Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/hQbvqrWVplKv4DRQXQlvBmMGQh4.roa
File: hQbvqrWVplKv4DRQXQlvBmMGQh4.roa (raw, json)
Hash identifier: KjhgOBH73dB8V3U4jCLrq0UYOmQkmltrtIn2uEYEMBI=
Subject key identifier: 85:06:EF:AA:B5:95:A6:52:AF:E0:34:50:5D:09:6F:06:63:06:42:1E
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 018CC6B8F49EE495325F620E6BB5C2CFEA61
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/hQbvqrWVplKv4DRQXQlvBmMGQh4.roa
Signing time: Mon 01 Jan 2024 20:30:58 +0000
ROA not before: Mon 01 Jan 2024 20:30:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213288
IP address blocks: 2a0c:9a40:1059::/48 maxlen: 48
2a0c:9a40:1022::/48 maxlen: 48
2a0c:9a40:10a0::/44 maxlen: 48
Validation: Failed, certificate revoked on Mon 28 Oct 2024 20:52:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:f4:9e:e4:95:32:5f:62:0e:6b:b5:c2:cf:ea:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jan 1 20:30:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8506efaab595a652afe034505d096f066306421e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:52:0d:68:2c:34:a4:f2:2b:27:fe:73:03:33:
d1:75:70:13:28:16:7e:9d:87:2b:9d:c9:69:f0:1d:
60:27:4c:39:d4:fa:a9:bc:a4:b9:c4:0b:89:dd:5e:
63:32:e8:8a:0e:2b:d1:a8:c9:19:4c:eb:d6:40:36:
87:7e:c0:13:8a:ce:81:97:02:a2:9a:d2:67:58:1d:
37:8c:fc:81:6a:1d:57:29:d3:94:64:2f:79:73:13:
e1:9a:0e:09:5c:52:85:00:a2:35:a9:87:68:c5:4b:
8b:cf:bb:3c:22:ea:c0:8b:7f:f6:f5:94:ec:a0:fd:
52:f0:13:f9:65:06:6b:d7:2c:c8:70:2b:96:eb:91:
8f:95:f2:b7:f5:26:f1:f1:af:d8:b7:9f:2f:f6:b4:
f3:47:60:79:e6:24:eb:f5:ee:11:a4:21:6d:da:be:
66:8e:26:69:0d:61:95:7e:cc:14:85:f3:5f:38:cd:
13:01:b6:28:94:fe:a8:6e:ee:85:af:94:b9:2d:12:
8c:db:49:15:ca:c8:3f:56:6c:f6:87:32:0f:9b:70:
2a:c7:5b:8a:0d:8d:6f:42:05:42:06:48:19:8c:a2:
86:b3:be:66:bb:f1:0b:04:5a:fd:0c:bc:f3:1b:68:
b5:a7:0f:e6:d5:b2:fb:70:48:c6:07:9e:17:ae:0b:
b1:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:06:EF:AA:B5:95:A6:52:AF:E0:34:50:5D:09:6F:06:63:06:42:1E
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/hQbvqrWVplKv4DRQXQlvBmMGQh4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:1022::/48
2a0c:9a40:1059::/48
2a0c:9a40:10a0::/44
Signature Algorithm: sha256WithRSAEncryption
00:56:12:90:7e:1d:e9:ac:b6:8f:53:e6:be:65:af:b3:65:da:
44:6a:b4:75:62:2d:75:45:4c:e0:8c:bc:41:78:1b:b1:fc:d4:
5d:c8:a4:3d:4f:42:61:49:c6:18:ca:4e:ba:da:8e:d8:59:46:
1c:ee:1a:4b:db:9f:7d:f8:58:28:14:de:2f:c2:a6:d0:80:d4:
d5:a4:a9:48:af:a9:4a:26:ae:d8:27:5f:0d:8a:cb:48:b9:69:
53:bf:ca:eb:36:ce:26:b6:6d:21:31:ec:c2:df:ba:db:55:c9:
6d:98:77:10:99:94:60:a5:10:82:53:94:39:f0:35:a1:09:ff:
f8:cd:da:14:53:a9:f4:27:23:0a:f6:eb:17:90:39:3d:94:f0:
af:96:3d:c6:ff:52:9f:89:4b:fd:4f:92:5c:eb:9f:62:b6:ec:
36:12:2a:0a:09:8d:ee:c7:7c:6f:68:b7:5b:fe:d8:e1:11:27:
24:af:59:45:a7:d1:db:5a:64:f8:56:65:e1:29:63:c8:9e:97:
42:a2:44:54:d7:f9:b9:8b:5b:0c:f9:2a:e6:fb:f3:d9:17:dd:
80:c0:8e:4d:6b:c5:8f:1d:fa:c6:39:bd:3a:60:da:59:89:1c:
4a:16:2f:90:d0:0a:a3:34:91:07:ad:4e:52:e5:8c:81:9d:21:
87:b4:51:02
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzGuPSe5JUyX2IOa7XCz+phMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjQwMTAxMjAzMDU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTA2ZWZhYWI1OTVhNjUyYWZlMDM0NTA1ZDA5NmYwNjYzMDY0MjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAklINaCw0pPIrJ/5zAzPRdXATKBZ+
nYcrnclp8B1gJ0w51PqpvKS5xAuJ3V5jMuiKDivRqMkZTOvWQDaHfsATis6BlwKi
mtJnWB03jPyBah1XKdOUZC95cxPhmg4JXFKFAKI1qYdoxUuLz7s8IurAi3/29ZTs
oP1S8BP5ZQZr1yzIcCuW65GPlfK39Sbx8a/Yt58v9rTzR2B55iTr9e4RpCFt2r5m
jiZpDWGVfswUhfNfOM0TAbYolP6obu6Fr5S5LRKM20kVysg/Vmz2hzIPm3Aqx1uK
DY1vQgVCBkgZjKKGs75mu/ELBFr9DLzzG2i1pw/m1bL7cEjGB54XrguxzwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFIUG76q1laZSr+A0UF0JbwZjBkIeMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvaFFidnFyV1ZwbEt2NERSUVhRbHZCbU1HUWg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcAKgyaQBAi
AwcAKgyaQBBZAwcEKgyaQBCgMA0GCSqGSIb3DQEBCwUAA4IBAQAAVhKQfh3prLaP
U+a+Za+zZdpEarR1Yi11RUzgjLxBeBux/NRdyKQ9T0JhScYYyk662o7YWUYc7hpL
2599+FgoFN4vwqbQgNTVpKlIr6lKJq7YJ18NistIuWlTv8rrNs4mtm0hMezC37rb
VcltmHcQmZRgpRCCU5Q58DWhCf/4zdoUU6n0JyMK9usXkDk9lPCvlj3G/1KfiUv9
T5Jc659ituw2EioKCY3ux3xvaLdb/tjhESckr1lFp9HbWmT4VmXhKWPInpdCokRU
1/m5i1sM+Srm+/PZF92AwI5Na8WPHfrGOb06YNpZiRxKFi+Q0AqjNJEHrU5S5YyB
nSGHtFEC
-----END CERTIFICATE-----
Generated at Mon Oct 28 23:40:08 2024 by rpki-client on console-fra.rpki-client.org