Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/h-q1Oo69GOADsu8OIVnnTXqkG7Q.roa
File: h-q1Oo69GOADsu8OIVnnTXqkG7Q.roa (raw, json)
Hash identifier: EqyqFm2WiUWINooGyTEuGXGdDi68xZx2yl44lHbSE2E=
Subject key identifier: 87:EA:B5:3A:8E:BD:18:E0:03:B2:EF:0E:21:59:E7:4D:7A:A4:1B:B4
Certificate issuer: /CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Certificate serial: 018FA5F190BFD8DB27A01B76B15B483D6B1A
Authority key identifier: B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/h-q1Oo69GOADsu8OIVnnTXqkG7Q.roa
Signing time: Thu 23 May 2024 14:53:42 +0000
ROA not before: Thu 23 May 2024 14:53:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215561
IP address blocks: 2a0a:79c0:200::/40 maxlen: 128
2a0a:79c7:f000::/38 maxlen: 128
2a0a:79c7:f400::/38 maxlen: 128
2a0a:79c7:f800::/38 maxlen: 128
2a0a:79c7:fe00::/40 maxlen: 40
Validation: Failed, certificate revoked on Tue 25 Jun 2024 15:29:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:a5:f1:90:bf:d8:db:27:a0:1b:76:b1:5b:48:3d:6b:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Validity
Not Before: May 23 14:53:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=87eab53a8ebd18e003b2ef0e2159e74d7aa41bb4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:2d:a1:bd:82:9b:8d:92:e8:e6:8a:c4:94:ca:
f6:fb:9e:9c:76:d5:b8:e3:bf:10:46:d8:07:8e:5a:
76:77:2b:1c:2c:c9:50:8b:96:bb:1e:9d:b2:6a:7b:
f1:c2:6e:2e:49:69:97:12:01:29:85:9c:85:3b:27:
3f:fe:94:eb:cd:2a:08:8e:6a:a0:79:68:4e:89:37:
b2:0c:39:9e:23:8c:ff:23:77:af:a6:c5:41:3a:06:
74:77:a3:02:ad:c6:06:bf:30:94:46:b5:9d:ba:94:
cd:b6:64:e3:3f:6e:b7:c3:78:c7:4f:c4:4e:a1:60:
0a:2d:9c:5b:dd:6f:8b:6c:43:57:9a:2c:1c:43:31:
e3:52:fd:e7:56:44:d8:90:c4:e5:e1:8f:a1:2a:61:
33:3f:03:cf:23:4c:5b:89:97:9a:9d:4c:32:f9:7b:
2b:12:66:74:66:33:81:b5:39:69:1b:ef:bd:1c:ea:
54:93:40:23:ea:24:df:2f:df:ec:ad:cf:d1:08:06:
03:b9:09:92:09:39:37:21:7a:71:e5:dd:4a:10:bb:
ca:1d:cb:7a:a4:f8:89:82:00:2e:25:f8:aa:fa:ce:
fe:07:84:50:2d:97:aa:a3:90:41:2c:52:22:70:4a:
26:88:75:5c:ec:66:04:dc:e4:db:a3:3d:bb:52:10:
e9:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:EA:B5:3A:8E:BD:18:E0:03:B2:EF:0E:21:59:E7:4D:7A:A4:1B:B4
X509v3 Authority Key Identifier:
keyid:B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/h-q1Oo69GOADsu8OIVnnTXqkG7Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:79c0:200::/40
2a0a:79c7:f000::-2a0a:79c7:fbff:ffff:ffff:ffff:ffff:ffff
2a0a:79c7:fe00::/40
