Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/HaUjVjs5PlBFx_mYjyi-3vibX7k.roa
File: HaUjVjs5PlBFx_mYjyi-3vibX7k.roa (raw, json)
Hash identifier: HK8ydcJGHhanfBDS4AdGZlsFZCIRyJlgJrsDrwEEOL8=
Subject key identifier: 1D:A5:23:56:3B:39:3E:50:45:C7:F9:98:8F:28:BE:DE:F8:9B:5F:B9
Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Certificate serial: 0185707991BD9665A909F199B6F7DBDB6472
Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/HaUjVjs5PlBFx_mYjyi-3vibX7k.roa
Signing time: Mon 02 Jan 2023 03:14:53 +0000
ROA not before: Mon 02 Jan 2023 03:14:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52041
IP address blocks: 2a12:bec0:d0::/44 maxlen: 48
2a12:bec0:7000::/48 maxlen: 48
2a12:bec0:b00b::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 07 Feb 2023 06:09:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:79:91:bd:96:65:a9:09:f1:99:b6:f7:db:db:64:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Validity
Not Before: Jan 2 03:14:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1da523563b393e5045c7f9988f28bedef89b5fb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:66:7b:44:f8:b1:01:50:1e:4e:86:7c:7d:ac:
c0:cf:f0:2d:ef:4a:f0:6a:48:4f:b5:89:27:57:d2:
89:47:86:2f:c0:50:9e:68:c7:69:44:c5:7e:91:ab:
a2:c8:9b:70:c4:f5:76:2d:f7:f8:df:58:54:ff:df:
7e:00:01:2c:9f:33:6b:1c:de:3a:7b:af:e3:a8:a8:
df:03:43:4e:38:5b:06:e2:9f:75:94:f9:5d:96:4f:
6a:3a:12:17:24:a4:6c:5f:8e:f5:27:ae:bb:0d:a6:
33:07:3f:13:79:a3:56:4a:3b:9c:68:28:01:11:15:
dd:ab:a8:e8:cc:99:ef:8e:b1:b3:6c:8f:d5:bc:b3:
52:be:63:16:9e:97:1e:db:2c:08:76:66:3e:9a:ce:
57:18:1e:59:27:48:ed:47:1f:f3:84:75:49:b8:15:
81:ca:34:b3:1a:71:04:93:b2:6b:d3:81:a2:c7:9d:
ed:aa:c8:93:7f:1e:10:55:04:91:43:c8:63:30:81:
e6:13:3a:94:47:80:30:35:e5:9d:e5:db:af:f7:4f:
3f:99:78:54:37:8a:4a:43:74:0a:ee:02:45:04:0e:
12:01:30:27:fe:c1:a0:27:00:bb:9f:10:5f:80:56:
63:04:42:32:5d:3e:66:43:ea:20:e0:e1:f6:83:95:
7c:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:A5:23:56:3B:39:3E:50:45:C7:F9:98:8F:28:BE:DE:F8:9B:5F:B9
X509v3 Authority Key Identifier:
keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/HaUjVjs5PlBFx_mYjyi-3vibX7k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:bec0:d0::/44
2a12:bec0:7000::/48
2a12:bec0:b00b::/48
Signature Algorithm: sha256WithRSAEncryption
99:9e:45:43:db:cf:1b:d7:2a:be:a1:6d:43:b1:08:77:26:e1:
29:e1:e1:79:a5:8b:64:05:7d:f1:61:1b:5f:7a:80:bd:12:e3:
93:43:dd:ed:b2:37:7a:4f:69:6f:5f:7d:f3:2e:a2:d0:4a:0e:
06:9d:97:1e:34:de:76:46:c4:8e:06:09:bc:26:a8:22:3b:fb:
80:11:16:8b:67:16:1e:93:18:04:a5:e9:4b:f8:48:c2:ca:2e:
02:fb:cf:55:31:47:01:43:41:bd:41:40:b3:60:cc:e9:f5:f5:
3c:00:69:51:0d:e5:8f:f5:5e:0f:5d:d7:26:61:12:1a:bc:5f:
93:0a:4b:51:af:e4:b0:7d:ba:55:0b:c1:75:ee:2f:8e:83:30:
11:cc:2d:5a:70:ae:60:c1:78:f1:72:a2:ce:6c:2a:9c:d2:16:
27:3d:20:f0:90:78:c8:8f:90:65:ce:ae:69:54:83:55:17:6b:
f0:56:f7:94:be:51:3f:8e:d9:fa:99:36:d8:89:ec:a2:f9:a5:
11:f9:46:d3:94:48:92:0a:03:2e:0e:8a:e7:85:4b:d6:96:b2:
c8:de:54:cc:83:f2:f1:b7:d6:5c:c5:62:71:50:7c:fe:35:ad:
b0:81:75:f4:95:4b:29:61:a7:c6:e4:b1:4a:d3:7c:9b:5c:e4:
90:08:4d:0e
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVweZG9lmWpCfGZtvfb22RyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj
M2Q2NmYwHhcNMjMwMTAyMDMxNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGE1MjM1NjNiMzkzZTUwNDVjN2Y5OTg4ZjI4YmVkZWY4OWI1ZmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvWZ7RPixAVAeToZ8fazAz/At70rw
akhPtYknV9KJR4YvwFCeaMdpRMV+kauiyJtwxPV2Lff431hU/99+AAEsnzNrHN46
e6/jqKjfA0NOOFsG4p91lPldlk9qOhIXJKRsX471J667DaYzBz8TeaNWSjucaCgB
ERXdq6jozJnvjrGzbI/VvLNSvmMWnpce2ywIdmY+ms5XGB5ZJ0jtRx/zhHVJuBWB
yjSzGnEEk7Jr04Gix53tqsiTfx4QVQSRQ8hjMIHmEzqUR4AwNeWd5duv908/mXhU
N4pKQ3QK7gJFBA4SATAn/sGgJwC7nxBfgFZjBEIyXT5mQ+og4OH2g5V8bwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFB2lI1Y7OT5QRcf5mI8ovt74m1+5MB8GA1UdIwQY
MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt
NTUzNjljZjUwN2VlLzEvSGFValZqczVQbEJGeF9tWWp5aS0zdmliWDdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl
LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcEKhK+wADQ
AwcAKhK+wHAAAwcAKhK+wLALMA0GCSqGSIb3DQEBCwUAA4IBAQCZnkVD288b1yq+
oW1DsQh3JuEp4eF5pYtkBX3xYRtfeoC9EuOTQ93tsjd6T2lvX33zLqLQSg4GnZce
NN52RsSOBgm8JqgiO/uAERaLZxYekxgEpelL+EjCyi4C+89VMUcBQ0G9QUCzYMzp
9fU8AGlRDeWP9V4PXdcmYRIavF+TCktRr+SwfbpVC8F17i+OgzARzC1acK5gwXjx
cqLObCqc0hYnPSDwkHjIj5Blzq5pVINVF2vwVveUvlE/jtn6mTbYieyi+aUR+UbT
lEiSCgMuDornhUvWlrLI3lTMg/Lxt9ZcxWJxUHz+Na2wgXX0lUspYafG5LFK03yb
XOSQCE0O
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:47 2024 by rpki-client on console-ams.rpki-client.org