Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/219bed-0481-48d0-84c8-985e8eadc95f/1/HqFPKJr-qK4xzPE4IsJAOGL20s0.roa
File: HqFPKJr-qK4xzPE4IsJAOGL20s0.roa (raw, json)
Hash identifier: PzpMtcP1FsE24tllLV2yDMT9ePT4ZVPMPVMobN6G+Ws=
Subject key identifier: 1E:A1:4F:28:9A:FE:A8:AE:31:CC:F1:38:22:C2:40:38:62:F6:D2:CD
Certificate issuer: /CN=83b932d235f210b9395d6849175d2f72ceabd709
Certificate serial: 018B8224DCF0EDC1F92335B1522241A08B0B
Authority key identifier: 83:B9:32:D2:35:F2:10:B9:39:5D:68:49:17:5D:2F:72:CE:AB:D7:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g7ky0jXyELk5XWhJF10vcs6r1wk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/219bed-0481-48d0-84c8-985e8eadc95f/1/HqFPKJr-qK4xzPE4IsJAOGL20s0.roa
Signing time: Mon 30 Oct 2023 19:52:15 +0000
ROA not before: Mon 30 Oct 2023 19:52:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212641
IP address blocks: 2001:67c:2470::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:82:24:dc:f0:ed:c1:f9:23:35:b1:52:22:41:a0:8b:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83b932d235f210b9395d6849175d2f72ceabd709
Validity
Not Before: Oct 30 19:52:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1ea14f289afea8ae31ccf13822c2403862f6d2cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:78:3b:7c:ed:8a:c6:65:d2:ee:01:3a:f9:29:
22:cc:3e:65:e9:92:b3:ea:8d:87:44:50:94:63:ea:
66:14:09:6a:26:ca:5c:5a:d7:e3:60:59:eb:e4:cf:
24:c3:30:e2:4b:ce:c1:0f:cb:64:2f:3b:b0:84:0b:
f3:cf:92:34:a4:d5:c6:b7:c8:7f:75:c0:c3:2e:db:
6a:7b:a5:06:19:03:23:07:0c:fb:71:ef:c5:63:2e:
61:a9:3c:e7:ea:a5:b6:32:44:da:d6:b9:d9:be:21:
93:07:18:e0:82:ad:8d:17:1e:70:03:f6:ae:70:b6:
94:d9:44:fc:ef:44:87:a0:12:7f:76:71:45:dc:72:
ae:7f:d3:2e:2b:da:48:7c:84:bc:76:c8:93:d7:90:
7a:49:de:55:77:9f:e3:c0:32:47:a1:06:f7:1a:81:
c8:08:97:92:be:50:35:5e:97:5e:d6:71:4a:fd:97:
1f:af:c8:13:81:66:f6:47:b7:9c:72:5d:32:7b:4d:
82:5a:57:5f:4f:45:91:1f:33:00:bc:0e:59:f8:90:
90:34:a4:bd:6c:2d:0e:83:60:2f:74:79:27:12:3a:
5c:3d:a1:a2:fb:58:b6:66:84:87:f7:55:8e:cf:a5:
aa:c2:c5:aa:e7:ca:12:d0:61:4f:8b:62:ef:43:87:
02:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:A1:4F:28:9A:FE:A8:AE:31:CC:F1:38:22:C2:40:38:62:F6:D2:CD
X509v3 Authority Key Identifier:
keyid:83:B9:32:D2:35:F2:10:B9:39:5D:68:49:17:5D:2F:72:CE:AB:D7:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g7ky0jXyELk5XWhJF10vcs6r1wk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/219bed-0481-48d0-84c8-985e8eadc95f/1/HqFPKJr-qK4xzPE4IsJAOGL20s0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/219bed-0481-48d0-84c8-985e8eadc95f/1/g7ky0jXyELk5XWhJF10vcs6r1wk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:2470::/48