Signature Algorithm: sha256WithRSAEncryption
82:0e:f0:65:94:15:87:18:4e:01:e2:dd:5c:29:3c:75:68:d2:
8f:2b:8d:99:80:61:3d:d1:78:dd:1b:61:6e:a4:2d:85:b4:31:
89:ff:c5:d0:a4:29:1c:0a:d8:de:96:ba:f3:91:28:53:7e:a3:
42:39:39:cb:f2:c8:4c:d5:69:81:6c:7d:be:b1:1b:55:88:e4:
3a:81:99:10:45:d2:d8:cb:00:b1:a7:dd:6e:45:5f:5c:38:63:
c6:56:44:6f:cf:f3:6f:2e:22:5d:e1:c4:16:f6:51:f6:e4:a3:
69:e0:0b:6f:d8:fb:f8:63:6d:50:6a:98:88:fd:47:9f:c9:a9:
16:cf:76:3f:5b:27:03:3e:27:0b:69:33:a7:6a:23:dc:d2:6d:
3f:30:32:39:74:6f:40:cc:24:05:ca:52:7a:c7:6d:9a:8d:3c:
56:76:66:1c:04:3a:bb:a1:9d:74:2f:bd:57:e7:9d:bd:36:a7:
73:29:1b:4d:80:9f:33:94:9a:fa:71:3f:7a:ee:ea:b2:ea:d6:
de:b8:36:70:1d:69:27:02:74:6f:6b:20:d6:6b:2e:55:02:7b:
c5:4a:2c:f5:23:cd:9a:7b:b0:ca:a6:aa:85:bb:74:27:c1:55:
04:5c:59:56:d2:80:16:83:39:27:87:1b:bb:dc:07:7b:c7:5b:
24:a3:22:97
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAY+l8ZC/2NsnoBt2sVtIPWsaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4MDc0YjQxOWVhZDRjZWZlYTJmMmFkMmMyNTlkOTc4YzVl
ZDc5NTQwHhcNMjQwNTIzMTQ1MzQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2VhYjUzYThlYmQxOGUwMDNiMmVmMGUyMTU5ZTc0ZDdhYTQxYmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0y2hvYKbjZLo5orElMr2+56cdtW4
478QRtgHjlp2dyscLMlQi5a7Hp2yanvxwm4uSWmXEgEphZyFOyc//pTrzSoIjmqg
eWhOiTeyDDmeI4z/I3evpsVBOgZ0d6MCrcYGvzCURrWdupTNtmTjP263w3jHT8RO
oWAKLZxb3W+LbENXmiwcQzHjUv3nVkTYkMTl4Y+hKmEzPwPPI0xbiZeanUwy+Xsr
EmZ0ZjOBtTlpG++9HOpUk0Aj6iTfL9/src/RCAYDuQmSCTk3IXpx5d1KELvKHct6
pPiJggAuJfiq+s7+B4RQLZeqo5BBLFIicEomiHVc7GYE3OTboz27UhDpwwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFIfqtTqOvRjgA7LvDiFZ5016pBu0MB8GA1UdIwQY
MBaAFLgHS0GerUzv6i8q0sJZ2XjF7XlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYt
M2Q5MWVkZTViMmIxLzEvaC1xMU9vNjlHT0FEc3U4T0lWbm5UWHFrRzdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYtM2Q5MWVkZTViMmIx
LzEvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAAjAiAwYAKgp5wAIw
EAMGBCoKecfwAwYCKgp5x/gDBgAqCnnH/jANBgkqhkiG9w0BAQsFAAOCAQEAgg7w
ZZQVhxhOAeLdXCk8dWjSjyuNmYBhPdF43RthbqQthbQxif/F0KQpHArY3pa685Eo
U36jQjk5y/LITNVpgWx9vrEbVYjkOoGZEEXS2MsAsafdbkVfXDhjxlZEb8/zby4i
XeHEFvZR9uSjaeALb9j7+GNtUGqYiP1Hn8mpFs92P1snAz4nC2kzp2oj3NJtPzAy
OXRvQMwkBcpSesdtmo08VnZmHAQ6u6GddC+9V+edvTancykbTYCfM5Sa+nE/eu7q
surW3rg2cB1pJwJ0b2sg1msuVQJ7xUos9SPNmnuwyqaqhbt0J8FVBFxZVtKAFoM5
J4cbu9wHe8dbJKMilw==
-----END CERTIFICATE-----
Generated at Tue Jun 25 21:58:39 2024 by rpki-client on console-fra.rpki-client.org