Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/1356a8-891c-4ee1-b6d9-74746989ac92/1/KmvuxZl3loj_6SCu-WUdxCXnFd4.roa
File: KmvuxZl3loj_6SCu-WUdxCXnFd4.roa (raw, json)
Hash identifier: MR8gfGd1BLeOiPyDtdrcFzIO2VtMjR2Nz5vdJ5+KsoQ=
Subject key identifier: 2A:6B:EE:C5:99:77:96:88:FF:E9:20:AE:F9:65:1D:C4:25:E7:15:DE
Certificate issuer: /CN=9d07041fe55591e4e2236a40f43900ef26ef045e
Certificate serial: 019362082498B927EE8DDB2AFD14B71C220F
Authority key identifier: 9D:07:04:1F:E5:55:91:E4:E2:23:6A:40:F4:39:00:EF:26:EF:04:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nQcEH-VVkeTiI2pA9DkA7ybvBF4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/1356a8-891c-4ee1-b6d9-74746989ac92/1/KmvuxZl3loj_6SCu-WUdxCXnFd4.roa
Signing time: Mon 25 Nov 2024 06:35:20 +0000
ROA not before: Mon 25 Nov 2024 06:35:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31382
IP address blocks: 2001:67c:2248::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:47:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:62:08:24:98:b9:27:ee:8d:db:2a:fd:14:b7:1c:22:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d07041fe55591e4e2236a40f43900ef26ef045e
Validity
Not Before: Nov 25 06:35:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2a6beec599779688ffe920aef9651dc425e715de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:10:8d:44:28:4a:8a:46:cf:4a:0b:bd:33:e9:
13:99:b1:56:8c:1e:73:bb:58:34:31:09:55:ac:73:
5d:da:c5:f7:34:76:e7:55:ef:b6:b7:81:9c:5a:75:
34:10:e9:43:03:98:4d:3e:c8:60:e6:87:99:9e:a1:
fe:42:e4:b9:1a:3c:d2:74:36:71:2b:0d:e4:25:2a:
99:91:49:29:85:08:ef:37:37:3a:bc:a6:d3:6d:d1:
ec:e9:2b:32:88:56:bc:1d:02:01:29:b7:b6:11:d0:
b7:66:73:7f:7f:c8:7d:c2:87:7d:25:e1:70:a4:4b:
1f:98:6f:b2:52:72:8e:14:e7:dd:7b:da:dc:7d:68:
d4:ac:ad:60:42:62:64:d0:90:82:41:94:1a:a8:44:
70:b1:44:37:15:f7:78:6b:2f:02:06:7a:1b:b2:7e:
9e:ef:c1:7c:39:8f:e1:f1:c1:db:68:ba:b6:2d:f0:
78:13:24:cf:e9:1d:e6:c8:e8:18:2a:3a:28:d5:93:
63:79:16:9a:75:af:25:a5:cd:77:a1:e8:5b:36:1c:
44:3b:e8:ec:26:aa:20:30:da:90:98:26:ed:81:3b:
d7:55:e1:26:b7:01:e7:47:a8:5c:e0:8b:e5:1d:61:
da:c2:d2:54:4c:ee:48:28:c8:14:9b:dc:57:b3:a8:
94:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:6B:EE:C5:99:77:96:88:FF:E9:20:AE:F9:65:1D:C4:25:E7:15:DE
X509v3 Authority Key Identifier:
keyid:9D:07:04:1F:E5:55:91:E4:E2:23:6A:40:F4:39:00:EF:26:EF:04:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nQcEH-VVkeTiI2pA9DkA7ybvBF4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/1356a8-891c-4ee1-b6d9-74746989ac92/1/KmvuxZl3loj_6SCu-WUdxCXnFd4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/1356a8-891c-4ee1-b6d9-74746989ac92/1/nQcEH-VVkeTiI2pA9DkA7ybvBF4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:2248::/48
