Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/ca641f-db3a-4f64-a25b-cfa6a91481e2/1/hol8Pvi-iwtS-y7tF1sH9qCt034.roa
File: hol8Pvi-iwtS-y7tF1sH9qCt034.roa (raw, json)
Hash identifier: 03LmK7Xwnd6eS3t9QyvGMnaZ4UXpM/st6MNT5SBzWTM=
Subject key identifier: 86:89:7C:3E:F8:BE:8B:0B:52:FB:2E:ED:17:5B:07:F6:A0:AD:D3:7E
Certificate issuer: /CN=97d23ae28cd860c8edfd618356f8b31f5e4dc928
Certificate serial: 018CCB2BDB9AEEEFAF0A03C2CFAACEA2E6CA
Authority key identifier: 97:D2:3A:E2:8C:D8:60:C8:ED:FD:61:83:56:F8:B3:1F:5E:4D:C9:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l9I64ozYYMjt_WGDVvizH15NySg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/ca641f-db3a-4f64-a25b-cfa6a91481e2/1/hol8Pvi-iwtS-y7tF1sH9qCt034.roa
Signing time: Tue 02 Jan 2024 17:14:58 +0000
ROA not before: Tue 02 Jan 2024 17:14:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201409
IP address blocks: 2a13:29c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Sun 14 Jan 2024 12:40:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:cb:2b:db:9a:ee:ef:af:0a:03:c2:cf:aa:ce:a2:e6:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97d23ae28cd860c8edfd618356f8b31f5e4dc928
Validity
Not Before: Jan 2 17:14:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=86897c3ef8be8b0b52fb2eed175b07f6a0add37e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:f2:2d:3b:e9:64:07:49:09:d7:90:ff:89:a0:
78:53:f3:45:37:8d:fc:84:84:95:91:8e:f1:f7:9a:
d0:33:2d:8a:51:80:99:87:32:9a:f6:8b:9d:b9:24:
24:58:e7:ce:3d:be:e5:c1:c5:8e:80:e3:2d:bb:79:
d6:d9:56:62:3c:77:59:c0:fa:d8:57:9d:38:25:41:
86:7e:8f:f0:df:15:04:0b:f9:00:55:c0:77:27:ea:
e9:b7:b4:43:5c:87:9d:04:02:88:0f:73:5e:d9:bc:
56:2b:e8:89:5e:aa:30:d4:01:56:77:46:35:52:2b:
7e:dc:d4:ff:03:22:45:c4:5e:d3:60:9d:73:66:ed:
21:99:ef:80:5f:66:b3:a2:73:10:a7:7c:e0:89:c4:
1f:75:3b:49:f0:d3:72:cd:24:a6:9c:a6:1e:19:63:
4c:73:0b:33:63:90:41:1d:6b:8e:61:e2:a8:fe:ef:
7e:f1:b0:63:28:2b:8f:70:96:68:21:b0:df:16:c2:
da:b3:72:64:31:7b:64:1f:50:a4:c5:35:35:b8:2c:
85:ec:9a:14:dc:56:14:df:a0:bd:4c:ac:f5:37:f9:
bf:91:95:31:cc:44:4c:3e:33:c2:93:62:6e:75:70:
b1:40:1f:a9:d2:46:d9:da:5e:4e:a6:cb:51:02:9c:
f6:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:89:7C:3E:F8:BE:8B:0B:52:FB:2E:ED:17:5B:07:F6:A0:AD:D3:7E
X509v3 Authority Key Identifier:
keyid:97:D2:3A:E2:8C:D8:60:C8:ED:FD:61:83:56:F8:B3:1F:5E:4D:C9:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l9I64ozYYMjt_WGDVvizH15NySg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/ca641f-db3a-4f64-a25b-cfa6a91481e2/1/hol8Pvi-iwtS-y7tF1sH9qCt034.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/ca641f-db3a-4f64-a25b-cfa6a91481e2/1/l9I64ozYYMjt_WGDVvizH15NySg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:29c0::/29
