Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/HVtynhRttTkTlotpPolURSE1D50.roa
File: HVtynhRttTkTlotpPolURSE1D50.roa (raw, json)
Hash identifier: UtCMqBNl2d3PhiHjSBBFAYLieuhEWq4fViN00jUXj/Y=
Subject key identifier: 1D:5B:72:9E:14:6D:B5:39:13:96:8B:69:3E:89:54:45:21:35:0F:9D
Certificate issuer: /CN=e5bf3a72cad6f4b3dc305b4cbe31087051d983f6
Certificate serial: 018B8F1D7E2ABCE03A38C9007A6A9EE9D43A
Authority key identifier: E5:BF:3A:72:CA:D6:F4:B3:DC:30:5B:4C:BE:31:08:70:51:D9:83:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5b86csrW9LPcMFtMvjEIcFHZg_Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/HVtynhRttTkTlotpPolURSE1D50.roa
Signing time: Thu 02 Nov 2023 08:19:16 +0000
ROA not before: Thu 02 Nov 2023 08:19:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47869
IP address blocks: 2a0e:1c80:d::/48 maxlen: 48
2a0e:1c80:1b::/48 maxlen: 48
2a0e:1c80:4::/48 maxlen: 48
2a0e:1c80:c::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:31:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8f:1d:7e:2a:bc:e0:3a:38:c9:00:7a:6a:9e:e9:d4:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5bf3a72cad6f4b3dc305b4cbe31087051d983f6
Validity
Not Before: Nov 2 08:19:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1d5b729e146db53913968b693e89544521350f9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:77:5c:e5:58:29:46:0d:bc:60:38:71:c2:4e:
b3:22:c1:fc:09:92:e5:7f:9c:4a:04:23:30:9c:a8:
22:8a:ec:19:cf:3f:f9:62:a7:5f:d2:3f:c5:33:2c:
ce:64:81:c8:93:38:c0:56:01:e0:de:c3:52:40:f9:
61:08:36:69:a9:45:e3:13:91:f7:95:0c:22:1e:0f:
f5:cc:18:4f:7a:88:a1:4d:90:88:d4:5a:0a:16:79:
30:f3:d2:35:21:83:9b:e4:14:66:d3:0c:d2:e4:f3:
5c:5f:55:8a:31:65:64:be:1e:a7:63:5c:4b:6e:f0:
af:dc:8e:88:3d:1e:50:8a:ce:e5:df:a9:24:41:a2:
e2:c6:f1:5f:16:69:75:f1:28:aa:9f:79:a4:a0:c9:
e2:a1:32:2c:54:9c:bd:05:8c:9f:b2:fc:04:81:bc:
33:57:54:36:32:c1:d1:68:8b:97:fe:a4:93:fd:cc:
eb:06:d1:1f:f4:4b:6a:bd:92:2d:be:55:c4:9a:06:
08:aa:4b:54:75:97:f3:1e:51:91:a3:cf:96:b0:76:
57:32:40:fb:20:7a:99:92:8b:bc:5a:de:19:b8:e4:
0d:c0:a2:5f:a5:eb:43:2b:2c:ea:14:91:9e:d0:b7:
2b:29:d8:cc:88:cc:3c:8d:68:92:45:c1:3e:44:0a:
d2:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:5B:72:9E:14:6D:B5:39:13:96:8B:69:3E:89:54:45:21:35:0F:9D
X509v3 Authority Key Identifier:
keyid:E5:BF:3A:72:CA:D6:F4:B3:DC:30:5B:4C:BE:31:08:70:51:D9:83:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b86csrW9LPcMFtMvjEIcFHZg_Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/HVtynhRttTkTlotpPolURSE1D50.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/5b86csrW9LPcMFtMvjEIcFHZg_Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:1c80:4::/48
