Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/89b3d1-7de3-4c63-a077-82c1b65bed40/1/k68kfe4cMgXjs_eIyo_AsDklO4k.roa
File: k68kfe4cMgXjs_eIyo_AsDklO4k.roa (raw, json)
Hash identifier: jANbmkXp1PPbHxTq48cRwFCZs/Alo/8rQNbgA41oBgc=
Subject key identifier: 93:AF:24:7D:EE:1C:32:05:E3:B3:F7:88:CA:8F:C0:B0:39:25:3B:89
Certificate issuer: /CN=f76e639524bda245b92db4cbbca56bd3a7a4ae0c
Certificate serial: 018C2D014F62DE8246D4C6F2FEDB82EF2625
Authority key identifier: F7:6E:63:95:24:BD:A2:45:B9:2D:B4:CB:BC:A5:6B:D3:A7:A4:AE:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/925jlSS9okW5LbTLvKVr06ekrgw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/89b3d1-7de3-4c63-a077-82c1b65bed40/1/k68kfe4cMgXjs_eIyo_AsDklO4k.roa
Signing time: Sun 03 Dec 2023 00:08:29 +0000
ROA not before: Sun 03 Dec 2023 00:08:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47251
IP address blocks: 2001:678:254::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:2d:01:4f:62:de:82:46:d4:c6:f2:fe:db:82:ef:26:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f76e639524bda245b92db4cbbca56bd3a7a4ae0c
Validity
Not Before: Dec 3 00:08:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=93af247dee1c3205e3b3f788ca8fc0b039253b89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:78:bf:15:70:74:7e:46:20:ab:0d:69:b8:26:
21:38:2b:6b:0d:78:26:07:49:62:d2:e9:2a:d9:00:
18:e4:52:1b:9f:ea:fa:b9:cc:77:be:89:56:c2:3d:
e1:3c:63:c6:58:42:34:e5:eb:29:aa:47:38:21:94:
3e:07:13:02:98:66:d5:58:bf:e7:01:f6:34:27:c3:
5f:08:73:bb:f4:57:7e:d7:23:54:72:1b:ba:56:65:
ee:21:1e:3a:0d:eb:1f:21:e0:1a:3a:c6:c1:4b:a0:
84:60:81:09:98:8a:17:89:62:bb:57:33:be:15:5b:
47:94:1a:3a:26:da:8d:38:14:20:cc:91:fc:a0:b1:
3b:7c:90:90:8c:b1:36:ba:f2:5f:58:d5:78:15:4a:
44:81:9c:a1:32:4f:39:87:9d:1a:4b:54:4b:4d:03:
0f:f0:0b:41:60:f8:14:7f:4d:e5:bc:20:31:f1:9d:
87:8c:f2:bf:47:71:37:4e:a3:02:51:d8:b6:d1:5a:
e6:df:6c:8d:23:1e:1d:44:3f:f2:fe:92:7f:2d:67:
e5:68:2d:43:4e:3c:6f:05:58:e8:a1:bd:84:d4:61:
e5:cd:5b:61:45:43:28:50:88:2d:54:5d:76:28:20:
d0:83:ff:4a:de:4f:59:20:c0:a5:29:ee:45:99:69:
c5:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:AF:24:7D:EE:1C:32:05:E3:B3:F7:88:CA:8F:C0:B0:39:25:3B:89
X509v3 Authority Key Identifier:
keyid:F7:6E:63:95:24:BD:A2:45:B9:2D:B4:CB:BC:A5:6B:D3:A7:A4:AE:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/925jlSS9okW5LbTLvKVr06ekrgw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/89b3d1-7de3-4c63-a077-82c1b65bed40/1/k68kfe4cMgXjs_eIyo_AsDklO4k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/89b3d1-7de3-4c63-a077-82c1b65bed40/1/925jlSS9okW5LbTLvKVr06ekrgw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:254::/48
