Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/c35a99-f87a-4211-af7a-81e2106a5857/1/HIkf0zF4LV3H9yILqd6QDeQJSQU.roa
File: HIkf0zF4LV3H9yILqd6QDeQJSQU.roa (raw, json)
Hash identifier: OtsqfNx4Tk+KatyXghPBQDZdOetYVBN/3MpYJzCzhfI=
Subject key identifier: 1C:89:1F:D3:31:78:2D:5D:C7:F7:22:0B:A9:DE:90:0D:E4:09:49:05
Certificate issuer: /CN=c8091492d2ce8a80c087b876f91d6a3c29be7a25
Certificate serial: 01857395F03105A83211D61D7E3E3205E148
Authority key identifier: C8:09:14:92:D2:CE:8A:80:C0:87:B8:76:F9:1D:6A:3C:29:BE:7A:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yAkUktLOioDAh7h2-R1qPCm-eiU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/c35a99-f87a-4211-af7a-81e2106a5857/1/HIkf0zF4LV3H9yILqd6QDeQJSQU.roa
Signing time: Mon 02 Jan 2023 17:44:44 +0000
ROA not before: Mon 02 Jan 2023 17:44:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60149
IP address blocks: 2001:678:928::/48 maxlen: 48
2001:67c:10::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:95:f0:31:05:a8:32:11:d6:1d:7e:3e:32:05:e1:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8091492d2ce8a80c087b876f91d6a3c29be7a25
Validity
Not Before: Jan 2 17:44:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1c891fd331782d5dc7f7220ba9de900de4094905
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:15:32:31:2a:69:bb:9a:4d:40:4d:a2:f9:e3:
3f:55:5c:ff:ed:39:5b:df:8b:7a:c6:22:9b:35:36:
d6:8c:77:e2:e8:ba:a2:2b:9f:5c:5f:06:22:52:6c:
dc:04:0c:5a:4c:d2:1c:19:d6:24:71:b4:ac:2b:25:
79:e0:85:24:d7:4a:bf:9f:60:2a:fb:98:77:9e:01:
ea:32:8a:ba:05:28:73:1d:69:74:46:3c:e6:d3:70:
fd:67:e3:c9:f8:11:c7:52:fc:d7:f6:c6:7c:cb:4d:
db:02:f8:5b:8e:5e:32:44:12:86:44:6a:b2:86:45:
5c:98:34:60:f3:ce:20:c0:65:54:e9:eb:98:bc:48:
59:19:6b:da:60:e9:8c:22:88:e5:86:9c:69:4b:22:
e3:7f:51:37:9b:3e:f2:b0:d6:1c:4a:bd:ba:2d:c1:
3d:b0:bb:31:b6:0d:77:78:5a:77:60:16:ac:ca:f0:
3b:8f:e1:ad:fa:e9:62:ca:73:a4:1d:b2:37:12:d9:
30:21:15:eb:35:d0:65:a0:5b:b0:4f:83:5d:ba:ed:
5b:54:51:b2:8e:27:46:b8:b4:91:49:6c:bc:33:a5:
2a:02:f5:72:ff:95:0c:25:6d:35:33:70:ea:2d:de:
16:16:95:ef:82:f2:be:b0:c5:d9:07:2b:12:b5:59:
e6:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:89:1F:D3:31:78:2D:5D:C7:F7:22:0B:A9:DE:90:0D:E4:09:49:05
X509v3 Authority Key Identifier:
keyid:C8:09:14:92:D2:CE:8A:80:C0:87:B8:76:F9:1D:6A:3C:29:BE:7A:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yAkUktLOioDAh7h2-R1qPCm-eiU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/c35a99-f87a-4211-af7a-81e2106a5857/1/HIkf0zF4LV3H9yILqd6QDeQJSQU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/c35a99-f87a-4211-af7a-81e2106a5857/1/yAkUktLOioDAh7h2-R1qPCm-eiU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:928::/48
