Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/4737c9-e263-44e7-8fed-57c955c9c85d/1/hhPJnPt9Rp0TkeZ9hzEzTQ-auWs.roa
File: hhPJnPt9Rp0TkeZ9hzEzTQ-auWs.roa (raw, json)
Hash identifier: 87eZTjc6ya0N/k4igdPnjXzs4MgrNkGDkzCinZSRemo=
Subject key identifier: 86:13:C9:9C:FB:7D:46:9D:13:91:E6:7D:87:31:33:4D:0F:9A:B9:6B
Certificate issuer: /CN=006b06b5d0ff1000e10c4276eea0880af209d7a2
Certificate serial: 0188F8318AFA36017968BBD86CA777A189BA
Authority key identifier: 00:6B:06:B5:D0:FF:10:00:E1:0C:42:76:EE:A0:88:0A:F2:09:D7:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AGsGtdD_EADhDEJ27qCICvIJ16I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/4737c9-e263-44e7-8fed-57c955c9c85d/1/hhPJnPt9Rp0TkeZ9hzEzTQ-auWs.roa
Signing time: Mon 26 Jun 2023 14:52:56 +0000
ROA not before: Mon 26 Jun 2023 14:52:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 2a04:1f42::/32 maxlen: 48
2a04:1f41::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:f8:31:8a:fa:36:01:79:68:bb:d8:6c:a7:77:a1:89:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=006b06b5d0ff1000e10c4276eea0880af209d7a2
Validity
Not Before: Jun 26 14:52:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8613c99cfb7d469d1391e67d8731334d0f9ab96b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:56:cf:ec:7e:38:91:62:18:03:fe:e3:79:8e:
b8:9a:f1:68:f9:22:c8:cc:f0:88:ab:16:61:e4:9d:
96:4a:70:e2:7d:ef:1f:82:34:a4:bd:54:41:29:7c:
4f:8f:20:4a:ab:8c:b3:ce:cd:b4:3f:39:da:76:d7:
91:a1:fa:fd:fb:0a:e6:96:e0:76:41:57:fc:31:af:
a8:09:59:fa:22:3f:d0:9a:76:53:8a:38:b7:cf:d5:
ac:00:1b:6d:f6:26:9f:41:dc:17:6e:40:3d:97:e1:
40:88:d0:49:ac:e7:a0:ff:55:dd:60:f9:12:b7:7b:
a1:58:4e:2c:41:81:bd:f3:fa:37:98:fd:b5:94:d9:
03:aa:f4:cf:38:da:5e:33:75:13:da:e5:a9:52:17:
77:35:e6:c0:8e:83:8e:27:ca:18:02:c6:48:84:c9:
a6:48:ea:40:b7:5d:6f:f2:f2:af:b3:07:c9:4a:f2:
14:ca:36:b9:6f:fd:d3:86:e5:5a:e6:9f:f0:a4:bb:
b2:34:2f:70:5d:aa:20:d4:d1:32:d8:0b:6a:5a:9c:
48:dc:ce:a0:0f:5c:d3:43:7c:b3:f8:50:a2:cb:f5:
02:e7:d1:13:f6:25:62:d8:cf:fc:f8:bc:c4:bf:91:
95:bb:79:d9:2d:b4:46:97:1c:bd:0b:88:48:d8:39:
40:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:13:C9:9C:FB:7D:46:9D:13:91:E6:7D:87:31:33:4D:0F:9A:B9:6B
X509v3 Authority Key Identifier:
keyid:00:6B:06:B5:D0:FF:10:00:E1:0C:42:76:EE:A0:88:0A:F2:09:D7:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AGsGtdD_EADhDEJ27qCICvIJ16I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/4737c9-e263-44e7-8fed-57c955c9c85d/1/hhPJnPt9Rp0TkeZ9hzEzTQ-auWs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/4737c9-e263-44e7-8fed-57c955c9c85d/1/AGsGtdD_EADhDEJ27qCICvIJ16I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:1f41::-2a04:1f42:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
