Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/htU4IceAz9EzCqYtn7WXeTQ7Blk.roa
File: htU4IceAz9EzCqYtn7WXeTQ7Blk.roa (raw, json)
Hash identifier: M9RVP+iXXawTY4O3+jsdZwTNGaKS2a1k2DLYkdMYDhc=
Subject key identifier: 86:D5:38:21:C7:80:CF:D1:33:0A:A6:2D:9F:B5:97:79:34:3B:06:59
Certificate issuer: /CN=0db67c5c7fa7fe2492eec37cf427642b71d425b0
Certificate serial: 018570B07C02EAA9ACA1756659006C0752FC
Authority key identifier: 0D:B6:7C:5C:7F:A7:FE:24:92:EE:C3:7C:F4:27:64:2B:71:D4:25:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DbZ8XH-n_iSS7sN89CdkK3HUJbA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/htU4IceAz9EzCqYtn7WXeTQ7Blk.roa
Signing time: Mon 02 Jan 2023 04:14:52 +0000
ROA not before: Mon 02 Jan 2023 04:14:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6939
IP address blocks: 2a0e:da40:da40::/48 maxlen: 128
2a0e:da40:1::/48 maxlen: 128
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:b0:7c:02:ea:a9:ac:a1:75:66:59:00:6c:07:52:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0db67c5c7fa7fe2492eec37cf427642b71d425b0
Validity
Not Before: Jan 2 04:14:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=86d53821c780cfd1330aa62d9fb59779343b0659
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:f6:9b:92:ab:f3:bc:f2:25:c1:37:32:0c:dd:
fe:08:d9:86:73:81:39:e6:d5:31:14:48:7e:1f:48:
b7:77:59:d2:89:ae:63:0a:f2:4a:2d:46:43:02:cc:
14:27:1a:af:3a:c2:db:de:37:0f:95:3f:41:e2:c5:
d9:02:2d:a7:1f:26:7f:f6:f6:b9:05:16:fa:a9:1d:
fa:0f:5d:5e:e1:ed:e0:97:bf:32:72:88:14:38:83:
d6:05:e2:4f:73:92:4f:d7:39:23:ed:bc:6e:25:bf:
5f:e3:2e:43:9d:16:80:59:4e:da:c1:4b:bb:98:ca:
45:19:fb:7b:06:b4:9d:56:2a:c8:e0:41:83:be:ac:
9e:4e:59:b4:69:5b:ed:22:9c:41:7e:95:2f:8b:76:
b1:9a:4a:d8:6b:45:5b:21:65:17:7f:41:0e:96:a0:
5c:ef:3e:c7:86:45:07:be:1a:5e:61:21:2f:fc:8c:
25:98:0b:e7:1e:1f:55:d0:d1:cc:a2:1b:e0:c1:7e:
0c:2a:41:ea:8e:f8:e4:34:3e:7d:00:d0:5d:0c:fa:
db:0c:91:fa:db:ce:08:69:14:e2:74:a8:8b:91:4a:
27:6a:98:ee:15:af:93:43:a8:f3:e9:73:fe:19:41:
b4:d6:17:29:16:f9:f6:66:eb:2f:06:fc:a3:4b:8f:
65:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:D5:38:21:C7:80:CF:D1:33:0A:A6:2D:9F:B5:97:79:34:3B:06:59
X509v3 Authority Key Identifier:
keyid:0D:B6:7C:5C:7F:A7:FE:24:92:EE:C3:7C:F4:27:64:2B:71:D4:25:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DbZ8XH-n_iSS7sN89CdkK3HUJbA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/htU4IceAz9EzCqYtn7WXeTQ7Blk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/DbZ8XH-n_iSS7sN89CdkK3HUJbA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:da40:1::/48
2a0e:da40:da40::/48
