Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/d20b8c-9fac-41f7-9e79-c410062d4d52/1/HhZ_S98gyLejag4z2rCjtrKR2Pc.roa
File: HhZ_S98gyLejag4z2rCjtrKR2Pc.roa (raw, json)
Hash identifier: GhzruJSH80gZAKEGE6NubTPq8lbSvzCJqgzp5hkxcFA=
Subject key identifier: 1E:16:7F:4B:DF:20:C8:B7:A3:6A:0E:33:DA:B0:A3:B6:B2:91:D8:F7
Certificate issuer: /CN=89927787472a7cbdd97dfdb4f53b74efb3bbbc5b
Certificate serial: 018CCA2937FEE6B383261F23665BD1FBC70E
Authority key identifier: 89:92:77:87:47:2A:7C:BD:D9:7D:FD:B4:F5:3B:74:EF:B3:BB:BC:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iZJ3h0cqfL3Zff209Tt077O7vFs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/d20b8c-9fac-41f7-9e79-c410062d4d52/1/HhZ_S98gyLejag4z2rCjtrKR2Pc.roa
Signing time: Tue 02 Jan 2024 12:32:28 +0000
ROA not before: Tue 02 Jan 2024 12:32:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201129
IP address blocks: 2001:67c:2d84::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:49:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:37:fe:e6:b3:83:26:1f:23:66:5b:d1:fb:c7:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89927787472a7cbdd97dfdb4f53b74efb3bbbc5b
Validity
Not Before: Jan 2 12:32:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1e167f4bdf20c8b7a36a0e33dab0a3b6b291d8f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:bd:25:92:aa:41:8e:95:f5:a9:6b:bd:35:88:
e1:03:7b:67:0d:ca:c8:eb:ed:a8:fb:62:da:eb:74:
5a:83:e1:ee:a2:3c:94:61:2c:4e:52:49:a5:a6:80:
99:46:2c:66:69:c9:9b:b6:5d:01:30:51:71:5a:4b:
72:d0:c0:07:12:a8:60:53:d2:5b:d6:27:4c:72:54:
4e:2f:67:d6:31:e9:19:b5:16:0b:3b:03:2b:7a:c7:
51:50:17:69:2a:d7:aa:90:bf:5a:bf:79:81:a9:45:
2c:1b:f4:44:e9:c6:d3:4b:4c:bb:d7:21:b3:7f:63:
b6:97:a5:4f:a1:7f:d7:81:c0:35:81:fd:dc:af:8a:
e6:9a:9a:c7:b6:00:19:85:df:68:c5:0f:b9:77:ce:
d1:8b:40:87:14:2c:56:50:98:c2:61:dd:9a:e0:83:
1c:05:be:f2:09:2c:33:15:5b:1e:8f:a7:ff:a5:0b:
9c:1d:4e:c0:ff:f5:78:bb:0a:46:4b:fd:b1:2c:dc:
d8:9a:f3:56:5e:c2:91:5d:23:ce:a6:99:56:2e:f0:
7f:bd:c8:5e:e9:26:45:c7:c4:b0:15:48:4f:c6:ff:
f0:0f:e3:ad:dc:ca:dd:82:0c:f8:b0:20:9d:11:af:
8c:4b:94:af:ce:53:ad:06:7d:d6:4a:41:94:c7:07:
42:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:16:7F:4B:DF:20:C8:B7:A3:6A:0E:33:DA:B0:A3:B6:B2:91:D8:F7
X509v3 Authority Key Identifier:
keyid:89:92:77:87:47:2A:7C:BD:D9:7D:FD:B4:F5:3B:74:EF:B3:BB:BC:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iZJ3h0cqfL3Zff209Tt077O7vFs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/d20b8c-9fac-41f7-9e79-c410062d4d52/1/HhZ_S98gyLejag4z2rCjtrKR2Pc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/d20b8c-9fac-41f7-9e79-c410062d4d52/1/iZJ3h0cqfL3Zff209Tt077O7vFs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:2d84::/48