Signature Algorithm: sha256WithRSAEncryption
8a:ab:c1:ed:df:b6:2f:30:04:71:f5:a7:ec:d4:17:88:6f:8e:
74:bb:10:dc:51:7d:fb:37:a2:76:7b:4d:d0:d0:f9:a4:21:5f:
ab:e2:90:4b:60:34:23:02:5c:31:89:8a:da:0f:2c:fd:a7:63:
6e:3a:47:6e:3f:78:55:e7:7d:89:9d:89:98:6c:b1:6f:18:f5:
97:83:fd:a7:26:a0:bd:38:28:19:be:71:8c:4b:7f:17:de:82:
50:2e:08:8f:0c:45:44:28:32:79:ea:e2:dc:7b:45:3f:ac:32:
4c:f8:a2:9c:2d:c8:4e:69:4c:f8:26:23:80:2b:47:31:81:6d:
f5:6c:f2:f4:46:dd:69:ee:2d:d5:ef:1c:15:ed:49:43:0a:e3:
81:8f:b7:20:d3:db:19:d7:32:46:5c:f2:15:12:2a:0d:22:c3:
44:f0:9b:56:9f:0f:f8:30:53:87:02:8c:4c:bb:28:e1:a4:e9:
f3:5e:49:a1:ee:e3:11:ac:cc:54:5d:8d:46:14:34:fc:d2:92:
b4:c5:64:92:ac:fa:6d:31:1b:df:9a:d9:4c:68:6f:09:ab:e9:
be:41:4e:53:33:4d:5d:d6:60:8b:6f:96:12:db:ef:cb:65:95:
f5:4b:54:1d:9d:37:33:98:be:95:c0:ad:ab:01:41:f6:55:f1:
df:1b:e1:68
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYwtAU9i3oJG1Mby/tuC7yYlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NmU2Mzk1MjRiZGEyNDViOTJkYjRjYmJjYTU2YmQzYTdh
NGFlMGMwHhcNMjMxMjAzMDAwODI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2FmMjQ3ZGVlMWMzMjA1ZTNiM2Y3ODhjYThmYzBiMDM5MjUzYjg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3i/FXB0fkYgqw1puCYhOCtrDXgm
B0li0ukq2QAY5FIbn+r6ucx3volWwj3hPGPGWEI05espqkc4IZQ+BxMCmGbVWL/n
AfY0J8NfCHO79Fd+1yNUchu6VmXuIR46DesfIeAaOsbBS6CEYIEJmIoXiWK7VzO+
FVtHlBo6JtqNOBQgzJH8oLE7fJCQjLE2uvJfWNV4FUpEgZyhMk85h50aS1RLTQMP
8AtBYPgUf03lvCAx8Z2HjPK/R3E3TqMCUdi20Vrm32yNIx4dRD/y/pJ/LWflaC1D
TjxvBVjoob2E1GHlzVthRUMoUIgtVF12KCDQg/9K3k9ZIMClKe5FmWnFZwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJOvJH3uHDIF47P3iMqPwLA5JTuJMB8GA1UdIwQY
MBaAFPduY5UkvaJFuS20y7yla9OnpK4MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTI1amxTUzlva1c1TGJUTHZLVnIwNmVrcmd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi84OWIzZDEtN2RlMy00YzYzLWEwNzct
ODJjMWI2NWJlZDQwLzEvazY4a2ZlNGNNZ1hqc19lSXlvX0FzRGtsTzRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi84OWIzZDEtN2RlMy00YzYzLWEwNzctODJjMWI2NWJlZDQw
LzEvOTI1amxTUzlva1c1TGJUTHZLVnIwNmVrcmd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAJU
MA0GCSqGSIb3DQEBCwUAA4IBAQCKq8Ht37YvMARx9afs1BeIb450uxDcUX37N6J2
e03Q0PmkIV+r4pBLYDQjAlwxiYraDyz9p2NuOkduP3hV532JnYmYbLFvGPWXg/2n
JqC9OCgZvnGMS38X3oJQLgiPDEVEKDJ56uLce0U/rDJM+KKcLchOaUz4JiOAK0cx
gW31bPL0Rt1p7i3V7xwV7UlDCuOBj7cg09sZ1zJGXPIVEioNIsNE8JtWnw/4MFOH
AoxMuyjhpOnzXkmh7uMRrMxUXY1GFDT80pK0xWSSrPptMRvfmtlMaG8Jq+m+QU5T
M01d1mCLb5YS2+/LZZX1S1QdnTczmL6VwK2rAUH2VfHfG+Fo
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:08 2024 by rpki-client on console-ams.rpki-client.org