Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/3cc78a-8fb5-475a-8882-9d0c620735f1/1/HQ-cRtBsqt2qYai-OjAuju6KKS4.roa
File: HQ-cRtBsqt2qYai-OjAuju6KKS4.roa (raw, json)
Hash identifier: 3POyNHGvN0OnnDPaCCy8ouWtHw9W5+mFSJ30BqpV7Xg=
Subject key identifier: 1D:0F:9C:46:D0:6C:AA:DD:AA:61:A8:BE:3A:30:2E:8E:EE:8A:29:2E
Certificate issuer: /CN=1efa596a3126ace029c6d70d529257e07b38ba06
Certificate serial: 0187B4951362FAC29E7939D68281A72E0301
Authority key identifier: 1E:FA:59:6A:31:26:AC:E0:29:C6:D7:0D:52:92:57:E0:7B:38:BA:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HvpZajEmrOApxtcNUpJX4Hs4ugY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/3cc78a-8fb5-475a-8882-9d0c620735f1/1/HQ-cRtBsqt2qYai-OjAuju6KKS4.roa
Signing time: Mon 24 Apr 2023 18:44:41 +0000
ROA not before: Mon 24 Apr 2023 18:44:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35280
IP address blocks: 128.139.0.0/17 maxlen: 17
128.139.128.0/17 maxlen: 17
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b4:95:13:62:fa:c2:9e:79:39:d6:82:81:a7:2e:03:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1efa596a3126ace029c6d70d529257e07b38ba06
Validity
Not Before: Apr 24 18:44:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1d0f9c46d06caaddaa61a8be3a302e8eee8a292e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:e8:af:0b:f8:9c:3a:4e:a4:c4:cd:ba:5a:06:
3d:fd:82:3e:43:0b:30:56:f0:e9:97:f5:eb:cf:1c:
53:bf:06:a0:47:36:be:b7:cd:e7:1a:bb:40:e6:52:
a4:9a:61:46:0b:2d:f4:04:b4:97:26:1b:28:36:2a:
5c:3a:ab:e9:19:0e:13:a9:91:4e:ff:8a:c1:5c:ba:
d6:ed:9e:b1:49:59:d2:65:af:f2:62:8a:f6:a2:ef:
85:2d:21:1f:7b:a2:77:8d:94:76:95:8b:69:04:8e:
b5:e5:c8:8a:56:eb:00:24:e6:ab:e8:0a:18:73:2a:
f4:62:d6:f0:d9:2c:c8:0d:97:f4:dc:e0:0a:04:90:
8f:a7:0b:78:da:58:3d:6a:ff:ce:b5:e7:d4:15:9d:
32:c1:da:93:53:ab:72:4d:78:28:ca:25:51:83:fd:
85:d0:32:68:a0:07:a2:38:84:3c:22:77:be:10:7f:
23:bd:f0:c9:fd:5e:63:87:8b:24:d9:c4:fd:76:6d:
47:43:ce:96:f7:39:6f:6f:36:71:2d:71:f2:ff:28:
ad:53:ed:f6:fb:5d:43:22:a7:03:c9:2a:d8:a4:41:
dd:aa:23:a7:32:87:26:13:2c:c6:9f:58:cf:fd:83:
49:6d:77:6e:fb:9c:69:90:6b:fe:a6:61:ba:c4:77:
1c:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:0F:9C:46:D0:6C:AA:DD:AA:61:A8:BE:3A:30:2E:8E:EE:8A:29:2E
X509v3 Authority Key Identifier:
keyid:1E:FA:59:6A:31:26:AC:E0:29:C6:D7:0D:52:92:57:E0:7B:38:BA:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HvpZajEmrOApxtcNUpJX4Hs4ugY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/3cc78a-8fb5-475a-8882-9d0c620735f1/1/HQ-cRtBsqt2qYai-OjAuju6KKS4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/3cc78a-8fb5-475a-8882-9d0c620735f1/1/HvpZajEmrOApxtcNUpJX4Hs4ugY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.139.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a8:11:91:e8:10:bd:09:ff:ab:9d:ca:da:aa:60:39:3b:d3:ca:
