Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/HF8CF_ZGHz8qVWJDkfyweLreQII.roa
File: HF8CF_ZGHz8qVWJDkfyweLreQII.roa (raw, json)
Hash identifier: rhRPHjxFRfuioDS0aD6Qh5DsaaucUKxM5TySPjTuh48=
Subject key identifier: 1C:5F:02:17:F6:46:1F:3F:2A:55:62:43:91:FC:B0:78:BA:DE:40:82
Certificate issuer: /CN=827603a93bca31b018f511f6d4b0b7546e963362
Certificate serial: 018B3DC2EC0EC91ED0B8D66B9BEA81812210
Authority key identifier: 82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/HF8CF_ZGHz8qVWJDkfyweLreQII.roa
Signing time: Tue 17 Oct 2023 13:11:06 +0000
ROA not before: Tue 17 Oct 2023 13:11:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205227
IP address blocks: 2a10:3980::/29 maxlen: 29
2a03:b2c0::/29 maxlen: 29
2a0d:df40::/29 maxlen: 29
2a0e:be00::/29 maxlen: 29
2a09:7240::/29 maxlen: 29
2a09:9c0::/29 maxlen: 29
2a09:a780::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:3d:c2:ec:0e:c9:1e:d0:b8:d6:6b:9b:ea:81:81:22:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=827603a93bca31b018f511f6d4b0b7546e963362
Validity
Not Before: Oct 17 13:11:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1c5f0217f6461f3f2a55624391fcb078bade4082
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:b4:ba:4c:e9:6d:b9:a6:db:24:8c:89:19:77:
37:c0:7a:85:bb:e8:6e:3a:e4:83:8a:ba:0c:d9:ba:
7d:0b:bb:6d:db:9d:ac:c0:78:b0:4d:6e:71:da:cf:
37:8f:69:76:0a:e9:5d:c4:af:47:ec:c2:1e:05:40:
ee:ed:20:16:ac:c6:95:c9:8f:b0:fa:7e:cb:7e:b7:
a7:c9:8e:3b:ed:2e:a9:12:20:37:9e:88:fd:50:ad:
fb:48:fa:9e:31:83:c3:4d:06:2b:06:24:29:96:f2:
bf:11:a8:56:99:39:b0:ae:9b:09:8f:38:a4:c8:da:
93:22:38:e1:6a:2f:77:55:57:20:a6:a0:32:78:ba:
44:2d:b9:e1:3a:df:1e:62:9f:b5:a2:25:8d:08:f2:
1b:e4:d9:7b:b3:b2:2b:fc:4b:93:95:c1:c1:3e:b1:
20:7d:f9:4b:db:68:99:d8:67:ec:de:fd:f5:1f:11:
f0:19:2d:f8:cb:a3:46:55:46:03:a5:b9:a3:46:0c:
ce:2e:65:c9:ec:28:d9:61:4f:6c:b5:a0:27:d9:68:
d3:e1:39:c9:2f:8d:50:04:a6:cd:0c:90:17:b6:e5:
c9:e4:7f:f2:f9:7b:3b:d3:5f:0d:3e:f9:00:0b:87:
7d:23:2d:26:35:1c:ff:6b:b3:47:4e:98:1c:0e:94:
f2:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:5F:02:17:F6:46:1F:3F:2A:55:62:43:91:FC:B0:78:BA:DE:40:82
X509v3 Authority Key Identifier:
keyid:82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/HF8CF_ZGHz8qVWJDkfyweLreQII.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:b2c0::/29
2a09:9c0::/29
2a09:7240::/29
2a09:a780::/29
2a0d:df40::/29
2a0e:be00::/29
2a10:3980::/29
Signature Algorithm: sha256WithRSAEncryption
