Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/869f62-7a2e-4175-9202-b2a2b8b847b9/1/HtCLA1fKKtQMP9SrojziHG80suE.roa
File: HtCLA1fKKtQMP9SrojziHG80suE.roa (raw, json)
Hash identifier: Pxv2Iytn+0Xfvt75qGelbQe7Q1OVBK+M+I5aTXHKsi0=
Subject key identifier: 1E:D0:8B:03:57:CA:2A:D4:0C:3F:D4:AB:A2:3C:E2:1C:6F:34:B2:E1
Certificate issuer: /CN=907a5c4ea453b46c81cb136d92b9309b146c3e45
Certificate serial: 018CC72725C1D16AE1A2A4F61B6302DA7230
Authority key identifier: 90:7A:5C:4E:A4:53:B4:6C:81:CB:13:6D:92:B9:30:9B:14:6C:3E:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kHpcTqRTtGyByxNtkrkwmxRsPkU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/869f62-7a2e-4175-9202-b2a2b8b847b9/1/HtCLA1fKKtQMP9SrojziHG80suE.roa
Signing time: Mon 01 Jan 2024 22:31:20 +0000
ROA not before: Mon 01 Jan 2024 22:31:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210521
IP address blocks: 62.204.46.0/24 maxlen: 24
2a12:a200::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:49:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:25:c1:d1:6a:e1:a2:a4:f6:1b:63:02:da:72:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=907a5c4ea453b46c81cb136d92b9309b146c3e45
Validity
Not Before: Jan 1 22:31:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1ed08b0357ca2ad40c3fd4aba23ce21c6f34b2e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:5a:ea:1b:de:9c:93:a5:b3:9d:e6:03:04:cc:
6a:5f:c8:ac:e7:9b:cd:b2:0c:6b:d0:24:c0:fb:05:
91:22:0e:34:6c:7c:c8:a1:43:a4:84:09:b0:e9:19:
59:be:bf:bb:ba:e0:75:01:97:c5:21:f7:ea:bc:45:
49:b6:71:72:6f:e4:69:1b:f4:c0:7e:6f:ee:57:ec:
ba:e4:bd:8d:37:be:d1:e6:6c:18:f1:67:4d:cf:20:
42:5f:80:e6:8e:c5:b6:c3:bd:28:8b:90:cf:24:03:
f5:51:b6:38:ab:64:f6:5e:d0:c5:70:fa:47:c3:26:
e6:54:98:77:4d:01:56:39:ef:c3:48:22:25:cc:9f:
d9:be:5c:a3:d6:29:f3:b9:3e:54:e6:a0:d5:90:11:
28:66:a5:36:ab:3f:1c:98:fc:4d:a8:ba:37:65:8c:
43:79:42:fb:03:35:11:28:da:d4:15:44:cc:0a:0f:
d6:95:89:92:0e:66:c2:49:23:18:6f:be:cf:5a:d4:
cf:23:6e:bb:61:b9:48:5e:4d:88:ee:e1:a0:0c:26:
7f:2b:0d:9a:71:88:ea:3a:c5:f8:cb:18:cf:b2:62:
61:05:cd:7a:76:80:fd:a5:ee:f7:6a:00:ce:6c:38:
a0:3d:95:5b:77:af:3c:e4:5c:72:b7:89:c4:0a:7d:
a0:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:D0:8B:03:57:CA:2A:D4:0C:3F:D4:AB:A2:3C:E2:1C:6F:34:B2:E1
X509v3 Authority Key Identifier:
keyid:90:7A:5C:4E:A4:53:B4:6C:81:CB:13:6D:92:B9:30:9B:14:6C:3E:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kHpcTqRTtGyByxNtkrkwmxRsPkU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/869f62-7a2e-4175-9202-b2a2b8b847b9/1/HtCLA1fKKtQMP9SrojziHG80suE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/869f62-7a2e-4175-9202-b2a2b8b847b9/1/kHpcTqRTtGyByxNtkrkwmxRsPkU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.204.46.0/24
