Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/ksLoTERnvRRPnyhJLpjhmmuo9U8.roa
File: ksLoTERnvRRPnyhJLpjhmmuo9U8.roa (raw, json)
Hash identifier: ks+rM06hG0RfZjVpExXi1bd8fl1ymaiEm8yB42CamCA=
Subject key identifier: 92:C2:E8:4C:44:67:BD:14:4F:9F:28:49:2E:98:E1:9A:6B:A8:F5:4F
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 018CC9BCDB185566E5DFF85616255329DF92
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/ksLoTERnvRRPnyhJLpjhmmuo9U8.roa
Signing time: Tue 02 Jan 2024 10:34:06 +0000
ROA not before: Tue 02 Jan 2024 10:34:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50512
IP address blocks: 2a02:2698:400::/38 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:47:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:db:18:55:66:e5:df:f8:56:16:25:53:29:df:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 2 10:34:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=92c2e84c4467bd144f9f28492e98e19a6ba8f54f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:3b:1f:99:85:2d:9a:9d:81:85:27:44:bb:41:
a1:82:10:c2:14:85:48:fa:f8:61:0e:d9:27:0a:ac:
3d:7b:5b:06:c8:b4:15:6f:79:ae:f3:4c:ee:ec:e3:
78:d6:cd:6a:c0:19:c9:77:6d:97:95:d6:d9:ce:3a:
b9:60:bf:5a:d3:58:1f:6d:c4:f7:84:64:fb:b2:e8:
05:1b:ee:92:1b:61:bf:dd:44:57:62:84:b1:42:e4:
31:1d:6f:93:b4:1f:7e:5c:de:c7:9b:29:b3:da:36:
67:09:a8:0c:da:18:46:57:2d:fc:83:4b:1c:d7:c9:
11:42:23:0b:97:52:63:73:d9:81:94:43:2a:7e:41:
e7:ed:6f:4f:4f:61:29:4b:be:aa:21:57:05:e0:8d:
fc:1a:97:58:a4:18:45:0b:1a:19:1d:56:f7:29:11:
66:82:fc:62:15:12:5c:86:7b:f8:a4:95:36:54:70:
98:95:b7:56:df:fb:bb:10:81:e7:ee:90:3e:88:a6:
84:65:9a:6a:f7:6f:d1:9b:4c:e8:b3:bd:c3:7c:9b:
d1:e5:b6:45:2f:29:1d:fb:29:c8:37:4f:fe:f2:a3:
3a:d5:93:50:21:cc:35:a6:2e:29:80:42:36:bf:9f:
6d:81:16:8f:4a:4c:69:b8:fa:af:05:f6:af:22:e5:
66:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:C2:E8:4C:44:67:BD:14:4F:9F:28:49:2E:98:E1:9A:6B:A8:F5:4F
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/ksLoTERnvRRPnyhJLpjhmmuo9U8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:2698:400::/38
Signature Algorithm: sha256WithRSAEncryption
ac:d5:54:b3:fb:92:1d:8c:4c:06:0e:71:1e:03:b8:13:43:ee:
b1:4c:65:8e:d4:f2:49:24:ed:fa:db:25:c5:29:4c:75:ec:c5:
f2:d5:d7:ba:c8:19:ba:0b:e4:66:9e:c2:95:1d:0d:a4:ae:3e:
1a:d6:a1:f8:ce:87:69:ce:b6:ab:1d:b9:6c:eb:9e:a9:1f:42:
3c:c0:cf:4a:c9:f9:59:c6:bd:71:8a:68:0c:07:05:c6:d3:d0:
16:f2:1d:e0:8d:2b:46:ce:b7:c2:29:53:7c:c8:b9:41:d2:a8:
4e:d9:96:da:4e:91:a1:a1:5d:ff:7e:cf:53:99:06:63:7d:96:
a8:70:59:60:a0:e3:af:92:19:86:ea:65:b1:42:d2:d1:4f:9e:
e7:0f:28:e5:47:6f:ea:d9:7d:62:1d:49:5b:fa:73:c4:cd:f7:
ca:e5:c5:09:0e:92:79:78:8f:e8:3d:a0:58:02:8a:0d:98:7a:
da:d4:ba:8a:5a:09:12:c9:65:77:44:06:a6:6b:2e:fd:2e:ca:
dc:54:60:34:f1:e2:8c:9f:3b:aa:4b:a6:8c:e1:87:bc:b3:b2:
3e:b0:78:c2:14:88:e6:f1:96:d6:0f:e4:28:3b:43:2a:c7:41:
6d:15:c6:fe:78:82:51:3e:6a:9d:5a:63:80:88:43:56:d3:de:
0d:6a:32:74
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzJvNsYVWbl3/hWFiVTKd+SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjQwMTAyMTAzNDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmMyZTg0YzQ0NjdiZDE0NGY5ZjI4NDkyZTk4ZTE5YTZiYThmNTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgjsfmYUtmp2BhSdEu0GhghDCFIVI
+vhhDtknCqw9e1sGyLQVb3mu80zu7ON41s1qwBnJd22XldbZzjq5YL9a01gfbcT3
hGT7sugFG+6SG2G/3URXYoSxQuQxHW+TtB9+XN7Hmymz2jZnCagM2hhGVy38g0sc
18kRQiMLl1Jjc9mBlEMqfkHn7W9PT2EpS76qIVcF4I38GpdYpBhFCxoZHVb3KRFm
gvxiFRJchnv4pJU2VHCYlbdW3/u7EIHn7pA+iKaEZZpq92/Rm0zos73DfJvR5bZF
Lykd+ynIN0/+8qM61ZNQIcw1pi4pgEI2v59tgRaPSkxpuPqvBfavIuVm9QIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFJLC6ExEZ70UT58oSS6Y4ZprqPVPMB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEva3NMb1RFUm52UlJQbnloSkxwamhtbXVvOVU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYCKgImmAQw
DQYJKoZIhvcNAQELBQADggEBAKzVVLP7kh2MTAYOcR4DuBND7rFMZY7U8kkk7frb
JcUpTHXsxfLV17rIGboL5GaewpUdDaSuPhrWofjOh2nOtqsduWzrnqkfQjzAz0rJ
+VnGvXGKaAwHBcbT0BbyHeCNK0bOt8IpU3zIuUHSqE7ZltpOkaGhXf9+z1OZBmN9
lqhwWWCg46+SGYbqZbFC0tFPnucPKOVHb+rZfWIdSVv6c8TN98rlxQkOknl4j+g9
oFgCig2YetrUuopaCRLJZXdEBqZrLv0uytxUYDTx4oyfO6pLpozhh7yzsj6weMIU
iObxltYP5Cg7QyrHQW0Vxv54glE+ap1aY4CIQ1bT3g1qMnQ=
-----END CERTIFICATE-----
Generated at Thu Apr 17 06:18:08 2025 by rpki-client