Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/11cf4e-60a3-4622-b212-7314e694bac9/1/HKVTY6EMAt0UnRGUIDsJ1OA40CY.roa
File: HKVTY6EMAt0UnRGUIDsJ1OA40CY.roa (raw, json)
Hash identifier: JcsdYFlrflerogm6mCim1WF/tzFxtWzNTl7mUMEHb1U=
Subject key identifier: 1C:A5:53:63:A1:0C:02:DD:14:9D:11:94:20:3B:09:D4:E0:38:D0:26
Certificate issuer: /CN=6b877f082ff5fef4b07cf8f7c0f71334bc8b8482
Certificate serial: 01856E5D3D5A64DC18E1A2C56C3AA4CC1E50
Authority key identifier: 6B:87:7F:08:2F:F5:FE:F4:B0:7C:F8:F7:C0:F7:13:34:BC:8B:84:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a4d_CC_1_vSwfPj3wPcTNLyLhII.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/11cf4e-60a3-4622-b212-7314e694bac9/1/HKVTY6EMAt0UnRGUIDsJ1OA40CY.roa
Signing time: Sun 01 Jan 2023 17:24:42 +0000
ROA not before: Sun 01 Jan 2023 17:24:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35506
IP address blocks: 2a10:d000:3::/48 maxlen: 48
2a10:d001:3000::/36 maxlen: 36
2a10:d001:2000::/36 maxlen: 36
2a10:d001:1000::/36 maxlen: 36
2a10:d001::/36 maxlen: 36
2a10:d001:1800::/38 maxlen: 38
2a10:d001:2000::/38 maxlen: 38
2a10:d001:1000::/38 maxlen: 38
2a10:d001::/38 maxlen: 38
2a10:d000:14::/48 maxlen: 48
2a10:d000:1c::/48 maxlen: 48
2a10:d000::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:5d:3d:5a:64:dc:18:e1:a2:c5:6c:3a:a4:cc:1e:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b877f082ff5fef4b07cf8f7c0f71334bc8b8482
Validity
Not Before: Jan 1 17:24:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1ca55363a10c02dd149d1194203b09d4e038d026
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:a7:78:77:23:b3:9e:b2:cd:b5:ab:0b:61:72:
93:b0:45:ab:b6:1d:2b:70:1c:d0:c8:94:0d:08:8e:
5d:5a:f1:48:db:f2:34:60:20:aa:b4:75:04:41:3b:
a4:f8:8b:a8:6c:1e:9c:4d:cf:a7:35:da:1c:0a:73:
e9:06:c0:db:69:ba:75:a1:52:e7:3c:53:a9:3b:b6:
42:c3:17:61:c7:4e:86:68:75:cb:0c:6d:20:96:0e:
12:a8:b3:d3:df:b6:01:91:b2:fe:e4:e5:0d:30:2c:
1a:1a:0a:14:fb:90:48:63:ee:47:90:43:7c:b0:22:
e8:57:d5:19:ac:f0:d9:4e:c2:5c:2a:b5:82:2c:79:
b0:5f:07:82:36:c7:8e:dd:af:83:43:b0:37:e3:a5:
3c:55:f8:28:57:69:1a:ee:d0:40:9b:ef:bf:46:82:
a4:3a:49:f2:45:65:bf:86:6d:4a:8a:07:93:45:81:
40:86:93:69:27:aa:7b:73:f9:b1:18:f4:24:54:c4:
c4:5f:91:22:1e:8e:76:99:01:26:fb:df:4f:c7:69:
9b:2f:77:f9:a0:2d:38:ec:81:2e:bd:d7:25:aa:75:
d7:28:6a:8e:5f:7d:25:a6:5f:a2:17:0d:51:da:39:
37:d7:03:b7:53:91:c5:39:96:aa:14:b2:12:9b:2b:
e4:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:A5:53:63:A1:0C:02:DD:14:9D:11:94:20:3B:09:D4:E0:38:D0:26
X509v3 Authority Key Identifier:
keyid:6B:87:7F:08:2F:F5:FE:F4:B0:7C:F8:F7:C0:F7:13:34:BC:8B:84:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4d_CC_1_vSwfPj3wPcTNLyLhII.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/11cf4e-60a3-4622-b212-7314e694bac9/1/HKVTY6EMAt0UnRGUIDsJ1OA40CY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/11cf4e-60a3-4622-b212-7314e694bac9/1/a4d_CC_1_vSwfPj3wPcTNLyLhII.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:d000::/29