56:2b:50:a7:53:cd:e8:34:01:49:1b:35:8a:d2:7a:3c:11:c8:
05:3c:8d:85:71:a6:d9:8a:c1:c4:8d:43:c2:25:51:dd:01:59:
fe:96:a3:48:d8:2f:59:e9:a8:b8:96:bc:6d:75:7f:f6:0f:41:
11:11:e1:74:de:0c:29:d8:2d:c5:0b:13:a3:12:1b:b5:0d:8e:
76:c0:eb:0e:c6:30:e6:f0:49:98:74:c2:b2:79:7c:fa:0f:68:
76:d1:58:65:d1:8f:2e:93:a8:23:6e:a2:f9:7a:09:d1:bb:b0:
d1:44:33:58:7c:06:d9:42:78:b1:11:aa:07:12:8c:ac:7a:fc:
83:6b:81:bd:52:a3:3b:df:bf:50:32:bf:28:5d:ca:1e:8b:c3:
99:9c:9b:f3:e4:d1:85:55:a7:03:3b:e7:de:62:e0:ef:13:f8:
02:f9:d5:0f:3d:6f:3f:28:c6:30:53:11:27:f3:84:97:95:fe:
80:71:99:9d:6d:b2:ae:3f:10:e3:67:58:38:79:c1:c4:12:4f:
55:e5:a4:1c:ca:af:bd:c4:64:e8:ef:4a:1f:58:70:b2:5f:85:
fa:96:b2:27:60:13:f0:45:34:40:3c:79:c0:8c:71:50:d9:8f:
51:9a:9e:88
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYe0lRNi+sKeeTnWgoGnLgMBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlZmE1OTZhMzEyNmFjZTAyOWM2ZDcwZDUyOTI1N2UwN2Iz
OGJhMDYwHhcNMjMwNDI0MTg0NDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDBmOWM0NmQwNmNhYWRkYWE2MWE4YmUzYTMwMmU4ZWVlOGEyOTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvuivC/icOk6kxM26WgY9/YI+Qwsw
VvDpl/XrzxxTvwagRza+t83nGrtA5lKkmmFGCy30BLSXJhsoNipcOqvpGQ4TqZFO
/4rBXLrW7Z6xSVnSZa/yYor2ou+FLSEfe6J3jZR2lYtpBI615ciKVusAJOar6AoY
cyr0Ytbw2SzIDZf03OAKBJCPpwt42lg9av/OtefUFZ0ywdqTU6tyTXgoyiVRg/2F
0DJooAeiOIQ8Ine+EH8jvfDJ/V5jh4sk2cT9dm1HQ86W9zlvbzZxLXHy/yitU+32
+11DIqcDySrYpEHdqiOnMocmEyzGn1jP/YNJbXdu+5xpkGv+pmG6xHccCwIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFB0PnEbQbKrdqmGovjowLo7uiikuMB8GA1UdIwQY
MBaAFB76WWoxJqzgKcbXDVKSV+B7OLoGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHZwWmFqRW1yT0FweHRjTlVwSlg0SHM0dWdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS8zY2M3OGEtOGZiNS00NzVhLTg4ODIt
OWQwYzYyMDczNWYxLzEvSFEtY1J0QnNxdDJxWWFpLU9qQXVqdTZLS1M0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS8zY2M3OGEtOGZiNS00NzVhLTg4ODItOWQwYzYyMDczNWYx
LzEvSHZwWmFqRW1yT0FweHRjTlVwSlg0SHM0dWdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAgIswDQYJ
KoZIhvcNAQELBQADggEBAKgRkegQvQn/q53K2qpgOTvTylYrUKdTzeg0AUkbNYrS
ejwRyAU8jYVxptmKwcSNQ8IlUd0BWf6Wo0jYL1npqLiWvG11f/YPQRER4XTeDCnY
LcULE6MSG7UNjnbA6w7GMObwSZh0wrJ5fPoPaHbRWGXRjy6TqCNuovl6CdG7sNFE
M1h8BtlCeLERqgcSjKx6/INrgb1Sozvfv1Ayvyhdyh6Lw5mcm/Pk0YVVpwM7595i
4O8T+AL51Q89bz8oxjBTESfzhJeV/oBxmZ1tsq4/EONnWDh5wcQST1XlpBzKr73E
ZOjvSh9YcLJfhfqWsidgE/BFNEA8ecCMcVDZj1Ganog=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:31 2024 by rpki-client on console-fra.rpki-client.org