Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/HrkTCSZ5eJ1A3WHUkzhhe4mSDUc.roa
File: HrkTCSZ5eJ1A3WHUkzhhe4mSDUc.roa (raw, json)
Hash identifier: o51VncnZhx5+AEDUjy4d6Sh3m7v2mgMnSOASJK4aris=
Subject key identifier: 1E:B9:13:09:26:79:78:9D:40:DD:61:D4:93:38:61:7B:89:92:0D:47
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D81FECD9FE0DCC3C68F6B108C0E221E2E
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/HrkTCSZ5eJ1A3WHUkzhhe4mSDUc.roa
Signing time: Wed 07 Feb 2024 05:16:16 +0000
ROA not before: Wed 07 Feb 2024 05:16:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199929
IP address blocks: 2a0f:b241:17::/48 maxlen: 48
2a0f:b241:32::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 27 Mar 2024 01:36:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:81:fe:cd:9f:e0:dc:c3:c6:8f:6b:10:8c:0e:22:1e:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 7 05:16:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1eb913092679789d40dd61d49338617b89920d47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:36:64:8c:8e:58:bb:f4:7f:5d:c3:69:fa:db:
db:2e:a3:7b:2e:29:f4:e3:1c:88:00:12:62:4e:d2:
34:85:ae:a3:02:84:dd:69:17:91:87:ad:c6:cf:8e:
83:00:d4:fc:0f:e2:52:c5:f6:cc:bc:f0:96:3e:00:
34:c6:22:fd:aa:59:5c:55:0e:ac:aa:95:b1:aa:91:
d0:3e:5a:7b:32:dd:8e:40:bd:39:88:52:f3:f4:89:
6c:4a:af:94:e1:c1:a7:0e:5a:a2:0e:ed:fe:ec:b3:
6c:a4:86:63:9b:46:1f:1c:59:18:3a:ee:17:55:21:
6a:6b:a8:3a:68:67:61:42:b0:55:e0:a1:b2:a0:08:
b0:69:34:d6:f6:d4:b1:80:6f:63:fa:95:fd:01:3f:
2e:27:da:ec:11:3b:82:db:bc:d4:ad:76:ea:28:1f:
67:17:b1:99:ed:6c:be:f9:44:a2:7d:c2:f7:9b:41:
27:69:a6:25:28:a8:c3:8b:78:e6:34:2a:88:73:fd:
be:76:69:00:ba:a6:01:89:bf:9b:5d:54:79:ad:bc:
e4:d3:1b:bd:84:b0:b8:2b:1a:a5:a7:33:ef:41:70:
d1:83:2d:08:38:8b:bd:c8:e8:51:0f:13:8a:06:68:
2d:30:ae:13:43:a8:6a:e9:64:f1:50:1b:4e:55:14:
37:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:B9:13:09:26:79:78:9D:40:DD:61:D4:93:38:61:7B:89:92:0D:47
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/HrkTCSZ5eJ1A3WHUkzhhe4mSDUc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:17::/48
2a0f:b241:32::/48
Signature Algorithm: sha256WithRSAEncryption
38:78:4d:ba:dc:4a:6d:23:2a:7c:96:46:8e:c8:fc:8a:ff:e6:
6b:43:31:9e:18:e2:1a:3f:a4:bd:6e:f1:95:fe:45:26:58:bf:
28:f7:b8:b9:df:d2:76:15:b8:97:d1:8f:cf:31:03:65:2d:33:
b6:17:84:11:f5:e7:7d:70:73:92:3c:ad:ad:36:1c:8e:41:33:
61:f5:8e:72:3f:bf:ba:f9:01:a7:02:82:e8:4a:e2:54:da:d5:
95:c5:e0:e9:c9:52:2c:82:18:fc:16:63:a1:d7:e6:3c:79:40:
04:5d:26:02:64:19:0b:9d:3f:87:4e:2f:fb:bf:da:44:a4:6e:
3f:85:e8:2c:d9:10:78:19:3e:54:a6:79:1c:a0:8a:43:14:ee:
b1:f4:26:b4:8a:af:22:3d:e3:1b:2a:0a:79:f5:0b:b7:68:30:
15:d8:a1:09:00:8c:c0:64:20:b9:dd:ad:b7:b2:0f:46:d3:d2:
ad:ba:bb:c6:b3:02:89:70:f3:bb:17:62:bd:73:8a:8f:cf:bb:
23:ae:e8:b0:66:12:1b:7c:18:20:50:96:0f:9e:17:8f:93:f2:
7a:ec:2c:e5:29:7c:0a:c4:89:75:40:b8:7f:79:e0:29:6b:03:
bf:be:11:3e:ae:f4:50:7b:2e:2e:66:8e:7f:c1:8c:b8:fa:92:
16:8e:4c:58
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY2B/s2f4NzDxo9rEIwOIh4uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUxNjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWI5MTMwOTI2Nzk3ODlkNDBkZDYxZDQ5MzM4NjE3Yjg5OTIwZDQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgDZkjI5Yu/R/XcNp+tvbLqN7Lin0
4xyIABJiTtI0ha6jAoTdaReRh63Gz46DANT8D+JSxfbMvPCWPgA0xiL9qllcVQ6s
qpWxqpHQPlp7Mt2OQL05iFLz9IlsSq+U4cGnDlqiDu3+7LNspIZjm0YfHFkYOu4X
VSFqa6g6aGdhQrBV4KGyoAiwaTTW9tSxgG9j+pX9AT8uJ9rsETuC27zUrXbqKB9n
F7GZ7Wy++USifcL3m0EnaaYlKKjDi3jmNCqIc/2+dmkAuqYBib+bXVR5rbzk0xu9
hLC4KxqlpzPvQXDRgy0IOIu9yOhRDxOKBmgtMK4TQ6hq6WTxUBtOVRQ3bwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFB65EwkmeXidQN1h1JM4YXuJkg1HMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvSHJrVENTWjVlSjFBM1dIVWt6aGhlNG1TRFVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKg+yQQAX
AwcAKg+yQQAyMA0GCSqGSIb3DQEBCwUAA4IBAQA4eE263EptIyp8lkaOyPyK/+Zr
QzGeGOIaP6S9bvGV/kUmWL8o97i539J2FbiX0Y/PMQNlLTO2F4QR9ed9cHOSPK2t
NhyOQTNh9Y5yP7+6+QGnAoLoSuJU2tWVxeDpyVIsghj8FmOh1+Y8eUAEXSYCZBkL
nT+HTi/7v9pEpG4/hegs2RB4GT5UpnkcoIpDFO6x9Ca0iq8iPeMbKgp59Qu3aDAV
2KEJAIzAZCC53a23sg9G09KturvGswKJcPO7F2K9c4qPz7sjruiwZhIbfBggUJYP
nhePk/J67CzlKXwKxIl1QLh/eeApawO/vhE+rvRQey4uZo5/wYy4+pIWjkxY
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:11 2024 by rpki-client on console-fra.rpki-client.org