Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/HZC9ZPf0UahkiaEPfOYpUp90uFU.roa
File: HZC9ZPf0UahkiaEPfOYpUp90uFU.roa (raw, json)
Hash identifier: UWyoE6SnR0wLEDSSjrXSFYhFiYi6tMNHVHuI3vWtDOA=
Subject key identifier: 1D:90:BD:64:F7:F4:51:A8:64:89:A1:0F:7C:E6:29:52:9F:74:B8:55
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 018CC6B8E770E7CCE287DB9B44C6C98FAA90
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/HZC9ZPf0UahkiaEPfOYpUp90uFU.roa
Signing time: Mon 01 Jan 2024 20:30:55 +0000
ROA not before: Mon 01 Jan 2024 20:30:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205102
IP address blocks: 2a0c:9a40:8230::/44 maxlen: 48
2a0c:9a40:8420::/44 maxlen: 48
Validation: Failed, certificate revoked on Fri 10 May 2024 21:32:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:e7:70:e7:cc:e2:87:db:9b:44:c6:c9:8f:aa:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jan 1 20:30:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1d90bd64f7f451a86489a10f7ce629529f74b855
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:73:24:2b:07:19:e3:d8:6a:93:97:ba:3c:68:
34:af:f2:91:5b:3e:75:82:4d:a2:68:3a:ba:d4:15:
b7:4f:d8:1f:59:8c:66:aa:1c:06:a6:b7:02:14:7f:
12:35:77:51:bf:6d:bd:21:ef:8e:c7:9d:ef:75:52:
4a:69:3c:aa:7a:53:1f:db:9c:92:fa:8a:2d:fa:fe:
eb:e2:5c:e8:4c:2a:53:2e:3c:68:6e:a9:fd:f8:52:
20:db:6c:b4:4e:56:a8:a2:fc:59:d1:a4:4f:7c:f5:
8b:50:eb:28:e2:3f:5f:d0:ed:c9:47:f9:18:ca:f9:
d0:3b:27:43:5d:b5:4e:05:5c:28:a8:18:16:92:f9:
28:35:41:25:0c:e9:27:20:1e:15:8d:7c:eb:f3:9b:
02:89:3b:b7:25:01:8a:a8:27:6f:6b:a5:7f:d3:cd:
72:67:f8:26:60:36:5a:a7:ea:90:be:04:70:73:bf:
cb:b3:c0:a1:49:c4:92:ac:af:4c:27:e9:4c:54:bb:
72:be:7d:f0:d0:53:62:e2:33:06:cb:1b:e6:fc:1b:
a2:5c:fe:11:46:5f:27:2b:eb:68:73:ab:bb:87:23:
7d:cb:a3:70:66:b4:30:53:b2:06:d6:36:ae:de:a0:
e1:a4:38:c8:ba:6d:25:7e:1c:bb:8a:10:cd:98:a0:
81:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:90:BD:64:F7:F4:51:A8:64:89:A1:0F:7C:E6:29:52:9F:74:B8:55
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/HZC9ZPf0UahkiaEPfOYpUp90uFU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:8230::/44
2a0c:9a40:8420::/44
Signature Algorithm: sha256WithRSAEncryption
cd:a6:76:8e:a2:b8:11:63:6b:e9:22:cd:a9:39:73:2e:96:d2:
df:a9:61:b4:99:a5:de:5b:bf:b2:b9:58:a9:92:b9:d4:e4:31:
51:f1:36:c2:42:d6:2e:c0:a4:a6:72:91:6c:37:a2:38:74:62:
4a:24:03:8b:8c:7f:cc:b0:80:f9:8f:72:1b:30:e0:7c:d6:9c:
4f:a9:91:31:7a:85:34:05:d2:b9:79:f1:e4:a1:bb:0d:b2:22:
76:f0:70:b0:5d:8e:1e:51:8a:21:4b:db:92:c1:de:e1:84:ba:
e2:bb:12:a6:04:10:56:17:59:02:12:4e:23:91:91:f1:de:aa:
9a:13:0a:9b:7a:46:6f:35:2a:c0:b6:68:8b:db:3d:cd:8f:5d:
73:c0:7b:3f:2c:b3:58:f9:90:2a:cc:10:8b:70:e6:19:ea:2a:
3e:38:65:a2:e6:d9:bf:36:cc:c3:4f:66:33:86:35:6e:d3:33:
d5:e1:84:f8:ee:91:50:6b:1c:9d:49:f7:b8:bd:51:f1:72:7d:
40:07:41:3d:a5:1c:d6:5a:91:d5:63:e2:cc:7b:76:17:b4:83:
a5:66:77:30:c6:41:47:22:ce:a3:a0:f9:32:54:5f:5e:bc:b2:
e6:62:64:01:3a:eb:88:f8:ef:89:cb:07:9e:2e:d4:01:f3:04:
4b:17:03:93
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzGuOdw58zih9ubRMbJj6qQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjQwMTAxMjAzMDU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDkwYmQ2NGY3ZjQ1MWE4NjQ4OWExMGY3Y2U2Mjk1MjlmNzRiODU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApXMkKwcZ49hqk5e6PGg0r/KRWz51
gk2iaDq61BW3T9gfWYxmqhwGprcCFH8SNXdRv229Ie+Ox53vdVJKaTyqelMf25yS
+oot+v7r4lzoTCpTLjxobqn9+FIg22y0TlaoovxZ0aRPfPWLUOso4j9f0O3JR/kY
yvnQOydDXbVOBVwoqBgWkvkoNUElDOknIB4VjXzr85sCiTu3JQGKqCdva6V/081y
Z/gmYDZap+qQvgRwc7/Ls8ChScSSrK9MJ+lMVLtyvn3w0FNi4jMGyxvm/BuiXP4R
Rl8nK+toc6u7hyN9y6NwZrQwU7IG1jau3qDhpDjIum0lfhy7ihDNmKCBqwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFB2QvWT39FGoZImhD3zmKVKfdLhVMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvSFpDOVpQZjBVYWhraWFFUGZPWXBVcDkwdUZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKgyaQIIw
AwcEKgyaQIQgMA0GCSqGSIb3DQEBCwUAA4IBAQDNpnaOorgRY2vpIs2pOXMultLf
qWG0maXeW7+yuVipkrnU5DFR8TbCQtYuwKSmcpFsN6I4dGJKJAOLjH/MsID5j3Ib
MOB81pxPqZExeoU0BdK5efHkobsNsiJ28HCwXY4eUYohS9uSwd7hhLriuxKmBBBW
F1kCEk4jkZHx3qqaEwqbekZvNSrAtmiL2z3Nj11zwHs/LLNY+ZAqzBCLcOYZ6io+
OGWi5tm/NszDT2YzhjVu0zPV4YT47pFQaxydSfe4vVHxcn1AB0E9pRzWWpHVY+LM
e3YXtIOlZncwxkFHIs6joPkyVF9evLLmYmQBOuuI+O+JyweeLtQB8wRLFwOT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:49 2024 by rpki-client on console-fra.rpki-client.org