Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/5ff78e-db14-4b05-9cc6-7403e13675ab/1/haMgH5JoRqCJqvriUej6aoGofu8.roa
File: haMgH5JoRqCJqvriUej6aoGofu8.roa (raw, json)
Hash identifier: Eolig/suZh86ExjHi9S8Eb7Ubed4QOQouujsigFMlzY=
Subject key identifier: 85:A3:20:1F:92:68:46:A0:89:AA:FA:E2:51:E8:FA:6A:81:A8:7E:EF
Certificate issuer: /CN=037b48449ba1cae15bde2c2f086d94218e0720bb
Certificate serial: 018C4492F220E79E62128B800EB523D3B75E
Authority key identifier: 03:7B:48:44:9B:A1:CA:E1:5B:DE:2C:2F:08:6D:94:21:8E:07:20:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A3tIRJuhyuFb3iwvCG2UIY4HILs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/5ff78e-db14-4b05-9cc6-7403e13675ab/1/haMgH5JoRqCJqvriUej6aoGofu8.roa
Signing time: Thu 07 Dec 2023 13:58:50 +0000
ROA not before: Thu 07 Dec 2023 13:58:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216435
IP address blocks: 2a10:500:fe01::/48 maxlen: 48
2a10:500:8e00::/40 maxlen: 40
2a10:500:9500::/40 maxlen: 40
2a10:500:9600::/40 maxlen: 40
2a10:500:6000::/40 maxlen: 40
2a10:500:8b00::/40 maxlen: 40
2a10:500::/32 maxlen: 48
2a10:500:7a00::/40 maxlen: 40
2a10:500:8d00::/40 maxlen: 40
2a10:500:4800::/40 maxlen: 40
2a10:500:5c00::/40 maxlen: 40
2a10:500:f000::/40 maxlen: 40
2a10:500:7e00::/40 maxlen: 40
2a10:500:fe00::/40 maxlen: 40
2a10:500:de00::/40 maxlen: 40
2a10:500:9400::/40 maxlen: 40
2a10:500:3600::/40 maxlen: 40
2a10:500::/40 maxlen: 48
2a10:500:4d00::/40 maxlen: 40
2a10:500:6700::/40 maxlen: 40
2a10:500:1700::/40 maxlen: 40
2a10:500:ce00::/40 maxlen: 40
2a10:500:c300::/40 maxlen: 40
2a10:500:9e00::/40 maxlen: 40
2a10:500:9800::/40 maxlen: 40
2a10:500:b100::/40 maxlen: 40
2a10:500:5600::/40 maxlen: 40
2a10:500:1300::/40 maxlen: 40
2a10:500:7c00::/40 maxlen: 40
2a10:500:4900::/40 maxlen: 40
Validation: Failed, certificate revoked on Fri 08 Dec 2023 21:52:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:44:92:f2:20:e7:9e:62:12:8b:80:0e:b5:23:d3:b7:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=037b48449ba1cae15bde2c2f086d94218e0720bb
Validity
Not Before: Dec 7 13:58:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=85a3201f926846a089aafae251e8fa6a81a87eef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:d9:13:89:f1:2b:dc:3b:19:31:57:80:9c:e2:
7c:64:6e:09:d8:9f:ec:fa:03:14:de:42:4e:a8:ae:
8c:ed:fe:53:df:76:be:e8:2a:2f:de:bf:59:dd:d6:
33:12:5b:c6:57:a9:34:49:a2:56:a9:d4:89:c7:a7:
22:ff:b3:82:57:93:c9:01:04:a2:5d:69:e5:41:67:
61:76:b4:33:84:d2:d0:4f:6a:8e:6c:2c:b2:00:fb:
f4:7b:6b:d2:7b:0f:07:3c:3f:d7:23:31:78:81:46:
ed:cc:0d:e0:9d:2b:b4:5d:18:f2:98:75:5a:1f:56:
c2:77:c2:07:2c:eb:06:9d:88:17:0d:6f:0a:62:09:
da:b8:e8:8b:8d:e0:3b:02:df:ec:ec:8d:19:b7:cd:
e2:0e:95:a0:82:b0:51:3c:5a:f6:fb:a1:79:a9:5e:
d4:8e:69:48:42:dc:29:7e:f3:dd:ed:10:45:3e:97:
2c:04:2f:6c:e7:5b:04:52:2f:19:e5:b9:eb:9e:c7:
38:4c:14:dd:07:0f:83:a8:26:82:7e:47:08:e7:44:
d0:e5:ae:ec:10:01:d8:4d:e8:7b:d3:55:ce:c9:95:
2d:64:84:a3:bb:8b:ff:dc:a3:5f:cc:19:98:9e:fa:
fb:c4:50:44:bd:2d:29:ed:b0:8f:e0:8d:dd:2a:3e:
81:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:A3:20:1F:92:68:46:A0:89:AA:FA:E2:51:E8:FA:6A:81:A8:7E:EF