Signature Algorithm: sha256WithRSAEncryption
9b:eb:0a:12:6d:a4:85:30:96:31:80:51:2e:e1:1b:c2:77:11:
5f:fe:49:8f:b0:39:a1:fe:cb:88:46:bb:bb:8a:fb:c2:0c:1c:
31:23:93:e7:48:4b:7b:4e:e4:63:12:0e:18:8b:ee:98:71:a0:
3b:75:50:92:c4:88:0d:0d:14:2d:4c:be:74:c7:f4:cc:f7:99:
30:81:8b:79:50:7e:aa:98:90:08:9f:d0:71:5e:bd:53:08:de:
1c:72:69:3d:bf:0a:5a:23:d6:e2:0b:b5:73:c0:a8:f2:92:ae:
c1:98:88:43:f9:65:a8:b3:a7:4a:3b:af:db:f8:bd:44:1f:3e:
c8:0b:f2:29:ea:ad:71:68:6b:84:7d:7c:7c:f2:ba:a2:b0:ef:
5b:27:c1:3c:d5:37:f5:2b:7b:7f:fd:2e:0e:a0:62:da:df:6c:
d6:1b:6b:cd:59:a7:67:cc:8b:ba:23:81:f6:bc:1e:d9:32:8d:
92:82:e4:ac:b1:bf:e1:c9:0a:95:e1:58:f3:5a:91:30:82:7f:
b3:9d:92:6a:13:a8:68:38:dd:5c:6b:c5:96:66:19:eb:e1:84:
04:65:38:99:cd:3d:88:04:b8:2d:c0:7c:36:ad:4e:41:2a:89:
dc:76:bd:d8:a7:61:37:93:77:05:b6:61:9f:3a:78:1f:ce:2e:
d3:26:e5:0e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVwsHwC6qmsoXVmWQBsB1L8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkYjY3YzVjN2ZhN2ZlMjQ5MmVlYzM3Y2Y0Mjc2NDJiNzFk
NDI1YjAwHhcNMjMwMTAyMDQxNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmQ1MzgyMWM3ODBjZmQxMzMwYWE2MmQ5ZmI1OTc3OTM0M2IwNjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyPabkqvzvPIlwTcyDN3+CNmGc4E5
5tUxFEh+H0i3d1nSia5jCvJKLUZDAswUJxqvOsLb3jcPlT9B4sXZAi2nHyZ/9va5
BRb6qR36D11e4e3gl78ycogUOIPWBeJPc5JP1zkj7bxuJb9f4y5DnRaAWU7awUu7
mMpFGft7BrSdVirI4EGDvqyeTlm0aVvtIpxBfpUvi3axmkrYa0VbIWUXf0EOlqBc
7z7HhkUHvhpeYSEv/IwlmAvnHh9V0NHMohvgwX4MKkHqjvjkND59ANBdDPrbDJH6
284IaRTidKiLkUonapjuFa+TQ6jz6XP+GUG01hcpFvn2ZusvBvyjS49lCQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIbVOCHHgM/RMwqmLZ+1l3k0OwZZMB8GA1UdIwQY
MBaAFA22fFx/p/4kku7DfPQnZCtx1CWwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGJaOFhILW5faVNTN3NOODlDZGtLM0hVSmJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS8wZjM3NTctZjBlZC00ZTdlLTkzMjkt
YjAzZGY5OTZlNDgxLzEvaHRVNEljZUF6OUV6Q3FZdG43V1hlVFE3QmxrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS8wZjM3NTctZjBlZC00ZTdlLTkzMjktYjAzZGY5OTZlNDgx
LzEvRGJaOFhILW5faVNTN3NOODlDZGtLM0hVSmJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKg7aQAAB
AwcAKg7aQNpAMA0GCSqGSIb3DQEBCwUAA4IBAQCb6woSbaSFMJYxgFEu4RvCdxFf
/kmPsDmh/suIRru7ivvCDBwxI5PnSEt7TuRjEg4Yi+6YcaA7dVCSxIgNDRQtTL50
x/TM95kwgYt5UH6qmJAIn9BxXr1TCN4ccmk9vwpaI9biC7VzwKjykq7BmIhD+WWo
s6dKO6/b+L1EHz7IC/Ip6q1xaGuEfXx88rqisO9bJ8E81Tf1K3t//S4OoGLa32zW
G2vNWadnzIu6I4H2vB7ZMo2SguSssb/hyQqV4VjzWpEwgn+znZJqE6hoON1ca8WW
Zhnr4YQEZTiZzT2IBLgtwHw2rU5BKoncdr3Yp2E3k3cFtmGfOngfzi7TJuUO
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:30:22 2024 by rpki-client on console-ams.rpki-client.org