Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/7b0a85-9677-4d03-afb6-a9faf6a26426/1/KGc0lScIdo7X1gNqcc0ugEWdXxk.roa
File: KGc0lScIdo7X1gNqcc0ugEWdXxk.roa (raw, json)
Hash identifier: OdCnLREMJIy53jt9p7K3uCKhdIOXKnqRkaUfirAarew=
Subject key identifier: 28:67:34:95:27:08:76:8E:D7:D6:03:6A:71:CD:2E:80:45:9D:5F:19
Certificate issuer: /CN=f2807f280da99569eca24346babe9dc85ac13240
Certificate serial: 0185708CCAB95E5CA21D3F35EF27A98330D0
Authority key identifier: F2:80:7F:28:0D:A9:95:69:EC:A2:43:46:BA:BE:9D:C8:5A:C1:32:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8oB_KA2plWnsokNGur6dyFrBMkA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/7b0a85-9677-4d03-afb6-a9faf6a26426/1/KGc0lScIdo7X1gNqcc0ugEWdXxk.roa
Signing time: Mon 02 Jan 2023 03:35:53 +0000
ROA not before: Mon 02 Jan 2023 03:35:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 18622
IP address blocks: 2a02:e38:4100::/40 maxlen: 40
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:ca:b9:5e:5c:a2:1d:3f:35:ef:27:a9:83:30:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f2807f280da99569eca24346babe9dc85ac13240
Validity
Not Before: Jan 2 03:35:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=286734952708768ed7d6036a71cd2e80459d5f19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:2d:2f:e6:71:f0:b3:df:71:9b:82:87:ee:02:
56:9b:55:7f:ee:83:cc:fb:72:0a:78:ce:e9:31:5e:
cb:ad:22:94:91:e0:f6:be:16:63:fd:a1:4a:36:a3:
40:29:e0:6f:36:0d:39:ff:db:e0:26:33:d5:87:5c:
d9:a3:b0:64:b8:4a:55:a6:e5:a8:c0:96:15:03:d3:
30:f2:92:aa:23:3a:5b:d4:d4:66:50:cf:b3:53:bf:
8c:2f:37:0c:d9:b2:e5:2c:bf:1f:d1:3b:cb:41:f7:
b9:42:fd:e0:a3:03:8a:a6:53:31:6d:77:da:30:78:
5b:e6:17:4f:b4:4b:5a:73:7b:99:0f:7c:37:73:f9:
c8:71:67:18:78:a7:23:df:4e:67:5b:33:e1:f2:12:
75:2f:42:2a:03:3a:42:c1:fa:c5:42:a6:dc:3f:04:
6c:9b:0e:1c:9a:d8:1c:9d:fd:5f:23:c4:79:59:99:
21:97:e1:3f:17:6c:de:bb:ee:15:89:cb:98:47:97:
34:d3:52:5f:d0:8f:5f:bb:bc:41:0b:47:bc:e0:8e:
a1:ee:04:38:81:af:06:27:f0:bc:21:ca:82:9b:55:
53:38:ed:ef:01:2d:3b:89:ad:e9:61:d4:c0:6b:8c:
fd:b7:47:6a:ca:d4:2f:d1:46:1b:11:79:56:92:6f:
d0:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:67:34:95:27:08:76:8E:D7:D6:03:6A:71:CD:2E:80:45:9D:5F:19
X509v3 Authority Key Identifier:
keyid:F2:80:7F:28:0D:A9:95:69:EC:A2:43:46:BA:BE:9D:C8:5A:C1:32:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8oB_KA2plWnsokNGur6dyFrBMkA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/7b0a85-9677-4d03-afb6-a9faf6a26426/1/KGc0lScIdo7X1gNqcc0ugEWdXxk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/7b0a85-9677-4d03-afb6-a9faf6a26426/1/8oB_KA2plWnsokNGur6dyFrBMkA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:e38:4100::/40