28:ce:58:fb:df:69:7a:d4:9d:69:97:ea:4c:20:e5:e1:ff:ab:
8f:9a:4d:cc:52:5d:fb:7d:39:1b:fd:31:e2:91:20:e0:ed:78:
a6:73:e7:af:a7:c7:1f:e5:73:3d:b6:50:6c:f5:29:98:9a:a6:
40:36:30:a0:04:54:22:a9:69:b8:38:c7:51:7d:7a:dc:37:34:
df:64:42:86:2b:fb:67:d6:e8:94:dd:0f:84:a0:2c:36:b7:bb:
6d:39:be:92:b8:82:fe:07:8b:31:f3:f6:88:75:07:ed:8f:73:
d8:a0:8d:b6:d7:48:35:de:f7:72:e4:6a:9c:27:be:f0:6e:a6:
e8:d4:68:99:ed:02:bf:a4:34:d0:b5:16:13:b6:c1:05:35:7d:
a5:cb:25:b8:cf:b1:88:65:b5:02:1a:be:ff:2e:02:26:0d:80:
eb:a6:b1:10:66:88:1e:0a:5b:67:58:ee:e0:aa:f8:4b:3e:32:
0f:fb:9b:cd:e4:b4:4e:52:69:09:f7:b3:07:72:cd:78:3f:ae:
63:33:52:42:2c:41:49:4e:16:1d:0e:55:3b:eb:23:44:53:de:
4d:77:18:e7:01:e0:c6:1d:3e:2c:19:6f:48:e6:d4:fa:28:a2:
a4:dc:dc:5f:42:db:37:a6:40:f0:9c:d0:c8:1d:61:26:37:88:
a8:08:e8:c5
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAYs9wuwOyR7QuNZrm+qBgSIQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNzYwM2E5M2JjYTMxYjAxOGY1MTFmNmQ0YjBiNzU0NmU5
NjMzNjIwHhcNMjMxMDE3MTMxMTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzVmMDIxN2Y2NDYxZjNmMmE1NTYyNDM5MWZjYjA3OGJhZGU0MDgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmLS6TOltuabbJIyJGXc3wHqFu+hu
OuSDiroM2bp9C7tt252swHiwTW5x2s83j2l2CuldxK9H7MIeBUDu7SAWrMaVyY+w
+n7LfrenyY477S6pEiA3noj9UK37SPqeMYPDTQYrBiQplvK/EahWmTmwrpsJjzik
yNqTIjjhai93VVcgpqAyeLpELbnhOt8eYp+1oiWNCPIb5Nl7s7Ir/EuTlcHBPrEg
fflL22iZ2Gfs3v31HxHwGS34y6NGVUYDpbmjRgzOLmXJ7CjZYU9staAn2WjT4TnJ
L41QBKbNDJAXtuXJ5H/y+Xs7018NPvkAC4d9Iy0mNRz/a7NHTpgcDpTyVQIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFBxfAhf2Rh8/KlViQ5H8sHi63kCCMB8GA1UdIwQY
MBaAFIJ2A6k7yjGwGPUR9tSwt1RuljNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYt
YjE2Y2I0ZGZhZGQzLzEvSEY4Q0ZfWkdIejhxVldKRGtmeXdlTHJlUUlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYtYjE2Y2I0ZGZhZGQz
LzEvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTA3BAIAAjAxAwUDKgOywAMF
AyoJCcADBQMqCXJAAwUDKgmngAMFAyoN30ADBQMqDr4AAwUDKhA5gDANBgkqhkiG
9w0BAQsFAAOCAQEAKM5Y+99petSdaZfqTCDl4f+rj5pNzFJd+305G/0x4pEg4O14
pnPnr6fHH+VzPbZQbPUpmJqmQDYwoARUIqlpuDjHUX163Dc032RChiv7Z9bolN0P
hKAsNre7bTm+kriC/geLMfP2iHUH7Y9z2KCNttdINd73cuRqnCe+8G6m6NRome0C
v6Q00LUWE7bBBTV9pcsluM+xiGW1Ahq+/y4CJg2A66axEGaIHgpbZ1ju4Kr4Sz4y
D/ubzeS0TlJpCfezB3LNeD+uYzNSQixBSU4WHQ5VO+sjRFPeTXcY5wHgxh0+LBlv
SObU+iiipNzcX0LbN6ZA8JzQyB1hJjeIqAjoxQ==
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:19:37 2024 by rpki-client on console-ams.rpki-client.org