Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/HZpqzTl9qIq1-_NJjraFc_nwdiE.roa
File: HZpqzTl9qIq1-_NJjraFc_nwdiE.roa (raw, json)
Hash identifier: 9sxjs5SjSmE3JQAUMdgKPw/zTRxlxItJlLUAogeEqXM=
Subject key identifier: 1D:9A:6A:CD:39:7D:A8:8A:B5:FB:F3:49:8E:B6:85:73:F9:F0:76:21
Certificate issuer: /CN=b0f619ef200840dfa8fd43567c7a978c15312d7f
Certificate serial: 01927D4AE070EA89F9B93171A461D9B0F429
Authority key identifier: B0:F6:19:EF:20:08:40:DF:A8:FD:43:56:7C:7A:97:8C:15:31:2D:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sPYZ7yAIQN-o_UNWfHqXjBUxLX8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/HZpqzTl9qIq1-_NJjraFc_nwdiE.roa
Signing time: Fri 11 Oct 2024 20:35:12 +0000
ROA not before: Fri 11 Oct 2024 20:35:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209641
IP address blocks: 2a0a:f587::/32 maxlen: 32
2a0e:fb44::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 17 Oct 2024 19:44:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:7d:4a:e0:70:ea:89:f9:b9:31:71:a4:61:d9:b0:f4:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0f619ef200840dfa8fd43567c7a978c15312d7f
Validity
Not Before: Oct 11 20:35:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1d9a6acd397da88ab5fbf3498eb68573f9f07621
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:78:b4:6b:91:a3:1e:7b:ee:81:3d:b7:3f:18:
0b:0c:51:4e:cb:50:d7:6a:d6:79:24:2f:ae:03:6d:
a9:7a:a2:a0:5f:94:b4:8e:28:8c:0d:73:12:56:0d:
0d:4f:04:26:31:d6:0f:ac:be:a8:94:a8:81:f7:19:
97:25:25:fd:a0:a3:46:47:66:e0:11:5d:5c:f2:26:
a1:7a:d7:8a:c0:8b:69:28:a2:eb:62:a6:06:4b:be:
6e:1d:f5:b2:84:88:3a:1b:d5:02:d0:e4:ab:ad:bc:
65:75:c0:89:6d:56:da:04:af:38:fd:7e:f7:d5:d2:
10:ef:5c:cf:f5:9f:f6:ee:bd:45:5b:ce:26:c2:45:
e7:73:cf:da:00:8b:d9:4f:dc:6d:7b:8f:ff:eb:de:
e5:90:02:41:d6:ea:39:45:bc:13:0b:26:a3:31:df:
65:bd:a1:0a:2e:aa:8d:ab:da:67:ad:4e:40:68:e0:
de:fd:c9:b7:b6:cf:e9:ff:ec:9f:6b:1d:4f:da:ce:
e5:36:96:39:a2:3e:b7:a2:5a:f4:06:9e:13:35:73:
0d:41:7b:b2:ba:db:59:6b:48:6b:17:5d:81:ab:d6:
e0:7b:d3:dd:3d:d3:ef:d9:ef:98:51:dd:3d:95:98:
f6:11:da:da:04:4a:bf:3b:41:9f:dc:29:df:dd:bd:
67:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:9A:6A:CD:39:7D:A8:8A:B5:FB:F3:49:8E:B6:85:73:F9:F0:76:21
X509v3 Authority Key Identifier:
keyid:B0:F6:19:EF:20:08:40:DF:A8:FD:43:56:7C:7A:97:8C:15:31:2D:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sPYZ7yAIQN-o_UNWfHqXjBUxLX8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/HZpqzTl9qIq1-_NJjraFc_nwdiE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/sPYZ7yAIQN-o_UNWfHqXjBUxLX8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:f587::/32
