Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/hBMqpZLcxMABiaona-7MVbMJE6k.roa
File: hBMqpZLcxMABiaona-7MVbMJE6k.roa (raw, json)
Hash identifier: 5Yuv9xr4h7/yaEABY/cq07VRAaCSkfdaa9TXb9qm7SE=
Subject key identifier: 84:13:2A:A5:92:DC:C4:C0:01:89:AA:27:6B:EE:CC:55:B3:09:13:A9
Certificate issuer: /CN=cd8313e41e646a09cd01e2e6f4739d3bd236c4ff
Certificate serial: 01856BEEBD647F05C6DDBC4832B8BCF8C18D
Authority key identifier: CD:83:13:E4:1E:64:6A:09:CD:01:E2:E6:F4:73:9D:3B:D2:36:C4:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zYMT5B5kagnNAeLm9HOdO9I2xP8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/hBMqpZLcxMABiaona-7MVbMJE6k.roa
Signing time: Sun 01 Jan 2023 06:04:46 +0000
ROA not before: Sun 01 Jan 2023 06:04:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57010
IP address blocks: 2a04:ac00:4::/48 maxlen: 48
2a04:ac00:5::/48 maxlen: 48
2a04:ac00:8::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:ee:bd:64:7f:05:c6:dd:bc:48:32:b8:bc:f8:c1:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd8313e41e646a09cd01e2e6f4739d3bd236c4ff
Validity
Not Before: Jan 1 06:04:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=84132aa592dcc4c00189aa276beecc55b30913a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:71:7b:27:86:2c:fa:04:fd:f2:fe:9e:f5:73:
3b:df:45:c3:d6:bc:51:bf:0f:37:12:69:d4:36:f7:
24:75:a0:a1:b2:6d:19:fc:9c:e3:5d:3b:d4:21:3e:
b3:2c:eb:db:cf:d5:82:c9:ab:ae:6b:9c:13:4a:70:
6c:c9:a1:11:74:bc:9b:6b:92:95:9d:9e:6c:86:06:
dc:c5:ea:de:75:f7:e8:74:e8:e2:a8:a2:28:93:e0:
62:ed:c6:3e:8c:ae:db:59:46:b0:60:b9:ab:75:a9:
0c:77:10:61:e5:0e:7d:72:58:bd:56:7b:83:ef:16:
91:03:ea:be:05:a1:2b:f2:40:41:cc:3e:50:42:21:
6f:d6:d0:6c:25:81:f3:68:79:3d:e0:37:d9:0e:f5:
cd:7e:4e:e5:37:a7:27:9d:34:ed:81:a8:31:eb:1d:
6e:93:5a:54:9b:a4:3f:cc:23:96:a0:8e:60:e2:d7:
ad:68:47:a4:95:a8:8c:d4:11:f1:fc:4e:42:43:17:
5a:5f:c7:67:4e:c6:9e:5c:28:95:7e:04:a7:1e:11:
36:d0:da:7d:b0:7f:33:32:81:9b:61:e1:7a:94:74:
1e:6b:8a:ee:c8:4c:2c:b3:73:06:c5:22:da:ea:db:
7f:79:25:d0:4c:3c:b5:e0:d6:d0:7f:6c:c8:82:8e:
9f:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:13:2A:A5:92:DC:C4:C0:01:89:AA:27:6B:EE:CC:55:B3:09:13:A9
X509v3 Authority Key Identifier:
keyid:CD:83:13:E4:1E:64:6A:09:CD:01:E2:E6:F4:73:9D:3B:D2:36:C4:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zYMT5B5kagnNAeLm9HOdO9I2xP8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/hBMqpZLcxMABiaona-7MVbMJE6k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/zYMT5B5kagnNAeLm9HOdO9I2xP8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:ac00:4::/47
2a04:ac00:8::/48
