Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/5ff78e-db14-4b05-9cc6-7403e13675ab/1/nHMVZXp_ipXJalGBUPiQHLI6pkA.roa
File: nHMVZXp_ipXJalGBUPiQHLI6pkA.roa (raw, json)
Hash identifier: 9CqdUlP/HibT2M+ieykkq7Axrc9owSafnO8tynFTZ+4=
Subject key identifier: 9C:73:15:65:7A:7F:8A:95:C9:6A:51:81:50:F8:90:1C:B2:3A:A6:40
Certificate issuer: /CN=037b48449ba1cae15bde2c2f086d94218e0720bb
Certificate serial: 018AFA7DB9B1CCD0F104D929EAC15AC3622B
Authority key identifier: 03:7B:48:44:9B:A1:CA:E1:5B:DE:2C:2F:08:6D:94:21:8E:07:20:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A3tIRJuhyuFb3iwvCG2UIY4HILs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/5ff78e-db14-4b05-9cc6-7403e13675ab/1/nHMVZXp_ipXJalGBUPiQHLI6pkA.roa
Signing time: Wed 04 Oct 2023 11:40:57 +0000
ROA not before: Wed 04 Oct 2023 11:40:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216435
IP address blocks: 2a10:500:7c00::/40 maxlen: 48
2a10:500:9e00::/40 maxlen: 48
2a10:500:1700::/40 maxlen: 48
2a10:500::/32 maxlen: 48
2a10:500:6000::/40 maxlen: 48
2a10:500:9400::/40 maxlen: 48
2a10:500:ce00::/40 maxlen: 48
2a10:500:1300::/40 maxlen: 48
2a10:500:4900::/40 maxlen: 48
2a10:500:4800::/40 maxlen: 48
2a10:500:fe00::/40 maxlen: 48
2a10:500:5c00::/40 maxlen: 48
2a10:500:de00::/40 maxlen: 48
2a10:500:6700::/40 maxlen: 48
2a10:500:9800::/40 maxlen: 48
Validation: Failed, certificate revoked on Mon 04 Dec 2023 13:57:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:fa:7d:b9:b1:cc:d0:f1:04:d9:29:ea:c1:5a:c3:62:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=037b48449ba1cae15bde2c2f086d94218e0720bb
Validity
Not Before: Oct 4 11:40:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9c7315657a7f8a95c96a518150f8901cb23aa640
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:fe:94:4a:98:ec:c7:3f:fb:85:05:83:d7:a4:
0e:fd:42:70:c6:0e:7c:89:f5:56:fd:f2:b2:c2:ab:
ba:c7:09:02:ff:a1:9a:e7:ba:b9:02:14:82:e9:6e:
d3:10:38:d2:7d:c7:06:1e:2a:3b:4f:a7:dd:19:81:
28:e9:4f:c3:36:4e:e5:b9:89:af:78:63:e2:0b:a9:
68:02:3a:91:62:44:4e:ca:a2:c7:ed:5b:ab:24:b8:
4c:94:7e:5d:0b:e4:0b:2e:10:cb:8c:e9:d8:8f:1c:
17:ac:8b:17:28:25:49:b4:2e:1e:05:33:7d:e7:2a:
f3:63:f4:3d:b1:65:84:cd:be:6e:35:53:89:d9:84:
f7:48:1a:52:5d:ba:23:02:b2:bf:d2:b9:ce:bf:1a:
5d:f6:16:d5:15:d0:b6:05:8b:6c:24:ed:a7:25:70:
7d:ca:a4:a9:1b:1a:26:74:4a:66:69:36:16:78:0d:
ae:95:e4:1c:a9:16:0f:ff:8e:3a:f6:68:12:4a:a5:
45:e0:a7:59:46:b7:37:c7:ce:e1:0a:f5:8b:29:44:
df:d4:96:92:c4:c9:d1:49:57:a1:ce:63:f9:61:93:
a6:fe:38:bd:97:3d:df:39:18:80:42:9f:39:33:32:
15:f0:27:22:43:4f:52:69:99:81:11:be:a4:c7:01:
26:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:73:15:65:7A:7F:8A:95:C9:6A:51:81:50:F8:90:1C:B2:3A:A6:40
X509v3 Authority Key Identifier:
