4c:be:7c:e5:8f:14:ee:0b:32:ff:3a:6c:ed:7b:
e5:54:e8:2c:15:86:7b:81:eb:68:6c:81:7a:6a:bb:
b7:1f:8a:a0:16:da:f5:a8:92:27:55:f8:f2:dd:99:
95:07:f5:92:74:43:e9:5a:8f:af:59:67:d4:48:77:
59:a4:62:63:c5:27:fa:36:93:e6:c8:d8:b7:14:67:
de:b9:85:ae:4f:b5:ea:fc:69:74:00:17:c5:3b:15:
c1:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:91:19:54:12:06:64:5A:71:88:27:49:F1:B2:63:DA:DD:F0:77:7A
X509v3 Authority Key Identifier:
keyid:D2:62:2F:DE:C8:FA:DF:CA:58:E7:57:5C:29:F1:0E:73:AE:77:57:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0mIv3sj638pY51dcKfEOc653VxU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/85f02e-f1ac-44fb-92eb-f05aa229d638/1/HZEZVBIGZFpxiCdJ8bJj2t3wd3o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/85f02e-f1ac-44fb-92eb-f05aa229d638/1/0mIv3sj638pY51dcKfEOc653VxU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.237.66.0/24
151.237.80.0/22
151.237.88.0-151.237.90.255
194.69.203.0/24
Signature Algorithm: sha256WithRSAEncryption
56:13:0e:53:99:b1:cd:64:76:b3:9e:7c:95:3f:28:80:29:36:
0b:fb:d7:ce:df:69:5b:b7:af:dc:ab:79:98:ab:e7:17:37:8d:
b2:f9:03:89:b9:8b:bb:39:03:a5:f1:68:fb:7b:5e:3e:64:16:
65:15:0f:3d:00:43:b1:e0:d0:12:f2:b1:ec:38:56:43:9d:f4:
de:8d:10:54:d6:9c:bd:87:80:6d:6f:40:48:57:63:0a:8a:4b:
fb:0c:14:58:cb:1c:73:82:06:a1:95:6b:ab:48:af:c7:cf:1a:
ed:90:21:01:56:68:b4:0e:cd:4b:a5:f5:73:27:57:1a:53:bc:
83:8b:ac:b4:bd:3e:90:0d:97:06:50:66:88:86:86:81:03:a8:
f2:09:11:21:1b:f4:42:0c:a4:f8:9d:9e:0f:a1:78:95:d9:fe:
ff:43:b1:40:38:9c:3c:98:29:17:6a:56:ad:62:4c:7c:cb:40:
4e:3c:07:b6:c8:8b:48:e3:5a:b6:d2:c4:18:95:79:00:e7:37:
2e:28:5e:ea:23:62:24:3f:7e:57:aa:7a:b8:a6:75:bb:6a:f0:
8a:43:0a:4c:50:22:3a:1e:f1:48:fc:fc:cf:ee:09:50:7a:14:
fb:38:44:9b:10:ad:aa:20:07:a6:fd:53:c5:5e:cf:d7:71:5f:
2e:3a:7b:ff
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZNsB8nzY3nywDEk/KO1+xDTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNjIyZmRlYzhmYWRmY2E1OGU3NTc1YzI5ZjEwZTczYWU3
NzU3MTUwHhcNMjQxMTI3MDUxMTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDkxMTk1NDEyMDY2NDVhNzE4ODI3NDlmMWIyNjNkYWRkZjA3NzdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwT/DNDLl6DUwzeulGp3M/8OKzmJi
myAM76ki/Sp2KZaQ5WKuei2ARZrSQ+T2k488obapCAuCGOwLBkjgZQnufwWxH3Df
7VfeI540C5f51KyIS7S4gwuKYQIrQF0//8/4Zb6HdotY9c1t/WAbg7uK0z9rijwL
clhRQV+9gVnO64Nvrzpr4AfnSx2wJevr+LALzgE39GiEW4U0eCsedDtlBh9KlmQg
TL585Y8U7gsy/zps7XvlVOgsFYZ7getobIF6aru3H4qgFtr1qJInVfjy3ZmVB/WS
dEPpWo+vWWfUSHdZpGJjxSf6NpPmyNi3FGfeuYWuT7Xq/Gl0ABfFOxXBhwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFB2RGVQSBmRacYgnSfGyY9rd8Hd6MB8GA1UdIwQY
MBaAFNJiL97I+t/KWOdXXCnxDnOud1cVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMG1JdjNzajYzOHBZNTFkY0tmRU9jNjUzVnhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS84NWYwMmUtZjFhYy00NGZiLTkyZWIt
ZjA1YWEyMjlkNjM4LzEvSFpFWlZCSUdaRnB4aUNkSjhiSmoydDN3ZDNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS84NWYwMmUtZjFhYy00NGZiLTkyZWItZjA1YWEyMjlkNjM4
LzEvMG1JdjNzajYzOHBZNTFkY0tmRU9jNjUzVnhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAl+1CAwQC
l+1QMAwDBAOX7VgDBACX7VoDBADCRcswDQYJKoZIhvcNAQELBQADggEBAFYTDlOZ
sc1kdrOefJU/KIApNgv7187faVu3r9yreZir5xc3jbL5A4m5i7s5A6XxaPt7Xj5k
FmUVDz0AQ7Hg0BLysew4VkOd9N6NEFTWnL2HgG1vQEhXYwqKS/sMFFjLHHOCBqGV
a6tIr8fPGu2QIQFWaLQOzUul9XMnVxpTvIOLrLS9PpANlwZQZoiGhoEDqPIJESEb
9EIMpPidng+heJXZ/v9DsUA4nDyYKRdqVq1iTHzLQE48B7bIi0jjWrbSxBiVeQDn
Ny4oXuojYiQ/fleqerimdbtq8IpDCkxQIjoe8Uj8/M/uCVB6FPs4RJsQraogB6b9
U8Vez9dxXy46e/8=
-----END CERTIFICATE-----
Generated at Wed Apr 30 06:03:53 2025 by rpki-client