Signature Algorithm: sha256WithRSAEncryption
08:2c:9c:09:02:f9:60:0b:4d:e0:15:b0:58:a4:14:18:f5:45:
1b:0e:25:49:f3:62:6b:70:0d:30:64:a0:33:6c:34:b1:09:8e:
7c:64:bf:eb:49:17:b3:da:9a:8b:50:8d:42:5c:7c:86:4d:a0:
42:65:92:ae:3f:b0:ce:09:31:90:ae:e4:d7:ca:12:65:87:fa:
f9:57:27:a4:8e:c2:a7:57:51:27:ae:28:6b:63:c1:da:7e:33:
11:27:b1:57:01:90:d6:4f:5b:b2:d8:be:2a:42:f4:1f:90:ab:
16:35:11:d9:ec:ac:08:16:b1:65:11:9b:cb:35:27:f5:b7:ef:
e7:7a:e4:cb:7f:b5:a1:b5:12:01:3f:77:48:f3:ab:c0:ef:41:
61:f2:cb:d6:7b:5c:29:8b:62:c3:dc:75:cd:6a:c2:57:4f:72:
9d:98:da:85:75:91:59:32:71:ea:64:28:d4:d8:5a:75:2b:91:
4d:97:c7:d6:4a:4d:04:23:e4:0a:78:fd:e0:46:eb:29:69:cc:
04:a7:d2:fb:c9:d1:80:f5:e3:9d:cb:53:4d:e7:13:3e:53:07:
e9:5e:85:0c:3c:1f:ac:54:33:7f:bb:10:a2:fb:be:e7:1a:b7:
8c:77:90:c7:7c:34:2c:07:43:a4:6d:b3:a7:0b:56:11:34:98:
02:ae:d9:9f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYuCJNzw7cH5IzWxUiJBoIsLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzYjkzMmQyMzVmMjEwYjkzOTVkNjg0OTE3NWQyZjcyY2Vh
YmQ3MDkwHhcNMjMxMDMwMTk1MjE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWExNGYyODlhZmVhOGFlMzFjY2YxMzgyMmMyNDAzODYyZjZkMmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkXg7fO2KxmXS7gE6+SkizD5l6ZKz
6o2HRFCUY+pmFAlqJspcWtfjYFnr5M8kwzDiS87BD8tkLzuwhAvzz5I0pNXGt8h/
dcDDLttqe6UGGQMjBwz7ce/FYy5hqTzn6qW2MkTa1rnZviGTBxjggq2NFx5wA/au
cLaU2UT870SHoBJ/dnFF3HKuf9MuK9pIfIS8dsiT15B6Sd5Vd5/jwDJHoQb3GoHI
CJeSvlA1Xpde1nFK/Zcfr8gTgWb2R7eccl0ye02CWldfT0WRHzMAvA5Z+JCQNKS9
bC0Og2AvdHknEjpcPaGi+1i2ZoSH91WOz6WqwsWq58oS0GFPi2LvQ4cC6QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFB6hTyia/qiuMczxOCLCQDhi9tLNMB8GA1UdIwQY
MBaAFIO5MtI18hC5OV1oSRddL3LOq9cJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzdreTBqWHlFTGs1WFdoSkYxMHZjczZyMXdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS8yMTliZWQtMDQ4MS00OGQwLTg0Yzgt
OTg1ZThlYWRjOTVmLzEvSHFGUEtKci1xSzR4elBFNElzSkFPR0wyMHMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS8yMTliZWQtMDQ4MS00OGQwLTg0YzgtOTg1ZThlYWRjOTVm
LzEvZzdreTBqWHlFTGs1WFdoSkYxMHZjczZyMXdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfCRw
MA0GCSqGSIb3DQEBCwUAA4IBAQAILJwJAvlgC03gFbBYpBQY9UUbDiVJ82JrcA0w
ZKAzbDSxCY58ZL/rSRez2pqLUI1CXHyGTaBCZZKuP7DOCTGQruTXyhJlh/r5Vyek
jsKnV1EnrihrY8HafjMRJ7FXAZDWT1uy2L4qQvQfkKsWNRHZ7KwIFrFlEZvLNSf1
t+/neuTLf7WhtRIBP3dI86vA70Fh8svWe1wpi2LD3HXNasJXT3KdmNqFdZFZMnHq
ZCjU2Fp1K5FNl8fWSk0EI+QKeP3gRuspacwEp9L7ydGA9eOdy1NN5xM+UwfpXoUM
PB+sVDN/uxCi+77nGreMd5DHfDQsB0OkbbOnC1YRNJgCrtmf
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:27 2024 by rpki-client on console-fra.rpki-client.org