Signature Algorithm: sha256WithRSAEncryption
51:37:3c:47:dd:8b:30:c1:27:53:92:d2:bc:97:96:2c:60:c9:
28:68:c9:7e:31:d7:70:6f:64:e0:e1:bb:c0:bc:89:88:1b:6b:
9f:79:a7:97:7c:58:a3:40:e9:ff:5f:54:c3:15:48:99:cb:ae:
5b:aa:3b:7a:d4:f5:ba:ba:c7:1e:6b:a4:44:c6:6e:2b:78:10:
df:20:fe:63:54:00:fa:9b:04:10:ec:65:cc:d0:bf:00:35:8e:
11:cc:33:a7:56:50:e8:9e:06:fc:f4:25:9c:25:7b:e8:dc:ff:
ba:8d:6b:63:a9:85:b5:cc:ec:d0:f0:3d:28:c4:74:19:5b:10:
a1:cc:e5:c6:b8:78:e3:12:84:a6:52:18:c1:bd:01:aa:eb:c0:
27:c2:9b:81:31:17:16:15:b7:d8:30:39:38:a5:95:c4:44:df:
0e:3b:01:94:c1:29:5c:99:aa:52:2b:ac:b1:15:5e:b2:db:12:
43:3d:77:08:4d:61:45:32:a1:cc:3d:b5:85:de:ca:a1:b9:58:
9d:9c:2f:32:1e:ad:42:53:05:7f:13:ee:87:e7:8e:2d:1b:2a:
1a:71:97:b5:f8:a0:9d:fd:3d:88:00:c5:f5:a2:d7:4f:cd:e5:
60:92:db:e6:68:f8:79:9a:83:8d:9c:51:a6:18:ec:27:7b:d3:
51:3b:e2:fb
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVuXT1aZNwY4aLFbDqkzB5QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiODc3ZjA4MmZmNWZlZjRiMDdjZjhmN2MwZjcxMzM0YmM4
Yjg0ODIwHhcNMjMwMTAxMTcyNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2E1NTM2M2ExMGMwMmRkMTQ5ZDExOTQyMDNiMDlkNGUwMzhkMDI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjad4dyOznrLNtasLYXKTsEWrth0r
cBzQyJQNCI5dWvFI2/I0YCCqtHUEQTuk+IuobB6cTc+nNdocCnPpBsDbabp1oVLn
PFOpO7ZCwxdhx06GaHXLDG0glg4SqLPT37YBkbL+5OUNMCwaGgoU+5BIY+5HkEN8
sCLoV9UZrPDZTsJcKrWCLHmwXweCNseO3a+DQ7A346U8VfgoV2ka7tBAm++/RoKk
OknyRWW/hm1KigeTRYFAhpNpJ6p7c/mxGPQkVMTEX5EiHo52mQEm+99Px2mbL3f5
oC047IEuvdclqnXXKGqOX30lpl+iFw1R2jk31wO3U5HFOZaqFLISmyvkoQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFBylU2OhDALdFJ0RlCA7CdTgONAmMB8GA1UdIwQY
MBaAFGuHfwgv9f70sHz498D3EzS8i4SCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTRkX0NDXzFfdlN3ZlBqM3dQY1ROTHlMaElJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS8xMWNmNGUtNjBhMy00NjIyLWIyMTIt
NzMxNGU2OTRiYWM5LzEvSEtWVFk2RU1BdDBVblJHVUlEc0oxT0E0MENZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS8xMWNmNGUtNjBhMy00NjIyLWIyMTItNzMxNGU2OTRiYWM5
LzEvYTRkX0NDXzFfdlN3ZlBqM3dQY1ROTHlMaElJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhDQADAN
BgkqhkiG9w0BAQsFAAOCAQEAUTc8R92LMMEnU5LSvJeWLGDJKGjJfjHXcG9k4OG7
wLyJiBtrn3mnl3xYo0Dp/19UwxVImcuuW6o7etT1urrHHmukRMZuK3gQ3yD+Y1QA
+psEEOxlzNC/ADWOEcwzp1ZQ6J4G/PQlnCV76Nz/uo1rY6mFtczs0PA9KMR0GVsQ
oczlxrh44xKEplIYwb0BquvAJ8KbgTEXFhW32DA5OKWVxETfDjsBlMEpXJmqUius
sRVestsSQz13CE1hRTKhzD21hd7KoblYnZwvMh6tQlMFfxPuh+eOLRsqGnGXtfig
nf09iADF9aLXT83lYJLb5mj4eZqDjZxRphjsJ3vTUTvi+w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:28 2024 by rpki-client on console-fra.rpki-client.org