2f:a9:51:35:83:69:7c:0d:1b:b9:96:a3:76:b3:11:8f:6d:0d:
ac:43:a4:c9:0c:ce:70:5a:84:ad:26:23:b9:5d:c5:a7:02:de:
bc:d7:3c:fe:17:1b:42:20:19:a2:47:18:1a:68:d6:9d:b8:60:
e9:41:fc:09:41:73:0b:76:28:52:46:17:01:f4:b4:73:37:19:
82:cc:64:61:ae:cf:03:d8:c1:a6:3a:bc:87:d4:2a:3a:75:d8:
95:8f:47:e8:9c:80:21:4f:01:6b:44:b0:1e:06:99:8e:06:6a:
04:62:a4:7a:7c:c0:91:a2:17:d3:60:30:90:bc:26:52:54:0a:
9c:5c:ca:4e:fa:f8:ab:62:a9:95:95:d2:a1:25:89:f9:4d:3a:
38:29:29:9b:be:92:d7:81:f9:37:5e:15:e5:29:61:ff:25:0f:
28:22:84:18:bc:ec:6b:58:d5:0e:f2:a8:8d:25:e4:09:b3:c9:
a6:7c:a0:3d:cb:b7:49:e4:cd:f1:3e:2d:63:7e:a8:9c:10:4e:
59:cd:be:13:69:ab:36:fc:99:fa:2f:5e:cb:26:7e:f4:2e:bf:
6f:a1:61:77:b8:7b:4e:7c:31:28:27:7f:f6:56:1e:93:1a:93:
3c:36:34:2b:11:c3:0e:a9:0b:1a:80:12:64:cf:b9:1b:ef:84:
42:c3:04:b2
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAYj4MYr6NgF5aLvYbKd3oYm6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNmIwNmI1ZDBmZjEwMDBlMTBjNDI3NmVlYTA4ODBhZjIw
OWQ3YTIwHhcNMjMwNjI2MTQ1MjU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjEzYzk5Y2ZiN2Q0NjlkMTM5MWU2N2Q4NzMxMzM0ZDBmOWFiOTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjVbP7H44kWIYA/7jeY64mvFo+SLI
zPCIqxZh5J2WSnDife8fgjSkvVRBKXxPjyBKq4yzzs20PznadteRofr9+wrmluB2
QVf8Ma+oCVn6Ij/QmnZTiji3z9WsABtt9iafQdwXbkA9l+FAiNBJrOeg/1XdYPkS
t3uhWE4sQYG98/o3mP21lNkDqvTPONpeM3UT2uWpUhd3NebAjoOOJ8oYAsZIhMmm
SOpAt11v8vKvswfJSvIUyja5b/3ThuVa5p/wpLuyNC9wXaog1NEy2AtqWpxI3M6g
D1zTQ3yz+FCiy/UC59ET9iVi2M/8+LzEv5GVu3nZLbRGlxy9C4hI2DlAaQIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFIYTyZz7fUadE5HmfYcxM00PmrlrMB8GA1UdIwQY
MBaAFABrBrXQ/xAA4QxCdu6giAryCdeiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUdzR3RkRF9FQURoREVKMjdxQ0lDdklKMTZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi80NzM3YzktZTI2My00NGU3LThmZWQt
NTdjOTU1YzljODVkLzEvaGhQSm5QdDlScDBUa2VaOWh6RXpUUS1hdVdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi80NzM3YzktZTI2My00NGU3LThmZWQtNTdjOTU1YzljODVk
LzEvQUdzR3RkRF9FQURoREVKMjdxQ0lDdklKMTZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQMA4DBQAqBB9B
AwUAKgQfQjANBgkqhkiG9w0BAQsFAAOCAQEAL6lRNYNpfA0buZajdrMRj20NrEOk
yQzOcFqErSYjuV3FpwLevNc8/hcbQiAZokcYGmjWnbhg6UH8CUFzC3YoUkYXAfS0
czcZgsxkYa7PA9jBpjq8h9QqOnXYlY9H6JyAIU8Ba0SwHgaZjgZqBGKkenzAkaIX
02AwkLwmUlQKnFzKTvr4q2KplZXSoSWJ+U06OCkpm76S14H5N14V5Slh/yUPKCKE
GLzsa1jVDvKojSXkCbPJpnygPcu3SeTN8T4tY36onBBOWc2+E2mrNvyZ+i9eyyZ+
9C6/b6Fhd7h7TnwxKCd/9lYekxqTPDY0KxHDDqkLGoASZM+5G++EQsMEsg==
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:40:18 2024 by rpki-client on console-ams.rpki-client.org