Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/Kjl9IFs75CXTayAeWCOq2m5AJiY.roa
File: Kjl9IFs75CXTayAeWCOq2m5AJiY.roa (raw, json)
Hash identifier: WqkdX9arsh2/RTQYn/E3qcnf5h065ZWtmGmY4TTOv+E=
Subject key identifier: 2A:39:7D:20:5B:3B:E4:25:D3:6B:20:1E:58:23:AA:DA:6E:40:26:26
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 018CC6B8D0EB7C1852A7D08E487802482BA3
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/Kjl9IFs75CXTayAeWCOq2m5AJiY.roa
Signing time: Mon 01 Jan 2024 20:30:49 +0000
ROA not before: Mon 01 Jan 2024 20:30:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2a0c:9a44:cf::/48 maxlen: 48
2a0e:7d41:8888::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 18 May 2024 22:17:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:d0:eb:7c:18:52:a7:d0:8e:48:78:02:48:2b:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jan 1 20:30:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2a397d205b3be425d36b201e5823aada6e402626
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:fb:0b:3d:1e:92:78:7f:2f:eb:58:d5:b2:b2:
2d:f5:86:ef:4a:6c:a9:4b:03:1c:d1:ba:1b:9b:6e:
ba:3f:bd:27:a6:e4:f5:26:19:c5:b7:e6:87:48:f3:
34:eb:b1:e3:b7:42:ea:41:56:f4:39:d8:9f:05:4f:
23:c2:68:17:9a:99:a7:4f:82:e4:41:0d:6b:bc:47:
a3:88:5b:59:0a:09:b1:39:43:d4:7a:e5:83:ef:46:
b4:80:0a:0b:79:18:17:dd:49:4e:21:cb:9a:a2:10:
98:cd:16:4b:4b:4e:11:19:90:98:84:50:ae:c8:74:
cd:45:c6:59:56:57:37:3b:f4:b9:c0:bb:e3:e3:06:
0e:06:e0:06:f3:3a:20:bd:30:71:27:69:1f:4b:e3:
f5:7c:de:3a:f7:d2:a5:5e:f8:42:f4:a4:34:1c:47:
c1:50:c9:03:e0:5f:70:6b:97:77:91:aa:a8:4d:b4:
45:bf:63:cb:32:99:39:72:ec:6f:49:f4:05:61:3c:
b7:06:09:a9:d1:97:78:34:63:b9:16:5a:fc:cc:51:
e2:87:13:25:4e:4d:a9:ce:cb:df:4f:c4:33:d2:43:
46:34:6f:eb:23:81:14:6a:80:0d:92:e8:de:08:07:
b3:d8:11:42:b2:97:53:c3:83:d6:73:cd:f3:a8:72:
b6:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:39:7D:20:5B:3B:E4:25:D3:6B:20:1E:58:23:AA:DA:6E:40:26:26
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/Kjl9IFs75CXTayAeWCOq2m5AJiY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a44:cf::/48
2a0e:7d41:8888::/48
Signature Algorithm: sha256WithRSAEncryption
58:6b:9b:82:18:24:6c:88:aa:8a:03:23:d2:ae:d3:a8:bb:68:
f4:48:d5:8d:bc:ec:af:47:01:5b:8f:3a:c8:b5:a2:8c:10:48:
b9:3a:44:89:21:35:e0:32:9c:7f:db:11:1d:e9:0f:18:8f:b3:
97:e8:c7:e1:90:b8:64:79:97:9d:3d:93:43:f2:12:d9:70:4e:
9d:0f:3d:dc:95:b5:41:8c:4b:7d:23:0c:d3:57:ed:fb:f6:19:
69:91:b7:fc:73:20:ab:a2:fc:e7:38:2c:8b:24:6e:8b:d5:7b:
94:cb:1f:25:e1:d3:ee:f8:f1:4b:91:63:91:f4:6b:87:b4:67:
d9:65:29:91:d6:12:f2:64:78:56:22:e1:a6:e8:0f:d2:62:51:
87:89:f2:f9:1e:90:1a:ca:50:eb:d4:27:11:94:c5:ba:02:41:
0e:52:21:d8:c1:8c:44:0e:ff:cd:e5:f0:b6:0e:b9:02:b0:af:
af:eb:53:35:a1:e0:b7:71:a3:b0:4f:86:13:c3:eb:38:34:12:
d2:8b:2a:c0:27:c3:89:fe:9a:f3:d1:70:b9:d6:b6:a2:04:b3:
70:e7:f1:f3:cd:8b:b8:82:47:7e:a4:ac:b6:5a:74:fe:00:34:
b8:48:85:a7:9e:40:ad:37:45:dc:07:18:be:d0:5b:12:21:a4:
cc:76:e3:d3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzGuNDrfBhSp9COSHgCSCujMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjQwMTAxMjAzMDQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTM5N2QyMDViM2JlNDI1ZDM2YjIwMWU1ODIzYWFkYTZlNDAyNjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxfsLPR6SeH8v61jVsrIt9YbvSmyp
SwMc0bobm266P70npuT1JhnFt+aHSPM067Hjt0LqQVb0OdifBU8jwmgXmpmnT4Lk
QQ1rvEejiFtZCgmxOUPUeuWD70a0gAoLeRgX3UlOIcuaohCYzRZLS04RGZCYhFCu
yHTNRcZZVlc3O/S5wLvj4wYOBuAG8zogvTBxJ2kfS+P1fN4699KlXvhC9KQ0HEfB
UMkD4F9wa5d3kaqoTbRFv2PLMpk5cuxvSfQFYTy3Bgmp0Zd4NGO5Flr8zFHihxMl
Tk2pzsvfT8Qz0kNGNG/rI4EUaoANkujeCAez2BFCspdTw4PWc83zqHK27wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCo5fSBbO+Ql02sgHlgjqtpuQCYmMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvS2psOUlGczc1Q1hUYXlBZVdDT3EybTVBSmlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKgyaRADP
AwcAKg59QYiIMA0GCSqGSIb3DQEBCwUAA4IBAQBYa5uCGCRsiKqKAyPSrtOou2j0
SNWNvOyvRwFbjzrItaKMEEi5OkSJITXgMpx/2xEd6Q8Yj7OX6MfhkLhkeZedPZND
8hLZcE6dDz3clbVBjEt9IwzTV+379hlpkbf8cyCrovznOCyLJG6L1XuUyx8l4dPu
+PFLkWOR9GuHtGfZZSmR1hLyZHhWIuGm6A/SYlGHifL5HpAaylDr1CcRlMW6AkEO
UiHYwYxEDv/N5fC2DrkCsK+v61M1oeC3caOwT4YTw+s4NBLSiyrAJ8OJ/prz0XC5
1raiBLNw5/HzzYu4gkd+pKy2WnT+ADS4SIWnnkCtN0XcBxi+0FsSIaTMduPT
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:13:36 2025 by rpki-client