Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/89ec25-72dc-4f0f-8b2f-ad7890c2e752/1/Kzy_MlhdXL8t1qJh1D39kcladVA.roa
File: Kzy_MlhdXL8t1qJh1D39kcladVA.roa (raw, json)
Hash identifier: Unl/6TRPjZRQtGAF34hmPRfzoXllXVrCg/8QfaVKfk4=
Subject key identifier: 2B:3C:BF:32:58:5D:5C:BF:2D:D6:A2:61:D4:3D:FD:91:C9:5A:75:50
Certificate issuer: /CN=5bd74e39dda400d136126e6c3efb1cf9344277ef
Certificate serial: 018CC5005A4887EE50DF20AE8C2EF025047D
Authority key identifier: 5B:D7:4E:39:DD:A4:00:D1:36:12:6E:6C:3E:FB:1C:F9:34:42:77:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W9dOOd2kANE2Em5sPvsc-TRCd-8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/89ec25-72dc-4f0f-8b2f-ad7890c2e752/1/Kzy_MlhdXL8t1qJh1D39kcladVA.roa
Signing time: Mon 01 Jan 2024 12:29:43 +0000
ROA not before: Mon 01 Jan 2024 12:29:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199669
IP address blocks: 2a11:68c7::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 26 Jan 2024 15:50:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:5a:48:87:ee:50:df:20:ae:8c:2e:f0:25:04:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5bd74e39dda400d136126e6c3efb1cf9344277ef
Validity
Not Before: Jan 1 12:29:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2b3cbf32585d5cbf2dd6a261d43dfd91c95a7550
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:f2:4f:73:6f:68:38:6b:67:be:c7:78:9f:b4:
df:9d:c6:77:ad:35:2a:64:a0:ba:2e:40:53:0f:85:
1a:92:00:3d:91:99:2c:2d:ee:c8:8a:8f:81:da:ca:
fc:fa:95:f8:04:7a:73:9f:26:96:e5:08:64:06:5e:
5b:3d:76:68:4e:87:ce:28:d7:d0:59:d9:64:88:2e:
55:95:f9:60:71:7e:8e:8b:6f:b7:3a:82:2a:68:f9:
76:7c:ac:e2:0f:18:3c:2e:37:ea:76:7a:43:c1:10:
60:4f:2c:9a:57:76:4d:e8:87:07:c8:77:1a:1c:2a:
69:b3:9b:59:b6:19:be:85:31:74:09:4a:16:fb:ba:
2f:d4:b9:23:94:91:75:dd:93:08:f1:ed:f2:2e:f0:
b8:22:91:ad:28:00:98:38:1c:df:1a:17:4a:b7:4b:
d0:b8:31:5f:97:31:95:c3:78:80:5c:4e:f2:a0:1e:
b9:fd:cf:29:50:77:b4:36:47:ed:e7:ab:ee:43:64:
5c:4d:52:63:6d:8d:4f:09:e3:d8:d2:d9:2e:27:44:
27:b4:cc:fe:89:0b:7f:24:9d:f1:24:7f:d2:ff:98:
54:07:6f:3c:1c:67:6a:67:ff:4b:45:26:f2:aa:a6:
12:f3:81:d3:62:ce:6a:4e:9b:78:96:9f:1d:2b:59:
56:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:3C:BF:32:58:5D:5C:BF:2D:D6:A2:61:D4:3D:FD:91:C9:5A:75:50
X509v3 Authority Key Identifier:
keyid:5B:D7:4E:39:DD:A4:00:D1:36:12:6E:6C:3E:FB:1C:F9:34:42:77:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W9dOOd2kANE2Em5sPvsc-TRCd-8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/89ec25-72dc-4f0f-8b2f-ad7890c2e752/1/Kzy_MlhdXL8t1qJh1D39kcladVA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/89ec25-72dc-4f0f-8b2f-ad7890c2e752/1/W9dOOd2kANE2Em5sPvsc-TRCd-8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:68c7::/32
