Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/HxWJt89TV1NFOk_cf4VUbVzARVU.roa
File: HxWJt89TV1NFOk_cf4VUbVzARVU.roa (raw, json)
Hash identifier: r5exjD8DLTGxo2RJqiZ6+sMGBMel2f9z6VsaOt03YPo=
Subject key identifier: 1F:15:89:B7:CF:53:57:53:45:3A:4F:DC:7F:85:54:6D:5C:C0:45:55
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018D69B577D4FCADF833EC0D15DC8C3AE70A
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/HxWJt89TV1NFOk_cf4VUbVzARVU.roa
Signing time: Fri 02 Feb 2024 12:05:16 +0000
ROA not before: Fri 02 Feb 2024 12:05:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215751
IP address blocks: 2a10:cc40:cc40::/44 maxlen: 48
2a10:cc40:cc40::/48 maxlen: 48
2a10:cc40:cc41::/48 maxlen: 48
2a10:cc40:cc42::/48 maxlen: 48
2a10:cc40:cc46::/48 maxlen: 48
2a10:cc40:cc4e::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 22 Mar 2024 00:18:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:69:b5:77:d4:fc:ad:f8:33:ec:0d:15:dc:8c:3a:e7:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Feb 2 12:05:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1f1589b7cf535753453a4fdc7f85546d5cc04555
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:d3:e4:48:13:67:74:94:d8:92:98:60:cf:d9:
a0:9f:9e:ff:50:3f:71:f6:22:52:18:29:ce:ba:53:
f4:31:52:fb:65:74:3c:61:c5:2f:32:27:e8:c7:83:
36:f1:33:b4:02:64:46:1e:6c:d6:47:8e:ea:a4:2d:
4e:08:27:0d:8a:64:ea:3a:73:9c:a5:44:e9:27:bc:
7c:74:24:0c:0d:56:b5:d4:60:e0:e1:34:f4:52:5c:
cd:75:d9:4b:87:d7:ad:5c:c1:78:3a:bc:48:79:1d:
6c:8d:e9:fd:37:95:a5:69:b7:65:d2:ae:d7:b6:c2:
e3:01:45:98:23:7d:09:8d:de:88:b0:b4:4c:b8:e5:
3e:e8:80:dc:ea:14:81:52:d0:ba:5c:53:af:9b:bc:
f2:13:4e:15:79:81:3d:d1:91:b3:e3:ad:57:4f:cb:
83:96:20:77:0e:b3:8d:d6:73:60:0d:5c:b7:f7:d5:
64:5e:e6:be:1e:33:79:a5:80:dd:d6:dc:ad:91:31:
0f:c4:db:f8:9e:ba:69:e0:1d:5c:97:92:ac:c7:8c:
e5:56:33:4d:ae:c3:76:37:05:d2:8a:f4:51:b0:72:
17:49:af:c2:3a:49:2b:29:d7:32:68:d7:5c:b2:79:
4e:8d:ef:f9:14:02:6a:d4:f2:82:55:f5:96:11:c2:
55:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:15:89:B7:CF:53:57:53:45:3A:4F:DC:7F:85:54:6D:5C:C0:45:55
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/HxWJt89TV1NFOk_cf4VUbVzARVU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:cc40:cc40::/44
Signature Algorithm: sha256WithRSAEncryption
41:9f:f9:47:a0:8e:7a:a1:29:80:14:fd:e0:f1:71:ac:ff:16:
f9:74:a3:88:e2:2f:b0:e2:c9:8f:46:1a:59:a4:dd:f2:61:2d:
9d:cd:80:6c:7d:9f:78:03:10:32:3b:b8:8b:ad:2a:28:d5:c6:
e7:ae:e3:ef:d1:55:3c:0a:b7:a5:ae:cc:7f:26:22:51:d4:44:
9d:a3:71:55:49:6f:4d:37:2a:14:87:15:1e:75:5c:bf:6c:a6:
32:b3:98:3e:44:5d:f7:48:43:2d:ce:89:e0:8d:04:f1:02:fe:
16:f5:50:e9:c6:87:fa:4c:61:71:a8:f2:9e:b9:44:b2:63:bd:
96:bc:d4:c9:37:98:c7:ac:91:e3:34:1c:b0:fe:5f:9a:24:cd:
1f:d1:b4:9f:b6:0d:c4:ee:6a:59:94:85:d7:1f:e8:35:8c:57:
b0:b7:cf:9b:5c:83:06:e5:a7:f8:bb:6a:fd:72:c2:0e:f4:52:
15:fc:e2:9e:11:4a:9a:be:e7:fc:ea:7d:1b:a0:04:ed:c0:2d:
44:63:2a:a3:ec:60:a8:bf:32:80:58:19:3b:c9:85:6f:5f:18:
47:18:5a:07:a4:74:09:1d:b1:96:0a:fe:79:7f:cf:76:fd:ae:
44:a9:7a:9e:94:2e:d3:28:27:a7:a5:65:c4:47:54:c3:cd:99:
69:b6:cf:55
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1ptXfU/K34M+wNFdyMOucKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMjAyMTIwNTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjE1ODliN2NmNTM1NzUzNDUzYTRmZGM3Zjg1NTQ2ZDVjYzA0NTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAitPkSBNndJTYkphgz9mgn57/UD9x
9iJSGCnOulP0MVL7ZXQ8YcUvMifox4M28TO0AmRGHmzWR47qpC1OCCcNimTqOnOc
pUTpJ7x8dCQMDVa11GDg4TT0UlzNddlLh9etXMF4OrxIeR1sjen9N5Wlabdl0q7X
tsLjAUWYI30Jjd6IsLRMuOU+6IDc6hSBUtC6XFOvm7zyE04VeYE90ZGz461XT8uD
liB3DrON1nNgDVy399VkXua+HjN5pYDd1tytkTEPxNv4nrpp4B1cl5Ksx4zlVjNN
rsN2NwXSivRRsHIXSa/COkkrKdcyaNdcsnlOje/5FAJq1PKCVfWWEcJVLwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFB8VibfPU1dTRTpP3H+FVG1cwEVVMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvSHhXSnQ4OVRWMU5GT2tfY2Y0VlViVnpBUlZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhDMQMxA
MA0GCSqGSIb3DQEBCwUAA4IBAQBBn/lHoI56oSmAFP3g8XGs/xb5dKOI4i+w4smP
RhpZpN3yYS2dzYBsfZ94AxAyO7iLrSoo1cbnruPv0VU8Crelrsx/JiJR1ESdo3FV
SW9NNyoUhxUedVy/bKYys5g+RF33SEMtzongjQTxAv4W9VDpxof6TGFxqPKeuUSy
Y72WvNTJN5jHrJHjNByw/l+aJM0f0bSftg3E7mpZlIXXH+g1jFewt8+bXIMG5af4
u2r9csIO9FIV/OKeEUqavuf86n0boATtwC1EYyqj7GCovzKAWBk7yYVvXxhHGFoH
pHQJHbGWCv55f892/a5EqXqelC7TKCenpWXER1TDzZlpts9V
-----END CERTIFICATE-----
Generated at Fri Mar 22 05:22:23 2024 by rpki-client on console-fra.rpki-client.org