Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/9HpPtEBnkYGFIsfMNf_fD89iMQI.roa
File: 9HpPtEBnkYGFIsfMNf_fD89iMQI.roa (raw, json)
Hash identifier: skxGtBgkFRJLYzJqEvLWZH5I2wjemFNesSsWNvy6ITc=
Subject key identifier: F4:7A:4F:B4:40:67:91:81:85:22:C7:CC:35:FF:DF:0F:CF:62:31:02
Certificate issuer: /CN=827603a93bca31b018f511f6d4b0b7546e963362
Certificate serial: 018C2116A6A4C67E74303EB4B73B066A3B38
Authority key identifier: 82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/9HpPtEBnkYGFIsfMNf_fD89iMQI.roa
Signing time: Thu 30 Nov 2023 16:36:21 +0000
ROA not before: Thu 30 Nov 2023 16:36:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216157
IP address blocks: 2a10:9c0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:21:16:a6:a4:c6:7e:74:30:3e:b4:b7:3b:06:6a:3b:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=827603a93bca31b018f511f6d4b0b7546e963362
Validity
Not Before: Nov 30 16:36:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f47a4fb4406791818522c7cc35ffdf0fcf623102
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:51:9c:5d:e5:c2:6d:d9:84:b7:48:96:50:e4:
3a:33:65:78:fb:e4:09:71:1c:41:ba:a4:f5:63:07:
c6:4c:6b:75:79:73:a7:38:82:e4:e3:0f:7d:51:6d:
17:56:95:59:92:b4:34:33:20:82:55:69:9a:0f:f4:
c9:2f:ff:e4:92:dd:b9:9c:5d:eb:64:46:ec:79:0d:
a0:c8:59:b3:00:d2:d2:c3:ba:b9:6e:49:7b:59:fb:
42:7f:ec:d5:52:78:c5:09:82:88:0b:fc:77:b7:af:
93:96:d2:05:04:c3:e9:93:06:c5:42:3c:a2:59:76:
8c:41:e2:4b:16:d6:5b:ca:bb:31:de:32:ec:49:2c:
0e:06:ea:1f:e1:b8:52:38:e8:8d:dd:fe:b0:70:73:
41:32:46:75:ac:79:f8:a5:8f:08:da:73:1c:a3:c8:
9f:16:ee:f6:91:d4:68:e4:ac:6f:09:9e:13:03:ac:
11:59:6f:68:bc:6c:d4:e1:10:c7:0d:7c:3c:af:db:
6c:b9:18:df:92:54:2d:05:f4:9d:50:a9:dd:9e:ba:
40:66:15:00:33:d3:52:c7:79:b7:63:b8:5d:b9:0e:
7e:53:12:94:45:a4:6b:50:85:47:cc:34:43:bb:2e:
3b:48:28:f9:91:27:50:b1:72:ba:6d:19:0f:9d:14:
7c:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:7A:4F:B4:40:67:91:81:85:22:C7:CC:35:FF:DF:0F:CF:62:31:02
X509v3 Authority Key Identifier:
keyid:82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/9HpPtEBnkYGFIsfMNf_fD89iMQI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:9c0::/29
Signature Algorithm: sha256WithRSAEncryption
2c:04:e5:64:23:58:48:4d:f9:10:fc:9e:2d:43:7a:b6:b0:b8:
98:6c:cb:ac:09:ce:f7:41:11:f2:f7:f1:d7:ec:41:9b:9d:94:
8f:a2:c0:a9:3f:40:e2:cb:1c:30:cb:6c:8f:53:0d:83:d9:35:
66:22:39:ee:ed:bb:d5:df:19:69:06:7a:4a:63:74:b9:3b:80:
ce:db:74:d9:64:c4:a1:36:32:5a:1d:2a:98:3f:c6:db:b3:0f:
d2:fc:25:d0:64:76:83:c9:1f:ed:c5:11:1f:a8:a8:76:cd:3f:
72:fa:88:fb:66:f7:93:92:03:01:3e:53:45:63:b3:d2:63:63:
16:86:4d:71:c5:58:02:93:f3:75:2d:b7:fe:86:8b:49:6d:a4:
c0:1d:15:c1:04:4c:0d:cb:01:41:87:a5:4e:a2:2a:8b:a1:a9:
d8:f9:d6:c1:aa:90:fd:56:e5:20:ab:c8:53:b6:0d:66:27:1e:
e2:88:04:60:35:30:66:fd:5b:24:68:20:2d:fc:29:b3:d3:80:
47:5a:b7:eb:38:2e:d2:80:33:16:75:d0:47:25:ac:57:7f:86:
36:65:61:2a:d7:90:54:fe:5c:81:41:ed:19:cc:a1:aa:23:ea:
f4:90:f2:f1:a3:24:c1:41:81:1b:24:af:53:0c:10:f8:86:06:
48:05:5f:98
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYwhFqakxn50MD60tzsGajs4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNzYwM2E5M2JjYTMxYjAxOGY1MTFmNmQ0YjBiNzU0NmU5
NjMzNjIwHhcNMjMxMTMwMTYzNjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDdhNGZiNDQwNjc5MTgxODUyMmM3Y2MzNWZmZGYwZmNmNjIzMTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl1GcXeXCbdmEt0iWUOQ6M2V4++QJ
cRxBuqT1YwfGTGt1eXOnOILk4w99UW0XVpVZkrQ0MyCCVWmaD/TJL//kkt25nF3r
ZEbseQ2gyFmzANLSw7q5bkl7WftCf+zVUnjFCYKIC/x3t6+TltIFBMPpkwbFQjyi
WXaMQeJLFtZbyrsx3jLsSSwOBuof4bhSOOiN3f6wcHNBMkZ1rHn4pY8I2nMco8if
Fu72kdRo5KxvCZ4TA6wRWW9ovGzU4RDHDXw8r9tsuRjfklQtBfSdUKndnrpAZhUA
M9NSx3m3Y7hduQ5+UxKURaRrUIVHzDRDuy47SCj5kSdQsXK6bRkPnRR83wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPR6T7RAZ5GBhSLHzDX/3w/PYjECMB8GA1UdIwQY
MBaAFIJ2A6k7yjGwGPUR9tSwt1RuljNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYt
YjE2Y2I0ZGZhZGQzLzEvOUhwUHRFQm5rWUdGSXNmTU5mX2ZEODlpTVFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYtYjE2Y2I0ZGZhZGQz
LzEvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhAJwDAN
BgkqhkiG9w0BAQsFAAOCAQEALATlZCNYSE35EPyeLUN6trC4mGzLrAnO90ER8vfx
1+xBm52Uj6LAqT9A4sscMMtsj1MNg9k1ZiI57u271d8ZaQZ6SmN0uTuAztt02WTE
oTYyWh0qmD/G27MP0vwl0GR2g8kf7cURH6iods0/cvqI+2b3k5IDAT5TRWOz0mNj
FoZNccVYApPzdS23/oaLSW2kwB0VwQRMDcsBQYelTqIqi6Gp2PnWwaqQ/VblIKvI
U7YNZice4ogEYDUwZv1bJGggLfwps9OAR1q36zgu0oAzFnXQRyWsV3+GNmVhKteQ
VP5cgUHtGcyhqiPq9JDy8aMkwUGBGySvUwwQ+IYGSAVfmA==
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:27:58 2024 by rpki-client on console-fra.rpki-client.org