Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/kyynf9FwypWQH61x8LFZYtFbXFM.roa
File: kyynf9FwypWQH61x8LFZYtFbXFM.roa (raw, json)
Hash identifier: ppCrrBtrCt+p2CfQS4atLU5pJVIDHuN3eDpviRQfcD0=
Subject key identifier: 93:2C:A7:7F:D1:70:CA:95:90:1F:AD:71:F0:B1:59:62:D1:5B:5C:53
Certificate issuer: /CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Certificate serial: 0191D8932A599378C6953585643DDDD2EF69
Authority key identifier: 18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/kyynf9FwypWQH61x8LFZYtFbXFM.roa
Signing time: Mon 09 Sep 2024 20:56:48 +0000
ROA not before: Mon 09 Sep 2024 20:56:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215436
IP address blocks: 2a12:ec0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 24 Sep 2024 07:39:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:d8:93:2a:59:93:78:c6:95:35:85:64:3d:dd:d2:ef:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Validity
Not Before: Sep 9 20:56:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=932ca77fd170ca95901fad71f0b15962d15b5c53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:74:42:11:fa:cd:dc:63:ba:2b:76:2c:ed:79:
b6:a2:73:fa:00:7e:cc:cb:c4:c1:49:71:4b:af:ca:
4a:18:ef:91:50:3c:a7:cb:e1:3a:4a:11:21:f3:4c:
e8:dd:47:8e:d9:e9:39:d4:f8:0d:ce:92:bb:55:85:
9f:1c:82:6e:01:e1:fc:f8:73:a3:2f:69:37:cb:2b:
32:a9:ab:ef:a2:ab:bc:e8:a3:92:ec:ba:bd:f2:71:
62:be:ac:51:30:f7:64:a1:04:ca:41:39:54:18:2c:
18:62:c2:75:94:10:f3:dd:a6:69:9e:e1:71:c0:5f:
46:fc:70:d9:07:23:ce:66:81:33:e1:c2:79:c4:7b:
54:26:0a:88:aa:9b:83:e6:1e:74:7a:05:6a:b7:ce:
9a:8c:0b:d8:c1:24:dd:ce:bc:16:05:42:12:e0:69:
a8:b1:ec:55:0f:b9:61:01:a3:da:2a:be:59:27:31:
ac:e3:18:de:3a:54:ff:d0:6d:a7:89:cc:3a:a0:72:
58:15:c3:bd:ba:5b:ee:1c:11:b7:89:b5:5d:25:3d:
16:89:a1:e0:94:d6:d3:96:3d:ca:f8:42:2d:fb:be:
43:03:5e:79:5c:52:64:9b:e0:fe:f5:d7:cd:6f:08:
52:9c:98:7d:bf:14:e8:f6:c8:f3:d7:06:30:d9:7a:
d1:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:2C:A7:7F:D1:70:CA:95:90:1F:AD:71:F0:B1:59:62:D1:5B:5C:53
X509v3 Authority Key Identifier:
keyid:18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/kyynf9FwypWQH61x8LFZYtFbXFM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:ec0::/29
Signature Algorithm: sha256WithRSAEncryption
07:da:80:a4:72:d6:b0:d4:51:02:f8:7c:ad:87:6c:92:1a:28:
c7:d6:77:93:3b:47:82:cd:13:bd:2c:8e:08:79:63:e0:e2:79:
39:fb:54:0f:53:d0:4d:af:b6:47:42:7c:20:33:85:88:1e:3e:
d3:7d:e7:58:0e:10:55:58:91:df:02:28:92:f3:77:3b:c4:2a:
44:8f:20:84:45:aa:ab:97:3c:2d:9a:28:b9:47:ee:24:50:53:
07:ce:a4:b0:de:6c:a6:5c:17:c1:27:2a:1b:29:06:dc:c5:5f:
68:cb:0a:a4:35:90:e9:14:3e:1b:b9:51:b0:a7:e5:0f:3b:84:
ab:06:fa:b9:2d:8d:ed:72:47:f9:bb:05:38:50:ef:d8:f0:fe:
54:e4:3b:ec:d7:b4:ff:0c:c7:61:24:a6:55:84:6b:fc:78:91:
df:30:21:d5:01:9f:a2:61:4c:76:d6:22:a6:5c:b5:2f:a4:86:
57:34:cd:ba:2f:a8:76:9a:f5:05:bc:07:7f:95:a7:2a:16:21:
ef:b2:df:e9:23:31:84:ae:0d:4b:f3:9a:e3:b6:39:06:5e:7f:
ca:b0:cb:e0:4c:0c:2e:0c:50:fa:01:8d:26:09:25:c0:f2:b9:
1a:be:4d:4c:4e:79:6f:75:86:cd:4a:f0:65:54:f3:89:35:cb:
73:11:d9:d6
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZHYkypZk3jGlTWFZD3d0u9pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4OWQ2YjU1ZDZhNjg4ZWU1ZTMzODE4ODNiYjVhZjY4NDMz
Mjc2ZTMwHhcNMjQwOTA5MjA1NjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzJjYTc3ZmQxNzBjYTk1OTAxZmFkNzFmMGIxNTk2MmQxNWI1YzUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArHRCEfrN3GO6K3Ys7Xm2onP6AH7M
y8TBSXFLr8pKGO+RUDyny+E6ShEh80zo3UeO2ek51PgNzpK7VYWfHIJuAeH8+HOj
L2k3yysyqavvoqu86KOS7Lq98nFivqxRMPdkoQTKQTlUGCwYYsJ1lBDz3aZpnuFx
wF9G/HDZByPOZoEz4cJ5xHtUJgqIqpuD5h50egVqt86ajAvYwSTdzrwWBUIS4Gmo
sexVD7lhAaPaKr5ZJzGs4xjeOlT/0G2nicw6oHJYFcO9ulvuHBG3ibVdJT0WiaHg
lNbTlj3K+EIt+75DA155XFJkm+D+9dfNbwhSnJh9vxTo9sjz1wYw2XrREwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJMsp3/RcMqVkB+tcfCxWWLRW1xTMB8GA1UdIwQY
MBaAFBida1XWpojuXjOBiDu1r2hDMnbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUt
YTJhNGM2YTYyMWNkLzEva3l5bmY5Rnd5cFdRSDYxeDhMRlpZdEZiWEZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUtYTJhNGM2YTYyMWNk
LzEvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhIOwDAN
BgkqhkiG9w0BAQsFAAOCAQEAB9qApHLWsNRRAvh8rYdskhoox9Z3kztHgs0TvSyO
CHlj4OJ5OftUD1PQTa+2R0J8IDOFiB4+033nWA4QVViR3wIokvN3O8QqRI8ghEWq
q5c8LZoouUfuJFBTB86ksN5splwXwScqGykG3MVfaMsKpDWQ6RQ+G7lRsKflDzuE
qwb6uS2N7XJH+bsFOFDv2PD+VOQ77Ne0/wzHYSSmVYRr/HiR3zAh1QGfomFMdtYi
ply1L6SGVzTNui+odpr1BbwHf5WnKhYh77Lf6SMxhK4NS/Oa47Y5Bl5/yrDL4EwM
LgxQ+gGNJgklwPK5Gr5NTE55b3WGzUrwZVTziTXLcxHZ1g==
-----END CERTIFICATE-----
Generated at Tue Sep 24 09:10:19 2024 by rpki-client on console-fra.rpki-client.org