Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/79b597-6b0c-4d03-bf40-31247f3a4539/1/1-HGej7R4ko3xur6BBteYSKZNnFk.roa
File: 1-HGej7R4ko3xur6BBteYSKZNnFk.roa (raw, json)
Hash identifier: geU6RV95zFJnT47dbmC/Peo37PRZQdIFRe/lWq16NvA=
Subject key identifier: F8:71:9E:8F:B4:78:92:8D:F1:BA:BE:81:06:D7:98:48:A6:4D:9C:59
Certificate issuer: /CN=9051ebf8c28f817b7f148bfc95cc2b5b4cb30089
Certificate serial: 018A7F06E2C2D7FE417BE63B67716BCE8238
Authority key identifier: 90:51:EB:F8:C2:8F:81:7B:7F:14:8B:FC:95:CC:2B:5B:4C:B3:00:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kFHr-MKPgXt_FIv8lcwrW0yzAIk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/79b597-6b0c-4d03-bf40-31247f3a4539/1/1-HGej7R4ko3xur6BBteYSKZNnFk.roa
Signing time: Sun 10 Sep 2023 12:17:52 +0000
ROA not before: Sun 10 Sep 2023 12:17:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60939
IP address blocks: 2a13:5884::/30 maxlen: 30
2a13:5880::/30 maxlen: 30
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:7f:06:e2:c2:d7:fe:41:7b:e6:3b:67:71:6b:ce:82:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9051ebf8c28f817b7f148bfc95cc2b5b4cb30089
Validity
Not Before: Sep 10 12:17:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f8719e8fb478928df1babe8106d79848a64d9c59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:18:41:ab:26:a7:6c:22:86:f9:b3:b1:39:0b:
b2:a6:7e:dc:7c:e0:1e:3d:8c:b2:0c:20:bb:31:a5:
0d:13:ea:99:19:90:97:bd:40:49:14:ec:2a:d4:e0:
26:b7:e1:8d:8c:85:9a:d9:e7:03:5f:61:f5:9b:3e:
42:1c:96:a8:ba:d5:fc:b7:40:96:98:98:81:4a:ea:
63:95:93:c6:7f:ab:6a:43:e6:1a:c8:d8:91:ce:9a:
ef:28:c6:bf:40:1a:61:40:fc:17:79:0f:f8:9f:86:
a2:5e:c9:ee:33:aa:d3:36:e4:ec:a5:31:c4:47:bf:
33:d0:72:82:dc:3e:50:c5:0d:a2:4c:e0:a1:69:10:
fe:77:8e:5e:86:44:7f:18:c4:aa:49:b8:37:79:a5:
eb:de:75:67:1d:fd:55:0b:bc:8e:20:e2:67:d6:22:
fb:8f:fc:c0:a1:15:da:15:fa:9b:8f:ab:cf:e2:8e:
d5:d4:85:dc:e3:8a:4f:99:1e:e6:c6:1a:34:04:76:
99:86:a7:80:69:82:59:4c:f2:05:88:31:df:db:8b:
f7:41:ec:80:d8:2f:ed:a0:32:7f:a8:79:16:bf:64:
e9:17:8b:76:5b:2f:4b:5b:cb:df:15:e6:45:96:3c:
5f:9b:6b:24:e7:64:f1:f6:d5:56:66:69:13:3b:09:
c0:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:71:9E:8F:B4:78:92:8D:F1:BA:BE:81:06:D7:98:48:A6:4D:9C:59
X509v3 Authority Key Identifier:
keyid:90:51:EB:F8:C2:8F:81:7B:7F:14:8B:FC:95:CC:2B:5B:4C:B3:00:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kFHr-MKPgXt_FIv8lcwrW0yzAIk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/79b597-6b0c-4d03-bf40-31247f3a4539/1/1-HGej7R4ko3xur6BBteYSKZNnFk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/79b597-6b0c-4d03-bf40-31247f3a4539/1/kFHr-MKPgXt_FIv8lcwrW0yzAIk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:5880::/29
