Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/844769-cb3e-45cd-9165-687ae6fba3ad/1/HZknF-HS_UVg__2H9DAEzCYSTKs.roa
File: HZknF-HS_UVg__2H9DAEzCYSTKs.roa (raw, json)
Hash identifier: BfN64NjdMQVz6qJk1t+qsVM4QNnWPk0r1L1BSKrR5w0=
Subject key identifier: 1D:99:27:17:E1:D2:FD:45:60:FF:FD:87:F4:30:04:CC:26:12:4C:AB
Certificate issuer: /CN=733683cb856d6d9ff58e287e8a905d292dca6b34
Certificate serial: 018DC0CFF5AF14E59518F5884EF161AE3AF8
Authority key identifier: 73:36:83:CB:85:6D:6D:9F:F5:8E:28:7E:8A:90:5D:29:2D:CA:6B:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/czaDy4VtbZ_1jih-ipBdKS3KazQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/844769-cb3e-45cd-9165-687ae6fba3ad/1/HZknF-HS_UVg__2H9DAEzCYSTKs.roa
Signing time: Mon 19 Feb 2024 10:01:10 +0000
ROA not before: Mon 19 Feb 2024 10:01:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206080
IP address blocks: 2a0a:9900::/29 maxlen: 32
Validation: Failed, certificate revoked on Tue 26 Mar 2024 08:36:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c0:cf:f5:af:14:e5:95:18:f5:88:4e:f1:61:ae:3a:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=733683cb856d6d9ff58e287e8a905d292dca6b34
Validity
Not Before: Feb 19 10:01:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1d992717e1d2fd4560fffd87f43004cc26124cab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:96:52:bd:ce:b3:67:e6:7d:f0:5e:09:d0:5e:
78:b4:6f:75:b5:d7:67:f1:53:e2:2c:18:75:f2:4b:
6f:83:b2:95:39:1b:30:cc:56:b3:4e:7c:4d:54:70:
a3:f3:06:ac:1b:c7:69:72:be:5a:20:98:97:07:4e:
e2:d9:67:7b:93:ea:43:70:1f:33:7d:38:b8:25:bc:
6f:25:5c:5b:93:60:40:c4:ac:81:15:d4:09:3f:54:
3d:9e:61:70:16:f0:83:dd:e1:42:16:12:f3:26:3d:
19:34:72:3d:01:cd:6f:34:33:4a:1d:fe:e9:f3:9a:
db:6d:d5:f1:9e:3f:24:f8:48:42:04:9b:ae:3d:47:
5a:ed:a4:58:70:8f:ff:4b:a9:41:f0:a3:81:9b:0f:
c1:27:2d:2b:ee:91:f0:de:7e:dd:75:53:76:42:ad:
5c:33:40:de:c5:ab:70:22:af:c4:9d:50:9f:e7:db:
ba:c9:5b:b1:a7:52:f0:e0:25:cd:f9:62:c2:20:ee:
0e:3a:21:7c:fb:11:7c:6c:0f:0c:2f:23:42:33:87:
ca:76:62:39:eb:cf:91:5e:9b:fa:1b:e1:90:5b:07:
20:f0:6c:b6:5e:12:91:d9:06:f6:5b:4c:3e:31:de:
93:95:08:48:0f:24:79:f0:d4:45:5a:41:a6:ea:d3:
a0:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:99:27:17:E1:D2:FD:45:60:FF:FD:87:F4:30:04:CC:26:12:4C:AB
X509v3 Authority Key Identifier:
keyid:73:36:83:CB:85:6D:6D:9F:F5:8E:28:7E:8A:90:5D:29:2D:CA:6B:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/czaDy4VtbZ_1jih-ipBdKS3KazQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/844769-cb3e-45cd-9165-687ae6fba3ad/1/HZknF-HS_UVg__2H9DAEzCYSTKs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/844769-cb3e-45cd-9165-687ae6fba3ad/1/czaDy4VtbZ_1jih-ipBdKS3KazQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:9900::/29
