Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/hpgkoFdAQ19HzebKdKb9G_jpUFU.roa
File: hpgkoFdAQ19HzebKdKb9G_jpUFU.roa (raw, json)
Hash identifier: Xp14+eLOPpsr5lSzYUzJUghIdc7P0XI6p+JV0qfMpwo=
Subject key identifier: 86:98:24:A0:57:40:43:5F:47:CD:E6:CA:74:A6:FD:1B:F8:E9:50:55
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CC9BCEFF144B885B453FB5BADF2ADC4B2
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/hpgkoFdAQ19HzebKdKb9G_jpUFU.roa
Signing time: Tue 02 Jan 2024 10:34:11 +0000
ROA not before: Tue 02 Jan 2024 10:34:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199918
IP address blocks: 2a0e:97c0:880::/48 maxlen: 48
2a0e:97c0:884::/48 maxlen: 48
2a0e:97c0:88a::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 25 Jan 2024 09:11:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:ef:f1:44:b8:85:b4:53:fb:5b:ad:f2:ad:c4:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 10:34:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=869824a05740435f47cde6ca74a6fd1bf8e95055
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:17:e3:41:b6:ae:7c:29:e6:73:a1:74:fd:74:
e7:d1:e5:b6:1b:32:ff:a2:0b:e7:46:ac:de:58:42:
40:a3:9f:e5:6c:78:ba:14:fb:95:30:f3:8a:fb:fe:
b1:ab:43:ab:db:d6:8d:e9:52:9b:09:c6:32:44:5c:
5e:57:b3:4f:05:9b:6d:db:6e:c4:4c:e5:e0:5b:51:
46:43:e9:cd:45:8d:46:e6:6f:88:3e:34:38:53:d3:
fb:97:ae:15:a9:bf:9a:43:f3:1f:52:c9:cf:b2:8a:
79:33:89:d4:7d:df:47:76:4b:c7:eb:77:3a:43:d5:
78:84:c9:b3:f1:8a:40:54:70:42:64:15:6f:10:82:
4c:f9:8a:db:b5:a4:ea:80:0d:0a:56:63:63:88:69:
92:14:49:9b:a8:45:cc:d9:12:28:1f:5c:ea:45:ec:
6f:f2:9b:ea:8c:f2:5e:d3:9d:11:8b:5b:f6:61:00:
48:8f:87:41:2f:a1:4e:b5:37:88:6e:6c:95:a7:56:
c7:58:2d:db:af:32:60:fa:f2:f8:00:ec:d7:e6:43:
a7:b6:22:eb:1c:8c:d1:7d:4d:f6:65:08:f9:4a:37:
13:b8:55:8d:3a:d3:94:d0:e1:bc:40:5b:b0:1f:36:
88:c9:82:12:d6:92:c8:62:70:a4:b5:22:fc:02:b5:
d1:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:98:24:A0:57:40:43:5F:47:CD:E6:CA:74:A6:FD:1B:F8:E9:50:55
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/hpgkoFdAQ19HzebKdKb9G_jpUFU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:880::/48
2a0e:97c0:884::/48
2a0e:97c0:88a::/48
Signature Algorithm: sha256WithRSAEncryption
8e:6e:8f:c5:20:d8:54:77:47:55:cd:63:d2:96:b7:25:9d:09:
59:e2:ce:15:f8:97:94:b4:e8:6b:34:78:fd:b7:3e:2f:21:53:
21:09:db:b8:2c:e7:c4:87:14:9e:30:8a:7b:f5:49:50:3c:6e:
a1:c9:7b:88:14:d7:da:b1:a5:43:fa:c8:21:00:35:36:c9:51:
65:25:4d:60:3d:c4:b7:7c:45:32:6b:89:56:87:af:fa:a4:58:
ce:29:11:c5:d1:54:dd:ed:43:cc:ef:0a:16:bd:02:d2:07:3f:
8d:d4:da:53:13:c2:a5:b8:7f:43:eb:9c:4e:a6:0f:73:20:35:
98:b3:8f:31:e5:0f:e4:3d:fe:f5:cf:b0:ac:7e:cd:16:bb:82:
5a:b5:26:f7:f9:d3:d8:53:42:64:ff:13:5c:64:5b:96:73:e4:
36:e8:bb:56:29:b9:0f:6d:19:71:88:6e:b4:1a:c7:29:8b:49:
ce:a6:d2:31:d9:48:84:8e:58:e3:c0:16:95:72:77:4d:5e:74:
91:58:67:de:0d:aa:ab:e3:e3:83:fc:65:32:24:57:8a:98:42:
2a:f2:e8:a1:40:ce:15:84:d2:27:78:e8:5c:be:3e:e0:9f:43:
c7:c1:2c:b2:dd:37:35:ea:3e:2a:ca:85:30:c9:ad:b6:2b:be:
89:03:f4:a4
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzJvO/xRLiFtFP7W63yrcSyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Njk4MjRhMDU3NDA0MzVmNDdjZGU2Y2E3NGE2ZmQxYmY4ZTk1MDU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7RfjQbaufCnmc6F0/XTn0eW2GzL/
ogvnRqzeWEJAo5/lbHi6FPuVMPOK+/6xq0Or29aN6VKbCcYyRFxeV7NPBZtt227E
TOXgW1FGQ+nNRY1G5m+IPjQ4U9P7l64Vqb+aQ/MfUsnPsop5M4nUfd9HdkvH63c6
Q9V4hMmz8YpAVHBCZBVvEIJM+YrbtaTqgA0KVmNjiGmSFEmbqEXM2RIoH1zqRexv
8pvqjPJe050Ri1v2YQBIj4dBL6FOtTeIbmyVp1bHWC3brzJg+vL4AOzX5kOntiLr
HIzRfU32ZQj5SjcTuFWNOtOU0OG8QFuwHzaIyYIS1pLIYnCktSL8ArXRcQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFIaYJKBXQENfR83mynSm/Rv46VBVMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvaHBna29GZEFRMTlIemViS2RLYjlHX2pwVUZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcAKg6XwAiA
AwcAKg6XwAiEAwcAKg6XwAiKMA0GCSqGSIb3DQEBCwUAA4IBAQCObo/FINhUd0dV
zWPSlrclnQlZ4s4V+JeUtOhrNHj9tz4vIVMhCdu4LOfEhxSeMIp79UlQPG6hyXuI
FNfasaVD+sghADU2yVFlJU1gPcS3fEUya4lWh6/6pFjOKRHF0VTd7UPM7woWvQLS
Bz+N1NpTE8KluH9D65xOpg9zIDWYs48x5Q/kPf71z7Csfs0Wu4JatSb3+dPYU0Jk
/xNcZFuWc+Q26LtWKbkPbRlxiG60Gscpi0nOptIx2UiEjljjwBaVcndNXnSRWGfe
Daqr4+OD/GUyJFeKmEIq8uihQM4VhNIneOhcvj7gn0PHwSyy3Tc16j4qyoUwya22
K76JA/Sk
-----END CERTIFICATE-----
Generated at Thu Jan 25 11:57:12 2024 by rpki-client on console-fra.rpki-client.org