Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/0ad414-3df1-4b38-869e-c621e8df95ff/1/hH-IdzHxtX3QSMaM5ldADFfkz3I.roa
File: hH-IdzHxtX3QSMaM5ldADFfkz3I.roa (raw, json)
Hash identifier: k+Wxb3W4WBTzMlITHf69x1kdEh2jh+JviF5fJXedj8Y=
Subject key identifier: 84:7F:88:77:31:F1:B5:7D:D0:48:C6:8C:E6:57:40:0C:57:E4:CF:72
Certificate issuer: /CN=1f61aa5d1befd7a0fe3e4dfe3aa8da73efcfba34
Certificate serial: 01856DD41AC0D5D3F46A0D51450C3E8D9467
Authority key identifier: 1F:61:AA:5D:1B:EF:D7:A0:FE:3E:4D:FE:3A:A8:DA:73:EF:CF:BA:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H2GqXRvv16D-Pk3-Oqjac-_PujQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/0ad414-3df1-4b38-869e-c621e8df95ff/1/hH-IdzHxtX3QSMaM5ldADFfkz3I.roa
Signing time: Sun 01 Jan 2023 14:54:55 +0000
ROA not before: Sun 01 Jan 2023 14:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207834
IP address blocks: 2a0e:3940:3200::/44 maxlen: 44
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:d4:1a:c0:d5:d3:f4:6a:0d:51:45:0c:3e:8d:94:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f61aa5d1befd7a0fe3e4dfe3aa8da73efcfba34
Validity
Not Before: Jan 1 14:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=847f887731f1b57dd048c68ce657400c57e4cf72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:ae:e4:41:8e:f0:a1:09:78:c6:27:9d:42:e2:
df:35:58:1d:cc:dd:02:45:bb:47:a5:d5:3f:42:d5:
67:ab:1d:49:80:29:2e:4f:dc:da:76:00:b1:4b:ca:
1f:7f:b4:d3:2b:1c:de:70:d8:b0:c1:9e:46:a0:14:
02:c7:50:e3:c7:0c:6a:bc:ec:2b:c4:37:0c:f5:01:
c5:31:67:17:28:b2:37:62:f1:7e:cc:e5:f6:67:b4:
be:ef:f6:fc:1d:0d:04:8d:ea:39:bd:6f:f2:36:c1:
53:bc:8a:50:dd:c0:6b:64:2d:41:d9:45:a2:9a:b4:
31:e9:00:d1:d6:81:b1:3a:8f:ad:e7:d5:75:0a:97:
f3:b4:4a:92:51:6c:02:55:27:10:2c:af:7a:4f:e0:
11:33:4c:06:cb:5f:b8:1b:cb:57:11:2a:a6:7c:39:
8b:5c:ff:7b:52:f1:49:43:0d:3d:6f:e7:c5:c4:9b:
dd:40:dd:f2:29:28:4c:f5:2c:25:9c:94:42:bc:c2:
7e:62:0f:fc:0b:7e:2e:e3:55:21:b3:59:aa:22:f2:
3c:de:37:cb:c5:7c:82:b6:7b:91:7c:e1:bf:56:20:
f7:c9:3d:16:d4:87:36:71:f4:05:df:10:fa:cd:1b:
9e:95:7f:b3:22:a2:cc:1e:02:18:48:a7:e2:fe:7e:
e8:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:7F:88:77:31:F1:B5:7D:D0:48:C6:8C:E6:57:40:0C:57:E4:CF:72
X509v3 Authority Key Identifier:
keyid:1F:61:AA:5D:1B:EF:D7:A0:FE:3E:4D:FE:3A:A8:DA:73:EF:CF:BA:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H2GqXRvv16D-Pk3-Oqjac-_PujQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/0ad414-3df1-4b38-869e-c621e8df95ff/1/hH-IdzHxtX3QSMaM5ldADFfkz3I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/0ad414-3df1-4b38-869e-c621e8df95ff/1/H2GqXRvv16D-Pk3-Oqjac-_PujQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:3940:3200::/44