Signature Algorithm: sha256WithRSAEncryption
2f:71:a8:aa:2a:d2:1b:46:c5:5f:69:4f:e1:a4:1d:05:dc:1a:
0a:99:45:50:f8:6c:b5:8d:24:8c:ef:d9:b0:23:8c:d1:8a:10:
3f:6e:02:4b:8b:ee:8e:24:c5:92:b9:c7:79:a2:56:43:4d:f8:
a7:47:62:8f:d6:a9:a7:44:d1:eb:d8:7e:ea:24:01:38:ac:bb:
f3:ab:74:af:6a:31:db:dd:7a:45:85:5e:3f:aa:2d:9a:17:25:
68:0d:a7:64:d2:12:82:d5:5a:33:54:43:9b:c9:34:8b:21:16:
a1:02:69:01:3a:89:ac:4f:5b:d9:52:ea:16:b0:f6:15:2c:ef:
93:40:91:bf:bf:b4:c1:e5:65:41:73:2d:a4:85:dc:e9:36:20:
bd:8e:4e:ed:46:65:77:3d:cf:ab:3c:0b:2d:4f:07:22:d3:86:
a4:3c:43:72:65:7f:09:b3:e1:39:0b:cf:93:1f:58:03:28:80:
3b:b5:cc:1b:96:d1:49:cf:c1:8e:6b:ac:f5:54:b9:50:6a:d7:
14:64:a8:93:3b:b6:39:2d:de:38:28:89:f6:6e:33:ca:df:a8:
61:ea:c7:14:16:f7:55:29:06:e3:e8:fe:6f:a7:a3:76:8e:61:
2b:86:92:61:08:95:a0:8b:df:b6:ca:ab:7c:0f:03:fb:95:97:
69:8d:a9:6f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzLK9ua7u+vCgPCz6rOoubKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3ZDIzYWUyOGNkODYwYzhlZGZkNjE4MzU2ZjhiMzFmNWU0
ZGM5MjgwHhcNMjQwMTAyMTcxNDU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Njg5N2MzZWY4YmU4YjBiNTJmYjJlZWQxNzViMDdmNmEwYWRkMzdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1PItO+lkB0kJ15D/iaB4U/NFN438
hISVkY7x95rQMy2KUYCZhzKa9ouduSQkWOfOPb7lwcWOgOMtu3nW2VZiPHdZwPrY
V504JUGGfo/w3xUEC/kAVcB3J+rpt7RDXIedBAKID3Ne2bxWK+iJXqow1AFWd0Y1
Uit+3NT/AyJFxF7TYJ1zZu0hme+AX2azonMQp3zgicQfdTtJ8NNyzSSmnKYeGWNM
cwszY5BBHWuOYeKo/u9+8bBjKCuPcJZoIbDfFsLas3JkMXtkH1CkxTU1uCyF7JoU
3FYU36C9TKz1N/m/kZUxzERMPjPCk2JudXCxQB+p0kbZ2l5OpstRApz24wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFIaJfD74vosLUvsu7RdbB/agrdN+MB8GA1UdIwQY
MBaAFJfSOuKM2GDI7f1hg1b4sx9eTckoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDlJNjRvellZTWp0X1dHRFZ2aXpIMTVOeVNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC9jYTY0MWYtZGIzYS00ZjY0LWEyNWIt
Y2ZhNmE5MTQ4MWUyLzEvaG9sOFB2aS1pd3RTLXk3dEYxc0g5cUN0MDM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC9jYTY0MWYtZGIzYS00ZjY0LWEyNWItY2ZhNmE5MTQ4MWUy
LzEvbDlJNjRvellZTWp0X1dHRFZ2aXpIMTVOeVNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhMpwDAN
BgkqhkiG9w0BAQsFAAOCAQEAL3GoqirSG0bFX2lP4aQdBdwaCplFUPhstY0kjO/Z
sCOM0YoQP24CS4vujiTFkrnHeaJWQ034p0dij9app0TR69h+6iQBOKy786t0r2ox
2916RYVeP6otmhclaA2nZNISgtVaM1RDm8k0iyEWoQJpATqJrE9b2VLqFrD2FSzv
k0CRv7+0weVlQXMtpIXc6TYgvY5O7UZldz3PqzwLLU8HItOGpDxDcmV/CbPhOQvP
kx9YAyiAO7XMG5bRSc/Bjmus9VS5UGrXFGSokzu2OS3eOCiJ9m4zyt+oYerHFBb3
VSkG4+j+b6ejdo5hK4aSYQiVoIvftsqrfA8D+5WXaY2pbw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:10 2024 by rpki-client on console-fra.rpki-client.org