Signature Algorithm: sha256WithRSAEncryption
17:b4:7c:3c:7a:67:c7:a7:6d:1f:b7:d6:a3:9d:5a:52:73:b5:
e3:80:c3:35:e8:7d:96:fc:b6:11:f1:fc:50:0d:1b:b5:09:e2:
a7:91:af:b5:58:76:ff:41:8c:d1:33:13:da:b8:5a:26:a0:a1:
72:da:03:f1:42:c2:ec:4d:14:be:a7:a3:3f:28:6f:36:15:27:
de:66:7d:08:98:56:aa:f5:bc:3e:f3:4d:c1:bd:1d:c6:9b:6e:
bc:de:03:1b:43:77:a8:a6:6e:8f:17:59:14:04:32:56:c6:1f:
c8:41:ed:7f:26:83:56:a1:3b:b9:98:43:c8:fe:47:fc:71:de:
a1:9f:fd:ff:74:ac:b9:45:34:2f:40:32:98:76:d1:ef:44:75:
b2:b2:fd:77:3d:9e:54:db:29:de:dd:77:d0:10:aa:6a:cd:ca:
78:99:db:2b:b7:11:3f:49:46:0a:c2:29:74:57:af:17:ab:21:
b9:c3:56:43:3f:4d:25:c3:c5:c7:7f:aa:59:1c:63:a2:61:bb:
59:4b:eb:a9:17:a0:a7:96:1f:3e:3c:ef:29:a0:47:7c:93:a5:
64:d0:53:45:c5:1d:bf:21:8b:30:39:6c:7b:a4:c8:35:4a:9e:
ce:ba:22:39:fe:df:a6:aa:b7:ed:05:f2:29:ef:4f:31:81:08:
de:8e:99:b0
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZNiCCSYuSfujdsq/RS3HCIPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMDcwNDFmZTU1NTkxZTRlMjIzNmE0MGY0MzkwMGVmMjZl
ZjA0NWUwHhcNMjQxMTI1MDYzNTIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTZiZWVjNTk5Nzc5Njg4ZmZlOTIwYWVmOTY1MWRjNDI1ZTcxNWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzhCNRChKikbPSgu9M+kTmbFWjB5z
u1g0MQlVrHNd2sX3NHbnVe+2t4GcWnU0EOlDA5hNPshg5oeZnqH+QuS5GjzSdDZx
Kw3kJSqZkUkphQjvNzc6vKbTbdHs6SsyiFa8HQIBKbe2EdC3ZnN/f8h9wod9JeFw
pEsfmG+yUnKOFOfde9rcfWjUrK1gQmJk0JCCQZQaqERwsUQ3Ffd4ay8CBnobsn6e
78F8OY/h8cHbaLq2LfB4EyTP6R3myOgYKjoo1ZNjeRaada8lpc13oehbNhxEO+js
JqogMNqQmCbtgTvXVeEmtwHnR6hc4IvlHWHawtJUTO5IKMgUm9xXs6iUOwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCpr7sWZd5aI/+kgrvllHcQl5xXeMB8GA1UdIwQY
MBaAFJ0HBB/lVZHk4iNqQPQ5AO8m7wReMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblFjRUgtVlZrZVRpSTJwQTlEa0E3eWJ2QkY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny8xMzU2YTgtODkxYy00ZWUxLWI2ZDkt
NzQ3NDY5ODlhYzkyLzEvS212dXhabDNsb2pfNlNDdS1XVWR4Q1huRmQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny8xMzU2YTgtODkxYy00ZWUxLWI2ZDktNzQ3NDY5ODlhYzky
LzEvblFjRUgtVlZrZVRpSTJwQTlEa0E3eWJ2QkY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfCJI
MA0GCSqGSIb3DQEBCwUAA4IBAQAXtHw8emfHp20ft9ajnVpSc7XjgMM16H2W/LYR
8fxQDRu1CeKnka+1WHb/QYzRMxPauFomoKFy2gPxQsLsTRS+p6M/KG82FSfeZn0I
mFaq9bw+803BvR3Gm2683gMbQ3eopm6PF1kUBDJWxh/IQe1/JoNWoTu5mEPI/kf8
cd6hn/3/dKy5RTQvQDKYdtHvRHWysv13PZ5U2yne3XfQEKpqzcp4mdsrtxE/SUYK
wil0V68XqyG5w1ZDP00lw8XHf6pZHGOiYbtZS+upF6Cnlh8+PO8poEd8k6Vk0FNF
xR2/IYswOWx7pMg1Sp7OuiI5/t+mqrftBfIp708xgQjejpmw
-----END CERTIFICATE-----
Generated at Mon Apr 21 16:39:50 2025 by rpki-client