Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/HLYZBfwS9f61EoUg2u-BQEl6K0E.roa
File: HLYZBfwS9f61EoUg2u-BQEl6K0E.roa (raw, json)
Hash identifier: plzBaPKU2w3lxM65SSG/cQmyIIDkwtPZIPBs/htTAnQ=
Subject key identifier: 1C:B6:19:05:FC:12:F5:FE:B5:12:85:20:DA:EF:81:40:49:7A:2B:41
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018C81CFC58099316D3C65002486FE894E1B
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/HLYZBfwS9f61EoUg2u-BQEl6K0E.roa
Signing time: Tue 19 Dec 2023 11:22:06 +0000
ROA not before: Tue 19 Dec 2023 11:22:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44024
IP address blocks: 2a10:2f01:330::/44 maxlen: 48
2a06:de00:7001::/48 maxlen: 48
2a06:de00:7000::/44 maxlen: 48
2a06:de00:7000::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:81:cf:c5:80:99:31:6d:3c:65:00:24:86:fe:89:4e:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Dec 19 11:22:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1cb61905fc12f5feb5128520daef8140497a2b41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:a7:e9:18:2a:7e:30:5b:d9:e0:d0:c6:4d:75:
02:95:37:93:b4:de:d0:85:66:a3:53:fb:44:a3:6d:
23:86:81:59:78:d7:31:b2:22:d0:13:98:03:d2:e0:
e0:a0:96:a2:2f:e3:de:ec:8f:21:5c:b5:9e:e8:3a:
fd:b8:0d:cb:b7:c2:fa:d0:4a:40:2c:91:e6:13:dd:
08:06:35:75:58:56:33:20:c7:1a:a9:72:56:8e:bc:
36:a0:71:cb:e0:cc:1d:1f:c4:79:f6:e0:b9:52:5b:
1a:81:40:3f:63:ad:69:c2:01:3e:6c:fb:7a:a4:be:
c6:23:8e:cf:57:c3:a2:23:c3:ce:c8:db:76:46:d9:
96:76:8c:c0:76:80:31:f8:8f:36:29:f4:c0:97:05:
a5:73:5c:39:0e:2b:23:f7:84:99:b0:c9:c7:a1:58:
88:fc:b0:fb:d7:9b:10:0a:9d:db:17:06:59:d0:9f:
82:f2:56:4a:f6:ce:39:6c:05:4a:bb:cf:0e:57:65:
4c:fa:34:64:0c:1a:2c:e1:42:fa:4d:39:5c:8f:a2:
61:59:c2:ff:90:49:cf:a4:44:02:83:88:59:84:87:
00:a3:68:0e:f3:43:14:35:ec:85:61:15:07:3c:e6:
0f:30:08:a2:29:66:74:e5:69:d8:5e:9a:80:0d:80:
5a:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:B6:19:05:FC:12:F5:FE:B5:12:85:20:DA:EF:81:40:49:7A:2B:41
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/HLYZBfwS9f61EoUg2u-BQEl6K0E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:de00:7000::/44
2a10:2f01:330::/44
Signature Algorithm: sha256WithRSAEncryption
63:b2:e0:16:b2:7b:41:5b:cc:8c:80:62:3c:1a:4c:05:0a:10:
d5:45:e5:6e:74:19:0e:68:dd:5d:b7:cb:30:9e:67:dd:58:69:
a7:75:a4:0f:6c:4b:8d:78:e8:37:a0:cc:e0:cb:09:7c:cd:99:
45:09:19:3b:98:79:37:84:58:7f:f6:b3:5b:70:7d:3e:93:01:
a0:c0:ea:5c:ac:99:4a:64:6e:9c:9e:17:4d:d4:11:f1:fb:c1:
f5:ed:e5:b4:5a:2b:97:e6:2d:7d:24:37:65:83:37:db:79:d8:
c5:51:29:39:fb:4d:66:c0:2b:47:5b:99:ae:c8:55:0d:8d:b7:
15:37:ac:57:e2:2f:55:25:99:80:3a:ca:ca:8d:2b:d0:24:58:
f4:9b:1f:56:50:43:6a:05:b8:31:9a:98:33:43:7e:e4:ec:06:
67:fd:a3:f0:31:81:b8:ac:96:6a:9d:1d:14:eb:0a:82:65:d5:
45:fe:ab:88:b9:ce:02:91:37:a7:cc:f3:64:63:d7:26:6d:37:
ab:2b:e9:cd:fd:ba:37:e3:67:bc:ac:9a:58:2a:09:df:36:4a:
33:12:f5:44:1c:c7:b2:b3:01:30:2f:97:cf:ac:a3:04:a6:b5:
73:91:ed:e8:15:50:43:f9:f1:4f:db:44:ad:32:d9:47:71:33:
3d:ca:d3:de
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYyBz8WAmTFtPGUAJIb+iU4bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMxMjE5MTEyMjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2I2MTkwNWZjMTJmNWZlYjUxMjg1MjBkYWVmODE0MDQ5N2EyYjQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgafpGCp+MFvZ4NDGTXUClTeTtN7Q
hWajU/tEo20jhoFZeNcxsiLQE5gD0uDgoJaiL+Pe7I8hXLWe6Dr9uA3Lt8L60EpA
LJHmE90IBjV1WFYzIMcaqXJWjrw2oHHL4MwdH8R59uC5UlsagUA/Y61pwgE+bPt6
pL7GI47PV8OiI8POyNt2RtmWdozAdoAx+I82KfTAlwWlc1w5Disj94SZsMnHoViI
/LD715sQCp3bFwZZ0J+C8lZK9s45bAVKu88OV2VM+jRkDBos4UL6TTlcj6JhWcL/
kEnPpEQCg4hZhIcAo2gO80MUNeyFYRUHPOYPMAiiKWZ05WnYXpqADYBaMwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBy2GQX8EvX+tRKFINrvgUBJeitBMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvSExZWkJmd1M5ZjYxRW9VZzJ1LUJRRWw2SzBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKgbeAHAA
AwcEKhAvAQMwMA0GCSqGSIb3DQEBCwUAA4IBAQBjsuAWsntBW8yMgGI8GkwFChDV
ReVudBkOaN1dt8swnmfdWGmndaQPbEuNeOg3oMzgywl8zZlFCRk7mHk3hFh/9rNb
cH0+kwGgwOpcrJlKZG6cnhdN1BHx+8H17eW0WiuX5i19JDdlgzfbedjFUSk5+01m
wCtHW5muyFUNjbcVN6xX4i9VJZmAOsrKjSvQJFj0mx9WUENqBbgxmpgzQ37k7AZn
/aPwMYG4rJZqnR0U6wqCZdVF/quIuc4CkTenzPNkY9cmbTerK+nN/bo342e8rJpY
KgnfNkozEvVEHMeyswEwL5fPrKMEprVzke3oFVBD+fFP20StMtlHcTM9ytPe
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:36:30 2024 by rpki-client on console-fra.rpki-client.org