Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/HOefsy7QUSMwBihaIcnCn9oHJM4.roa
File: HOefsy7QUSMwBihaIcnCn9oHJM4.roa (raw, json)
Hash identifier: VSdD2LuB2ccQTHkFEacq5vfqN90M24yXYFSkeJVNlm4=
Subject key identifier: 1C:E7:9F:B3:2E:D0:51:23:30:06:28:5A:21:C9:C2:9F:DA:07:24:CE
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01898942904B60CDFBC4A61EE6FA78DACAAB
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/HOefsy7QUSMwBihaIcnCn9oHJM4.roa
Signing time: Mon 24 Jul 2023 18:56:28 +0000
ROA not before: Mon 24 Jul 2023 18:56:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209533
IP address blocks: 2a0e:b107:2228::/45 maxlen: 48
2a0e:b107:2220::/45 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:89:42:90:4b:60:cd:fb:c4:a6:1e:e6:fa:78:da:ca:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jul 24 18:56:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1ce79fb32ed051233006285a21c9c29fda0724ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:79:7b:c0:58:ff:e0:27:3a:0c:3f:0d:04:26:
a6:7d:2a:0f:b7:f9:95:69:48:15:0d:bd:42:b6:c1:
5a:3a:6a:1d:a3:e9:cf:c7:d9:b0:90:9e:39:ed:41:
9f:b3:a7:da:eb:d7:16:0a:f4:e2:df:37:35:78:a6:
47:83:fe:21:5a:03:e0:86:3e:e9:c1:5d:6f:dc:16:
68:6a:c2:8d:60:50:ed:46:e0:bc:e1:38:e9:55:13:
9e:64:43:04:73:84:13:f8:b0:f8:26:4c:f4:a5:d7:
61:a2:5b:70:3e:2d:29:97:39:e1:e2:1d:f4:e2:22:
36:fa:db:ca:77:d1:3c:d8:da:7c:7d:d8:71:9c:04:
35:16:dc:70:88:6a:8f:bd:24:e8:87:3b:27:24:ed:
37:8d:7f:f9:10:4e:10:7f:38:a6:62:1e:9f:b3:b5:
a6:86:5c:2f:e2:68:cf:e0:82:b3:a8:c9:2f:6c:a6:
19:9e:5d:1e:cf:bf:4c:f3:02:d7:fe:0e:7e:ac:5d:
42:d9:90:61:cd:32:73:98:b7:fe:11:26:88:87:d2:
ab:61:c8:8d:c2:44:23:55:20:19:71:57:75:85:5c:
37:46:28:c2:fa:da:00:8f:20:b7:2d:66:14:10:7c:
7e:44:89:91:d2:50:fd:a7:fb:83:88:11:14:16:06:
ff:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:E7:9F:B3:2E:D0:51:23:30:06:28:5A:21:C9:C2:9F:DA:07:24:CE
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/HOefsy7QUSMwBihaIcnCn9oHJM4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:2220::/44
Signature Algorithm: sha256WithRSAEncryption
06:ba:53:58:60:40:ad:d7:6e:8d:f6:65:e3:94:df:b9:22:fc:
46:c5:3a:d9:73:4f:61:ed:fa:45:93:21:65:bf:c5:26:21:3f:
ad:19:fc:c3:b5:5c:a3:0d:de:5f:e6:62:66:a8:7c:f5:01:3e:
43:fb:93:96:2e:07:af:f0:f3:b9:00:fe:7b:0f:89:cf:c7:86:
08:56:03:38:0b:de:03:b5:3b:6b:42:89:ed:4b:45:5c:d9:43:
a7:90:1e:ea:e1:35:ae:23:55:30:51:bf:e7:07:c2:dd:80:25:
9b:9c:88:b6:b9:6a:95:3e:26:1b:af:59:e0:56:e1:27:c0:a8:
20:c0:c7:a2:de:72:e8:17:02:24:3a:4b:34:ca:79:19:25:ac:
aa:9b:a5:57:29:82:85:f0:95:49:e0:48:31:91:ec:3b:ff:9f:
08:6e:20:24:0b:22:40:d1:76:09:a4:b4:df:14:7d:09:e0:23:
2e:9b:10:17:89:af:88:cd:70:6f:e6:65:4e:bc:4b:7f:ec:97:
16:80:77:87:1d:4d:2c:a5:a3:5f:21:fb:0e:d1:7b:06:76:bb:
16:c2:a1:2c:b6:68:53:e0:56:f1:5b:5f:b9:41:fe:97:21:0e:
eb:0c:d2:a4:a4:b2:b1:20:54:bc:30:ab:7c:33:f1:95:62:17:
ba:d0:a3:12
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYmJQpBLYM37xKYe5vp42sqrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwNzI0MTg1NjI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2U3OWZiMzJlZDA1MTIzMzAwNjI4NWEyMWM5YzI5ZmRhMDcyNGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs3l7wFj/4Cc6DD8NBCamfSoPt/mV
aUgVDb1CtsFaOmodo+nPx9mwkJ457UGfs6fa69cWCvTi3zc1eKZHg/4hWgPghj7p
wV1v3BZoasKNYFDtRuC84TjpVROeZEMEc4QT+LD4Jkz0pddholtwPi0plznh4h30
4iI2+tvKd9E82Np8fdhxnAQ1FtxwiGqPvSTohzsnJO03jX/5EE4QfzimYh6fs7Wm
hlwv4mjP4IKzqMkvbKYZnl0ez79M8wLX/g5+rF1C2ZBhzTJzmLf+ESaIh9KrYciN
wkQjVSAZcVd1hVw3RijC+toAjyC3LWYUEHx+RImR0lD9p/uDiBEUFgb/BwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFBznn7Mu0FEjMAYoWiHJwp/aByTOMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvSE9lZnN5N1FVU013QmloYUljbkNuOW9ISk00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6xByIg
MA0GCSqGSIb3DQEBCwUAA4IBAQAGulNYYECt126N9mXjlN+5IvxGxTrZc09h7fpF
kyFlv8UmIT+tGfzDtVyjDd5f5mJmqHz1AT5D+5OWLgev8PO5AP57D4nPx4YIVgM4
C94DtTtrQontS0Vc2UOnkB7q4TWuI1UwUb/nB8LdgCWbnIi2uWqVPiYbr1ngVuEn
wKggwMei3nLoFwIkOks0ynkZJayqm6VXKYKF8JVJ4Egxkew7/58IbiAkCyJA0XYJ
pLTfFH0J4CMumxAXia+IzXBv5mVOvEt/7JcWgHeHHU0spaNfIfsO0XsGdrsWwqEs
tmhT4FbxW1+5Qf6XIQ7rDNKkpLKxIFS8MKt8M/GVYhe60KMS
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:29 2024 by rpki-client on console-fra.rpki-client.org