Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/H64LcBDVxJJu1vfVgy3CHcrTyH8.roa
File: H64LcBDVxJJu1vfVgy3CHcrTyH8.roa (raw, json)
Hash identifier: LNCfS0XwX22w7XtY1RgDR+oHnWREO/tyCef7g4+oFmo=
Subject key identifier: 1F:AE:0B:70:10:D5:C4:92:6E:D6:F7:D5:83:2D:C2:1D:CA:D3:C8:7F
Certificate issuer: /CN=1c390bff65dcedca813d7a10d7ec328c2f6eac34
Certificate serial: 01867423A05E00C1E98E4C212C28FC6D0A92
Authority key identifier: 1C:39:0B:FF:65:DC:ED:CA:81:3D:7A:10:D7:EC:32:8C:2F:6E:AC:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/H64LcBDVxJJu1vfVgy3CHcrTyH8.roa
Signing time: Tue 21 Feb 2023 13:22:17 +0000
ROA not before: Tue 21 Feb 2023 13:22:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201612
IP address blocks: 2a02:850:ffe2::/48 maxlen: 48
2001:678:20::/48 maxlen: 48
2a02:850:ffe5::/48 maxlen: 48
2a02:850:ffe0::/48 maxlen: 48
2001:67c:1bc::/48 maxlen: 48
2a02:850:ffe3::/48 maxlen: 48
2001:678:24::/48 maxlen: 48
2a02:850:ffe6::/48 maxlen: 48
2a02:850:ffe1::/48 maxlen: 48
2a02:850:ffe4::/48 maxlen: 48
2a02:850:ffe7::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:74:23:a0:5e:00:c1:e9:8e:4c:21:2c:28:fc:6d:0a:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c390bff65dcedca813d7a10d7ec328c2f6eac34
Validity
Not Before: Feb 21 13:22:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1fae0b7010d5c4926ed6f7d5832dc21dcad3c87f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:1a:bc:8b:2c:22:45:88:a6:26:30:aa:b0:1d:
52:32:83:8b:68:70:1c:74:77:39:71:92:3c:f8:35:
92:97:ea:36:d0:dd:ff:1a:89:19:be:ce:25:83:e5:
d4:1d:fb:05:42:d2:c6:ea:a5:2c:91:d5:fe:1b:4b:
58:eb:e6:24:0e:a9:10:13:32:62:28:42:6d:49:ad:
11:18:99:c5:d3:24:0f:4a:f6:14:9c:7f:49:f8:4e:
f2:11:22:4c:41:3f:94:1a:fe:2f:7d:7f:3f:93:6f:
ae:5d:9e:1b:a3:95:da:2d:1c:f0:be:06:04:cb:ac:
1b:20:a0:ee:bc:4f:96:91:0a:66:63:4e:27:95:1f:
1b:d2:d9:bb:87:59:54:6a:f7:bd:3b:1c:a5:2e:5f:
91:8d:c1:de:8f:d7:1a:3c:91:1a:ab:cd:c2:d5:9e:
83:0e:d3:d3:90:fa:25:e3:4d:ba:89:37:22:34:30:
11:a8:54:17:fa:1e:22:b8:d4:6e:b6:a8:95:fd:d5:
df:27:19:6d:0a:37:45:e4:a1:42:14:30:f0:48:cc:
d6:cb:76:53:5e:44:f2:88:12:d3:af:4a:ae:b4:e0:
02:c2:52:14:bf:6c:89:b5:c0:59:e9:f2:6a:0a:5f:
c0:6a:a7:52:f2:95:a1:85:32:34:01:02:93:42:34:
89:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:AE:0B:70:10:D5:C4:92:6E:D6:F7:D5:83:2D:C2:1D:CA:D3:C8:7F
X509v3 Authority Key Identifier:
keyid:1C:39:0B:FF:65:DC:ED:CA:81:3D:7A:10:D7:EC:32:8C:2F:6E:AC:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/H64LcBDVxJJu1vfVgy3CHcrTyH8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:20::/48
2001:678:24::/48
2001:67c:1bc::/48
2a02:850:ffe0::/45
