Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/HDEA7bEe1hmL6LCUO-EFGQ5xAuY.roa
File: HDEA7bEe1hmL6LCUO-EFGQ5xAuY.roa (raw, json)
Hash identifier: 96Bihl5sy/jZ1IoyDnbnuHLgGgUJMXJQ7Sjbi0NSnLU=
Subject key identifier: 1C:31:00:ED:B1:1E:D6:19:8B:E8:B0:94:3B:E1:05:19:0E:71:02:E6
Certificate issuer: /CN=b05d28d16626bc5dcabf2e915435782b96e14071
Certificate serial: 018571D7BDC370B9B116E31752DE357C6249
Authority key identifier: B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/HDEA7bEe1hmL6LCUO-EFGQ5xAuY.roa
Signing time: Mon 02 Jan 2023 09:37:22 +0000
ROA not before: Mon 02 Jan 2023 09:37:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 33915
IP address blocks: 2a07:3500:15c0::/48 maxlen: 48
2a07:3502:11a0::/46 maxlen: 46
Validation: Failed, certificate revoked on Wed 29 Mar 2023 08:47:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:d7:bd:c3:70:b9:b1:16:e3:17:52:de:35:7c:62:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b05d28d16626bc5dcabf2e915435782b96e14071
Validity
Not Before: Jan 2 09:37:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1c3100edb11ed6198be8b0943be105190e7102e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:85:f1:ae:b4:a9:4a:c1:e6:0d:c2:3a:8d:26:
6f:53:c4:a7:31:1a:1d:68:2f:1c:34:72:67:51:f4:
d0:13:e7:72:7b:af:2a:39:e3:44:b2:8f:59:57:54:
e2:2a:49:e8:2c:38:f6:21:60:33:eb:35:82:e1:3f:
bb:55:b6:03:da:06:c9:28:99:bd:18:35:d8:ef:00:
d6:0d:f4:76:c2:49:43:fa:9e:88:c9:40:17:5d:3f:
25:58:3f:51:45:42:80:07:cb:05:93:92:8e:bd:a9:
09:57:d8:6f:71:6d:7a:93:b7:97:07:9b:a9:06:44:
ef:ee:20:b8:b2:f3:e4:cd:70:c5:ed:1e:8e:02:6b:
af:59:f4:2b:94:1e:b9:e9:88:4e:0d:1b:d2:08:ac:
11:ef:0b:8d:fb:d4:25:bc:1c:a0:d0:5a:11:e4:a7:
bd:38:ff:1a:f1:b6:36:e3:8c:14:be:ce:da:6c:12:
21:c7:9e:4c:e3:ac:be:d3:9a:03:63:73:a9:63:db:
af:7b:27:21:e4:92:2a:bb:34:63:56:7d:10:53:3a:
da:a9:41:0e:7b:29:08:a6:3d:56:d2:a3:95:3c:b0:
3e:2b:f2:5c:a0:82:14:e9:64:22:69:96:38:29:84:
01:38:e3:8d:5b:d5:ba:9a:e5:0b:14:a2:d6:69:f8:
ed:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:31:00:ED:B1:1E:D6:19:8B:E8:B0:94:3B:E1:05:19:0E:71:02:E6
X509v3 Authority Key Identifier:
keyid:B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/HDEA7bEe1hmL6LCUO-EFGQ5xAuY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:3500:15c0::/48
2a07:3502:11a0::/46
Signature Algorithm: sha256WithRSAEncryption
