Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/8HFj-F7IhTNeER0CQfNzGnjpkeQ.roa
File: 8HFj-F7IhTNeER0CQfNzGnjpkeQ.roa (raw, json)
Hash identifier: T+nIl90ns1XHbgf67wI8yuJhjJV80P8jLJ6jW6Scw+8=
Subject key identifier: F0:71:63:F8:5E:C8:85:33:5E:11:1D:02:41:F3:73:1A:78:E9:91:E4
Certificate issuer: /CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Certificate serial: 018571C3154CC292813D37B98BA45A7C6E06
Authority key identifier: B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/8HFj-F7IhTNeER0CQfNzGnjpkeQ.roa
Signing time: Mon 02 Jan 2023 09:14:48 +0000
ROA not before: Mon 02 Jan 2023 09:14:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20473
IP address blocks: 2a06:e881:7700::/40 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:c3:15:4c:c2:92:81:3d:37:b9:8b:a4:5a:7c:6e:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Validity
Not Before: Jan 2 09:14:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f07163f85ec885335e111d0241f3731a78e991e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:e7:57:ba:cc:e3:ec:54:5c:ad:f0:22:6b:51:
46:3a:b6:b8:37:eb:23:5a:0a:9a:11:19:a0:1a:61:
e7:a7:68:04:e0:a3:5d:0e:14:f2:38:2c:8d:6a:ff:
9b:17:ed:a8:1e:91:ce:88:1b:ed:c3:3c:96:23:6b:
32:57:e2:da:be:51:45:f2:fc:c0:c5:00:e5:9b:cb:
ef:ec:79:a9:ea:e9:b0:b5:dc:e1:cd:49:33:fa:05:
8a:ee:d1:3c:18:5c:07:8e:c1:56:10:88:cf:c6:14:
7c:80:b8:70:d3:0a:da:b4:74:5f:92:25:6c:86:b9:
a8:fc:ed:8d:5d:fd:41:de:1f:e1:39:11:44:8b:7c:
d6:16:ad:75:06:6a:01:c9:4e:cf:05:55:98:e2:7e:
f5:fc:c7:75:28:b5:fd:9c:9e:67:34:71:6f:c2:00:
0f:93:a3:4a:78:ce:15:44:69:91:f5:c5:39:5c:ed:
75:bc:ff:c3:fc:00:d0:87:00:d9:79:30:19:12:30:
44:10:18:10:a5:17:0a:b4:4f:b5:29:d8:7a:ea:21:
fa:f2:14:94:7b:93:3a:a9:69:75:ad:7e:ce:89:41:
64:d7:2b:f5:83:3a:70:35:fc:8a:71:a2:da:53:0d:
92:d3:f2:39:b0:d2:20:76:bb:4e:d6:81:ff:69:3e:
47:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:71:63:F8:5E:C8:85:33:5E:11:1D:02:41:F3:73:1A:78:E9:91:E4
X509v3 Authority Key Identifier:
keyid:B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/8HFj-F7IhTNeER0CQfNzGnjpkeQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:e881:7700::/40
Signature Algorithm: sha256WithRSAEncryption
46:01:cb:5d:0b:44:7f:d0:63:48:b0:56:f9:f3:23:db:e8:dd:
46:ae:22:84:b3:73:c4:46:23:72:c9:1c:5a:13:c6:16:46:8e:
90:e0:44:a4:72:f5:e8:98:65:3e:dc:f8:4f:94:b0:e6:a2:69:
d8:82:0c:dd:e8:de:64:50:ae:74:e4:b4:ef:ed:28:e5:3f:d3:
88:86:fb:6a:2b:b9:ba:f7:13:c0:c3:42:1f:60:f7:62:f2:b8:
83:fe:f4:17:7a:aa:78:70:23:7d:cc:40:59:8c:97:0f:47:d7:
15:34:5c:1c:c6:81:81:b7:ce:b1:5e:74:81:06:a6:89:29:46:
7d:e3:54:17:5d:17:df:2e:be:98:66:51:04:74:06:45:86:06:
63:e2:7e:ff:53:b8:e5:1c:0f:01:fb:d4:7a:cf:4a:82:f7:37:
f1:74:2b:5e:8f:97:6c:79:ac:98:fd:d8:c6:3a:ae:b1:92:1a:
6d:2a:01:52:9d:88:ba:8a:18:86:16:fc:b8:27:a1:0d:46:23:
3a:73:bc:0a:f2:bf:40:53:49:1c:b9:91:73:17:7b:01:dd:bf:
0c:b4:99:12:a0:60:17:68:f8:aa:f7:f3:9a:08:3e:8f:48:a6:
d6:7d:0c:cc:c5:f7:16:12:0d:6d:b9:e0:ea:ec:4a:ba:5d:8a:
ad:97:a0:2f
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVxwxVMwpKBPTe5i6RafG4GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4MDc0YjQxOWVhZDRjZWZlYTJmMmFkMmMyNTlkOTc4YzVl
ZDc5NTQwHhcNMjMwMTAyMDkxNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDcxNjNmODVlYzg4NTMzNWUxMTFkMDI0MWYzNzMxYTc4ZTk5MWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApudXuszj7FRcrfAia1FGOra4N+sj
WgqaERmgGmHnp2gE4KNdDhTyOCyNav+bF+2oHpHOiBvtwzyWI2syV+LavlFF8vzA
xQDlm8vv7Hmp6umwtdzhzUkz+gWK7tE8GFwHjsFWEIjPxhR8gLhw0wratHRfkiVs
hrmo/O2NXf1B3h/hORFEi3zWFq11BmoByU7PBVWY4n71/Md1KLX9nJ5nNHFvwgAP
k6NKeM4VRGmR9cU5XO11vP/D/ADQhwDZeTAZEjBEEBgQpRcKtE+1Kdh66iH68hSU
e5M6qWl1rX7OiUFk1yv1gzpwNfyKcaLaUw2S0/I5sNIgdrtO1oH/aT5HeQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFPBxY/heyIUzXhEdAkHzcxp46ZHkMB8GA1UdIwQY
MBaAFLgHS0GerUzv6i8q0sJZ2XjF7XlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYt
M2Q5MWVkZTViMmIxLzEvOEhGai1GN0loVE5lRVIwQ1FmTnpHbmpwa2VRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYtM2Q5MWVkZTViMmIx
LzEvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgbogXcw
DQYJKoZIhvcNAQELBQADggEBAEYBy10LRH/QY0iwVvnzI9vo3UauIoSzc8RGI3LJ
HFoTxhZGjpDgRKRy9eiYZT7c+E+UsOaiadiCDN3o3mRQrnTktO/tKOU/04iG+2or
ubr3E8DDQh9g92LyuIP+9Bd6qnhwI33MQFmMlw9H1xU0XBzGgYG3zrFedIEGpokp
Rn3jVBddF98uvphmUQR0BkWGBmPifv9TuOUcDwH71HrPSoL3N/F0K16Pl2x5rJj9
2MY6rrGSGm0qAVKdiLqKGIYW/LgnoQ1GIzpzvAryv0BTSRy5kXMXewHdvwy0mRKg
YBdo+Kr385oIPo9IptZ9DMzF9xYSDW254OrsSrpdiq2XoC8=
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:35:16 2024 by rpki-client on console-fra.rpki-client.org