Signature Algorithm: sha256WithRSAEncryption
a6:51:64:a1:66:37:3a:7f:ac:d5:d7:12:0a:e3:9c:db:c2:b6:
a0:89:36:60:75:2f:eb:c3:7d:35:63:c3:0a:d8:e0:26:25:d6:
ff:c7:de:04:5b:02:cd:dc:56:b4:a6:77:e0:cc:c3:b7:36:74:
71:2c:74:c7:c0:88:14:e7:47:bb:ec:ab:b1:01:6e:df:49:52:
54:24:d9:18:c6:27:46:ab:7c:62:7b:70:7a:4a:b3:9e:52:1e:
5e:3a:95:27:c4:8d:ae:f9:b1:34:bc:dc:09:86:e7:f1:e8:5f:
50:9a:68:0e:d9:cf:b3:23:a3:bf:d0:de:02:db:ad:5a:b1:09:
2b:3b:ed:68:a9:d6:52:1e:c9:1b:2e:d2:fb:f8:7a:d9:09:12:
c7:fc:ca:e0:57:21:34:3f:5d:80:ec:18:47:6d:d5:b0:26:df:
75:2b:50:49:56:38:00:65:86:2a:14:e1:e0:46:b0:c3:5e:12:
84:54:7b:56:b1:13:b9:ae:8a:5d:f8:61:25:7f:df:12:4b:00:
63:0b:4a:9d:2a:84:53:55:d4:83:49:d5:8a:5b:8f:97:92:1d:
31:21:0f:57:73:e3:f9:7a:69:e8:df:71:31:2a:0d:21:94:cf:
6a:88:56:47:e6:42:f6:d2:41:f9:12:b5:80:43:36:51:e6:f8:
21:d1:e9:f2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVr7r1kfwXG3bxIMri8+MGNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkODMxM2U0MWU2NDZhMDljZDAxZTJlNmY0NzM5ZDNiZDIz
NmM0ZmYwHhcNMjMwMTAxMDYwNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDEzMmFhNTkyZGNjNGMwMDE4OWFhMjc2YmVlY2M1NWIzMDkxM2E5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA53F7J4Ys+gT98v6e9XM730XD1rxR
vw83EmnUNvckdaChsm0Z/JzjXTvUIT6zLOvbz9WCyauua5wTSnBsyaERdLyba5KV
nZ5shgbcxeredffodOjiqKIok+Bi7cY+jK7bWUawYLmrdakMdxBh5Q59cli9VnuD
7xaRA+q+BaEr8kBBzD5QQiFv1tBsJYHzaHk94DfZDvXNfk7lN6cnnTTtgagx6x1u
k1pUm6Q/zCOWoI5g4tetaEeklaiM1BHx/E5CQxdaX8dnTsaeXCiVfgSnHhE20Np9
sH8zMoGbYeF6lHQea4ruyEwss3MGxSLa6tt/eSXQTDy14NbQf2zIgo6fdQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIQTKqWS3MTAAYmqJ2vuzFWzCROpMB8GA1UdIwQY
MBaAFM2DE+QeZGoJzQHi5vRznTvSNsT/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvellNVDVCNWthZ25OQWVMbTlIT2RPOUkyeFA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8zNDY1ZjMtMDNjMi00ZWFhLWE2NzQt
ODg2MmI1MTczMTdjLzEvaEJNcXBaTGN4TUFCaWFvbmEtN01WYk1KRTZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8zNDY1ZjMtMDNjMi00ZWFhLWE2NzQtODg2MmI1MTczMTdj
LzEvellNVDVCNWthZ25OQWVMbTlIT2RPOUkyeFA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcBKgSsAAAE
AwcAKgSsAAAIMA0GCSqGSIb3DQEBCwUAA4IBAQCmUWShZjc6f6zV1xIK45zbwrag
iTZgdS/rw301Y8MK2OAmJdb/x94EWwLN3Fa0pnfgzMO3NnRxLHTHwIgU50e77Kux
AW7fSVJUJNkYxidGq3xie3B6SrOeUh5eOpUnxI2u+bE0vNwJhufx6F9QmmgO2c+z
I6O/0N4C261asQkrO+1oqdZSHskbLtL7+HrZCRLH/MrgVyE0P12A7BhHbdWwJt91
K1BJVjgAZYYqFOHgRrDDXhKEVHtWsRO5ropd+GElf98SSwBjC0qdKoRTVdSDSdWK
W4+Xkh0xIQ9Xc+P5emno33ExKg0hlM9qiFZH5kL20kH5ErWAQzZR5vgh0eny
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:23:23 2024 by rpki-client on console-fra.rpki-client.org