Signature Algorithm: sha256WithRSAEncryption
6d:a5:cf:26:29:f3:44:44:e5:6e:44:4b:bb:11:cb:8c:8f:46:
86:cb:1c:5a:c0:97:8a:61:f1:7a:b0:26:f9:35:e3:17:8d:96:
c3:8e:70:89:7d:f0:3c:5c:02:2e:28:c6:c1:2a:e0:82:f7:f6:
61:03:e5:d9:b7:a0:62:2e:89:7d:88:90:6a:1f:09:59:0f:b5:
5c:02:4f:95:75:37:08:cc:95:37:5c:35:92:ac:1b:6b:c6:5a:
9a:b4:e9:ee:8f:41:a8:0f:b8:df:71:1a:0f:3a:58:bd:a6:19:
76:e7:8f:13:e5:0d:de:b2:61:81:9c:18:65:a3:3e:20:95:0f:
c7:13:f1:8d:97:06:2a:05:02:bd:14:27:bc:d8:98:09:7a:dc:
b9:44:e7:18:16:df:ad:2e:9a:cc:00:95:37:8a:5f:73:b2:32:
0f:9f:ab:e7:67:83:ad:98:d6:ce:6f:a1:45:70:5a:c8:68:7b:
19:ce:41:30:43:38:b2:f0:58:23:24:11:2c:fd:15:a5:9c:94:
53:36:6f:ae:ad:9a:15:42:ae:ca:b5:8f:00:86:c1:87:6f:f8:
9a:a3:de:e4:96:0d:2d:08:01:28:47:0d:73:3b:72:4c:54:69:
db:f9:ce:41:b6:5c:0c:6e:96:49:3f:26:43:0f:31:a5:91:08:
96:f3:34:e8
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYZ0I6BeAMHpjkwhLCj8bQqSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMzkwYmZmNjVkY2VkY2E4MTNkN2ExMGQ3ZWMzMjhjMmY2
ZWFjMzQwHhcNMjMwMjIxMTMyMjE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmFlMGI3MDEwZDVjNDkyNmVkNmY3ZDU4MzJkYzIxZGNhZDNjODdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjhq8iywiRYimJjCqsB1SMoOLaHAc
dHc5cZI8+DWSl+o20N3/GokZvs4lg+XUHfsFQtLG6qUskdX+G0tY6+YkDqkQEzJi
KEJtSa0RGJnF0yQPSvYUnH9J+E7yESJMQT+UGv4vfX8/k2+uXZ4bo5XaLRzwvgYE
y6wbIKDuvE+WkQpmY04nlR8b0tm7h1lUave9OxylLl+RjcHej9caPJEaq83C1Z6D
DtPTkPol4026iTciNDARqFQX+h4iuNRutqiV/dXfJxltCjdF5KFCFDDwSMzWy3ZT
XkTyiBLTr0qutOACwlIUv2yJtcBZ6fJqCl/AaqdS8pWhhTI0AQKTQjSJOwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFB+uC3AQ1cSSbtb31YMtwh3K08h/MB8GA1UdIwQY
MBaAFBw5C/9l3O3KgT16ENfsMowvbqw0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSERrTF8yWGM3Y3FCUFhvUTEtd3lqQzl1ckRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8zNDgxMDQtOGE0MS00OTQ5LTg1NTIt
YTk3NjVlZGM3OTVjLzEvSDY0TGNCRFZ4Skp1MXZmVmd5M0NIY3JUeUg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8zNDgxMDQtOGE0MS00OTQ5LTg1NTItYTk3NjVlZGM3OTVj
LzEvSERrTF8yWGM3Y3FCUFhvUTEtd3lqQzl1ckRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAAjAkAwcAIAEGeAAg
AwcAIAEGeAAkAwcAIAEGfAG8AwcDKgIIUP/gMA0GCSqGSIb3DQEBCwUAA4IBAQBt
pc8mKfNEROVuREu7EcuMj0aGyxxawJeKYfF6sCb5NeMXjZbDjnCJffA8XAIuKMbB
KuCC9/ZhA+XZt6BiLol9iJBqHwlZD7VcAk+VdTcIzJU3XDWSrBtrxlqatOnuj0Go
D7jfcRoPOli9phl2548T5Q3esmGBnBhloz4glQ/HE/GNlwYqBQK9FCe82JgJety5
ROcYFt+tLprMAJU3il9zsjIPn6vnZ4OtmNbOb6FFcFrIaHsZzkEwQziy8FgjJBEs
/RWlnJRTNm+urZoVQq7KtY8AhsGHb/iao97klg0tCAEoRw1zO3JMVGnb+c5BtlwM
bpZJPyZDDzGlkQiW8zTo
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:30 2023 by rpki-client on console.sobornost.net