Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/74d7cd-04e1-49d8-aad9-82043b9e4f71/1/H4kD_0vkP6lIU_Jb2XTB10uUEfY.roa
File: H4kD_0vkP6lIU_Jb2XTB10uUEfY.roa (raw, json)
Hash identifier: sxc+56X8ARL7v6Q1Kr+GsD6/JlwVIzOApR1xnLPNQEY=
Subject key identifier: 1F:89:03:FF:4B:E4:3F:A9:48:53:F2:5B:D9:74:C1:D7:4B:94:11:F6
Certificate issuer: /CN=710068d5bf1bffd79174e37501bfa17f917b313d
Certificate serial: 01856D6F44A6181FD33D60C52AE8F382EA28
Authority key identifier: 71:00:68:D5:BF:1B:FF:D7:91:74:E3:75:01:BF:A1:7F:91:7B:31:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cQBo1b8b_9eRdON1Ab-hf5F7MT0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/74d7cd-04e1-49d8-aad9-82043b9e4f71/1/H4kD_0vkP6lIU_Jb2XTB10uUEfY.roa
Signing time: Sun 01 Jan 2023 13:04:46 +0000
ROA not before: Sun 01 Jan 2023 13:04:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1712
IP address blocks: 2a04:8ec0::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:6f:44:a6:18:1f:d3:3d:60:c5:2a:e8:f3:82:ea:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=710068d5bf1bffd79174e37501bfa17f917b313d
Validity
Not Before: Jan 1 13:04:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1f8903ff4be43fa94853f25bd974c1d74b9411f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:9b:4c:3f:b5:2d:ca:7b:12:9e:a1:b8:b5:6e:
45:aa:1a:3a:2d:0f:e7:ec:7c:8f:d1:4f:1b:6f:77:
93:16:bd:58:bf:d8:17:91:66:1a:b4:e5:fd:b1:e6:
b8:7f:4a:e3:c8:05:bd:13:dd:31:1d:fa:ab:9f:43:
22:82:14:fc:ad:8f:b3:a0:a5:51:a6:fc:65:f6:dd:
57:51:a3:fb:2e:df:8b:b4:b7:83:51:e9:6e:b0:51:
33:9b:b2:f1:ea:3c:2e:9d:41:73:30:54:37:59:5b:
1c:f0:d6:ab:3c:0d:d0:56:5f:2c:56:6f:cd:8d:7f:
35:d6:c6:58:8c:26:33:e8:19:1f:52:b6:d0:af:1c:
49:6a:a7:d1:68:ca:d9:70:74:5c:d0:4d:36:f9:56:
9f:55:18:fe:6b:d2:43:e8:78:b6:93:a2:55:b2:7f:
e3:8f:e4:04:6f:bd:95:04:09:b9:79:85:06:b2:7a:
a3:02:b9:75:8f:48:c6:a2:ff:e9:85:4b:6a:2e:7e:
7b:2a:9a:ae:5b:56:c8:60:6c:9c:a3:69:f2:11:58:
e4:d4:10:00:ed:5c:eb:84:85:d7:a2:76:ec:39:15:
d1:32:52:34:b1:97:5b:4d:55:04:d7:b5:30:9f:c8:
3f:ca:e4:52:84:58:08:77:d9:23:ef:e2:e1:7f:5a:
80:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:89:03:FF:4B:E4:3F:A9:48:53:F2:5B:D9:74:C1:D7:4B:94:11:F6
X509v3 Authority Key Identifier:
keyid:71:00:68:D5:BF:1B:FF:D7:91:74:E3:75:01:BF:A1:7F:91:7B:31:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cQBo1b8b_9eRdON1Ab-hf5F7MT0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/74d7cd-04e1-49d8-aad9-82043b9e4f71/1/H4kD_0vkP6lIU_Jb2XTB10uUEfY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/74d7cd-04e1-49d8-aad9-82043b9e4f71/1/cQBo1b8b_9eRdON1Ab-hf5F7MT0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:8ec0::/48
