Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/2a5574-7b12-4da2-a064-5e1b0788923b/1/hTPR_0y7rSEOHz1hpW4QUB6Jb1Q.roa
File: hTPR_0y7rSEOHz1hpW4QUB6Jb1Q.roa (raw, json)
Hash identifier: UGNIx1oboRNhlWhU52HCNwcVkOU9ng0aTONxH+9vNFw=
Subject key identifier: 85:33:D1:FF:4C:BB:AD:21:0E:1F:3D:61:A5:6E:10:50:1E:89:6F:54
Certificate issuer: /CN=3d6c2958145f45fad5daeeb38b75b52c09661046
Certificate serial: 018DF0735ACEB4A4FF09A2A09A154FD6CA8E
Authority key identifier: 3D:6C:29:58:14:5F:45:FA:D5:DA:EE:B3:8B:75:B5:2C:09:66:10:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PWwpWBRfRfrV2u6zi3W1LAlmEEY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/2a5574-7b12-4da2-a064-5e1b0788923b/1/hTPR_0y7rSEOHz1hpW4QUB6Jb1Q.roa
Signing time: Wed 28 Feb 2024 16:01:48 +0000
ROA not before: Wed 28 Feb 2024 16:01:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199326
IP address blocks: 2a13:7705:ff00::/40 maxlen: 40
2a13:7705:ff00::/48 maxlen: 48
2a13:7705:ff01::/48 maxlen: 48
2a13:7705:ffff::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 29 Feb 2024 14:29:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f0:73:5a:ce:b4:a4:ff:09:a2:a0:9a:15:4f:d6:ca:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d6c2958145f45fad5daeeb38b75b52c09661046
Validity
Not Before: Feb 28 16:01:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8533d1ff4cbbad210e1f3d61a56e10501e896f54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:4f:27:c7:34:9e:b7:e0:20:71:78:d7:a6:39:
9f:91:56:3f:49:b7:61:d3:9a:e3:e3:49:fb:8e:5d:
d5:e7:72:04:68:17:d0:4f:7d:bd:e1:40:99:7f:4e:
96:73:7e:3b:f8:97:de:e9:76:94:4e:db:85:5f:a8:
eb:70:34:21:84:f7:a4:1d:4d:26:cd:8b:79:c1:cc:
4f:00:51:6a:98:c3:80:ef:bc:84:3f:59:60:6b:5b:
6f:67:0e:90:6b:83:a0:54:c5:df:28:ba:67:e2:7a:
b2:eb:f9:31:38:f5:03:10:3f:3e:bd:7e:30:9e:5d:
b9:04:fe:c2:88:df:57:da:ab:4f:2c:f1:6b:b2:a5:
e4:b7:0d:77:0a:0d:07:62:36:50:fd:aa:11:56:8d:
7a:79:59:af:8e:69:5a:ef:9b:4d:6a:20:01:70:6a:
a6:96:04:f0:3d:46:05:ec:02:e1:6e:2d:41:7b:e3:
04:6a:1a:af:bd:87:ee:fa:be:d3:73:41:35:ea:dd:
13:5e:76:98:d0:11:0d:0e:db:27:54:d3:16:2a:4d:
44:dd:8d:2f:d2:3a:55:5e:d3:cb:76:8d:bc:3a:46:
12:c6:3f:fa:5c:ca:93:c3:9d:e0:81:9e:6b:5f:e8:
f3:e3:e1:b6:00:f2:60:79:54:ac:c4:53:32:7b:ed:
07:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:33:D1:FF:4C:BB:AD:21:0E:1F:3D:61:A5:6E:10:50:1E:89:6F:54
X509v3 Authority Key Identifier:
keyid:3D:6C:29:58:14:5F:45:FA:D5:DA:EE:B3:8B:75:B5:2C:09:66:10:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PWwpWBRfRfrV2u6zi3W1LAlmEEY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/2a5574-7b12-4da2-a064-5e1b0788923b/1/hTPR_0y7rSEOHz1hpW4QUB6Jb1Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/2a5574-7b12-4da2-a064-5e1b0788923b/1/PWwpWBRfRfrV2u6zi3W1LAlmEEY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:7705:ff00::/40
