Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/BLD9uOcX836u4836OFGSHusktWo.roa
File: BLD9uOcX836u4836OFGSHusktWo.roa (raw, json)
Hash identifier: lqWI2uAY0spJDt0azUO+k/1jFrUXIGXZJz+r6Kc+cJc=
Subject key identifier: 04:B0:FD:B8:E7:17:F3:7E:AE:E3:CD:FA:38:51:92:1E:EB:24:B5:6A
Certificate issuer: /CN=87be093097097c4457ff5aa3e5893c8c15432612
Certificate serial: 01856E2FB1871802CB5B4AE0CD26E46933CA
Authority key identifier: 87:BE:09:30:97:09:7C:44:57:FF:5A:A3:E5:89:3C:8C:15:43:26:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h74JMJcJfERX_1qj5Yk8jBVDJhI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/BLD9uOcX836u4836OFGSHusktWo.roa
Signing time: Sun 01 Jan 2023 16:34:57 +0000
ROA not before: Sun 01 Jan 2023 16:34:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211972
IP address blocks: 2a10:9902:731::/48 maxlen: 48
2a10:9902:730::/48 maxlen: 48
2a10:9902:733::/48 maxlen: 48
2a10:9902:732::/48 maxlen: 48
2a10:9902:73f::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:32:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:2f:b1:87:18:02:cb:5b:4a:e0:cd:26:e4:69:33:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87be093097097c4457ff5aa3e5893c8c15432612
Validity
Not Before: Jan 1 16:34:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=04b0fdb8e717f37eaee3cdfa3851921eeb24b56a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:f6:42:40:8d:c5:de:18:8c:46:50:7a:4b:e8:
40:d7:2c:d4:48:a9:bd:60:b7:89:2d:10:1c:d2:ac:
98:ef:b8:df:bb:10:bf:e3:c4:5b:a2:98:dc:9e:83:
d0:7e:5a:fa:c6:0b:2f:08:c5:36:1b:a6:d5:4d:87:
5c:de:68:d5:3c:05:d2:1e:3d:91:b4:90:36:c5:96:
c7:37:55:b2:a1:b2:dc:87:14:98:e5:a3:a6:53:01:
01:a3:6e:ea:0c:9d:77:0a:b4:4d:9a:86:88:e0:00:
8c:1d:c1:15:e9:ef:1d:4b:f8:3d:d0:2a:5a:50:0c:
05:7e:bb:85:40:b4:67:45:be:15:f0:66:fc:83:11:
ae:ac:67:37:7d:06:d5:83:be:4c:a7:f8:9b:f4:e9:
52:ea:82:35:2e:34:f6:40:a3:5d:15:37:0d:7d:d0:
44:13:dd:4d:07:93:d0:32:12:54:ed:61:a6:49:83:
3f:e7:25:2c:cb:87:34:bc:0f:72:77:fa:58:69:f1:
84:58:26:2a:e0:f5:be:e9:e8:b0:20:b3:79:dd:60:
c1:12:74:12:15:4e:03:d5:a9:2b:e4:cd:bd:11:ad:
75:ac:8d:b9:28:c3:d8:20:a7:5a:87:77:b4:b0:5e:
ed:9c:83:9f:d0:28:81:fd:d1:ec:0a:04:46:4b:dc:
dc:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:B0:FD:B8:E7:17:F3:7E:AE:E3:CD:FA:38:51:92:1E:EB:24:B5:6A
X509v3 Authority Key Identifier:
keyid:87:BE:09:30:97:09:7C:44:57:FF:5A:A3:E5:89:3C:8C:15:43:26:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h74JMJcJfERX_1qj5Yk8jBVDJhI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/BLD9uOcX836u4836OFGSHusktWo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/h74JMJcJfERX_1qj5Yk8jBVDJhI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:9902:730::/46