Signature Algorithm: sha256WithRSAEncryption
9b:88:d8:99:4d:19:a3:be:da:c1:d5:0c:2a:07:f5:9c:37:f3:
ef:42:96:a7:9f:1a:da:e0:98:6b:eb:1d:96:7e:70:98:d7:4f:
b8:81:28:2d:2d:04:4c:fa:9e:e3:42:50:9d:5f:07:f9:47:32:
a5:ac:39:fe:cf:64:50:8d:89:ff:6c:11:95:e4:2d:96:59:6d:
30:87:6f:ac:e5:0c:97:9a:26:e8:38:80:5b:27:20:49:e3:c9:
fc:41:21:e4:03:02:5b:f4:bb:34:fb:2d:58:8e:49:86:be:10:
0c:b3:37:cb:e2:ce:ca:69:22:f2:b2:26:62:88:45:ac:31:f7:
c9:c7:f8:84:fc:4a:d5:4e:4b:e9:d0:c0:84:da:3f:2f:8c:e3:
76:11:c2:a5:aa:95:2e:37:85:7d:ab:2a:b9:74:e8:12:c9:a9:
eb:7b:4e:fd:fb:ca:e5:27:37:e0:13:dc:46:17:f1:1b:f3:b3:
a7:b5:db:b7:dc:2c:af:21:65:99:28:5b:4c:8a:44:7d:d2:16:
24:7f:3d:bf:5d:2b:b0:e2:0d:68:ce:0d:91:4f:3a:11:7f:26:
6c:c3:e5:ab:1b:cc:b6:8b:01:79:20:32:af:8e:2a:fc:f9:21:
60:b0:1e:84:18:2b:31:9c:2c:4f:d3:f3:d8:2c:d6:10:af:32:
82:54:d3:1e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzKKTf+5rODJh8jZlvR+8cOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5OTI3Nzg3NDcyYTdjYmRkOTdkZmRiNGY1M2I3NGVmYjNi
YmJjNWIwHhcNMjQwMTAyMTIzMjI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTE2N2Y0YmRmMjBjOGI3YTM2YTBlMzNkYWIwYTNiNmIyOTFkOGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo70lkqpBjpX1qWu9NYjhA3tnDcrI
6+2o+2La63Rag+HuojyUYSxOUkmlpoCZRixmacmbtl0BMFFxWkty0MAHEqhgU9Jb
1idMclROL2fWMekZtRYLOwMresdRUBdpKteqkL9av3mBqUUsG/RE6cbTS0y71yGz
f2O2l6VPoX/XgcA1gf3cr4rmmprHtgAZhd9oxQ+5d87Ri0CHFCxWUJjCYd2a4IMc
Bb7yCSwzFVsej6f/pQucHU7A//V4uwpGS/2xLNzYmvNWXsKRXSPOpplWLvB/vche
6SZFx8SwFUhPxv/wD+Ot3Mrdggz4sCCdEa+MS5SvzlOtBn3WSkGUxwdCAQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFB4Wf0vfIMi3o2oOM9qwo7aykdj3MB8GA1UdIwQY
MBaAFImSd4dHKny92X39tPU7dO+zu7xbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVpKM2gwY3FmTDNaZmYyMDlUdDA3N083dkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9kMjBiOGMtOWZhYy00MWY3LTllNzkt
YzQxMDA2MmQ0ZDUyLzEvSGhaX1M5OGd5TGVqYWc0ejJyQ2p0cktSMlBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9kMjBiOGMtOWZhYy00MWY3LTllNzktYzQxMDA2MmQ0ZDUy
LzEvaVpKM2gwY3FmTDNaZmYyMDlUdDA3N083dkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfC2E
MA0GCSqGSIb3DQEBCwUAA4IBAQCbiNiZTRmjvtrB1QwqB/WcN/PvQpannxra4Jhr
6x2WfnCY10+4gSgtLQRM+p7jQlCdXwf5RzKlrDn+z2RQjYn/bBGV5C2WWW0wh2+s
5QyXmiboOIBbJyBJ48n8QSHkAwJb9Ls0+y1YjkmGvhAMszfL4s7KaSLysiZiiEWs
MffJx/iE/ErVTkvp0MCE2j8vjON2EcKlqpUuN4V9qyq5dOgSyanre079+8rlJzfg
E9xGF/Eb87Ontdu33CyvIWWZKFtMikR90hYkfz2/XSuw4g1ozg2RTzoRfyZsw+Wr
G8y2iwF5IDKvjir8+SFgsB6EGCsxnCxP0/PYLNYQrzKCVNMe
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:21:40 2025 by rpki-client