Signature Algorithm: sha256WithRSAEncryption
0e:e0:46:dd:be:c9:61:7b:fb:38:07:55:4a:87:08:52:1a:c0:
8f:0a:3b:52:3d:d3:88:ae:c1:91:b6:a1:3e:88:b9:ee:41:e9:
9b:99:5d:c8:a4:32:cf:b6:4d:9e:a1:63:9b:b8:69:5f:86:a8:
5a:67:1c:fb:ee:04:92:ac:c7:92:4b:80:5f:0c:4e:c3:e4:c8:
19:41:26:e6:9f:33:75:a9:e8:c5:80:a9:3a:99:35:9a:4b:f1:
19:b8:19:a2:37:09:b5:29:10:20:a2:44:dd:8e:76:e5:d8:07:
6f:e1:d5:08:19:d5:db:5c:65:26:73:f2:3e:d6:e4:97:a7:e7:
68:aa:e2:e9:de:7a:59:71:27:da:6e:ea:26:2f:48:21:07:bc:
95:24:ac:66:5c:1f:19:94:44:7a:0d:7f:13:b5:9f:06:0f:75:
2c:0a:79:a4:da:ff:ee:55:98:b3:21:ac:39:86:cd:85:d4:72:
1d:c9:99:be:5f:78:66:5e:6c:2d:1f:07:eb:03:9a:5a:b1:3b:
32:da:5e:92:19:a9:07:aa:c7:61:b5:b5:34:9a:74:9f:35:f3:
53:15:90:42:6b:d5:01:1b:ec:2b:8c:0b:6d:2a:c3:95:77:dc:
30:b3:c6:63:4e:dd:1c:52:d0:47:fe:4d:fa:b9:29:7f:99:5a:
bd:44:39:e8
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVt1BrA1dP0ag1RRQw+jZRnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNjFhYTVkMWJlZmQ3YTBmZTNlNGRmZTNhYThkYTczZWZj
ZmJhMzQwHhcNMjMwMTAxMTQ1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDdmODg3NzMxZjFiNTdkZDA0OGM2OGNlNjU3NDAwYzU3ZTRjZjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjK7kQY7woQl4xiedQuLfNVgdzN0C
RbtHpdU/QtVnqx1JgCkuT9zadgCxS8off7TTKxzecNiwwZ5GoBQCx1DjxwxqvOwr
xDcM9QHFMWcXKLI3YvF+zOX2Z7S+7/b8HQ0Ejeo5vW/yNsFTvIpQ3cBrZC1B2UWi
mrQx6QDR1oGxOo+t59V1CpfztEqSUWwCVScQLK96T+ARM0wGy1+4G8tXESqmfDmL
XP97UvFJQw09b+fFxJvdQN3yKShM9SwlnJRCvMJ+Yg/8C34u41Uhs1mqIvI83jfL
xXyCtnuRfOG/ViD3yT0W1Ic2cfQF3xD6zRuelX+zIqLMHgIYSKfi/n7oawIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIR/iHcx8bV90EjGjOZXQAxX5M9yMB8GA1UdIwQY
MBaAFB9hql0b79eg/j5N/jqo2nPvz7o0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDJHcVhSdnYxNkQtUGszLU9xamFjLV9QdWpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy8wYWQ0MTQtM2RmMS00YjM4LTg2OWUt
YzYyMWU4ZGY5NWZmLzEvaEgtSWR6SHh0WDNRU01hTTVsZEFERmZrejNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy8wYWQ0MTQtM2RmMS00YjM4LTg2OWUtYzYyMWU4ZGY5NWZm
LzEvSDJHcVhSdnYxNkQtUGszLU9xamFjLV9QdWpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg45QDIA
MA0GCSqGSIb3DQEBCwUAA4IBAQAO4Ebdvslhe/s4B1VKhwhSGsCPCjtSPdOIrsGR
tqE+iLnuQembmV3IpDLPtk2eoWObuGlfhqhaZxz77gSSrMeSS4BfDE7D5MgZQSbm
nzN1qejFgKk6mTWaS/EZuBmiNwm1KRAgokTdjnbl2Adv4dUIGdXbXGUmc/I+1uSX
p+doquLp3npZcSfabuomL0ghB7yVJKxmXB8ZlER6DX8TtZ8GD3UsCnmk2v/uVZiz
Iaw5hs2F1HIdyZm+X3hmXmwtHwfrA5pasTsy2l6SGakHqsdhtbU0mnSfNfNTFZBC
a9UBG+wrjAttKsOVd9wws8ZjTt0cUtBH/k36uSl/mVq9RDno
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:40:11 2024 by rpki-client on console-ams.rpki-client.org