Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/hGfCPlGQoar2SzMNw5V_thI3dIg.roa
File: hGfCPlGQoar2SzMNw5V_thI3dIg.roa (raw, json)
Hash identifier: Z41qnQefJN6fDBoR72PznCmViVZnMQVxIZGv/11X7W4=
Subject key identifier: 84:67:C2:3E:51:90:A1:AA:F6:4B:33:0D:C3:95:7F:B6:12:37:74:88
Certificate issuer: /CN=b0f619ef200840dfa8fd43567c7a978c15312d7f
Certificate serial: 018CC7947286EEB8CE8C787C27B1F0702E3A
Authority key identifier: B0:F6:19:EF:20:08:40:DF:A8:FD:43:56:7C:7A:97:8C:15:31:2D:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sPYZ7yAIQN-o_UNWfHqXjBUxLX8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/hGfCPlGQoar2SzMNw5V_thI3dIg.roa
Signing time: Tue 02 Jan 2024 00:30:43 +0000
ROA not before: Tue 02 Jan 2024 00:30:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44812
IP address blocks: 2a11:f184::/32 maxlen: 32
2a0a:f583::/32 maxlen: 32
2a11:8f86::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 09 Jan 2024 21:10:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:72:86:ee:b8:ce:8c:78:7c:27:b1:f0:70:2e:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0f619ef200840dfa8fd43567c7a978c15312d7f
Validity
Not Before: Jan 2 00:30:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8467c23e5190a1aaf64b330dc3957fb612377488
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:d4:3a:3c:50:5c:ce:d6:be:13:15:eb:9d:dd:
33:84:8a:59:f1:be:98:26:bd:97:98:29:a7:be:5a:
8a:93:ce:d2:2f:e1:c5:fa:12:f6:e2:e0:05:b5:25:
ac:fa:18:73:fd:07:f8:1b:26:17:63:46:8d:8a:b2:
02:8e:5a:4f:5b:41:6a:1e:fa:a2:88:f0:9b:5a:50:
35:b5:33:b6:28:46:9b:7c:7c:47:61:0b:ab:2c:0c:
53:3e:7f:40:a9:75:3f:b5:47:bf:f3:cb:3f:28:e7:
2a:ef:a1:3c:ff:31:49:12:07:fa:25:1c:43:03:18:
b3:64:c2:9a:e4:b4:55:19:8e:27:3a:8a:e7:6e:48:
79:1f:1f:4f:f6:f4:15:01:1c:11:06:f6:8f:54:14:
e2:48:14:ad:62:4b:c6:73:5d:b6:9a:ed:4a:a7:a9:
da:f8:30:d5:d0:47:dd:e1:30:7c:78:ba:0c:23:60:
1b:d3:6d:e4:4a:a8:c9:bd:73:f2:5c:43:d1:6b:89:
57:b9:ec:fd:09:70:f6:6d:fd:15:3d:28:36:00:89:
b7:9e:a9:75:99:7d:88:d7:08:c1:c5:e4:d1:0f:a3:
4c:9f:24:6c:f5:ab:fb:23:23:df:d0:45:8e:ce:54:
49:32:18:95:be:e0:f0:df:ee:d7:c9:ec:e7:61:cb:
51:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:67:C2:3E:51:90:A1:AA:F6:4B:33:0D:C3:95:7F:B6:12:37:74:88
X509v3 Authority Key Identifier:
keyid:B0:F6:19:EF:20:08:40:DF:A8:FD:43:56:7C:7A:97:8C:15:31:2D:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sPYZ7yAIQN-o_UNWfHqXjBUxLX8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/hGfCPlGQoar2SzMNw5V_thI3dIg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/sPYZ7yAIQN-o_UNWfHqXjBUxLX8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:f583::/32