Signature Algorithm: sha256WithRSAEncryption
8d:db:2f:a9:18:44:8f:c8:fa:17:68:c0:87:f6:61:b1:b0:45:
53:a8:15:6a:6c:2b:d3:de:40:da:ae:54:a8:a9:29:cb:5f:0e:
2d:7b:16:80:f7:32:8e:8f:ee:56:75:99:16:71:6a:0a:ff:8d:
05:bf:b6:06:cb:cf:e6:23:55:6c:48:3e:9c:67:f6:ce:61:8b:
15:b6:b8:fc:7c:a3:71:00:98:85:2d:26:83:c2:23:df:e3:61:
d5:4b:ff:68:f2:ea:a8:b6:3d:5d:7c:58:72:ae:44:11:c8:ee:
cf:85:66:0d:ba:39:58:59:a5:59:ee:ca:3a:34:2e:e1:76:80:
d9:ef:cb:4b:e6:1b:4f:28:43:14:87:4c:28:09:17:8d:37:da:
18:11:e9:7e:3a:7d:24:c1:5e:6b:1c:3d:47:ed:57:8b:58:45:
8f:4c:2e:1d:91:fd:76:59:7c:95:cc:78:9e:9a:3d:34:0d:5d:
44:70:a4:9f:f9:d1:67:99:56:67:08:8d:64:57:15:e2:20:cd:
4d:53:eb:b2:d0:f7:15:80:68:d3:7e:c0:09:3c:30:6c:c3:ee:
cc:69:b0:4b:16:96:ec:a4:49:a9:9a:eb:4e:67:e3:fe:97:c7:
47:0d:5a:12:e9:a6:dd:36:3e:7d:d2:9c:8b:61:1b:37:27:d5:
dc:b2:0b:d8
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAY3wc1rOtKT/CaKgmhVP1sqOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkNmMyOTU4MTQ1ZjQ1ZmFkNWRhZWViMzhiNzViNTJjMDk2
NjEwNDYwHhcNMjQwMjI4MTYwMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTMzZDFmZjRjYmJhZDIxMGUxZjNkNjFhNTZlMTA1MDFlODk2ZjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr08nxzSet+AgcXjXpjmfkVY/Sbdh
05rj40n7jl3V53IEaBfQT3294UCZf06Wc347+Jfe6XaUTtuFX6jrcDQhhPekHU0m
zYt5wcxPAFFqmMOA77yEP1lga1tvZw6Qa4OgVMXfKLpn4nqy6/kxOPUDED8+vX4w
nl25BP7CiN9X2qtPLPFrsqXktw13Cg0HYjZQ/aoRVo16eVmvjmla75tNaiABcGqm
lgTwPUYF7ALhbi1Be+MEahqvvYfu+r7Tc0E16t0TXnaY0BENDtsnVNMWKk1E3Y0v
0jpVXtPLdo28OkYSxj/6XMqTw53ggZ5rX+jz4+G2APJgeVSsxFMye+0HwwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFIUz0f9Mu60hDh89YaVuEFAeiW9UMB8GA1UdIwQY
MBaAFD1sKVgUX0X61drus4t1tSwJZhBGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFd3cFdCUmZSZnJWMnU2emkzVzFMQWxtRUVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS8yYTU1NzQtN2IxMi00ZGEyLWEwNjQt
NWUxYjA3ODg5MjNiLzEvaFRQUl8weTdyU0VPSHoxaHBXNFFVQjZKYjFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS8yYTU1NzQtN2IxMi00ZGEyLWEwNjQtNWUxYjA3ODg5MjNi
LzEvUFd3cFdCUmZSZnJWMnU2emkzVzFMQWxtRUVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhN3Bf8w
DQYJKoZIhvcNAQELBQADggEBAI3bL6kYRI/I+hdowIf2YbGwRVOoFWpsK9PeQNqu
VKipKctfDi17FoD3Mo6P7lZ1mRZxagr/jQW/tgbLz+YjVWxIPpxn9s5hixW2uPx8
o3EAmIUtJoPCI9/jYdVL/2jy6qi2PV18WHKuRBHI7s+FZg26OVhZpVnuyjo0LuF2
gNnvy0vmG08oQxSHTCgJF4032hgR6X46fSTBXmscPUftV4tYRY9MLh2R/XZZfJXM
eJ6aPTQNXURwpJ/50WeZVmcIjWRXFeIgzU1T67LQ9xWAaNN+wAk8MGzD7sxpsEsW
luykSama605n4/6Xx0cNWhLppt02Pn3SnIthGzcn1dyyC9g=
-----END CERTIFICATE-----
Generated at Thu Feb 29 19:07:31 2024 by rpki-client on console-ams.rpki-client.org