Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/af6232-a4f5-4244-9436-eea267a58494/1/hj63B3jqcdWyP8VEg389yj9v3-w.roa
File: hj63B3jqcdWyP8VEg389yj9v3-w.roa (raw, json)
Hash identifier: eA0v3X9IBUoljB/CnOkCYymGsk9B91mh4/98Ld8lxfg=
Subject key identifier: 86:3E:B7:07:78:EA:71:D5:B2:3F:C5:44:83:7F:3D:CA:3F:6F:DF:EC
Certificate issuer: /CN=b5026c9974092e220542401281f9bdfd356c2842
Certificate serial: 01891C17F72B36FCD214D317D1294B83A46A
Authority key identifier: B5:02:6C:99:74:09:2E:22:05:42:40:12:81:F9:BD:FD:35:6C:28:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tQJsmXQJLiIFQkASgfm9_TVsKEI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/af6232-a4f5-4244-9436-eea267a58494/1/hj63B3jqcdWyP8VEg389yj9v3-w.roa
Signing time: Mon 03 Jul 2023 14:11:19 +0000
ROA not before: Mon 03 Jul 2023 14:11:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212109
IP address blocks: 2a10:8702::/32 maxlen: 32
2a10:8701::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:1c:17:f7:2b:36:fc:d2:14:d3:17:d1:29:4b:83:a4:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5026c9974092e220542401281f9bdfd356c2842
Validity
Not Before: Jul 3 14:11:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=863eb70778ea71d5b23fc544837f3dca3f6fdfec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:d1:1b:cf:9c:4e:29:1b:af:57:17:de:5c:21:
02:07:68:e1:93:55:7f:2c:5d:eb:da:2a:49:87:d9:
16:af:81:fc:c3:c2:5e:a6:78:6e:7c:10:de:70:15:
a6:f7:52:4d:77:9c:f2:35:da:06:f1:65:e3:b1:32:
ba:34:46:85:8d:fa:72:72:9c:b2:1b:b1:d5:da:de:
d2:55:3d:a1:e7:bc:1c:2c:d2:a1:fc:13:1f:7a:d4:
34:86:3e:fc:81:9c:e6:67:d1:33:ea:46:69:3c:df:
ff:a0:33:5b:5d:00:7f:3c:ff:09:6b:d3:de:3c:3d:
23:49:e8:01:77:b0:11:53:00:ab:e0:ef:40:50:2c:
6c:54:da:b5:91:97:e2:4b:32:58:72:62:3f:2b:c9:
a0:b0:18:ab:79:95:d4:ee:57:4d:38:5c:4a:0d:3f:
9f:e0:b7:27:10:08:4e:24:56:0f:07:a7:24:e5:23:
41:de:d1:90:64:5c:be:9c:e9:e2:ed:8f:e6:8a:dd:
ab:5f:4e:fc:49:02:78:bb:0c:d2:19:bd:9a:b2:a3:
41:ce:9b:9c:8a:2f:e9:b9:e8:6f:b1:38:f9:fb:31:
c5:62:4a:bf:f7:a6:ee:7e:11:21:2f:8e:a0:79:15:
c0:ec:b2:eb:a9:53:e2:52:eb:7f:91:2c:b9:ce:29:
a9:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:3E:B7:07:78:EA:71:D5:B2:3F:C5:44:83:7F:3D:CA:3F:6F:DF:EC
X509v3 Authority Key Identifier:
keyid:B5:02:6C:99:74:09:2E:22:05:42:40:12:81:F9:BD:FD:35:6C:28:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tQJsmXQJLiIFQkASgfm9_TVsKEI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/af6232-a4f5-4244-9436-eea267a58494/1/hj63B3jqcdWyP8VEg389yj9v3-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/af6232-a4f5-4244-9436-eea267a58494/1/tQJsmXQJLiIFQkASgfm9_TVsKEI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:8701::-2a10:8702:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
