Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/59703f-f003-4845-983a-93e918d10ec5/1/HNNFt4rBz_qf3m8AtR3OWlUvbpo.roa
File: HNNFt4rBz_qf3m8AtR3OWlUvbpo.roa (raw, json)
Hash identifier: ds3QnbuIJIShF3Cqz5DqQcOdoIlKYxeVESykpAyGX/U=
Subject key identifier: 1C:D3:45:B7:8A:C1:CF:FA:9F:DE:6F:00:B5:1D:CE:5A:55:2F:6E:9A
Certificate issuer: /CN=c2746ccb7e73a9cc30ef04edd7cf16cc1d946894
Certificate serial: 018B14028E201FE6CFA2A6D4D41DBCBC117F
Authority key identifier: C2:74:6C:CB:7E:73:A9:CC:30:EF:04:ED:D7:CF:16:CC:1D:94:68:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wnRsy35zqcww7wTt188WzB2UaJQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/59703f-f003-4845-983a-93e918d10ec5/1/HNNFt4rBz_qf3m8AtR3OWlUvbpo.roa
Signing time: Mon 09 Oct 2023 10:36:33 +0000
ROA not before: Mon 09 Oct 2023 10:36:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209828
IP address blocks: 2a10:7cc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Sun 22 Oct 2023 10:45:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:14:02:8e:20:1f:e6:cf:a2:a6:d4:d4:1d:bc:bc:11:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2746ccb7e73a9cc30ef04edd7cf16cc1d946894
Validity
Not Before: Oct 9 10:36:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1cd345b78ac1cffa9fde6f00b51dce5a552f6e9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:c9:3b:02:ae:52:4b:40:64:d5:ce:51:3b:73:
4c:1d:a5:8a:2b:ab:fd:7c:57:90:8f:a8:33:49:35:
57:48:c5:e7:ab:0f:79:0a:0d:78:5f:ec:2c:70:b5:
d6:62:5a:5c:75:f4:61:61:b1:30:e9:a0:e1:ea:a1:
cb:8d:79:04:32:97:ac:e5:57:a8:00:af:78:1d:3d:
09:ec:97:8f:39:a0:6c:c3:26:e7:1b:0e:af:86:a9:
1d:10:a8:ef:90:8d:b0:b8:72:ed:55:e9:b4:e7:e5:
2d:c4:ee:9a:65:22:93:75:2b:ac:95:fe:48:85:bf:
0f:70:7d:e9:83:28:c0:94:d4:90:d0:14:f8:f2:4a:
c4:02:ed:da:b4:8b:ab:b2:da:1f:c5:90:a8:23:b9:
3a:e6:81:25:f6:fe:32:b2:13:b3:2a:1a:2b:38:b4:
ef:ff:32:19:94:9e:d8:9a:b3:85:98:d2:88:8f:17:
e9:c1:15:a2:d2:98:45:f0:0c:0a:3f:a6:92:42:e8:
7f:05:06:09:31:85:96:92:b3:7a:e2:2e:6b:45:6f:
5c:99:0b:dc:f4:04:a4:6c:ea:ea:86:e6:27:e4:ff:
f6:3c:d3:57:7b:cd:e3:be:41:34:0e:09:52:86:8a:
b0:be:73:31:69:94:9f:bc:b3:e2:02:30:04:4f:8d:
9b:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:D3:45:B7:8A:C1:CF:FA:9F:DE:6F:00:B5:1D:CE:5A:55:2F:6E:9A
X509v3 Authority Key Identifier:
keyid:C2:74:6C:CB:7E:73:A9:CC:30:EF:04:ED:D7:CF:16:CC:1D:94:68:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wnRsy35zqcww7wTt188WzB2UaJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/59703f-f003-4845-983a-93e918d10ec5/1/HNNFt4rBz_qf3m8AtR3OWlUvbpo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/59703f-f003-4845-983a-93e918d10ec5/1/wnRsy35zqcww7wTt188WzB2UaJQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:7cc0::/29