Signature Algorithm: sha256WithRSAEncryption
01:03:eb:25:9c:bf:36:91:aa:13:22:4a:49:c1:9d:9e:b8:39:
24:3b:8e:db:09:94:56:1c:dd:b5:f9:38:55:4a:fc:fe:ed:ca:
3c:ab:9e:d5:94:ca:e4:9a:e4:e6:92:07:52:ac:f1:ba:57:b1:
b4:17:bd:df:9c:07:55:4c:b4:94:28:3a:92:11:36:ea:12:41:
e6:98:86:d7:f0:7b:41:af:0b:4f:2d:bb:7f:c0:63:cd:09:fb:
e8:10:76:91:c1:8e:ec:18:cb:60:ae:4b:b7:02:f5:bf:79:2e:
99:92:99:31:84:23:2d:24:22:9e:ae:e2:a6:11:26:ab:23:fb:
85:6b:06:be:1e:e0:28:a3:d6:60:dc:13:1e:48:d8:0b:9c:c3:
a2:af:af:d8:c3:a2:f7:54:c1:70:5b:60:56:14:2a:1a:97:1e:
26:f3:da:38:e0:52:e2:d6:cc:49:21:16:9d:8b:5d:4e:96:5f:
45:bd:1b:b1:b0:ff:b5:b5:99:74:32:b2:7b:0c:4a:85:e5:af:
0c:5d:a4:fc:75:c7:ec:7f:e8:2c:0b:5e:03:77:be:3f:16:28:
f2:f5:43:4c:c7:50:1f:01:da:04:70:23:34:b4:c3:a1:04:96:
d0:51:1e:57:53:25:4a:95:92:8b:31:8d:d6:d0:70:58:dc:ea:
63:9c:da:52
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVtb0SmGB/TPWDFKujzguooMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxMDA2OGQ1YmYxYmZmZDc5MTc0ZTM3NTAxYmZhMTdmOTE3
YjMxM2QwHhcNMjMwMTAxMTMwNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjg5MDNmZjRiZTQzZmE5NDg1M2YyNWJkOTc0YzFkNzRiOTQxMWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJtMP7UtynsSnqG4tW5Fqho6LQ/n
7HyP0U8bb3eTFr1Yv9gXkWYatOX9sea4f0rjyAW9E90xHfqrn0MighT8rY+zoKVR
pvxl9t1XUaP7Lt+LtLeDUelusFEzm7Lx6jwunUFzMFQ3WVsc8NarPA3QVl8sVm/N
jX811sZYjCYz6BkfUrbQrxxJaqfRaMrZcHRc0E02+VafVRj+a9JD6Hi2k6JVsn/j
j+QEb72VBAm5eYUGsnqjArl1j0jGov/phUtqLn57KpquW1bIYGyco2nyEVjk1BAA
7VzrhIXXonbsORXRMlI0sZdbTVUE17Uwn8g/yuRShFgId9kj7+Lhf1qARwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFB+JA/9L5D+pSFPyW9l0wddLlBH2MB8GA1UdIwQY
MBaAFHEAaNW/G//XkXTjdQG/oX+RezE9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1FCbzFiOGJfOWVSZE9OMUFiLWhmNUY3TVQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny83NGQ3Y2QtMDRlMS00OWQ4LWFhZDkt
ODIwNDNiOWU0ZjcxLzEvSDRrRF8wdmtQNmxJVV9KYjJYVEIxMHVVRWZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny83NGQ3Y2QtMDRlMS00OWQ4LWFhZDktODIwNDNiOWU0Zjcx
LzEvY1FCbzFiOGJfOWVSZE9OMUFiLWhmNUY3TVQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgSOwAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQABA+slnL82kaoTIkpJwZ2euDkkO47bCZRWHN21
+ThVSvz+7co8q57VlMrkmuTmkgdSrPG6V7G0F73fnAdVTLSUKDqSETbqEkHmmIbX
8HtBrwtPLbt/wGPNCfvoEHaRwY7sGMtgrku3AvW/eS6ZkpkxhCMtJCKeruKmESar
I/uFawa+HuAoo9Zg3BMeSNgLnMOir6/Yw6L3VMFwW2BWFCoalx4m89o44FLi1sxJ
IRadi11Oll9FvRuxsP+1tZl0MrJ7DEqF5a8MXaT8dcfsf+gsC14Dd74/Fijy9UNM
x1AfAdoEcCM0tMOhBJbQUR5XUyVKlZKLMY3W0HBY3OpjnNpS
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:58 2023 by rpki-client on console-fra.rpki-client.org