Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/HGZaAm-QcoGNZvVgoKjMAnCm_4c.roa
File: HGZaAm-QcoGNZvVgoKjMAnCm_4c.roa (raw, json)
Hash identifier: R424Ds5LytetamnwWQ1NNNCeWIfGy5JdqLhxdceMpJI=
Subject key identifier: 1C:66:5A:02:6F:90:72:81:8D:66:F5:60:A0:A8:CC:02:70:A6:FF:87
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0185E48AE984F1BD09F8F981CAE89964ABD3
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/HGZaAm-QcoGNZvVgoKjMAnCm_4c.roa
Signing time: Tue 24 Jan 2023 16:09:47 +0000
ROA not before: Tue 24 Jan 2023 16:09:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210320
IP address blocks: 2a0e:b107:18c0::/48 maxlen: 48
2a0e:b107:18c8::/48 maxlen: 48
2a0e:b107:18c5::/48 maxlen: 48
2a0e:b107:18c2::/48 maxlen: 48
2a0e:b107:18c7::/48 maxlen: 48
2a0e:b107:18c4::/48 maxlen: 48
2a0e:b107:18c1::/48 maxlen: 48
2a0e:b107:18c9::/48 maxlen: 48
2a0e:b107:18c6::/48 maxlen: 48
2a0e:b107:18c3::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e4:8a:e9:84:f1:bd:09:f8:f9:81:ca:e8:99:64:ab:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 24 16:09:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1c665a026f9072818d66f560a0a8cc0270a6ff87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:3d:65:b7:8d:fc:23:94:43:e5:ec:ea:9a:ff:
54:77:03:8b:2e:22:b8:fa:db:12:43:66:b8:bf:da:
01:21:74:73:16:80:e6:50:3c:b9:8c:11:ab:43:35:
16:27:9b:53:04:f8:54:1c:42:56:4e:dc:77:d6:8d:
5f:95:0e:63:13:3d:b4:d4:e8:e4:4f:00:09:17:e2:
5b:24:35:c7:18:cf:7c:14:37:e5:cc:74:1f:a4:c4:
58:65:bc:14:fe:31:a3:1e:39:ee:81:68:49:b7:63:
84:a9:a7:83:1f:4c:ae:41:89:0e:d3:2b:9c:3f:0f:
4f:6f:c1:da:c7:8e:09:fc:28:96:65:d6:0e:7a:1c:
82:b9:3f:45:f3:0d:48:77:84:24:5c:27:4c:2e:cd:
0c:49:65:91:bf:90:b8:3f:bd:4f:25:09:95:f2:b1:
77:cc:53:bc:d0:15:ee:3f:93:2c:c7:4d:b2:7c:76:
91:10:11:44:01:ac:68:ea:c0:b8:ae:8e:ee:7c:28:
e2:d8:b1:b1:d2:6b:c7:f9:ed:18:a5:9d:98:b2:78:
8c:d0:6b:65:1f:ea:1b:86:a6:df:e7:47:52:c5:94:
eb:fe:3a:d7:a2:4e:32:0c:16:72:31:74:b4:27:b8:
ab:02:25:d0:5b:4f:a4:18:6d:f6:7f:8f:45:e1:0d:
ae:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:66:5A:02:6F:90:72:81:8D:66:F5:60:A0:A8:CC:02:70:A6:FF:87
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/HGZaAm-QcoGNZvVgoKjMAnCm_4c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:18c0::-2a0e:b107:18c9:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
ab:55:31:2b:1d:2c:a1:ae:91:06:46:f2:00:72:52:f3:b7:de:
96:c7:8c:29:c5:59:6b:29:06:52:55:1f:fd:9e:e0:e7:39:43:
2f:17:a5:a7:dc:76:8d:0a:1d:ff:d3:a4:c1:e2:91:1d:76:33:
b9:b7:49:5f:94:8e:3d:8c:0e:81:46:a3:9b:72:65:62:2d:6c:
4e:44:88:dd:d0:df:1a:8b:6b:67:da:4a:c6:31:ee:8f:94:df:
26:5e:b1:18:64:58:f1:d4:5b:36:66:e1:ee:15:66:0e:d2:16:
18:48:d2:dd:2d:81:4d:22:74:a2:89:9c:f9:28:47:3e:d6:9c:
4e:8f:23:b5:8c:b7:85:3e:c1:7a:04:aa:a9:a1:d5:c2:74:ce:
f5:12:7d:99:61:24:d6:89:63:d5:67:b9:10:e0:60:2f:3f:2f:
9b:57:65:d3:26:a6:ab:df:19:e4:e7:6d:6f:63:04:1a:6e:a0:
ff:e2:be:3c:f0:be:1c:bc:5a:6b:04:96:f1:42:b5:cf:06:86:
9d:03:f0:9e:87:00:41:2f:8c:cb:4f:89:a9:0a:bc:9f:3c:33:
ed:5f:25:78:b8:ff:61:1f:db:d2:5c:09:51:5a:56:3a:4b:60:
33:4f:58:a2:b3:00:5f:74:cc:49:08:dd:6c:ed:70:8b:9f:58:
f7:fb:cc:22
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYXkiumE8b0J+PmByuiZZKvTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTI0MTYwOTQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzY2NWEwMjZmOTA3MjgxOGQ2NmY1NjBhMGE4Y2MwMjcwYTZmZjg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgD1lt438I5RD5ezqmv9UdwOLLiK4
+tsSQ2a4v9oBIXRzFoDmUDy5jBGrQzUWJ5tTBPhUHEJWTtx31o1flQ5jEz201Ojk
TwAJF+JbJDXHGM98FDflzHQfpMRYZbwU/jGjHjnugWhJt2OEqaeDH0yuQYkO0yuc
Pw9Pb8Hax44J/CiWZdYOehyCuT9F8w1Id4QkXCdMLs0MSWWRv5C4P71PJQmV8rF3
zFO80BXuP5Msx02yfHaREBFEAaxo6sC4ro7ufCji2LGx0mvH+e0YpZ2YsniM0Gtl
H+obhqbf50dSxZTr/jrXok4yDBZyMXS0J7irAiXQW0+kGG32f49F4Q2u4wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFBxmWgJvkHKBjWb1YKCozAJwpv+HMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvSEdaYUFtLVFjb0dOWnZWZ29Lak1BbkNtXzRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAAjAUMBIDBwYqDrEH
GMADBwEqDrEHGMgwDQYJKoZIhvcNAQELBQADggEBAKtVMSsdLKGukQZG8gByUvO3
3pbHjCnFWWspBlJVH/2e4Oc5Qy8Xpafcdo0KHf/TpMHikR12M7m3SV+Ujj2MDoFG
o5tyZWItbE5EiN3Q3xqLa2faSsYx7o+U3yZesRhkWPHUWzZm4e4VZg7SFhhI0t0t
gU0idKKJnPkoRz7WnE6PI7WMt4U+wXoEqqmh1cJ0zvUSfZlhJNaJY9VnuRDgYC8/
L5tXZdMmpqvfGeTnbW9jBBpuoP/ivjzwvhy8WmsElvFCtc8Ghp0D8J6HAEEvjMtP
iakKvJ88M+1fJXi4/2Ef29JcCVFaVjpLYDNPWKKzAF90zEkI3WztcIufWPf7zCI=
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:36:30 2024 by rpki-client on console-fra.rpki-client.org