2a10:9902:73f::/48
Signature Algorithm: sha256WithRSAEncryption
8f:f0:da:52:d2:d8:38:4c:70:0d:dc:a2:a5:c3:f4:a7:5d:82:
84:a3:ed:0d:e4:9a:07:bf:51:89:eb:c0:1e:0d:f9:ad:03:09:
1a:bf:c3:eb:28:d0:7d:ce:49:d2:17:f8:8f:e6:72:8b:cf:58:
cc:06:3e:99:ff:a3:bf:ee:46:4e:95:1e:37:fa:f6:4d:3a:fb:
75:5b:86:e8:28:3b:5f:f7:7d:4f:ff:3b:fd:ff:e8:17:d7:fd:
5b:9e:99:48:1d:82:4c:29:4c:0b:64:8c:21:87:f0:35:09:30:
97:dd:ba:bc:dc:59:b2:c1:59:36:5a:43:a7:21:46:3b:df:bb:
da:a8:c3:36:58:e3:03:45:4e:5e:00:ac:10:40:11:69:b0:d1:
4b:47:3b:05:75:0b:bb:5f:8c:15:a1:76:94:35:ea:ff:b6:36:
d5:e7:f8:4a:1c:72:33:3c:e5:f1:3e:d6:0b:61:e8:fa:e3:18:
46:f9:1b:6b:0b:3c:f2:aa:e2:3f:2f:e7:ef:e5:58:9a:35:67:
0e:7f:cb:ca:08:33:f5:a9:bc:a3:86:e7:c2:ad:65:86:0a:82:
b5:d8:ee:6e:08:22:e6:57:76:7b:d6:a6:bf:1d:42:4d:b6:ef:
7e:40:46:6a:9d:9f:b3:f0:40:c7:33:2c:fb:98:81:f3:59:57:
40:e9:c1:4b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVuL7GHGALLW0rgzSbkaTPKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3YmUwOTMwOTcwOTdjNDQ1N2ZmNWFhM2U1ODkzYzhjMTU0
MzI2MTIwHhcNMjMwMTAxMTYzNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGIwZmRiOGU3MTdmMzdlYWVlM2NkZmEzODUxOTIxZWViMjRiNTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmPZCQI3F3hiMRlB6S+hA1yzUSKm9
YLeJLRAc0qyY77jfuxC/48RbopjcnoPQflr6xgsvCMU2G6bVTYdc3mjVPAXSHj2R
tJA2xZbHN1WyobLchxSY5aOmUwEBo27qDJ13CrRNmoaI4ACMHcEV6e8dS/g90Cpa
UAwFfruFQLRnRb4V8Gb8gxGurGc3fQbVg75Mp/ib9OlS6oI1LjT2QKNdFTcNfdBE
E91NB5PQMhJU7WGmSYM/5yUsy4c0vA9yd/pYafGEWCYq4PW+6eiwILN53WDBEnQS
FU4D1akr5M29Ea11rI25KMPYIKdah3e0sF7tnIOf0CiB/dHsCgRGS9zcuwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFASw/bjnF/N+ruPN+jhRkh7rJLVqMB8GA1UdIwQY
MBaAFIe+CTCXCXxEV/9ao+WJPIwVQyYSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDc0Sk1KY0pmRVJYXzFxajVZazhqQlZESmhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9jYzhmNGEtNGMwMi00MDRiLThkOTMt
MmNkZTY1ZjMxMTJhLzEvQkxEOXVPY1g4MzZ1NDgzNk9GR1NIdXNrdFdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9jYzhmNGEtNGMwMi00MDRiLThkOTMtMmNkZTY1ZjMxMTJh
LzEvaDc0Sk1KY0pmRVJYXzFxajVZazhqQlZESmhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcCKhCZAgcw
AwcAKhCZAgc/MA0GCSqGSIb3DQEBCwUAA4IBAQCP8NpS0tg4THAN3KKlw/SnXYKE
o+0N5JoHv1GJ68AeDfmtAwkav8PrKNB9zknSF/iP5nKLz1jMBj6Z/6O/7kZOlR43
+vZNOvt1W4boKDtf931P/zv9/+gX1/1bnplIHYJMKUwLZIwhh/A1CTCX3bq83Fmy
wVk2WkOnIUY737vaqMM2WOMDRU5eAKwQQBFpsNFLRzsFdQu7X4wVoXaUNer/tjbV
5/hKHHIzPOXxPtYLYej64xhG+RtrCzzyquI/L+fv5ViaNWcOf8vKCDP1qbyjhufC
rWWGCoK12O5uCCLmV3Z71qa/HUJNtu9+QEZqnZ+z8EDHMyz7mIHzWVdA6cFL
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:45 2024 by rpki-client on console-ams.rpki-client.org