Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/8c83fd-52b5-40bb-9963-48873baa69a7/1/kigz20AQ-DpeN08b0U25MatQFLM.roa
File: kigz20AQ-DpeN08b0U25MatQFLM.roa (raw, json)
Hash identifier: 3Zaf7ULU3mn5D0cgUHjPHL7JKjTQyPerd6LzRtx0nMs=
Subject key identifier: 92:28:33:DB:40:10:F8:3A:5E:37:4F:1B:D1:4D:B9:31:AB:50:14:B3
Certificate issuer: /CN=881721281ffba5713e9d052af6fe6d1b040a2a39
Certificate serial: 01941FFA631345F106B1FB0DF3142E5918DA
Authority key identifier: 88:17:21:28:1F:FB:A5:71:3E:9D:05:2A:F6:FE:6D:1B:04:0A:2A:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iBchKB_7pXE-nQUq9v5tGwQKKjk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/8c83fd-52b5-40bb-9963-48873baa69a7/1/kigz20AQ-DpeN08b0U25MatQFLM.roa
Signing time: Wed 01 Jan 2025 03:48:10 +0000
ROA not before: Wed 01 Jan 2025 03:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34655
IP address blocks: 2a03:9c40::/48 maxlen: 48
2a03:9c40:200::/48 maxlen: 48
2a03:9c40:400::/48 maxlen: 48
2a03:9c40:600::/48 maxlen: 48
2a03:9c40:800::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 14 Jan 2025 06:49:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:63:13:45:f1:06:b1:fb:0d:f3:14:2e:59:18:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=881721281ffba5713e9d052af6fe6d1b040a2a39
Validity
Not Before: Jan 1 03:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=922833db4010f83a5e374f1bd14db931ab5014b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:d1:d7:17:6f:d0:91:c6:e3:ed:4f:65:b3:f6:
55:21:00:44:d3:e2:88:4e:4c:00:6d:20:de:74:7e:
a7:e9:08:9d:a8:e3:02:e5:01:92:b5:1b:fb:f8:1d:
21:72:8c:b4:98:77:77:1c:f9:ed:5c:57:8c:85:68:
bf:e9:e0:80:a5:58:23:8f:42:93:b5:03:6f:56:46:
24:7c:4e:65:cd:3d:57:a6:41:eb:61:6a:e5:fb:8c:
e3:ff:1c:69:17:fc:52:db:da:e1:3d:ac:59:d0:83:
2f:73:30:ca:25:5c:24:9a:0e:12:c2:a0:8e:f8:14:
c4:59:40:ec:c6:3e:fb:02:35:25:f9:09:a8:4e:fd:
31:c4:e1:a1:fa:99:bb:37:20:24:27:b9:3e:ac:8f:
70:f9:01:09:62:d1:4a:e1:f3:69:42:e3:13:67:b9:
ae:08:cd:ad:08:99:f1:ba:59:8f:69:94:e0:55:52:
d8:60:b8:0c:fe:60:d8:01:5c:37:3b:4c:17:d0:22:
1b:2a:ae:a6:8a:ad:9b:03:6b:1a:81:c2:48:c6:7b:
28:5f:24:f1:da:be:43:07:b0:b7:26:c6:d8:6e:ba:
47:b5:24:57:a0:19:bc:bb:49:81:e3:2a:f3:d5:85:
d4:34:88:83:39:df:f5:c8:5a:e0:7c:12:9c:87:93:
12:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:28:33:DB:40:10:F8:3A:5E:37:4F:1B:D1:4D:B9:31:AB:50:14:B3
X509v3 Authority Key Identifier:
keyid:88:17:21:28:1F:FB:A5:71:3E:9D:05:2A:F6:FE:6D:1B:04:0A:2A:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iBchKB_7pXE-nQUq9v5tGwQKKjk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/8c83fd-52b5-40bb-9963-48873baa69a7/1/kigz20AQ-DpeN08b0U25MatQFLM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/8c83fd-52b5-40bb-9963-48873baa69a7/1/iBchKB_7pXE-nQUq9v5tGwQKKjk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:9c40::/48