c5:2a:45:9c:14:87:90:b8:55:34:b7:cd:7d:69:fb:bf:84:39:
1a:f1:89:c7:d0:76:31:d3:c1:b1:11:fc:88:9a:17:56:ae:b3:
56:ef:1b:79:3a:6a:e7:41:24:c6:78:b6:bf:98:c4:32:ef:aa:
6b:d2:85:5d:39:26:62:15:85:81:90:09:76:c6:d4:30:6c:60:
33:57:16:7e:cf:d8:36:62:31:66:c2:6e:2b:ff:42:0a:fe:71:
d3:e4:06:9c:44:06:d2:89:44:bf:eb:74:da:07:6e:b2:5d:9a:
5b:ad:9c:ff:a8:fe:34:05:e8:87:93:99:c0:b0:b6:26:01:2d:
a6:71:ec:ae:a2:60:b6:6b:a6:2c:56:37:96:08:90:30:a6:9e:
5e:b8:e5:f0:61:d9:43:65:5c:4a:b4:d3:e5:5c:4f:6c:8f:68:
07:68:fd:79:c7:04:4b:61:42:6e:3f:2a:a6:4b:64:e9:3e:1b:
c3:ff:b3:d6:e3:80:ed:85:a8:c1:7b:c5:ca:4a:b7:ec:58:7b:
3f:f1:3f:1a:ad:aa:53:17:24:1a:95:5f:35:cf:a6:49:5d:7a:
f4:fd:16:de:5e:3c:5b:3a:b5:53:2a:8b:77:f1:a6:0d:a5:4f:
4f:d3:0a:d0:d0:1b:4f:c4:38:17:5d:b8:a4:2e:a2:06:0b:9f:
05:53:72:cf
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVx173DcLmxFuMXUt41fGJJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwNWQyOGQxNjYyNmJjNWRjYWJmMmU5MTU0MzU3ODJiOTZl
MTQwNzEwHhcNMjMwMTAyMDkzNzIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzMxMDBlZGIxMWVkNjE5OGJlOGIwOTQzYmUxMDUxOTBlNzEwMmU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjIXxrrSpSsHmDcI6jSZvU8SnMRod
aC8cNHJnUfTQE+dye68qOeNEso9ZV1TiKknoLDj2IWAz6zWC4T+7VbYD2gbJKJm9
GDXY7wDWDfR2wklD+p6IyUAXXT8lWD9RRUKAB8sFk5KOvakJV9hvcW16k7eXB5up
BkTv7iC4svPkzXDF7R6OAmuvWfQrlB656YhODRvSCKwR7wuN+9QlvByg0FoR5Ke9
OP8a8bY244wUvs7abBIhx55M46y+05oDY3OpY9uveych5JIquzRjVn0QUzraqUEO
eykIpj1W0qOVPLA+K/JcoIIU6WQiaZY4KYQBOOONW9W6muULFKLWafjtnQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBwxAO2xHtYZi+iwlDvhBRkOcQLmMB8GA1UdIwQY
MBaAFLBdKNFmJrxdyr8ukVQ1eCuW4UBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEt
YWQ1NzU1MjJiMzY1LzEvSERFQTdiRWUxaG1MNkxDVU8tRUZHUTV4QXVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEtYWQ1NzU1MjJiMzY1
LzEvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKgc1ABXA
AwcCKgc1AhGgMA0GCSqGSIb3DQEBCwUAA4IBAQDFKkWcFIeQuFU0t819afu/hDka
8YnH0HYx08GxEfyImhdWrrNW7xt5OmrnQSTGeLa/mMQy76pr0oVdOSZiFYWBkAl2
xtQwbGAzVxZ+z9g2YjFmwm4r/0IK/nHT5AacRAbSiUS/63TaB26yXZpbrZz/qP40
BeiHk5nAsLYmAS2mceyuomC2a6YsVjeWCJAwpp5euOXwYdlDZVxKtNPlXE9sj2gH
aP15xwRLYUJuPyqmS2TpPhvD/7PW44DthajBe8XKSrfsWHs/8T8arapTFyQalV81
z6ZJXXr0/RbeXjxbOrVTKot38aYNpU9P0wrQ0BtPxDgXXbikLqIGC58FU3LP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:54 2024 by rpki-client on console-fra.rpki-client.org