Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Hzsi2IGJy7n0q83DZbzsgorTlFw.roa
File: Hzsi2IGJy7n0q83DZbzsgorTlFw.roa (raw, json)
Hash identifier: od8Z8jLyusz5H/vfkF9yx15tGX0yKvJHiHAk542fFrU=
Subject key identifier: 1F:3B:22:D8:81:89:CB:B9:F4:AB:CD:C3:65:BC:EC:82:8A:D3:94:5C
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01942B688BABFD67E72747C0BFA7256E085B
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Hzsi2IGJy7n0q83DZbzsgorTlFw.roa
Signing time: Fri 03 Jan 2025 09:04:19 +0000
ROA not before: Fri 03 Jan 2025 09:04:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213641
IP address blocks: 2a0e:97c0:680::/44 maxlen: 48
Validation: Failed, certificate revoked on Sat 04 Jan 2025 00:05:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:2b:68:8b:ab:fd:67:e7:27:47:c0:bf:a7:25:6e:08:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 3 09:04:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1f3b22d88189cbb9f4abcdc365bcec828ad3945c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:62:b9:c5:6b:58:25:9e:d8:ae:a7:2a:fc:94:
fd:01:9a:77:8a:c3:b0:0c:f2:f9:3a:53:3b:65:cd:
a1:44:67:44:06:ae:b4:50:bd:7d:f8:cf:a6:8f:ae:
a6:9f:4b:ab:54:75:24:e2:db:41:90:15:83:e9:a6:
c8:78:f7:5a:83:a9:7d:98:5f:f4:6e:e5:9a:88:30:
f9:d6:8e:dc:78:cc:f0:55:5d:8a:c5:dd:a1:59:bb:
06:90:d3:29:88:21:9d:24:2f:17:d8:51:22:98:0a:
d3:51:02:e1:44:06:23:48:79:05:f3:c1:dc:3f:fb:
d4:ff:24:c6:6d:f2:22:67:46:13:f3:d6:e0:79:a0:
67:ff:9e:a7:f4:5f:09:7e:5a:bc:f6:9e:f0:43:9d:
70:ab:99:42:17:df:99:c9:6c:90:a0:91:1f:f9:30:
ea:93:28:09:ff:37:11:0d:18:0a:f0:36:73:8a:fb:
01:4c:d7:c7:36:90:f1:13:be:c2:96:62:af:70:c7:
4f:8b:96:1d:df:a0:6c:da:8a:b1:51:d9:e5:d2:ba:
08:31:d6:90:18:81:d4:bb:af:2b:dd:ae:da:d0:90:
18:ab:96:47:09:67:5c:82:34:46:ba:ca:d7:69:f9:
80:df:aa:bd:da:ad:b7:d8:73:21:84:33:ee:59:1e:
d1:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:3B:22:D8:81:89:CB:B9:F4:AB:CD:C3:65:BC:EC:82:8A:D3:94:5C
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Hzsi2IGJy7n0q83DZbzsgorTlFw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:680::/44
Signature Algorithm: sha256WithRSAEncryption
8e:e2:68:4c:1f:84:42:3f:98:f9:79:fd:a3:ac:de:97:3d:0c:
4e:81:40:7d:d7:d5:1d:54:89:a6:e2:70:a3:59:ca:72:c0:87:
60:00:db:31:a9:a5:23:c9:5a:a6:35:9e:4e:89:2c:c5:f9:4e:
54:84:48:28:a2:13:b3:b6:57:89:64:0a:a3:1a:c5:dc:d6:30:
6d:bb:f5:55:65:85:56:a1:60:af:fb:88:13:77:b1:16:45:5b:
97:c1:a0:70:d5:ee:4a:71:d6:49:5c:0b:63:e1:60:f5:ab:b3:
ac:9b:4e:c6:6a:cd:d5:7e:9f:56:3d:14:26:85:41:4e:41:9f:
94:1e:52:1d:0b:b7:0b:98:7c:35:0a:dc:b9:cb:1c:12:68:79:
60:5d:62:bf:2c:61:45:d3:ec:f5:98:77:3c:62:00:6d:29:fc:
56:ce:83:ab:f3:21:85:8d:11:e3:a5:2c:7c:a2:10:92:6f:1a:
da:e6:c3:00:fe:e5:e1:6d:ae:db:74:a9:7f:78:e8:18:f0:83:
5d:bb:3d:75:37:84:9f:5a:c5:b3:4a:53:99:2b:21:cf:9e:97:
69:49:45:6a:60:9b:db:2a:97:9d:67:12:15:70:cf:8e:90:8f:
8d:79:ed:1f:89:f5:72:78:bc:eb:18:0a:d6:fe:cc:80:ab:04:
8b:0e:bb:2c
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQraIur/WfnJ0fAv6clbghbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMTAzMDkwNDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjNiMjJkODgxODljYmI5ZjRhYmNkYzM2NWJjZWM4MjhhZDM5NDVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvGK5xWtYJZ7Yrqcq/JT9AZp3isOw
DPL5OlM7Zc2hRGdEBq60UL19+M+mj66mn0urVHUk4ttBkBWD6abIePdag6l9mF/0
buWaiDD51o7ceMzwVV2Kxd2hWbsGkNMpiCGdJC8X2FEimArTUQLhRAYjSHkF88Hc
P/vU/yTGbfIiZ0YT89bgeaBn/56n9F8Jflq89p7wQ51wq5lCF9+ZyWyQoJEf+TDq
kygJ/zcRDRgK8DZzivsBTNfHNpDxE77ClmKvcMdPi5Yd36Bs2oqxUdnl0roIMdaQ
GIHUu68r3a7a0JAYq5ZHCWdcgjRGusrXafmA36q92q232HMhhDPuWR7RTwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFB87ItiBicu59KvNw2W87IKK05RcMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvSHpzaTJJR0p5N24wcTgzRFpienNnb3JUbEZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwAaA
MA0GCSqGSIb3DQEBCwUAA4IBAQCO4mhMH4RCP5j5ef2jrN6XPQxOgUB919UdVImm
4nCjWcpywIdgANsxqaUjyVqmNZ5OiSzF+U5UhEgoohOztleJZAqjGsXc1jBtu/VV
ZYVWoWCv+4gTd7EWRVuXwaBw1e5KcdZJXAtj4WD1q7Osm07Gas3Vfp9WPRQmhUFO
QZ+UHlIdC7cLmHw1Cty5yxwSaHlgXWK/LGFF0+z1mHc8YgBtKfxWzoOr8yGFjRHj
pSx8ohCSbxra5sMA/uXhba7bdKl/eOgY8INduz11N4SfWsWzSlOZKyHPnpdpSUVq
YJvbKpedZxIVcM+OkI+Nee0fifVyeLzrGArW/syAqwSLDrss
-----END CERTIFICATE-----
Generated at Wed Feb 5 06:48:56 2025 by rpki-client