Signature Algorithm: sha256WithRSAEncryption
88:74:80:3a:09:c5:70:9e:91:49:2b:27:01:83:90:21:35:0c:
25:eb:d5:89:19:cd:dd:0a:ae:2f:38:d9:11:d9:f4:11:b6:cc:
ae:84:de:f5:67:a5:aa:91:ae:a2:d2:2c:17:43:5a:6f:08:0d:
07:c6:64:c0:23:c0:a5:81:b4:78:76:b2:90:2b:af:4c:16:2e:
cf:e1:c7:95:87:b9:be:da:3f:d0:98:71:a6:30:36:27:f6:9d:
88:99:e5:c1:c5:27:fa:d0:d4:af:9e:11:1d:91:cc:60:7c:d6:
f8:0f:cc:c3:b2:44:43:ae:be:ef:ec:29:b0:7a:8f:c6:1b:95:
ea:5c:6a:5d:96:b3:17:07:17:fa:a6:61:2a:08:75:35:13:a2:
db:f6:99:b2:da:ff:28:4c:e6:41:4e:53:e0:31:a2:29:0e:19:
4c:15:55:39:f5:a3:71:b7:99:00:e5:59:d4:81:aa:d3:cb:23:
57:55:19:78:88:f6:4f:f9:00:ac:5d:25:49:40:29:4a:88:cc:
af:59:5c:86:da:1e:a5:63:32:83:a2:f6:54:1e:66:30:b9:a2:
bc:9b:44:f0:82:06:37:4c:ed:23:ac:d2:bf:92:e6:cf:df:05:
51:1a:ac:f9:22:1d:57:61:ee:d7:13:5d:c2:80:ab:82:b2:67:
83:59:2a:6f
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVwjMq5XlyiHT817yepgzDQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyODA3ZjI4MGRhOTk1NjllY2EyNDM0NmJhYmU5ZGM4NWFj
MTMyNDAwHhcNMjMwMTAyMDMzNTUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODY3MzQ5NTI3MDg3NjhlZDdkNjAzNmE3MWNkMmU4MDQ1OWQ1ZjE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlC0v5nHws99xm4KH7gJWm1V/7oPM
+3IKeM7pMV7LrSKUkeD2vhZj/aFKNqNAKeBvNg05/9vgJjPVh1zZo7BkuEpVpuWo
wJYVA9Mw8pKqIzpb1NRmUM+zU7+MLzcM2bLlLL8f0TvLQfe5Qv3gowOKplMxbXfa
MHhb5hdPtEtac3uZD3w3c/nIcWcYeKcj305nWzPh8hJ1L0IqAzpCwfrFQqbcPwRs
mw4cmtgcnf1fI8R5WZkhl+E/F2zeu+4VicuYR5c001Jf0I9fu7xBC0e84I6h7gQ4
ga8GJ/C8IcqCm1VTOO3vAS07ia3pYdTAa4z9t0dqytQv0UYbEXlWkm/QEQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFChnNJUnCHaO19YDanHNLoBFnV8ZMB8GA1UdIwQY
MBaAFPKAfygNqZVp7KJDRrq+nchawTJAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOG9CX0tBMnBsV25zb2tOR3VyNmR5RnJCTWtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy83YjBhODUtOTY3Ny00ZDAzLWFmYjYt
YTlmYWY2YTI2NDI2LzEvS0djMGxTY0lkbzdYMWdOcWNjMHVnRVdkWHhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy83YjBhODUtOTY3Ny00ZDAzLWFmYjYtYTlmYWY2YTI2NDI2
LzEvOG9CX0tBMnBsV25zb2tOR3VyNmR5RnJCTWtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgIOOEEw
DQYJKoZIhvcNAQELBQADggEBAIh0gDoJxXCekUkrJwGDkCE1DCXr1YkZzd0Kri84
2RHZ9BG2zK6E3vVnpaqRrqLSLBdDWm8IDQfGZMAjwKWBtHh2spArr0wWLs/hx5WH
ub7aP9CYcaYwNif2nYiZ5cHFJ/rQ1K+eER2RzGB81vgPzMOyREOuvu/sKbB6j8Yb
lepcal2WsxcHF/qmYSoIdTUTotv2mbLa/yhM5kFOU+AxoikOGUwVVTn1o3G3mQDl
WdSBqtPLI1dVGXiI9k/5AKxdJUlAKUqIzK9ZXIbaHqVjMoOi9lQeZjC5orybRPCC
BjdM7SOs0r+S5s/fBVEarPkiHVdh7tcTXcKAq4KyZ4NZKm8=
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:30:00 2024 by rpki-client on console-ams.rpki-client.org