Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/HnR5dS9O88N2OOFm2stXIupVUHo.roa
File: HnR5dS9O88N2OOFm2stXIupVUHo.roa (raw, json)
Hash identifier: N0ZMxTtf4lztI9EnQ7s+P4dBd4Wqvnq+YT81WSMCtes=
Subject key identifier: 1E:74:79:75:2F:4E:F3:C3:76:38:E1:66:DA:CB:57:22:EA:55:50:7A
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 01856E8B4597DF070AC0A06722191F259FCE
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/HnR5dS9O88N2OOFm2stXIupVUHo.roa
Signing time: Sun 01 Jan 2023 18:14:58 +0000
ROA not before: Sun 01 Jan 2023 18:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34775
IP address blocks: 2a09:50c0::/48 maxlen: 48
2a09:97c0::/48 maxlen: 48
2a09:5140::/48 maxlen: 48
2a06:ba00::/48 maxlen: 48
2a09:9840::/48 maxlen: 48
2a09:12c0::/48 maxlen: 48
2a09:5240::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:8b:45:97:df:07:0a:c0:a0:67:22:19:1f:25:9f:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Jan 1 18:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1e7479752f4ef3c37638e166dacb5722ea55507a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:31:c5:b3:05:89:8a:21:55:8f:4b:5c:32:c8:
90:fe:a5:04:8b:36:6b:0e:2f:3b:51:d7:33:f6:07:
15:ac:51:a0:a2:25:5d:59:8b:4f:b1:69:d9:7f:5b:
bd:58:93:12:62:67:43:17:72:c2:c8:0a:57:f1:0c:
9d:e8:7d:38:a1:ee:39:c4:3f:82:4f:d2:ac:31:16:
a0:55:a6:92:cb:c2:8b:6e:e4:76:9e:7e:b2:d5:5d:
00:37:67:92:62:19:e6:b3:a7:db:98:0d:56:09:3d:
91:e8:60:f4:22:0d:bb:e8:91:84:d0:9b:34:d9:d7:
4e:5f:47:c5:bd:99:cf:b1:f7:73:92:01:33:07:d0:
53:9a:86:3a:a6:41:09:f9:30:7d:a2:23:03:da:e6:
75:bf:0b:10:8c:18:80:ac:ac:99:cb:5f:4f:47:17:
b4:19:2a:be:23:b5:0f:89:c9:1a:bb:f1:d5:7e:32:
09:67:c6:5a:7f:67:8f:e6:7b:13:e1:25:77:7d:d0:
1b:82:95:fa:3a:32:43:59:1f:ea:5f:20:6e:95:bb:
e5:3e:39:2b:ee:c6:e8:73:9c:9e:c1:b5:59:11:05:
4e:8f:77:db:7f:77:05:90:ac:94:67:f3:f9:32:cf:
29:7c:22:ce:69:55:b4:1b:95:c5:e9:c5:27:88:9d:
b7:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:74:79:75:2F:4E:F3:C3:76:38:E1:66:DA:CB:57:22:EA:55:50:7A
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/HnR5dS9O88N2OOFm2stXIupVUHo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:ba00::/48
2a09:12c0::/48
2a09:50c0::/48
2a09:5140::/48
2a09:5240::/48
2a09:97c0::/48
2a09:9840::/48
Signature Algorithm: sha256WithRSAEncryption
ac:8f:81:1c:1f:c3:42:1d:ff:8b:e5:1c:d0:54:19:32:de:9a:
90:cc:13:e1:1e:03:ee:32:8e:34:d7:8b:fe:a1:01:22:2a:68:
f3:6f:1b:6c:7c:03:08:a9:e0:99:b9:37:df:04:92:8a:a2:87:
72:dd:b7:93:1e:0f:1f:43:bf:f4:ca:39:02:43:8c:13:ec:b2:
62:d7:31:21:3c:7d:57:97:ca:c0:ce:a0:20:9f:93:e6:36:eb:
65:b7:86:c5:fa:78:e8:13:cf:8d:f2:ad:6b:c2:e5:61:71:f1:
cd:31:da:06:31:16:2d:57:88:a8:85:64:1f:75:28:0a:89:af:
ed:d1:9f:ee:36:70:15:00:71:78:c7:94:fd:d6:71:96:eb:e8:
ba:b4:df:83:7f:7d:35:5f:5c:d1:9e:4f:2a:44:a2:c2:79:4c:
7f:8b:63:90:fe:9f:31:ac:2c:98:91:66:72:57:ac:d4:e4:4e:
d4:36:a1:28:6b:62:b7:34:53:bd:c5:8c:92:0a:08:22:c1:f5:
b4:98:21:82:70:0f:1c:25:ae:66:16:20:6d:65:9d:78:27:3d:
57:33:1b:41:ba:b0:de:40:ce:9d:2b:11:78:38:99:04:dd:c4:
9d:d5:a6:37:e7:8b:48:ed:69:cb:02:e4:09:4c:4a:f1:89:e7:
13:bd:7e:b4
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYVui0WX3wcKwKBnIhkfJZ/OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjMwMTAxMTgxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTc0Nzk3NTJmNGVmM2MzNzYzOGUxNjZkYWNiNTcyMmVhNTU1MDdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhTHFswWJiiFVj0tcMsiQ/qUEizZr
Di87Udcz9gcVrFGgoiVdWYtPsWnZf1u9WJMSYmdDF3LCyApX8Qyd6H04oe45xD+C
T9KsMRagVaaSy8KLbuR2nn6y1V0AN2eSYhnms6fbmA1WCT2R6GD0Ig276JGE0Js0
2ddOX0fFvZnPsfdzkgEzB9BTmoY6pkEJ+TB9oiMD2uZ1vwsQjBiArKyZy19PRxe0
GSq+I7UPickau/HVfjIJZ8Zaf2eP5nsT4SV3fdAbgpX6OjJDWR/qXyBulbvlPjkr
7sboc5yewbVZEQVOj3fbf3cFkKyUZ/P5Ms8pfCLOaVW0G5XF6cUniJ23HwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFB50eXUvTvPDdjjhZtrLVyLqVVB6MB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvSG5SNWRTOU84OE4yT09GbTJzdFhJdXBWVUhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzBFBAIAAjA/AwcAKga6AAAA
AwcAKgkSwAAAAwcAKglQwAAAAwcAKglRQAAAAwcAKglSQAAAAwcAKgmXwAAAAwcA
KgmYQAAAMA0GCSqGSIb3DQEBCwUAA4IBAQCsj4EcH8NCHf+L5RzQVBky3pqQzBPh
HgPuMo4014v+oQEiKmjzbxtsfAMIqeCZuTffBJKKoody3beTHg8fQ7/0yjkCQ4wT
7LJi1zEhPH1Xl8rAzqAgn5PmNutlt4bF+njoE8+N8q1rwuVhcfHNMdoGMRYtV4io
hWQfdSgKia/t0Z/uNnAVAHF4x5T91nGW6+i6tN+Df301X1zRnk8qRKLCeUx/i2OQ
/p8xrCyYkWZyV6zU5E7UNqEoa2K3NFO9xYySCggiwfW0mCGCcA8cJa5mFiBtZZ14
Jz1XMxtBurDeQM6dKxF4OJkE3cSd1aY354tI7WnLAuQJTErxiecTvX60
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:20:17 2024 by rpki-client on console-fra.rpki-client.org