Signature Algorithm: sha256WithRSAEncryption
27:b2:cb:ae:7c:91:e1:41:24:b9:08:24:8a:61:8e:a1:50:57:
66:48:96:b8:1d:6d:5f:7c:ec:40:a2:40:14:4d:9c:a0:0d:b9:
ea:4f:0f:f6:45:97:ea:9d:04:9c:78:ff:bb:66:e0:bb:5f:9b:
e9:f7:d8:33:c0:b5:5b:7f:ad:68:2f:76:24:67:54:d6:6f:4f:
c2:2a:07:5d:cd:d5:f5:48:93:38:26:e9:64:c4:77:33:5f:32:
5f:86:0c:33:7e:64:26:49:0c:1f:62:54:16:28:33:18:b5:09:
dd:7d:fd:93:b6:19:5b:48:7a:94:5f:a9:e0:4a:bc:92:92:0f:
18:a1:ab:5e:a3:85:7f:4d:c9:6f:f1:b0:94:56:79:c0:0d:52:
41:b2:9b:7f:f1:3e:ce:81:64:91:4a:f5:65:93:64:84:c1:07:
9c:33:15:56:07:dd:52:ad:e0:8f:2d:46:34:d6:d6:24:48:9f:
4f:27:bd:a6:4f:83:87:33:c2:2a:8c:09:bb:84:5b:7c:4b:3a:
ac:b9:1b:dd:4a:23:48:85:f0:c1:ac:bd:78:e9:c5:ac:98:a8:
c5:0f:02:ca:00:42:99:5a:c9:b4:99:83:a0:ee:99:d8:8e:eb:
46:02:a1:b9:68:6d:f2:2c:0b:30:02:5f:39:18:e9:a1:c2:6a:
65:8a:1a:14
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYsUAo4gH+bPoqbU1B28vBF/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzQ2Y2NiN2U3M2E5Y2MzMGVmMDRlZGQ3Y2YxNmNjMWQ5
NDY4OTQwHhcNMjMxMDA5MTAzNjMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2QzNDViNzhhYzFjZmZhOWZkZTZmMDBiNTFkY2U1YTU1MmY2ZTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgsk7Aq5SS0Bk1c5RO3NMHaWKK6v9
fFeQj6gzSTVXSMXnqw95Cg14X+wscLXWYlpcdfRhYbEw6aDh6qHLjXkEMpes5Veo
AK94HT0J7JePOaBswybnGw6vhqkdEKjvkI2wuHLtVem05+UtxO6aZSKTdSuslf5I
hb8PcH3pgyjAlNSQ0BT48krEAu3atIurstofxZCoI7k65oEl9v4yshOzKhorOLTv
/zIZlJ7YmrOFmNKIjxfpwRWi0phF8AwKP6aSQuh/BQYJMYWWkrN64i5rRW9cmQvc
9ASkbOrqhuYn5P/2PNNXe83jvkE0DglShoqwvnMxaZSfvLPiAjAET42bzQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFBzTRbeKwc/6n95vALUdzlpVL26aMB8GA1UdIwQY
MBaAFMJ0bMt+c6nMMO8E7dfPFswdlGiUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25Sc3kzNXpxY3d3N3dUdDE4OFd6QjJVYUpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS81OTcwM2YtZjAwMy00ODQ1LTk4M2Et
OTNlOTE4ZDEwZWM1LzEvSE5ORnQ0ckJ6X3FmM204QXRSM09XbFV2YnBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS81OTcwM2YtZjAwMy00ODQ1LTk4M2EtOTNlOTE4ZDEwZWM1
LzEvd25Sc3kzNXpxY3d3N3dUdDE4OFd6QjJVYUpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhB8wDAN
BgkqhkiG9w0BAQsFAAOCAQEAJ7LLrnyR4UEkuQgkimGOoVBXZkiWuB1tX3zsQKJA
FE2coA256k8P9kWX6p0EnHj/u2bgu1+b6ffYM8C1W3+taC92JGdU1m9PwioHXc3V
9UiTOCbpZMR3M18yX4YMM35kJkkMH2JUFigzGLUJ3X39k7YZW0h6lF+p4Eq8kpIP
GKGrXqOFf03Jb/GwlFZ5wA1SQbKbf/E+zoFkkUr1ZZNkhMEHnDMVVgfdUq3gjy1G
NNbWJEifTye9pk+DhzPCKowJu4RbfEs6rLkb3UojSIXwway9eOnFrJioxQ8CygBC
mVrJtJmDoO6Z2I7rRgKhuWht8iwLMAJfORjpocJqZYoaFA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:45 2024 by rpki-client on console-ams.rpki-client.org