Signature Algorithm: sha256WithRSAEncryption
9c:20:43:47:bd:ac:ab:d4:31:7c:5e:30:f3:e0:94:6b:03:5e:
d3:fc:e5:84:0c:e5:53:a1:09:76:b3:37:ef:e1:5e:05:3e:5f:
0d:14:23:a3:85:67:8a:59:26:d6:cc:81:5e:00:62:c5:83:73:
0b:6a:2a:c3:1b:b9:6e:f8:de:8f:f7:56:3d:b1:5e:6b:5b:cc:
58:80:a6:23:88:ff:1c:45:10:ec:3f:4e:d2:d0:e3:64:b9:86:
8b:cd:06:b2:2c:be:be:4e:33:cc:4e:e9:e7:23:73:31:3e:c2:
16:7e:ae:20:6f:b2:f6:26:05:10:d5:d4:c3:8d:ab:f4:2c:6b:
31:65:e7:aa:e1:fb:ab:00:c3:56:a1:eb:0f:7b:b0:69:33:4b:
6c:c8:e7:15:48:6a:c0:78:40:6c:39:1f:03:76:5a:75:f8:65:
dd:c0:8e:9e:94:60:5e:51:a5:6b:05:c7:6e:9d:4f:21:96:8f:
94:99:46:05:5e:d6:fe:1d:1c:c1:44:b7:14:e1:7a:b6:ec:45:
db:2f:f0:76:7d:b1:11:79:4c:62:05:6e:9a:ed:72:0d:24:b3:
18:12:f4:8f:da:2b:3c:f0:b5:4d:be:85:41:5c:32:ec:98:37:
31:ae:73:5a:07:b6:1f:74:12:a4:bb:f5:32:cc:83:0c:bd:93:
22:49:5d:89
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYp/BuLC1/5Be+Y7Z3FrzoI4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwNTFlYmY4YzI4ZjgxN2I3ZjE0OGJmYzk1Y2MyYjViNGNi
MzAwODkwHhcNMjMwOTEwMTIxNzUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODcxOWU4ZmI0Nzg5MjhkZjFiYWJlODEwNmQ3OTg0OGE2NGQ5YzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmxhBqyanbCKG+bOxOQuypn7cfOAe
PYyyDCC7MaUNE+qZGZCXvUBJFOwq1OAmt+GNjIWa2ecDX2H1mz5CHJaoutX8t0CW
mJiBSupjlZPGf6tqQ+YayNiRzprvKMa/QBphQPwXeQ/4n4aiXsnuM6rTNuTspTHE
R78z0HKC3D5QxQ2iTOChaRD+d45ehkR/GMSqSbg3eaXr3nVnHf1VC7yOIOJn1iL7
j/zAoRXaFfqbj6vP4o7V1IXc44pPmR7mxho0BHaZhqeAaYJZTPIFiDHf24v3QeyA
2C/toDJ/qHkWv2TpF4t2Wy9LW8vfFeZFljxfm2sk52Tx9tVWZmkTOwnALQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFPhxno+0eJKN8bq+gQbXmEimTZxZMB8GA1UdIwQY
MBaAFJBR6/jCj4F7fxSL/JXMK1tMswCJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0ZIci1NS1BnWHRfRkl2OGxjd3JXMHl6QUlrLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My83OWI1OTctNmIwYy00ZDAzLWJmNDAt
MzEyNDdmM2E0NTM5LzEvMS1IR2VqN1I0a28zeHVyNkJCdGVZU0taTm5Gay5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzMvNzliNTk3LTZiMGMtNGQwMy1iZjQwLTMxMjQ3ZjNhNDUz
OS8xL2tGSHItTUtQZ1h0X0ZJdjhsY3dyVzB5ekFJay5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoTWIAw
DQYJKoZIhvcNAQELBQADggEBAJwgQ0e9rKvUMXxeMPPglGsDXtP85YQM5VOhCXaz
N+/hXgU+Xw0UI6OFZ4pZJtbMgV4AYsWDcwtqKsMbuW743o/3Vj2xXmtbzFiApiOI
/xxFEOw/TtLQ42S5hovNBrIsvr5OM8xO6ecjczE+whZ+riBvsvYmBRDV1MONq/Qs
azFl56rh+6sAw1ah6w97sGkzS2zI5xVIasB4QGw5HwN2WnX4Zd3Ajp6UYF5RpWsF
x26dTyGWj5SZRgVe1v4dHMFEtxTherbsRdsv8HZ9sRF5TGIFbprtcg0ksxgS9I/a
KzzwtU2+hUFcMuyYNzGuc1oHth90EqS79TLMgwy9kyJJXYk=
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:37:46 2024 by rpki-client on console-fra.rpki-client.org