Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/hjidM9TsaEnrvrDejIni9Ib4Z-U.roa
File: hjidM9TsaEnrvrDejIni9Ib4Z-U.roa (raw, json)
Hash identifier: 6qAue1T8YLS5We3cc/tP0f4/5GBY08QG97VGfWXxv5Y=
Subject key identifier: 86:38:9D:33:D4:EC:68:49:EB:BE:B0:DE:8C:89:E2:F4:86:F8:67:E5
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 018FED952D81D6C271A3A9E2C32B2BFD188C
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/hjidM9TsaEnrvrDejIni9Ib4Z-U.roa
Signing time: Thu 06 Jun 2024 12:45:27 +0000
ROA not before: Thu 06 Jun 2024 12:45:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216157
IP address blocks: 2a0f:5ec0::/29 maxlen: 32
2a0f:7fc0::/29 maxlen: 32
2a0f:edc0::/29 maxlen: 32
2a0f:fb40::/29 maxlen: 32
2a11:6600::/29 maxlen: 32
2a11:6c00::/29 maxlen: 32
2a11:d400::/29 maxlen: 32
2a11:f080::/29 maxlen: 32
2a12:3c80::/29 maxlen: 32
2a12:e4c0::/29 maxlen: 32
2a13:3a80::/29 maxlen: 32
2a13:3e80::/29 maxlen: 32
2a13:4680::/29 maxlen: 32
2a13:64c0::/29 maxlen: 32
2a13:6540::/29 maxlen: 32
2a13:6840::/29 maxlen: 32
2a13:68c0::/29 maxlen: 32
2a13:69c0::/29 maxlen: 32
2a13:6a40::/29 maxlen: 32
2a13:6ac0::/29 maxlen: 32
2a13:6bc0::/29 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ed:95:2d:81:d6:c2:71:a3:a9:e2:c3:2b:2b:fd:18:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Jun 6 12:45:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=86389d33d4ec6849ebbeb0de8c89e2f486f867e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:3b:4c:da:fa:17:a3:e6:66:1b:37:5e:42:21:
ae:6a:30:82:e2:94:3e:10:f5:76:67:4e:ba:7b:f0:
75:18:da:44:5e:78:45:6e:ac:f8:2a:a8:cd:0a:63:
d3:7a:32:e2:b8:45:13:6d:eb:07:e6:9f:e0:54:28:
04:15:ec:38:c3:16:03:37:76:0e:98:b8:4f:6f:21:
c9:28:c4:21:0b:8b:ca:9b:82:3c:bf:f8:9f:af:58:
b3:0e:fe:c1:74:63:ad:90:41:bd:4e:f6:40:87:b8:
13:c9:4e:06:74:f7:4e:f2:59:2d:2e:e4:91:2a:03:
ea:69:b5:17:98:cf:14:0a:1b:c7:69:06:e3:84:7e:
60:a5:80:03:65:db:dd:09:c1:e2:64:30:78:4b:95:
9d:8e:f4:4c:1a:70:c1:03:63:49:e1:fe:68:ad:cc:
75:91:79:90:fa:b5:c1:65:d4:92:e0:64:0a:57:69:
84:c3:70:54:b1:22:44:45:81:13:a4:60:ec:14:26:
9e:33:4a:2a:53:80:8b:16:8d:a7:81:00:af:82:8c:
bc:5d:29:f5:43:92:12:1c:7b:92:b8:2e:69:83:03:
1f:94:0a:da:db:ce:1e:8b:95:c2:c8:36:d8:5d:e9:
72:cd:d9:8a:27:5a:6b:9a:02:e2:24:72:13:18:a2:
c2:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:38:9D:33:D4:EC:68:49:EB:BE:B0:DE:8C:89:E2:F4:86:F8:67:E5
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/hjidM9TsaEnrvrDejIni9Ib4Z-U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:5ec0::/29
2a0f:7fc0::/29
2a0f:edc0::/29
2a0f:fb40::/29
2a11:6600::/29
2a11:6c00::/29
2a11:d400::/29
