Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/hyxG9vVYXg2aKOJJDjZWFIq2p6g.roa
File: hyxG9vVYXg2aKOJJDjZWFIq2p6g.roa (raw, json)
Hash identifier: z65NldkpnalLB6RxQ4by+Ph/MrYU6/DGbaFfZdOuiVc=
Subject key identifier: 87:2C:46:F6:F5:58:5E:0D:9A:28:E2:49:0E:36:56:14:8A:B6:A7:A8
Certificate issuer: /CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Certificate serial: 018AB67295FA04486FED1E9DA8E1C588E675
Authority key identifier: 93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/hyxG9vVYXg2aKOJJDjZWFIq2p6g.roa
Signing time: Thu 21 Sep 2023 06:34:37 +0000
ROA not before: Thu 21 Sep 2023 06:34:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203023
IP address blocks: 2a0e:aa07:e150::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b6:72:95:fa:04:48:6f:ed:1e:9d:a8:e1:c5:88:e6:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Validity
Not Before: Sep 21 06:34:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=872c46f6f5585e0d9a28e2490e3656148ab6a7a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:48:3d:4d:72:ec:af:25:ab:5e:e7:a4:b5:29:
2b:2a:51:45:8f:d8:c3:4e:98:cf:6d:db:64:d5:1c:
fb:56:01:2b:48:22:7b:f5:2d:64:6c:fb:d7:07:5b:
b9:db:dd:e2:cf:5f:29:0c:57:87:e3:4d:fc:0c:e6:
65:1a:8e:56:76:b6:19:6d:bb:58:bc:63:2d:b8:97:
e7:68:62:26:95:a7:53:22:47:29:d7:2e:40:b8:86:
87:2a:26:db:6a:74:65:2d:c6:06:25:d5:01:a5:7b:
85:ef:c7:ed:22:b7:ed:bf:09:6a:3d:5b:23:9e:df:
17:26:f1:4e:3a:20:72:c3:30:75:e0:78:28:45:94:
a6:ef:c5:14:b0:20:a3:49:c6:aa:cd:91:92:fd:52:
66:30:96:d0:87:d8:34:72:46:d2:63:e8:fd:b6:fc:
d5:b6:73:b6:82:31:56:ab:aa:56:a4:38:30:60:00:
66:48:d8:f0:3b:07:63:d5:52:3e:c9:47:b1:ed:18:
cb:20:73:16:18:84:42:f1:6e:ca:13:1b:84:e6:be:
cc:04:1e:43:a1:8a:11:7a:07:98:70:21:99:b7:7e:
18:5a:b5:54:6c:a4:ca:46:d3:29:ec:3e:9d:0f:ba:
2c:e2:d0:b0:30:39:37:6c:65:d3:0a:02:77:34:a0:
bc:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:2C:46:F6:F5:58:5E:0D:9A:28:E2:49:0E:36:56:14:8A:B6:A7:A8
X509v3 Authority Key Identifier:
keyid:93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/hyxG9vVYXg2aKOJJDjZWFIq2p6g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:aa07:e150::/44
Signature Algorithm: sha256WithRSAEncryption
98:d9:50:3e:77:6d:ee:bc:4e:c7:64:c0:4b:47:d5:2d:1e:1e:
6a:48:76:d0:73:09:e8:41:79:28:fe:4a:ff:10:12:f1:eb:dc:
5b:ab:43:b3:19:f8:e3:c3:d6:5c:69:39:f7:1c:00:f3:fa:65:
d1:5a:ba:f2:0f:95:27:b8:94:9f:8c:9b:f8:35:95:64:f9:69:
2e:b0:ea:b8:37:9b:e2:07:e4:3e:d0:90:48:d9:57:8c:4c:7e:
7a:2f:96:58:9f:77:db:8e:cc:92:a9:ad:12:c8:50:b5:bc:fc:
ec:c5:6d:f5:be:81:2b:19:f4:6d:d7:8c:e4:67:d5:d5:25:08:
fc:bd:3d:4d:a3:2c:73:e6:cd:6f:2b:49:da:95:72:ba:f8:61:
49:5a:3d:37:ef:bb:68:2c:dc:d5:b5:d6:21:0c:b2:cc:ab:09:
28:cb:d5:f2:40:02:96:77:52:ce:40:fc:6c:59:6c:88:99:f3:
17:ef:31:62:10:db:b1:6e:c7:d7:11:9a:a7:6a:07:c3:8c:44:
a8:66:10:f1:6a:78:bb:fd:4d:e9:a5:22:7c:40:c6:ed:ee:97:
d5:b7:cf:e5:65:40:1c:54:e9:07:67:27:53:42:c3:ef:00:9b:
7a:7f:13:88:2f:dd:9f:23:84:1d:5e:cf:79:2a:ed:fc:7b:90:
3e:e2:b9:94
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYq2cpX6BEhv7R6dqOHFiOZ1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjFiNWNkNjk2ODI1Yjc0ZmNjYmE3ZDk3YzNkMGEyNzI0
ZWYzYWEwHhcNMjMwOTIxMDYzNDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzJjNDZmNmY1NTg1ZTBkOWEyOGUyNDkwZTM2NTYxNDhhYjZhN2E4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkkg9TXLsryWrXuektSkrKlFFj9jD
TpjPbdtk1Rz7VgErSCJ79S1kbPvXB1u5293iz18pDFeH4038DOZlGo5WdrYZbbtY
vGMtuJfnaGImladTIkcp1y5AuIaHKibbanRlLcYGJdUBpXuF78ftIrftvwlqPVsj
nt8XJvFOOiBywzB14HgoRZSm78UUsCCjScaqzZGS/VJmMJbQh9g0ckbSY+j9tvzV
tnO2gjFWq6pWpDgwYABmSNjwOwdj1VI+yUex7RjLIHMWGIRC8W7KExuE5r7MBB5D
oYoRegeYcCGZt34YWrVUbKTKRtMp7D6dD7os4tCwMDk3bGXTCgJ3NKC8MQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIcsRvb1WF4NmijiSQ42VhSKtqeoMB8GA1UdIwQY
MBaAFJNhtc1paCW3T8y6fZfD0KJyTvOqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEt
YTU0MWQxYmNlZTE5LzEvaHl4Rzl2VllYZzJhS09KSkRqWldGSXEycDZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEtYTU0MWQxYmNlZTE5
LzEvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6qB+FQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCY2VA+d23uvE7HZMBLR9UtHh5qSHbQcwnoQXko
/kr/EBLx69xbq0OzGfjjw9ZcaTn3HADz+mXRWrryD5UnuJSfjJv4NZVk+WkusOq4
N5viB+Q+0JBI2VeMTH56L5ZYn3fbjsySqa0SyFC1vPzsxW31voErGfRt14zkZ9XV
JQj8vT1Noyxz5s1vK0nalXK6+GFJWj0377toLNzVtdYhDLLMqwkoy9XyQAKWd1LO
QPxsWWyImfMX7zFiENuxbsfXEZqnagfDjESoZhDxani7/U3ppSJ8QMbt7pfVt8/l
ZUAcVOkHZydTQsPvAJt6fxOIL92fI4QdXs95Ku38e5A+4rmU
-----END CERTIFICATE-----
Generated at Mon Jan 1 03:23:27 2024 by rpki-client on console-fra.rpki-client.org