Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/hZqpWIMOR_Q2OHmKzcHYhnsT9qI.roa
File: hZqpWIMOR_Q2OHmKzcHYhnsT9qI.roa (raw, json)
Hash identifier: saWufcrjwV8ZdPL1NCuBnzkOgLLI5t+AMoFAwcG3SM0=
Subject key identifier: 85:9A:A9:58:83:0E:47:F4:36:38:79:8A:CD:C1:D8:86:7B:13:F6:A2
Certificate issuer: /CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Certificate serial: 018689B6F82003355A67A3AEB364462FD39C
Authority key identifier: 1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/hZqpWIMOR_Q2OHmKzcHYhnsT9qI.roa
Signing time: Sat 25 Feb 2023 17:55:14 +0000
ROA not before: Sat 25 Feb 2023 17:55:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200579
IP address blocks: 2a0a:280:b000::/36 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:31:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:89:b6:f8:20:03:35:5a:67:a3:ae:b3:64:46:2f:d3:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Validity
Not Before: Feb 25 17:55:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=859aa958830e47f43638798acdc1d8867b13f6a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:0a:d7:3e:48:f4:1c:eb:72:63:2c:d5:ee:26:
4a:5b:7c:19:22:76:db:6f:3d:9b:5a:d4:1c:37:5f:
5a:ea:34:e7:54:27:8a:9d:f6:2a:d4:c0:af:64:fa:
34:da:5e:82:69:7d:8a:5d:0f:fe:ed:0d:05:8e:d0:
36:d1:9c:d5:5a:f6:b0:e8:cd:f1:ad:32:d8:73:8e:
c3:e0:32:26:6e:17:66:aa:0b:74:ec:85:f5:d5:4b:
a8:16:ae:34:b6:e6:ae:77:71:91:7e:32:03:95:30:
ec:cd:e2:fe:1e:e9:08:d2:01:27:a3:ee:9f:e5:79:
09:1f:11:55:95:35:08:9a:5d:69:26:3f:6f:d3:27:
25:83:d1:23:96:ae:3c:b7:a6:ac:ec:c9:c6:bb:a0:
a7:34:20:f9:60:f5:dd:17:fc:49:4e:eb:0c:96:53:
00:7c:11:d5:95:5d:da:e8:74:db:9c:e4:05:d0:a0:
0b:3a:7d:a7:b7:eb:b0:dd:83:63:84:29:68:f8:8f:
98:3d:b9:fe:b6:1f:98:08:a3:b2:61:37:4a:6d:cf:
01:e7:2e:17:b8:85:1a:a4:38:a2:b0:19:ce:12:bf:
26:d4:1a:ff:25:5b:04:ac:ef:f8:4c:70:de:a0:58:
5f:a5:d1:c5:fe:91:00:16:8a:8d:64:cb:fe:d4:bb:
74:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:9A:A9:58:83:0E:47:F4:36:38:79:8A:CD:C1:D8:86:7B:13:F6:A2
X509v3 Authority Key Identifier:
keyid:1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/hZqpWIMOR_Q2OHmKzcHYhnsT9qI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/G58hugTl4wd7OR49SP9bClCzNp8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:280:b000::/36
Signature Algorithm: sha256WithRSAEncryption
2c:fd:5f:f9:aa:82:0c:c8:ea:41:84:08:be:71:09:29:aa:f3:
ec:4a:6e:76:b9:45:d3:1f:2d:6c:94:f9:bc:c4:a9:37:96:57:
36:dc:24:49:c2:af:ac:35:09:ec:f0:f3:56:cc:f8:95:40:e4:
24:44:1f:8e:e9:64:81:fc:55:6b:da:4a:14:7f:05:82:6d:8d:
e2:5f:6e:54:fe:e1:88:29:a7:f0:4a:dd:93:d2:a7:b7:bd:29:
60:e1:b2:c4:12:fd:6e:0f:10:00:f7:a5:8e:52:59:c4:4c:44:
16:fe:b4:ff:0c:d9:b5:6f:9e:f4:f7:9c:43:8b:4b:fd:35:30:
66:a2:0f:74:a5:e0:8b:86:8d:03:03:d9:11:76:ca:75:08:22:
7a:52:e5:fe:9d:f5:52:50:32:8d:80:32:8c:c8:66:9c:d8:fe:
fa:09:f6:21:ee:5d:8c:aa:9c:b3:9c:e1:75:c2:33:6d:51:15:
66:71:d4:c3:b1:63:51:e6:29:c4:5a:4b:de:ce:11:16:7d:3d:
82:c5:ec:b5:dc:8c:bf:49:f9:e4:01:c1:3b:26:0a:07:d7:76:
9f:be:59:09:3b:b1:42:29:1e:cf:eb:f1:0a:a3:3a:e4:a6:ab:
c8:56:4c:a0:50:ac:44:c1:b2:27:bb:60:93:f7:b3:c1:1d:fe:
02:57:e0:f3
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYaJtvggAzVaZ6Ous2RGL9OcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiOWYyMWJhMDRlNWUzMDc3YjM5MWUzZDQ4ZmY1YjBhNTBi
MzM2OWYwHhcNMjMwMjI1MTc1NTE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTlhYTk1ODgzMGU0N2Y0MzYzODc5OGFjZGMxZDg4NjdiMTNmNmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgQrXPkj0HOtyYyzV7iZKW3wZInbb
bz2bWtQcN19a6jTnVCeKnfYq1MCvZPo02l6CaX2KXQ/+7Q0FjtA20ZzVWvaw6M3x
rTLYc47D4DImbhdmqgt07IX11UuoFq40tuaud3GRfjIDlTDszeL+HukI0gEno+6f
5XkJHxFVlTUIml1pJj9v0yclg9Ejlq48t6as7MnGu6CnNCD5YPXdF/xJTusMllMA
fBHVlV3a6HTbnOQF0KALOn2nt+uw3YNjhClo+I+YPbn+th+YCKOyYTdKbc8B5y4X
uIUapDiisBnOEr8m1Br/JVsErO/4THDeoFhfpdHF/pEAFoqNZMv+1Lt0cwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFIWaqViDDkf0Njh5is3B2IZ7E/aiMB8GA1UdIwQY
MBaAFBufIboE5eMHezkePUj/WwpQszafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUt
ZjUxYzVmYjNkZjlhLzEvaFpxcFdJTU9SX1EyT0htS3pjSFlobnNUOXFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUtZjUxYzVmYjNkZjlh
LzEvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYEKgoCgLAw
DQYJKoZIhvcNAQELBQADggEBACz9X/mqggzI6kGECL5xCSmq8+xKbna5RdMfLWyU
+bzEqTeWVzbcJEnCr6w1Cezw81bM+JVA5CREH47pZIH8VWvaShR/BYJtjeJfblT+
4Ygpp/BK3ZPSp7e9KWDhssQS/W4PEAD3pY5SWcRMRBb+tP8M2bVvnvT3nEOLS/01
MGaiD3Sl4IuGjQMD2RF2ynUIInpS5f6d9VJQMo2AMozIZpzY/voJ9iHuXYyqnLOc
4XXCM21RFWZx1MOxY1HmKcRaS97OERZ9PYLF7LXcjL9J+eQBwTsmCgfXdp++WQk7
sUIpHs/r8QqjOuSmq8hWTKBQrETBsie7YJP3s8Ed/gJX4PM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:06 2024 by rpki-client on console-ams.rpki-client.org