2a11:f080::/29
2a12:3c80::/29
2a12:e4c0::/29
2a13:3a80::/29
2a13:3e80::/29
2a13:4680::/29
2a13:64c0::/29
2a13:6540::/29
2a13:6840::/29
2a13:68c0::/29
2a13:69c0::/29
2a13:6a40::/29
2a13:6ac0::/29
2a13:6bc0::/29
Signature Algorithm: sha256WithRSAEncryption
9e:31:0d:17:c8:db:5e:cc:9e:b3:f1:02:f5:d0:c6:56:9b:1f:
11:25:18:bc:3c:6d:85:67:6d:03:9e:98:00:55:7c:68:4e:a9:
20:61:49:1d:63:0e:81:0d:58:3e:6a:24:6b:96:98:c7:71:7c:
5f:2a:10:80:5b:ea:5b:12:7d:97:43:d9:04:b7:4a:75:ce:f8:
0c:83:5b:8c:13:c7:cc:46:e0:f0:d9:04:66:1f:49:9b:c9:44:
48:54:02:0b:bb:57:32:ce:96:3b:0f:17:49:0d:e4:8e:d9:65:
4e:06:b0:46:cb:a7:0c:46:92:44:d6:1d:98:f3:af:a6:c0:f8:
fd:03:dc:92:48:69:0c:bf:10:88:57:5d:ba:80:bd:0d:0f:2e:
c7:2d:3b:c2:1f:eb:33:bc:e2:9b:b1:a4:7b:a7:a6:77:f4:54:
99:24:e4:23:82:60:45:68:bb:ce:0c:b6:47:33:01:6e:bb:51:
f7:da:3c:6a:cc:5b:64:fa:05:64:8e:b9:bf:c4:d8:d0:43:62:
f5:51:0d:6c:e4:cd:d3:2e:6e:d2:d6:cf:bb:0d:58:cf:b7:91:
9b:a9:1b:43:5f:0e:6d:57:90:57:7c:07:1f:51:20:0b:c6:c4:
cf:e4:c5:ed:7f:9c:95:45:e8:c4:67:e1:47:80:5b:2c:42:00:
aa:d0:d2:bd
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgISAY/tlS2B1sJxo6niwysr/RiMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjQwNjA2MTI0NTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjM4OWQzM2Q0ZWM2ODQ5ZWJiZWIwZGU4Yzg5ZTJmNDg2Zjg2N2U1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2DtM2voXo+ZmGzdeQiGuajCC4pQ+
EPV2Z066e/B1GNpEXnhFbqz4KqjNCmPTejLiuEUTbesH5p/gVCgEFew4wxYDN3YO
mLhPbyHJKMQhC4vKm4I8v/ifr1izDv7BdGOtkEG9TvZAh7gTyU4GdPdO8lktLuSR
KgPqabUXmM8UChvHaQbjhH5gpYADZdvdCcHiZDB4S5WdjvRMGnDBA2NJ4f5orcx1
kXmQ+rXBZdSS4GQKV2mEw3BUsSJERYETpGDsFCaeM0oqU4CLFo2ngQCvgoy8XSn1
Q5ISHHuSuC5pgwMflAra284ei5XCyDbYXelyzdmKJ1prmgLiJHITGKLC9QIDAQAB
o4ICmzCCApcwHQYDVR0OBBYEFIY4nTPU7GhJ676w3oyJ4vSG+GflMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvaGppZE05VHNhRW5ydnJEZWpJbmk5SWI0Wi1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGwBggrBgEFBQcBBwEB/wSBoDCBnTCBmgQCAAIwgZMDBQMq
D17AAwUDKg9/wAMFAyoP7cADBQMqD/tAAwUDKhFmAAMFAyoRbAADBQMqEdQAAwUD
KhHwgAMFAyoSPIADBQMqEuTAAwUDKhM6gAMFAyoTPoADBQMqE0aAAwUDKhNkwAMF
AyoTZUADBQMqE2hAAwUDKhNowAMFAyoTacADBQMqE2pAAwUDKhNqwAMFAyoTa8Aw
DQYJKoZIhvcNAQELBQADggEBAJ4xDRfI217MnrPxAvXQxlabHxElGLw8bYVnbQOe
mABVfGhOqSBhSR1jDoENWD5qJGuWmMdxfF8qEIBb6lsSfZdD2QS3SnXO+AyDW4wT
x8xG4PDZBGYfSZvJREhUAgu7VzLOljsPF0kN5I7ZZU4GsEbLpwxGkkTWHZjzr6bA
+P0D3JJIaQy/EIhXXbqAvQ0PLsctO8If6zO84puxpHunpnf0VJkk5COCYEVou84M
tkczAW67UffaPGrMW2T6BWSOub/E2NBDYvVRDWzkzdMubtLWz7sNWM+3kZupG0Nf
Dm1XkFd8Bx9RIAvGxM/kxe1/nJVF6MRn4UeAWyxCAKrQ0r0=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:58:11 2025 by rpki-client