Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/H2VH0joASrGnpd7uC_agM0eOgRU.roa
File: H2VH0joASrGnpd7uC_agM0eOgRU.roa (raw, json)
Hash identifier: bmDs4UiFHnG0BNib4cG62/tXxNx7fl6XqSCVw1v5xFU=
Subject key identifier: 1F:65:47:D2:3A:00:4A:B1:A7:A5:DE:EE:0B:F6:A0:33:47:8E:81:15
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 018C064F2F1FC16D9CB7229AAB5DF9DE46D3
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/H2VH0joASrGnpd7uC_agM0eOgRU.roa
Signing time: Sat 25 Nov 2023 11:48:21 +0000
ROA not before: Sat 25 Nov 2023 11:48:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205102
IP address blocks: 2a0c:9a40:8230::/44 maxlen: 48
2a0c:9a40:8420::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:06:4f:2f:1f:c1:6d:9c:b7:22:9a:ab:5d:f9:de:46:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Nov 25 11:48:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1f6547d23a004ab1a7a5deee0bf6a033478e8115
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:9b:d3:0d:f4:81:75:79:14:91:85:79:03:98:
54:25:8f:a5:2f:33:03:11:16:aa:9e:0c:ce:32:fd:
de:44:ed:ec:28:65:0c:21:0c:99:50:b5:ee:b7:a7:
bd:9e:91:e7:df:e8:21:e9:81:5b:aa:f0:aa:e9:64:
bf:f5:d7:4a:dc:55:cf:5b:ee:36:24:bb:43:26:6f:
23:1a:63:64:3d:af:01:15:cb:cb:aa:73:fa:fa:17:
e0:11:b2:50:64:86:76:1f:05:cc:0b:d1:2a:bb:a1:
06:bc:dc:59:4c:1c:72:e4:85:ae:e6:34:e6:fd:2d:
1e:a8:56:80:52:f9:72:7a:7b:3f:06:6e:08:9b:36:
8d:95:95:d5:6b:b1:78:28:ac:c2:46:3d:ba:75:63:
23:28:00:58:1c:cb:e3:15:69:1a:73:ed:44:22:96:
e9:b5:45:df:95:89:b7:4c:3a:1c:b0:c0:c4:05:ba:
b7:5d:60:24:8d:11:0b:7d:16:6c:aa:d6:9c:83:2f:
46:ac:d7:b5:05:61:f6:a3:49:4d:03:84:27:7b:14:
68:57:70:62:03:2a:30:6b:30:5d:20:f0:67:84:d2:
a6:7c:80:f5:c7:22:bb:cc:00:77:44:53:32:a0:92:
f8:0f:76:8d:66:c8:5e:30:d6:ef:4b:6f:5f:a5:53:
05:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:65:47:D2:3A:00:4A:B1:A7:A5:DE:EE:0B:F6:A0:33:47:8E:81:15
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/H2VH0joASrGnpd7uC_agM0eOgRU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:8230::/44
2a0c:9a40:8420::/44
Signature Algorithm: sha256WithRSAEncryption
a7:cc:af:b0:26:89:50:da:52:72:2b:11:ad:04:12:a4:4f:4e:
9c:1d:ae:15:c5:04:06:dc:5f:6f:5b:a9:dd:d5:d0:dc:8e:e1:
3a:16:b6:62:4c:35:4b:ae:a9:0e:57:97:cf:62:0e:0f:e4:63:
49:e5:f5:82:22:ca:14:64:8a:b3:44:d3:09:7a:de:d0:3b:63:
9c:17:e7:fd:e9:98:22:ff:48:c3:84:b6:32:7f:b8:0a:87:52:
26:1d:07:3e:d2:04:d0:1b:08:81:c9:cc:90:f3:6e:da:91:ab:
20:eb:65:5d:6b:b7:e0:0e:67:7d:41:01:6a:ac:21:ac:53:b9:
91:3f:7e:56:73:79:ec:47:47:f8:45:7a:9d:c8:48:c7:b9:d8:
07:f3:ea:87:5c:5b:73:a9:cb:56:06:f2:a1:3e:58:5a:95:12:
4e:ea:ae:01:69:81:97:45:17:7d:28:a7:91:33:d1:bc:1d:28:
76:4f:9d:e5:a3:dd:46:f1:a2:d6:73:88:28:66:18:4c:d8:56:
1e:4f:0a:1b:1f:58:87:0c:dc:4b:12:c4:e5:da:ce:ef:7a:d0:
d3:2e:55:27:54:b3:54:92:c9:71:3e:42:6c:c6:01:99:31:0a:
47:67:f7:79:d0:3a:97:8b:03:1f:03:35:57:a7:50:61:7d:77:
4e:73:ab:56
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYwGTy8fwW2ctyKaq1353kbTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjMxMTI1MTE0ODIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjY1NDdkMjNhMDA0YWIxYTdhNWRlZWUwYmY2YTAzMzQ3OGU4MTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxpvTDfSBdXkUkYV5A5hUJY+lLzMD
ERaqngzOMv3eRO3sKGUMIQyZULXut6e9npHn3+gh6YFbqvCq6WS/9ddK3FXPW+42
JLtDJm8jGmNkPa8BFcvLqnP6+hfgEbJQZIZ2HwXMC9Equ6EGvNxZTBxy5IWu5jTm
/S0eqFaAUvlyens/Bm4ImzaNlZXVa7F4KKzCRj26dWMjKABYHMvjFWkac+1EIpbp
tUXflYm3TDocsMDEBbq3XWAkjRELfRZsqtacgy9GrNe1BWH2o0lNA4QnexRoV3Bi
AyowazBdIPBnhNKmfID1xyK7zAB3RFMyoJL4D3aNZsheMNbvS29fpVMF1wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFB9lR9I6AEqxp6Xe7gv2oDNHjoEVMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvSDJWSDBqb0FTckducGQ3dUNfYWdNMGVPZ1JVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKgyaQIIw
AwcEKgyaQIQgMA0GCSqGSIb3DQEBCwUAA4IBAQCnzK+wJolQ2lJyKxGtBBKkT06c
Ha4VxQQG3F9vW6nd1dDcjuE6FrZiTDVLrqkOV5fPYg4P5GNJ5fWCIsoUZIqzRNMJ
et7QO2OcF+f96Zgi/0jDhLYyf7gKh1ImHQc+0gTQGwiBycyQ827akasg62Vda7fg
Dmd9QQFqrCGsU7mRP35Wc3nsR0f4RXqdyEjHudgH8+qHXFtzqctWBvKhPlhalRJO
6q4BaYGXRRd9KKeRM9G8HSh2T53lo91G8aLWc4goZhhM2FYeTwobH1iHDNxLEsTl
2s7vetDTLlUnVLNUkslxPkJsxgGZMQpHZ/d50DqXiwMfAzVXp1BhfXdOc6tW
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:36:57 2024 by rpki-client on console-fra.rpki-client.org