Signature Algorithm: sha256WithRSAEncryption
72:a9:ac:6c:c8:89:30:50:e7:0d:b7:fa:fa:45:91:64:be:6f:
cd:96:34:cd:b8:c4:f8:94:9e:75:dc:4a:8e:ba:52:e0:a4:34:
a9:ea:b0:6b:70:a2:df:e7:36:f4:7a:70:58:8e:3d:18:d0:62:
01:77:76:18:1e:6f:16:8a:c6:44:53:33:df:d9:75:cb:ff:8c:
75:e7:28:b7:f2:07:e7:50:2d:f9:1b:d2:2e:cf:cd:eb:cb:70:
24:72:33:11:74:65:78:46:12:ed:a6:6f:15:c1:33:23:65:7d:
eb:ec:57:ee:da:5a:37:8f:a2:b8:c0:1b:bb:46:42:f0:05:f0:
e3:2f:4e:aa:8b:15:4d:d3:e4:64:82:37:3c:55:36:47:d4:39:
af:86:ec:f2:ea:38:04:32:17:df:04:d3:07:87:f2:ad:a3:19:
10:d0:48:a2:ec:6a:5a:66:27:f9:60:62:c3:b5:9d:19:ea:17:
39:6c:1a:61:95:6a:41:1c:49:a6:ee:8c:fd:57:08:8f:c4:50:
23:09:bc:f6:45:8c:cb:88:9b:4d:37:70:d0:ae:53:82:e4:16:
67:ce:00:a6:9b:36:45:f2:72:99:56:3b:a2:20:84:b4:6e:3b:
b1:59:13:8f:3b:f0:57:0c:54:7a:1d:00:4a:94:5a:2f:bf:9b:
3f:c8:6a:eb
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzFAFpIh+5Q3yCujC7wJQR9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViZDc0ZTM5ZGRhNDAwZDEzNjEyNmU2YzNlZmIxY2Y5MzQ0
Mjc3ZWYwHhcNMjQwMTAxMTIyOTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjNjYmYzMjU4NWQ1Y2JmMmRkNmEyNjFkNDNkZmQ5MWM5NWE3NTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApfJPc29oOGtnvsd4n7TfncZ3rTUq
ZKC6LkBTD4UakgA9kZksLe7Iio+B2sr8+pX4BHpznyaW5QhkBl5bPXZoTofOKNfQ
WdlkiC5VlflgcX6Oi2+3OoIqaPl2fKziDxg8LjfqdnpDwRBgTyyaV3ZN6IcHyHca
HCpps5tZthm+hTF0CUoW+7ov1LkjlJF13ZMI8e3yLvC4IpGtKACYOBzfGhdKt0vQ
uDFflzGVw3iAXE7yoB65/c8pUHe0Nkft56vuQ2RcTVJjbY1PCePY0tkuJ0QntMz+
iQt/JJ3xJH/S/5hUB288HGdqZ/9LRSbyqqYS84HTYs5qTpt4lp8dK1lW3wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFCs8vzJYXVy/LdaiYdQ9/ZHJWnVQMB8GA1UdIwQY
MBaAFFvXTjndpADRNhJubD77HPk0QnfvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzlkT09kMmtBTkUyRW01c1B2c2MtVFJDZC04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC84OWVjMjUtNzJkYy00ZjBmLThiMmYt
YWQ3ODkwYzJlNzUyLzEvS3p5X01saGRYTDh0MXFKaDFEMzlrY2xhZFZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC84OWVjMjUtNzJkYy00ZjBmLThiMmYtYWQ3ODkwYzJlNzUy
LzEvVzlkT09kMmtBTkUyRW01c1B2c2MtVFJDZC04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhFoxzAN
BgkqhkiG9w0BAQsFAAOCAQEAcqmsbMiJMFDnDbf6+kWRZL5vzZY0zbjE+JSeddxK
jrpS4KQ0qeqwa3Ci3+c29HpwWI49GNBiAXd2GB5vForGRFMz39l1y/+Mdecot/IH
51At+RvSLs/N68twJHIzEXRleEYS7aZvFcEzI2V96+xX7tpaN4+iuMAbu0ZC8AXw
4y9OqosVTdPkZII3PFU2R9Q5r4bs8uo4BDIX3wTTB4fyraMZENBIouxqWmYn+WBi
w7WdGeoXOWwaYZVqQRxJpu6M/VcIj8RQIwm89kWMy4ibTTdw0K5TguQWZ84Apps2
RfJymVY7oiCEtG47sVkTjzvwVwxUeh0ASpRaL7+bP8hq6w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:42 2024 by rpki-client on console-fra.rpki-client.org