X509v3 Authority Key Identifier:
keyid:03:7B:48:44:9B:A1:CA:E1:5B:DE:2C:2F:08:6D:94:21:8E:07:20:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A3tIRJuhyuFb3iwvCG2UIY4HILs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/5ff78e-db14-4b05-9cc6-7403e13675ab/1/haMgH5JoRqCJqvriUej6aoGofu8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/5ff78e-db14-4b05-9cc6-7403e13675ab/1/A3tIRJuhyuFb3iwvCG2UIY4HILs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:500::/32
Signature Algorithm: sha256WithRSAEncryption
ab:bd:54:9e:20:dc:ab:49:78:f1:70:2d:bb:5c:d2:68:6d:f3:
a1:b5:56:62:1f:96:99:99:94:3b:cc:7a:84:19:47:69:63:ee:
b9:b1:24:78:28:46:ff:ee:3b:fb:1c:ad:ef:67:0b:02:0d:93:
33:d4:fd:c2:90:c6:14:50:87:05:9f:23:ec:c4:c8:b3:14:01:
55:ac:16:e2:dd:b6:47:c3:e3:da:24:14:78:3a:93:cd:ab:9f:
68:c1:62:84:5a:ad:98:60:a8:60:d7:d8:86:8d:59:44:ac:3a:
48:d1:d4:3f:38:31:26:df:01:b7:96:c9:d1:93:b8:a0:65:6a:
98:8e:28:11:36:39:a8:bb:d0:bb:26:a3:4b:f3:2b:e4:f9:30:
f0:7e:08:b0:bd:88:3f:69:c9:91:c4:13:8b:03:17:51:15:58:
cd:b8:0c:8a:97:e5:f8:55:29:28:18:8a:ee:50:16:cf:2f:47:
bc:29:31:e8:22:29:9b:47:3a:d8:2b:6f:1f:1f:4f:8b:25:c4:
37:cd:67:eb:0c:57:35:00:64:b7:be:1e:8a:9f:80:d8:ba:7c:
9e:64:b6:1e:dc:52:0e:5c:e7:da:9f:71:74:56:76:82:ca:36:
53:a8:ab:ff:15:7b:b7:3f:7e:04:37:98:db:92:c4:70:29:6d:
20:7e:a2:1e
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYxEkvIg555iEouADrUj07deMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzN2I0ODQ0OWJhMWNhZTE1YmRlMmMyZjA4NmQ5NDIxOGUw
NzIwYmIwHhcNMjMxMjA3MTM1ODUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWEzMjAxZjkyNjg0NmEwODlhYWZhZTI1MWU4ZmE2YTgxYTg3ZWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv9kTifEr3DsZMVeAnOJ8ZG4J2J/s
+gMU3kJOqK6M7f5T33a+6Cov3r9Z3dYzElvGV6k0SaJWqdSJx6ci/7OCV5PJAQSi
XWnlQWdhdrQzhNLQT2qObCyyAPv0e2vSew8HPD/XIzF4gUbtzA3gnSu0XRjymHVa
H1bCd8IHLOsGnYgXDW8KYgnauOiLjeA7At/s7I0Zt83iDpWggrBRPFr2+6F5qV7U
jmlIQtwpfvPd7RBFPpcsBC9s51sEUi8Z5bnrnsc4TBTdBw+DqCaCfkcI50TQ5a7s
EAHYTeh701XOyZUtZISju4v/3KNfzBmYnvr7xFBEvS0p7bCP4I3dKj6BAwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFIWjIB+SaEagiar64lHo+mqBqH7vMB8GA1UdIwQY
MBaAFAN7SESbocrhW94sLwhtlCGOByC7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTN0SVJKdWh5dUZiM2l3dkNHMlVJWTRISUxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS81ZmY3OGUtZGIxNC00YjA1LTljYzYt
NzQwM2UxMzY3NWFiLzEvaGFNZ0g1Sm9ScUNKcXZyaVVlajZhb0dvZnU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS81ZmY3OGUtZGIxNC00YjA1LTljYzYtNzQwM2UxMzY3NWFi
LzEvQTN0SVJKdWh5dUZiM2l3dkNHMlVJWTRISUxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhAFADAN
BgkqhkiG9w0BAQsFAAOCAQEAq71UniDcq0l48XAtu1zSaG3zobVWYh+WmZmUO8x6
hBlHaWPuubEkeChG/+47+xyt72cLAg2TM9T9wpDGFFCHBZ8j7MTIsxQBVawW4t22
R8Pj2iQUeDqTzaufaMFihFqtmGCoYNfYho1ZRKw6SNHUPzgxJt8Bt5bJ0ZO4oGVq
mI4oETY5qLvQuyajS/Mr5Pkw8H4IsL2IP2nJkcQTiwMXURVYzbgMipfl+FUpKBiK
7lAWzy9HvCkx6CIpm0c62CtvHx9PiyXEN81n6wxXNQBkt74eip+A2Lp8nmS2HtxS
Dlzn2p9xdFZ2gso2U6ir/xV7tz9+BDeY25LEcCltIH6iHg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:26 2024 by rpki-client on console-fra.rpki-client.org