keyid:03:7B:48:44:9B:A1:CA:E1:5B:DE:2C:2F:08:6D:94:21:8E:07:20:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A3tIRJuhyuFb3iwvCG2UIY4HILs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/5ff78e-db14-4b05-9cc6-7403e13675ab/1/nHMVZXp_ipXJalGBUPiQHLI6pkA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/5ff78e-db14-4b05-9cc6-7403e13675ab/1/A3tIRJuhyuFb3iwvCG2UIY4HILs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:500::/32
Signature Algorithm: sha256WithRSAEncryption
8b:fb:2f:18:4a:79:60:e2:e5:26:e4:07:1e:e8:42:17:2d:b1:
65:ac:50:98:27:82:10:b9:aa:ca:7c:46:8e:0f:be:f9:c5:fd:
95:74:9e:ae:cd:e9:9a:47:8a:a7:d0:b9:dc:6b:5b:5b:d9:b2:
bf:c8:12:ff:5b:68:f2:44:ac:bf:d3:71:d5:2c:6e:03:22:7e:
07:55:07:77:17:83:ce:4c:13:00:41:bd:27:9c:3b:53:e2:9d:
93:d7:d4:d6:fd:75:e1:59:ba:18:e1:6a:68:ad:bd:c5:6a:ff:
ff:fc:82:8c:af:c7:e2:23:4a:c6:fc:c8:91:d5:d8:bc:56:48:
a2:81:43:be:5f:49:a4:20:0d:f4:56:38:35:1d:bc:21:42:98:
eb:46:fa:07:98:0c:3d:1d:37:3d:17:e0:68:98:b3:a3:c8:11:
c9:09:ff:c2:7f:59:ee:a2:d3:56:cd:d6:7e:ff:fc:af:4d:de:
d0:84:74:ea:b3:33:6e:5a:18:99:23:5b:a6:bd:cf:ec:33:cb:
7c:24:e4:dd:5b:c5:88:71:b0:b7:d8:0d:27:c7:02:f5:16:ba:
6d:a8:5b:e8:40:8b:06:1f:3a:1d:88:fd:1b:d9:ed:04:5f:a3:
55:77:01:7d:27:0f:dc:57:aa:5f:be:4f:27:db:df:61:b0:4a:
80:22:ef:33
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYr6fbmxzNDxBNkp6sFaw2IrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzN2I0ODQ0OWJhMWNhZTE1YmRlMmMyZjA4NmQ5NDIxOGUw
NzIwYmIwHhcNMjMxMDA0MTE0MDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzczMTU2NTdhN2Y4YTk1Yzk2YTUxODE1MGY4OTAxY2IyM2FhNjQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArf6USpjsxz/7hQWD16QO/UJwxg58
ifVW/fKywqu6xwkC/6Ga57q5AhSC6W7TEDjSfccGHio7T6fdGYEo6U/DNk7luYmv
eGPiC6loAjqRYkROyqLH7VurJLhMlH5dC+QLLhDLjOnYjxwXrIsXKCVJtC4eBTN9
5yrzY/Q9sWWEzb5uNVOJ2YT3SBpSXbojArK/0rnOvxpd9hbVFdC2BYtsJO2nJXB9
yqSpGxomdEpmaTYWeA2uleQcqRYP/4469mgSSqVF4KdZRrc3x87hCvWLKUTf1JaS
xMnRSVehzmP5YZOm/ji9lz3fORiAQp85MzIV8CciQ09SaZmBEb6kxwEmMwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJxzFWV6f4qVyWpRgVD4kByyOqZAMB8GA1UdIwQY
MBaAFAN7SESbocrhW94sLwhtlCGOByC7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTN0SVJKdWh5dUZiM2l3dkNHMlVJWTRISUxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS81ZmY3OGUtZGIxNC00YjA1LTljYzYt
NzQwM2UxMzY3NWFiLzEvbkhNVlpYcF9pcFhKYWxHQlVQaVFITEk2cGtBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS81ZmY3OGUtZGIxNC00YjA1LTljYzYtNzQwM2UxMzY3NWFi
LzEvQTN0SVJKdWh5dUZiM2l3dkNHMlVJWTRISUxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhAFADAN
BgkqhkiG9w0BAQsFAAOCAQEAi/svGEp5YOLlJuQHHuhCFy2xZaxQmCeCELmqynxG
jg+++cX9lXSers3pmkeKp9C53GtbW9myv8gS/1to8kSsv9Nx1SxuAyJ+B1UHdxeD
zkwTAEG9J5w7U+Kdk9fU1v114Vm6GOFqaK29xWr///yCjK/H4iNKxvzIkdXYvFZI
ooFDvl9JpCAN9FY4NR28IUKY60b6B5gMPR03PRfgaJizo8gRyQn/wn9Z7qLTVs3W
fv/8r03e0IR06rMzbloYmSNbpr3P7DPLfCTk3VvFiHGwt9gNJ8cC9Ra6bahb6ECL
Bh86HYj9G9ntBF+jVXcBfScP3FeqX75PJ9vfYbBKgCLvMw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:26 2024 by rpki-client on console-fra.rpki-client.org