Signature Algorithm: sha256WithRSAEncryption
12:6d:52:2f:05:bc:58:eb:d1:a4:b5:4e:20:7a:fe:97:b2:b3:
63:9e:73:e7:02:dd:94:05:36:31:0d:27:e3:85:5b:df:89:32:
cf:fc:2c:c6:88:1a:24:1b:0e:b2:9a:0b:a0:ef:b5:1b:c4:2e:
6c:1c:b3:d8:cc:53:7d:a4:3c:52:ed:79:df:1f:81:b6:0c:3c:
51:b9:35:65:24:8d:63:5c:0e:e3:02:88:c5:59:17:c7:7a:84:
fc:c8:d7:f7:4b:ed:46:71:3b:1b:36:66:f7:0d:ff:7c:51:14:
03:50:2d:18:dd:2d:57:3b:56:1a:44:f2:cf:b7:8b:4b:c5:5c:
22:d7:02:5a:bc:6e:0f:19:0c:2b:2f:5b:a9:30:54:9e:77:a3:
d0:ed:7f:30:91:ba:9b:b0:70:86:e0:33:50:33:a4:89:ba:1f:
7f:c0:2b:04:f9:75:37:66:92:d8:af:d9:d4:56:bc:aa:17:17:
87:a9:cb:f2:30:56:ec:13:34:bb:ce:2f:24:9b:b5:ea:3c:ee:
15:32:71:e8:f2:50:e3:c8:00:a1:9e:08:a7:b0:dd:a2:39:dd:
aa:a7:58:29:f0:9d:05:c8:50:04:81:d0:a9:6a:99:08:a2:97:
68:da:78:3f:12:38:07:d2:a4:63:8e:95:30:94:39:85:a4:04:
37:64:d8:28
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY3Az/WvFOWVGPWITvFhrjr4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczMzY4M2NiODU2ZDZkOWZmNThlMjg3ZThhOTA1ZDI5MmRj
YTZiMzQwHhcNMjQwMjE5MTAwMTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDk5MjcxN2UxZDJmZDQ1NjBmZmZkODdmNDMwMDRjYzI2MTI0Y2FiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt5ZSvc6zZ+Z98F4J0F54tG91tddn
8VPiLBh18ktvg7KVORswzFazTnxNVHCj8wasG8dpcr5aIJiXB07i2Wd7k+pDcB8z
fTi4JbxvJVxbk2BAxKyBFdQJP1Q9nmFwFvCD3eFCFhLzJj0ZNHI9Ac1vNDNKHf7p
85rbbdXxnj8k+EhCBJuuPUda7aRYcI//S6lB8KOBmw/BJy0r7pHw3n7ddVN2Qq1c
M0DexatwIq/EnVCf59u6yVuxp1Lw4CXN+WLCIO4OOiF8+xF8bA8MLyNCM4fKdmI5
68+RXpv6G+GQWwcg8Gy2XhKR2Qb2W0w+Md6TlQhIDyR58NRFWkGm6tOgzQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFB2ZJxfh0v1FYP/9h/QwBMwmEkyrMB8GA1UdIwQY
MBaAFHM2g8uFbW2f9Y4ofoqQXSktyms0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3phRHk0VnRiWl8xamloLWlwQmRLUzNLYXpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS84NDQ3NjktY2IzZS00NWNkLTkxNjUt
Njg3YWU2ZmJhM2FkLzEvSFprbkYtSFNfVVZnX18ySDlEQUV6Q1lTVEtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS84NDQ3NjktY2IzZS00NWNkLTkxNjUtNjg3YWU2ZmJhM2Fk
LzEvY3phRHk0VnRiWl8xamloLWlwQmRLUzNLYXpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgqZADAN
BgkqhkiG9w0BAQsFAAOCAQEAEm1SLwW8WOvRpLVOIHr+l7KzY55z5wLdlAU2MQ0n
44Vb34kyz/wsxogaJBsOspoLoO+1G8QubByz2MxTfaQ8Uu153x+Btgw8Ubk1ZSSN
Y1wO4wKIxVkXx3qE/MjX90vtRnE7GzZm9w3/fFEUA1AtGN0tVztWGkTyz7eLS8Vc
ItcCWrxuDxkMKy9bqTBUnnej0O1/MJG6m7BwhuAzUDOkiboff8ArBPl1N2aS2K/Z
1Fa8qhcXh6nL8jBW7BM0u84vJJu16jzuFTJx6PJQ48gAoZ4Ip7DdojndqqdYKfCd
BchQBIHQqWqZCKKXaNp4PxI4B9KkY46VMJQ5haQEN2TYKA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:34 2024 by rpki-client on console-ams.rpki-client.org