2a0e:1c80:c::/47
2a0e:1c80:1b::/48
Signature Algorithm: sha256WithRSAEncryption
7b:43:8a:dc:bf:3b:94:21:ee:10:63:33:e9:a8:a1:d7:60:95:
49:1b:b4:2f:43:6e:3e:38:c6:ce:93:64:b0:a0:b8:2b:f4:1b:
59:4d:42:e4:c8:c2:62:90:ab:6d:e8:2a:dd:9b:86:21:99:4c:
29:ad:31:c3:0d:46:0f:d6:64:80:25:7f:3c:89:c8:08:89:0d:
4d:25:ac:8c:1f:68:c2:45:5a:67:3f:61:27:94:16:18:4a:2b:
6a:5f:48:d9:9f:56:86:17:be:c6:3b:d0:42:3a:f8:31:b5:bd:
b0:53:bd:82:cd:d9:74:8b:ec:8e:14:62:24:e8:84:7b:57:08:
a1:c3:b3:28:54:a8:fc:d0:28:cc:ac:97:d2:25:5d:4e:70:c2:
59:d8:5c:ae:38:0a:24:0a:38:8b:66:16:6e:73:7c:e6:bd:85:
da:72:67:b7:99:c0:d2:17:54:60:03:04:6f:d6:a7:18:29:ac:
69:a2:f6:47:08:9e:e0:ae:6e:b7:8c:69:35:0a:71:6f:01:f7:
a2:fc:9a:78:04:12:e3:23:9d:23:3c:b3:6d:19:7c:93:8f:b9:
e3:49:4c:42:b0:7b:7c:5b:74:c8:65:ac:df:2f:89:5e:4d:3f:
83:d4:ba:87:1b:ae:be:58:01:3a:55:25:55:7d:4c:f6:65:13:
8a:59:ce:cc
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYuPHX4qvOA6OMkAemqe6dQ6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YmYzYTcyY2FkNmY0YjNkYzMwNWI0Y2JlMzEwODcwNTFk
OTgzZjYwHhcNMjMxMTAyMDgxOTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDViNzI5ZTE0NmRiNTM5MTM5NjhiNjkzZTg5NTQ0NTIxMzUwZjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApXdc5VgpRg28YDhxwk6zIsH8CZLl
f5xKBCMwnKgiiuwZzz/5Yqdf0j/FMyzOZIHIkzjAVgHg3sNSQPlhCDZpqUXjE5H3
lQwiHg/1zBhPeoihTZCI1FoKFnkw89I1IYOb5BRm0wzS5PNcX1WKMWVkvh6nY1xL
bvCv3I6IPR5Qis7l36kkQaLixvFfFml18Siqn3mkoMnioTIsVJy9BYyfsvwEgbwz
V1Q2MsHRaIuX/qST/czrBtEf9EtqvZItvlXEmgYIqktUdZfzHlGRo8+WsHZXMkD7
IHqZkou8Wt4ZuOQNwKJfpetDKyzqFJGe0LcrKdjMiMw8jWiSRcE+RArS5QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFB1bcp4UbbU5E5aLaT6JVEUhNQ+dMB8GA1UdIwQY
MBaAFOW/OnLK1vSz3DBbTL4xCHBR2YP2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWI4NmNzclc5TFBjTUZ0TXZqRUljRkhaZ19ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC8yMzEzYjgtZGUwMi00MjI4LTkwMGEt
MDliZTlkYjExZjY2LzEvSFZ0eW5oUnR0VGtUbG90cFBvbFVSU0UxRDUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC8yMzEzYjgtZGUwMi00MjI4LTkwMGEtMDliZTlkYjExZjY2
LzEvNWI4NmNzclc5TFBjTUZ0TXZqRUljRkhaZ19ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcAKg4cgAAE
AwcBKg4cgAAMAwcAKg4cgAAbMA0GCSqGSIb3DQEBCwUAA4IBAQB7Q4rcvzuUIe4Q
YzPpqKHXYJVJG7QvQ24+OMbOk2SwoLgr9BtZTULkyMJikKtt6Crdm4YhmUwprTHD
DUYP1mSAJX88icgIiQ1NJayMH2jCRVpnP2EnlBYYSitqX0jZn1aGF77GO9BCOvgx
tb2wU72Czdl0i+yOFGIk6IR7Vwihw7MoVKj80CjMrJfSJV1OcMJZ2FyuOAokCjiL
ZhZuc3zmvYXacme3mcDSF1RgAwRv1qcYKaxpovZHCJ7grm63jGk1CnFvAfei/Jp4
BBLjI50jPLNtGXyTj7njSUxCsHt8W3TIZazfL4leTT+D1LqHG66+WAE6VSVVfUz2
ZROKWc7M
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:20 2024 by rpki-client on console-fra.rpki-client.org