Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/hB27p87kI1KyQZx-b_sWQwFuHVk.roa
File: hB27p87kI1KyQZx-b_sWQwFuHVk.roa (raw, json)
Hash identifier: 2ZzeIrqdzEh8PoxrpyS4BCj7/5TSs/2hzsW7b4+R3D0=
Subject key identifier: 84:1D:BB:A7:CE:E4:23:52:B2:41:9C:7E:6F:FB:16:43:01:6E:1D:59
Certificate issuer: /CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Certificate serial: 01856F3000114FF7A15E6654D301BD20541E
Authority key identifier: 93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/hB27p87kI1KyQZx-b_sWQwFuHVk.roa
Signing time: Sun 01 Jan 2023 21:14:54 +0000
ROA not before: Sun 01 Jan 2023 21:14:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210370
IP address blocks: 2a0e:aa07:e02c::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:30:00:11:4f:f7:a1:5e:66:54:d3:01:bd:20:54:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Validity
Not Before: Jan 1 21:14:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=841dbba7cee42352b2419c7e6ffb1643016e1d59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:f4:b5:0d:e5:16:18:c4:47:e2:bc:be:bf:ed:
f8:40:63:82:2e:55:26:52:65:9e:d3:98:5f:66:3f:
5e:10:65:92:0c:62:b2:4c:28:0e:af:7f:3a:17:35:
60:e2:e5:30:49:83:f3:c7:65:75:d6:45:75:4a:c5:
53:ce:cd:56:6b:8e:39:7c:cf:45:b1:17:fe:65:67:
c3:aa:44:57:69:dd:82:0d:a0:3b:10:8d:cd:76:1e:
64:39:e3:08:8a:5e:eb:7a:c1:f5:69:65:8c:69:e6:
7e:db:31:62:5f:c9:7d:9c:e8:45:1e:87:63:66:03:
15:0c:cb:11:96:e9:e3:5c:7d:7a:92:ea:b6:16:27:
07:d5:0e:86:81:0d:e2:da:3a:6a:6d:34:33:73:85:
d1:f9:fb:ed:ac:7c:07:55:49:23:51:b1:ee:21:56:
a4:bd:7d:05:ee:98:b7:7c:3f:86:41:09:92:fe:0c:
74:b1:44:b2:42:34:e1:bc:79:58:58:61:3e:be:7d:
33:e8:3f:a4:67:24:85:20:8a:c2:36:4e:55:65:01:
17:88:d8:2b:86:b9:c3:d1:ff:ff:66:fd:35:32:21:
73:e2:7e:7b:56:8a:c1:fc:44:52:76:ae:fc:25:ac:
a7:d3:2d:d9:86:8a:59:bc:2f:ae:79:01:37:f6:b9:
57:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:1D:BB:A7:CE:E4:23:52:B2:41:9C:7E:6F:FB:16:43:01:6E:1D:59
X509v3 Authority Key Identifier:
keyid:93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/hB27p87kI1KyQZx-b_sWQwFuHVk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:aa07:e02c::/48
Signature Algorithm: sha256WithRSAEncryption
97:4e:83:69:a1:4e:0f:9c:f1:c6:31:53:ad:90:b0:43:b6:76:
23:45:83:6c:51:09:8f:6c:88:1b:d1:fc:46:d8:9c:b9:74:23:
8c:dd:28:9b:76:fc:5a:9d:3c:d4:ff:65:34:d1:7e:91:4e:3a:
32:54:4d:8b:c0:e5:f1:8a:bf:a0:a5:0b:8a:b8:aa:9d:d8:c5:
b5:14:57:84:06:52:f9:3d:95:ea:3e:eb:f4:2d:52:4f:ac:96:
64:3b:ba:06:6f:cd:1e:30:d8:26:6b:18:83:ed:62:44:c4:7a:
7d:cd:45:12:5c:48:0a:85:5d:51:b2:5d:b9:a1:b7:9d:b8:40:
b7:ef:c9:4b:09:e7:40:fa:1d:20:f0:59:ea:16:19:29:30:ce:
0f:e4:22:8f:e2:ba:60:55:0d:b5:03:a2:0a:14:16:05:df:3d:
eb:87:64:8f:5a:46:7d:6f:1c:72:7b:a8:f4:51:d0:cd:b5:6e:
7c:e3:24:dc:f1:c0:69:de:95:35:15:0f:66:ce:f8:e9:90:05:
d2:1d:6e:29:37:df:9f:c5:35:b3:f2:25:a1:ae:4a:9a:72:45:
49:91:ed:2a:a0:ee:fb:1d:0b:4e:c8:be:ec:fd:0d:6f:33:83:
44:71:68:63:8b:d6:f2:a5:34:3f:9d:a1:6b:f9:60:87:f5:19:
8f:36:6a:44
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvMAART/ehXmZU0wG9IFQeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjFiNWNkNjk2ODI1Yjc0ZmNjYmE3ZDk3YzNkMGEyNzI0
ZWYzYWEwHhcNMjMwMTAxMjExNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDFkYmJhN2NlZTQyMzUyYjI0MTljN2U2ZmZiMTY0MzAxNmUxZDU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmfS1DeUWGMRH4ry+v+34QGOCLlUm
UmWe05hfZj9eEGWSDGKyTCgOr386FzVg4uUwSYPzx2V11kV1SsVTzs1Wa445fM9F
sRf+ZWfDqkRXad2CDaA7EI3Ndh5kOeMIil7resH1aWWMaeZ+2zFiX8l9nOhFHodj
ZgMVDMsRlunjXH16kuq2FicH1Q6GgQ3i2jpqbTQzc4XR+fvtrHwHVUkjUbHuIVak
vX0F7pi3fD+GQQmS/gx0sUSyQjThvHlYWGE+vn0z6D+kZySFIIrCNk5VZQEXiNgr
hrnD0f//Zv01MiFz4n57VorB/ERSdq78Jayn0y3ZhopZvC+ueQE39rlXeQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIQdu6fO5CNSskGcfm/7FkMBbh1ZMB8GA1UdIwQY
MBaAFJNhtc1paCW3T8y6fZfD0KJyTvOqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEt
YTU0MWQxYmNlZTE5LzEvaEIyN3A4N2tJMUt5UVp4LWJfc1dRd0Z1SFZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEtYTU0MWQxYmNlZTE5
LzEvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6qB+As
MA0GCSqGSIb3DQEBCwUAA4IBAQCXToNpoU4PnPHGMVOtkLBDtnYjRYNsUQmPbIgb
0fxG2Jy5dCOM3SibdvxanTzU/2U00X6RTjoyVE2LwOXxir+gpQuKuKqd2MW1FFeE
BlL5PZXqPuv0LVJPrJZkO7oGb80eMNgmaxiD7WJExHp9zUUSXEgKhV1Rsl25obed
uEC378lLCedA+h0g8FnqFhkpMM4P5CKP4rpgVQ21A6IKFBYF3z3rh2SPWkZ9bxxy
e6j0UdDNtW584yTc8cBp3pU1FQ9mzvjpkAXSHW4pN9+fxTWz8iWhrkqackVJke0q
oO77HQtOyL7s/Q1vM4NEcWhji9bypTQ/naFr+WCH9RmPNmpE
-----END CERTIFICATE-----
Generated at Mon Jan 1 03:23:27 2024 by rpki-client on console-fra.rpki-client.org