2001:67c:10::/48
Signature Algorithm: sha256WithRSAEncryption
a9:eb:a1:63:d0:3f:bc:cd:0d:83:4d:eb:30:8e:16:af:d9:2e:
d6:13:95:60:f3:24:46:ee:3c:b3:07:08:04:39:78:51:30:e9:
da:51:38:07:fa:cc:7c:a0:eb:14:c2:13:f1:63:9f:12:9b:e5:
24:76:41:9a:ff:88:34:f1:9a:52:5f:8d:b5:36:f2:5c:55:69:
85:b2:ce:ad:b1:c6:c9:cc:9a:6a:6f:7a:8c:81:f9:1f:9b:57:
4d:72:e4:4c:3c:e0:5a:d4:15:98:eb:4a:a9:7b:41:79:b9:01:
0d:2b:89:0f:fc:74:84:4a:9b:fa:89:6a:fc:6b:8f:23:97:c3:
7d:43:be:8c:13:7f:d1:b1:4d:43:f4:a9:ab:81:ae:bd:d0:10:
84:7a:fd:f9:12:2a:1d:3a:e9:de:65:17:f4:83:19:e7:c0:eb:
eb:51:c9:b7:4d:c1:5a:2e:38:10:7d:28:8b:3b:a3:83:28:03:
75:30:9c:ae:58:c2:11:69:e6:d4:cd:54:8a:dc:b3:16:2b:89:
01:0a:a1:37:9e:a4:74:33:6b:83:ef:4d:91:1a:3e:af:97:5a:
88:dc:cd:9d:a7:5d:73:8b:46:19:f1:0d:7a:af:39:bb:b2:c5:
7c:f2:bd:68:fe:25:bc:b1:3e:46:85:95:b5:07:f0:b1:6d:ff:
44:8b:d3:6b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVzlfAxBagyEdYdfj4yBeFIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4MDkxNDkyZDJjZThhODBjMDg3Yjg3NmY5MWQ2YTNjMjli
ZTdhMjUwHhcNMjMwMTAyMTc0NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzg5MWZkMzMxNzgyZDVkYzdmNzIyMGJhOWRlOTAwZGU0MDk0OTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoRUyMSppu5pNQE2i+eM/VVz/7Tlb
34t6xiKbNTbWjHfi6LqiK59cXwYiUmzcBAxaTNIcGdYkcbSsKyV54IUk10q/n2Aq
+5h3ngHqMoq6BShzHWl0Rjzm03D9Z+PJ+BHHUvzX9sZ8y03bAvhbjl4yRBKGRGqy
hkVcmDRg884gwGVU6euYvEhZGWvaYOmMIojlhpxpSyLjf1E3mz7ysNYcSr26LcE9
sLsxtg13eFp3YBasyvA7j+Gt+uliynOkHbI3EtkwIRXrNdBloFuwT4Nduu1bVFGy
jidGuLSRSWy8M6UqAvVy/5UMJW01M3DqLd4WFpXvgvK+sMXZBysStVnmAQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFByJH9MxeC1dx/ciC6nekA3kCUkFMB8GA1UdIwQY
MBaAFMgJFJLSzoqAwIe4dvkdajwpvnolMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUFrVWt0TE9pb0RBaDdoMi1SMXFQQ20tZWlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy9jMzVhOTktZjg3YS00MjExLWFmN2Et
ODFlMjEwNmE1ODU3LzEvSElrZjB6RjRMVjNIOXlJTHFkNlFEZVFKU1FVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy9jMzVhOTktZjg3YS00MjExLWFmN2EtODFlMjEwNmE1ODU3
LzEveUFrVWt0TE9pb0RBaDdoMi1SMXFQQ20tZWlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAIAEGeAko
AwcAIAEGfAAQMA0GCSqGSIb3DQEBCwUAA4IBAQCp66Fj0D+8zQ2DTeswjhav2S7W
E5Vg8yRG7jyzBwgEOXhRMOnaUTgH+sx8oOsUwhPxY58Sm+UkdkGa/4g08ZpSX421
NvJcVWmFss6tscbJzJpqb3qMgfkfm1dNcuRMPOBa1BWY60qpe0F5uQENK4kP/HSE
Spv6iWr8a48jl8N9Q76ME3/RsU1D9Kmrga690BCEev35EiodOuneZRf0gxnnwOvr
Ucm3TcFaLjgQfSiLO6ODKAN1MJyuWMIRaebUzVSK3LMWK4kBCqE3nqR0M2uD702R
Gj6vl1qI3M2dp11zi0YZ8Q16rzm7ssV88r1o/iW8sT5GhZW1B/Cxbf9Ei9Nr
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:16:32 2024 by rpki-client on console-ams.rpki-client.org