IPv6:
2a12:a200::/29
Signature Algorithm: sha256WithRSAEncryption
5d:ac:5c:83:55:2e:6e:73:92:ae:3f:b7:d6:dd:d8:d8:5a:62:
0e:cf:92:18:4f:3d:2f:a4:29:24:ef:73:3b:40:ab:f3:03:cf:
56:15:17:43:ae:69:f8:e5:77:b4:5f:29:b6:0b:dd:2f:1e:88:
ef:54:1f:5a:38:1b:95:cd:d8:31:5b:c7:9c:7a:3c:44:79:87:
98:84:36:65:01:5c:07:b0:8f:86:0f:6a:9e:d9:a1:1c:62:ae:
eb:f8:2a:63:ed:2c:f3:12:1f:9a:54:22:8b:3f:b3:c2:71:89:
6c:4f:b4:f1:25:4c:ae:b3:14:19:16:a1:cf:a6:88:87:fb:73:
c2:ad:44:2d:b9:65:49:02:b9:b1:50:2a:78:99:b3:f5:dc:6e:
b1:dd:e2:e8:38:20:64:77:2b:3b:2f:a7:ff:03:3d:8b:92:a3:
60:61:49:a8:0d:90:62:21:a9:52:ee:04:54:7f:9b:0c:45:c0:
da:de:13:aa:9a:e3:88:ce:66:a4:71:46:81:8e:79:97:69:46:
09:9f:71:31:11:91:f7:82:36:e3:fa:bd:bf:df:1c:cb:43:82:
ae:f4:db:44:23:28:1c:39:8a:5e:b8:5a:40:16:fa:b7:76:40:
71:83:ce:97:f5:6e:89:3f:20:5c:78:0c:ca:02:53:03:cc:d4:
a9:cd:72:5e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzHJyXB0WrhoqT2G2MC2nIwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwN2E1YzRlYTQ1M2I0NmM4MWNiMTM2ZDkyYjkzMDliMTQ2
YzNlNDUwHhcNMjQwMTAxMjIzMTIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWQwOGIwMzU3Y2EyYWQ0MGMzZmQ0YWJhMjNjZTIxYzZmMzRiMmUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6lrqG96ck6WzneYDBMxqX8is55vN
sgxr0CTA+wWRIg40bHzIoUOkhAmw6RlZvr+7uuB1AZfFIffqvEVJtnFyb+RpG/TA
fm/uV+y65L2NN77R5mwY8WdNzyBCX4DmjsW2w70oi5DPJAP1UbY4q2T2XtDFcPpH
wybmVJh3TQFWOe/DSCIlzJ/Zvlyj1inzuT5U5qDVkBEoZqU2qz8cmPxNqLo3ZYxD
eUL7AzURKNrUFUTMCg/WlYmSDmbCSSMYb77PWtTPI267YblIXk2I7uGgDCZ/Kw2a
cYjqOsX4yxjPsmJhBc16doD9pe73agDObDigPZVbd6885Fxyt4nECn2gDwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFB7QiwNXyirUDD/Uq6I84hxvNLLhMB8GA1UdIwQY
MBaAFJB6XE6kU7RsgcsTbZK5MJsUbD5FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0hwY1RxUlR0R3lCeXhOdGtya3dteFJzUGtVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS84NjlmNjItN2EyZS00MTc1LTkyMDIt
YjJhMmI4Yjg0N2I5LzEvSHRDTEExZktLdFFNUDlTcm9qemlIRzgwc3VFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS84NjlmNjItN2EyZS00MTc1LTkyMDItYjJhMmI4Yjg0N2I5
LzEva0hwY1RxUlR0R3lCeXhOdGtya3dteFJzUGtVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAPswuMA0E
AgACMAcDBQMqEqIAMA0GCSqGSIb3DQEBCwUAA4IBAQBdrFyDVS5uc5KuP7fW3djY
WmIOz5IYTz0vpCkk73M7QKvzA89WFRdDrmn45Xe0Xym2C90vHojvVB9aOBuVzdgx
W8ecejxEeYeYhDZlAVwHsI+GD2qe2aEcYq7r+Cpj7SzzEh+aVCKLP7PCcYlsT7Tx
JUyusxQZFqHPpoiH+3PCrUQtuWVJArmxUCp4mbP13G6x3eLoOCBkdys7L6f/Az2L
kqNgYUmoDZBiIalS7gRUf5sMRcDa3hOqmuOIzmakcUaBjnmXaUYJn3ExEZH3gjbj
+r2/3xzLQ4Ku9NtEIygcOYpeuFpAFvq3dkBxg86X9W6JPyBceAzKAlMDzNSpzXJe
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:10:26 2025 by rpki-client