2a11:8f86::/32
2a11:f184::/32
Signature Algorithm: sha256WithRSAEncryption
95:0e:34:05:35:dc:bd:a6:77:bb:ae:fb:be:1a:1e:96:68:92:
ed:46:ab:33:dd:b5:3a:28:9e:66:a8:06:c0:79:d3:bf:19:f9:
0f:a4:af:52:14:1a:a5:5c:34:5d:99:59:c2:ff:da:15:cd:27:
dd:4a:26:90:38:db:e9:92:f3:e3:e0:e1:cf:fb:71:d2:ef:07:
5e:e2:1a:86:f6:f4:3f:ac:71:6a:75:9f:ef:10:35:a0:04:51:
2e:fb:2a:90:74:e5:48:53:7e:c8:db:21:09:5a:96:5d:de:58:
73:8c:56:4e:9c:fb:d3:04:f4:18:51:6e:d7:e1:3d:b6:2c:31:
a5:13:49:3a:40:90:d2:18:ef:85:f1:f6:7c:92:e2:75:0f:84:
aa:d2:bb:bc:eb:94:4c:22:1c:f1:22:40:c4:03:ac:a4:e7:bf:
5d:ba:5c:21:c6:45:1f:8d:f4:fc:0d:d6:29:7e:be:f4:98:a3:
65:1a:66:4f:be:24:64:05:b1:77:ac:24:29:93:0f:ca:9c:ee:
71:ff:73:b5:cb:f8:7d:3b:95:6a:15:c4:d1:63:e0:ff:94:2b:
87:4f:be:cf:8c:d5:c4:e8:98:08:ac:90:70:94:94:9d:de:49:
60:9c:2a:9d:92:ad:f8:46:30:57:12:43:dd:1e:31:68:cb:e1:
44:77:e7:26
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzHlHKG7rjOjHh8J7HwcC46MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwZjYxOWVmMjAwODQwZGZhOGZkNDM1NjdjN2E5NzhjMTUz
MTJkN2YwHhcNMjQwMTAyMDAzMDQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDY3YzIzZTUxOTBhMWFhZjY0YjMzMGRjMzk1N2ZiNjEyMzc3NDg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2dQ6PFBczta+ExXrnd0zhIpZ8b6Y
Jr2XmCmnvlqKk87SL+HF+hL24uAFtSWs+hhz/Qf4GyYXY0aNirICjlpPW0FqHvqi
iPCbWlA1tTO2KEabfHxHYQurLAxTPn9AqXU/tUe/88s/KOcq76E8/zFJEgf6JRxD
AxizZMKa5LRVGY4nOornbkh5Hx9P9vQVARwRBvaPVBTiSBStYkvGc122mu1Kp6na
+DDV0Efd4TB8eLoMI2Ab023kSqjJvXPyXEPRa4lXuez9CXD2bf0VPSg2AIm3nql1
mX2I1wjBxeTRD6NMnyRs9av7IyPf0EWOzlRJMhiVvuDw3+7XyeznYctR0wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIRnwj5RkKGq9kszDcOVf7YSN3SIMB8GA1UdIwQY
MBaAFLD2Ge8gCEDfqP1DVnx6l4wVMS1/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1BZWjd5QUlRTi1vX1VOV2ZIcVhqQlV4TFg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8wZTE4ZDItZDgwYi00YWEwLWFhZWYt
MDY5NjYxNjc1MTA2LzEvaEdmQ1BsR1FvYXIyU3pNTnc1Vl90aEkzZElnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8wZTE4ZDItZDgwYi00YWEwLWFhZWYtMDY5NjYxNjc1MTA2
LzEvc1BZWjd5QUlRTi1vX1VOV2ZIcVhqQlV4TFg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUAKgr1gwMF
ACoRj4YDBQAqEfGEMA0GCSqGSIb3DQEBCwUAA4IBAQCVDjQFNdy9pne7rvu+Gh6W
aJLtRqsz3bU6KJ5mqAbAedO/GfkPpK9SFBqlXDRdmVnC/9oVzSfdSiaQONvpkvPj
4OHP+3HS7wde4hqG9vQ/rHFqdZ/vEDWgBFEu+yqQdOVIU37I2yEJWpZd3lhzjFZO
nPvTBPQYUW7X4T22LDGlE0k6QJDSGO+F8fZ8kuJ1D4Sq0ru865RMIhzxIkDEA6yk
579dulwhxkUfjfT8DdYpfr70mKNlGmZPviRkBbF3rCQpkw/KnO5x/3O1y/h9O5Vq
FcTRY+D/lCuHT77PjNXE6JgIrJBwlJSd3klgnCqdkq34RjBXEkPdHjFoy+FEd+cm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:50 2024 by rpki-client on console-fra.rpki-client.org