2a0e:fb44::/32
Signature Algorithm: sha256WithRSAEncryption
ca:b2:b8:77:71:86:d1:76:cb:fd:8e:89:a2:3d:a1:52:44:45:
e8:dd:5c:74:b7:23:7d:00:52:db:60:5b:15:36:ec:f0:3a:88:
ea:d4:3e:d1:8c:33:9d:c4:2b:5f:20:52:99:87:ab:65:61:e5:
eb:1c:f9:ee:91:18:8d:9d:37:90:3b:10:8e:3f:24:fe:00:0d:
ae:bd:54:cf:99:b1:4b:dc:31:b3:3b:34:dd:9e:db:6a:7f:ab:
36:b0:7b:8b:7c:f8:c4:7e:6b:ec:31:20:4b:db:4b:66:97:df:
99:7f:d1:5c:f2:39:10:be:73:00:dc:6c:ed:60:08:cc:51:64:
a6:71:20:ad:c1:9e:c6:7c:86:7e:6e:9f:0c:93:d5:7b:59:1f:
d1:46:ee:07:4d:bc:a9:ee:5f:aa:58:9e:4b:57:c4:32:3f:02:
b3:a9:e7:72:9e:56:23:fa:07:a1:f0:e4:57:45:b3:c3:f5:0b:
d1:f8:ca:3c:da:70:4d:f8:87:f3:75:aa:69:5d:6f:5e:55:d8:
53:e0:d9:e4:65:4a:0f:df:5b:8c:4c:6b:55:8e:f6:16:49:3b:
69:9c:62:97:25:f5:67:14:54:13:57:fd:3b:35:33:1f:27:61:
5a:7f:77:10:32:09:c5:73:f4:10:11:70:40:61:03:69:79:3c:
34:54:ff:f6
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZJ9SuBw6on5uTFxpGHZsPQpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwZjYxOWVmMjAwODQwZGZhOGZkNDM1NjdjN2E5NzhjMTUz
MTJkN2YwHhcNMjQxMDExMjAzNTEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDlhNmFjZDM5N2RhODhhYjVmYmYzNDk4ZWI2ODU3M2Y5ZjA3NjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoHi0a5GjHnvugT23PxgLDFFOy1DX
atZ5JC+uA22peqKgX5S0jiiMDXMSVg0NTwQmMdYPrL6olKiB9xmXJSX9oKNGR2bg
EV1c8iaheteKwItpKKLrYqYGS75uHfWyhIg6G9UC0OSrrbxldcCJbVbaBK84/X73
1dIQ71zP9Z/27r1FW84mwkXnc8/aAIvZT9xte4//697lkAJB1uo5RbwTCyajMd9l
vaEKLqqNq9pnrU5AaODe/cm3ts/p/+yfax1P2s7lNpY5oj63olr0Bp4TNXMNQXuy
uttZa0hrF12Bq9bge9PdPdPv2e+YUd09lZj2EdraBEq/O0Gf3Cnf3b1n5wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFB2aas05faiKtfvzSY62hXP58HYhMB8GA1UdIwQY
MBaAFLD2Ge8gCEDfqP1DVnx6l4wVMS1/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1BZWjd5QUlRTi1vX1VOV2ZIcVhqQlV4TFg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8wZTE4ZDItZDgwYi00YWEwLWFhZWYt
MDY5NjYxNjc1MTA2LzEvSFpwcXpUbDlxSXExLV9OSmpyYUZjX253ZGlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8wZTE4ZDItZDgwYi00YWEwLWFhZWYtMDY5NjYxNjc1MTA2
LzEvc1BZWjd5QUlRTi1vX1VOV2ZIcVhqQlV4TFg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKgr1hwMF
ACoO+0QwDQYJKoZIhvcNAQELBQADggEBAMqyuHdxhtF2y/2OiaI9oVJERejdXHS3
I30AUttgWxU27PA6iOrUPtGMM53EK18gUpmHq2Vh5esc+e6RGI2dN5A7EI4/JP4A
Da69VM+ZsUvcMbM7NN2e22p/qzawe4t8+MR+a+wxIEvbS2aX35l/0VzyORC+cwDc
bO1gCMxRZKZxIK3BnsZ8hn5unwyT1XtZH9FG7gdNvKnuX6pYnktXxDI/ArOp53Ke
ViP6B6Hw5FdFs8P1C9H4yjzacE34h/N1qmldb15V2FPg2eRlSg/fW4xMa1WO9hZJ
O2mcYpcl9WcUVBNX/Ts1Mx8nYVp/dxAyCcVz9BARcEBhA2l5PDRU//Y=
-----END CERTIFICATE-----
Generated at Thu Oct 17 21:33:10 2024 by rpki-client on console-fra.rpki-client.org