2a03:9c40:200::/48
2a03:9c40:400::/48
2a03:9c40:600::/48
2a03:9c40:800::/48
Signature Algorithm: sha256WithRSAEncryption
8b:13:64:51:6b:ae:49:fb:84:76:d5:74:d9:af:b9:ef:23:00:
f8:b6:eb:6c:ef:de:df:e8:37:f4:78:04:57:1c:0e:11:a9:1b:
cb:78:64:12:29:06:70:15:14:59:6e:72:56:a8:3a:59:f0:58:
4c:eb:88:ba:6a:8e:fb:00:f2:ed:35:89:74:96:92:09:9d:86:
ce:28:05:95:fe:75:15:52:29:15:36:2b:a3:0b:50:24:c0:f7:
aa:ca:4a:cc:75:1b:f4:ce:17:3a:8b:b8:6d:79:12:36:f3:41:
4c:41:ad:c3:61:67:7a:c2:9f:57:3e:8d:63:e1:10:f5:8b:e6:
e4:c9:78:64:29:3d:dd:d3:5d:6b:4e:f6:9f:62:98:bb:9a:16:
07:3e:33:7f:68:41:d8:ea:49:6f:a7:1c:f8:bc:84:fb:e1:8e:
f3:d4:b2:4b:11:fb:7c:98:2e:e5:7d:99:06:51:f0:a2:75:1c:
07:8d:68:e1:86:33:8c:58:81:f6:56:17:32:1f:6c:b0:d3:cc:
2f:6b:75:08:b4:7a:20:c1:84:16:68:0a:32:d0:06:d4:3a:85:
cc:39:1b:e4:a5:76:0f:7b:e9:8e:df:7d:7b:ee:3e:1e:6a:ac:
b0:24:4e:ec:c1:f1:b6:bd:a9:1a:3a:d3:ad:d3:b4:28:85:42:
c1:33:c2:e9
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZQf+mMTRfEGsfsN8xQuWRjaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4MTcyMTI4MWZmYmE1NzEzZTlkMDUyYWY2ZmU2ZDFiMDQw
YTJhMzkwHhcNMjUwMTAxMDM0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjI4MzNkYjQwMTBmODNhNWUzNzRmMWJkMTRkYjkzMWFiNTAxNGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwdHXF2/Qkcbj7U9ls/ZVIQBE0+KI
TkwAbSDedH6n6QidqOMC5QGStRv7+B0hcoy0mHd3HPntXFeMhWi/6eCApVgjj0KT
tQNvVkYkfE5lzT1XpkHrYWrl+4zj/xxpF/xS29rhPaxZ0IMvczDKJVwkmg4SwqCO
+BTEWUDsxj77AjUl+QmoTv0xxOGh+pm7NyAkJ7k+rI9w+QEJYtFK4fNpQuMTZ7mu
CM2tCJnxulmPaZTgVVLYYLgM/mDYAVw3O0wX0CIbKq6miq2bA2sagcJIxnsoXyTx
2r5DB7C3JsbYbrpHtSRXoBm8u0mB4yrz1YXUNIiDOd/1yFrgfBKch5MSEQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFJIoM9tAEPg6XjdPG9FNuTGrUBSzMB8GA1UdIwQY
MBaAFIgXISgf+6VxPp0FKvb+bRsECio5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUJjaEtCXzdwWEUtblFVcTl2NXRHd1FLS2prLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy84YzgzZmQtNTJiNS00MGJiLTk5NjMt
NDg4NzNiYWE2OWE3LzEva2lnejIwQVEtRHBlTjA4YjBVMjVNYXRRRkxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy84YzgzZmQtNTJiNS00MGJiLTk5NjMtNDg4NzNiYWE2OWE3
LzEvaUJjaEtCXzdwWEUtblFVcTl2NXRHd1FLS2prLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAzBAIAAjAtAwcAKgOcQAAA
AwcAKgOcQAIAAwcAKgOcQAQAAwcAKgOcQAYAAwcAKgOcQAgAMA0GCSqGSIb3DQEB
CwUAA4IBAQCLE2RRa65J+4R21XTZr7nvIwD4tuts797f6Df0eARXHA4RqRvLeGQS
KQZwFRRZbnJWqDpZ8FhM64i6ao77APLtNYl0lpIJnYbOKAWV/nUVUikVNiujC1Ak
wPeqykrMdRv0zhc6i7hteRI280FMQa3DYWd6wp9XPo1j4RD1i+bkyXhkKT3d011r
TvafYpi7mhYHPjN/aEHY6klvpxz4vIT74Y7z1LJLEft8mC7lfZkGUfCidRwHjWjh
hjOMWIH2VhcyH2yw08wva3UItHogwYQWaAoy0AbUOoXMORvkpXYPe+mO33177j4e
aqywJE7swfG2vakaOtOt07QohULBM8Lp
-----END CERTIFICATE-----
Generated at Sat Apr 19 03:17:41 2025 by rpki-client