6f:67:f6:b6:a4:a4:e1:0f:38:c1:30:da:21:e7:3e:4f:f4:9e:
b1:c8:58:d7:5e:fb:ae:85:e2:4d:25:c0:dc:64:ac:c4:ca:34:
0f:1f:be:39:45:50:18:26:4d:9b:23:d6:09:f7:32:91:d4:9e:
3b:d3:db:24:18:88:67:00:5f:a8:a1:ae:46:79:dd:26:47:7e:
dd:b1:92:e7:35:41:8a:27:73:ed:ee:47:ac:31:34:35:9b:50:
63:c1:e6:c6:77:26:86:15:d6:f1:06:e9:a4:05:d0:e7:67:1b:
fe:09:11:9b:4b:1c:8a:c3:5a:b3:c7:ab:37:b1:a5:00:43:f3:
3e:1e:1f:d0:6e:07:5c:59:33:38:7c:e8:ea:26:55:5e:25:3b:
59:d6:36:fb:55:57:ac:8e:24:b6:58:f6:bc:b8:8e:fb:f2:67:
a2:46:f5:df:09:e3:89:52:a3:91:cb:3d:83:28:34:8f:cd:53:
3f:21:0d:0a:7c:0b:c2:cf:4d:5c:f5:7c:03:f2:c1:a5:5d:0e:
06:4a:59:dc:f8:e8:cb:47:89:ad:f4:a1:3f:e4:4f:cb:92:c3:
07:36:60:a0:7a:a3:a2:5d:1c:5c:31:41:6f:d6:a9:c9:5a:44:
51:43:71:8f:77:5a:cf:c2:a1:2b:7d:b7:8c:f1:7c:c2:46:98:
6d:13:c2:71
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAYkcF/crNvzSFNMX0SlLg6RqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1MDI2Yzk5NzQwOTJlMjIwNTQyNDAxMjgxZjliZGZkMzU2
YzI4NDIwHhcNMjMwNzAzMTQxMTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjNlYjcwNzc4ZWE3MWQ1YjIzZmM1NDQ4MzdmM2RjYTNmNmZkZmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiNEbz5xOKRuvVxfeXCECB2jhk1V/
LF3r2ipJh9kWr4H8w8JepnhufBDecBWm91JNd5zyNdoG8WXjsTK6NEaFjfpycpyy
G7HV2t7SVT2h57wcLNKh/BMfetQ0hj78gZzmZ9Ez6kZpPN//oDNbXQB/PP8Ja9Pe
PD0jSegBd7ARUwCr4O9AUCxsVNq1kZfiSzJYcmI/K8mgsBireZXU7ldNOFxKDT+f
4LcnEAhOJFYPB6ck5SNB3tGQZFy+nOni7Y/mit2rX078SQJ4uwzSGb2asqNBzpuc
ii/puehvsTj5+zHFYkq/96bufhEhL46geRXA7LLrqVPiUut/kSy5zimpIQIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFIY+twd46nHVsj/FRIN/Pco/b9/sMB8GA1UdIwQY
MBaAFLUCbJl0CS4iBUJAEoH5vf01bChCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFFKc21YUUpMaUlGUWtBU2dmbTlfVFZzS0VJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9hZjYyMzItYTRmNS00MjQ0LTk0MzYt
ZWVhMjY3YTU4NDk0LzEvaGo2M0IzanFjZFd5UDhWRWczODl5ajl2My13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9hZjYyMzItYTRmNS00MjQ0LTk0MzYtZWVhMjY3YTU4NDk0
LzEvdFFKc21YUUpMaUlGUWtBU2dmbTlfVFZzS0VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQMA4DBQAqEIcB
AwUAKhCHAjANBgkqhkiG9w0BAQsFAAOCAQEAb2f2tqSk4Q84wTDaIec+T/SeschY
1177roXiTSXA3GSsxMo0Dx++OUVQGCZNmyPWCfcykdSeO9PbJBiIZwBfqKGuRnnd
Jkd+3bGS5zVBiidz7e5HrDE0NZtQY8HmxncmhhXW8QbppAXQ52cb/gkRm0scisNa
s8erN7GlAEPzPh4f0G4HXFkzOHzo6iZVXiU7WdY2+1VXrI4ktlj2vLiO+/Jnokb1
3wnjiVKjkcs9gyg0j81TPyENCnwLws9NXPV8A/LBpV0OBkpZ3Pjoy0eJrfShP+RP
y5LDBzZgoHqjol0cXDFBb9apyVpEUUNxj3daz8KhK323jPF8wkaYbRPCcQ==
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:14:21 2024 by rpki-client on console.sobornost.net