Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/kvYVjxIJ8oaX6brFuzY_UcukCZA.roa
File: kvYVjxIJ8oaX6brFuzY_UcukCZA.roa (raw, json)
Hash identifier: AOvc9vykSoN7OZ34PO1ryR3QjUsTL32MKbJPl3FjEbc=
Subject key identifier: 92:F6:15:8F:12:09:F2:86:97:E9:BA:C5:BB:36:3F:51:CB:A4:09:90
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 0190E005DD58B9A5B82999D7D1827A79E04B
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/kvYVjxIJ8oaX6brFuzY_UcukCZA.roa
Signing time: Tue 23 Jul 2024 14:36:38 +0000
ROA not before: Tue 23 Jul 2024 14:36:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50225
IP address blocks: 2a0c:a586::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 05 Aug 2024 15:06:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:e0:05:dd:58:b9:a5:b8:29:99:d7:d1:82:7a:79:e0:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jul 23 14:36:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=92f6158f1209f28697e9bac5bb363f51cba40990
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:48:d0:0c:a0:f6:f7:ae:02:cd:56:ae:87:9d:
29:09:62:93:ce:44:e7:fa:00:bc:8d:1a:7f:86:29:
9f:de:05:87:96:62:69:ee:e7:ae:61:6e:e9:7c:9c:
8e:2c:4b:d5:42:ed:d6:6a:a5:cd:d6:06:9c:a4:24:
6e:ea:fa:43:56:53:40:91:d5:33:0b:fd:a3:fc:6f:
b6:09:68:89:9b:50:11:fc:2b:fd:85:a8:46:7e:b2:
c4:06:73:ad:d1:b1:d2:ab:46:fa:e8:60:e0:13:21:
0b:dd:b7:3e:5c:53:2f:82:36:e5:f1:6f:10:7c:df:
7e:bd:c7:5c:5f:c7:69:56:92:a4:62:72:5a:36:2a:
88:f3:26:4e:0e:33:63:0b:01:d1:fb:b2:26:ec:23:
35:ad:f4:4d:dd:4c:17:e3:fa:57:b0:39:5d:84:2d:
50:41:44:eb:1c:c5:d0:62:12:a9:3d:e0:7d:b9:3c:
ab:4e:28:33:03:af:b4:d3:b9:ac:cf:3c:a9:87:84:
5a:ee:7d:9e:0e:40:da:42:ad:1c:46:97:9d:54:36:
87:c3:82:5d:10:0b:f9:ec:de:70:3f:ea:53:27:68:
19:c4:e2:a9:20:29:85:3d:39:40:ea:a7:90:96:25:
07:d5:89:3f:a9:64:7b:87:ec:fa:02:2d:cc:22:79:
00:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:F6:15:8F:12:09:F2:86:97:E9:BA:C5:BB:36:3F:51:CB:A4:09:90
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/kvYVjxIJ8oaX6brFuzY_UcukCZA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:a586::/32
Signature Algorithm: sha256WithRSAEncryption
6d:03:3b:3e:d0:ea:c5:1c:e8:b4:7c:fd:1d:0c:3d:c6:bb:61:
99:fe:48:ea:24:fe:c5:c5:b4:82:02:ff:98:4d:42:b8:20:c0:
77:a7:2c:96:70:35:7f:e7:dd:6d:0f:28:09:8a:b2:02:0d:e3:
b0:5e:af:2d:4d:ef:b8:0a:99:e1:65:8c:76:31:ed:2b:41:e7:
38:b4:bd:af:23:cc:0a:24:1f:56:1e:43:5e:78:90:ee:b8:1b:
c6:59:2a:1c:1e:0a:e5:22:b7:bb:b2:64:51:a8:d6:e8:54:89:
7e:a8:99:05:a9:f4:98:23:e0:76:6a:ed:d9:54:71:83:ad:7e:
c5:9e:8a:37:f3:54:53:43:00:b8:e9:54:b1:b2:29:49:49:22:
8b:aa:ed:c7:51:86:3e:62:c6:2d:72:d8:9e:5d:87:45:57:c8:
41:81:3b:03:57:2f:0e:25:dd:7d:33:5b:e3:2e:33:58:09:6f:
6b:b0:27:23:a9:ed:5b:49:27:b3:33:e9:6e:bf:94:74:b2:9a:
17:c1:46:70:0a:55:78:0d:93:89:43:71:63:69:d4:44:81:98:
66:26:01:26:3e:45:e3:9a:1a:22:7e:a0:ec:b5:d3:59:83:c5:
14:04:21:d2:c6:dc:d8:a7:53:17:a3:84:60:3e:99:aa:ea:86:
f3:db:8b:ac
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZDgBd1YuaW4KZnX0YJ6eeBLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwNzIzMTQzNjM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmY2MTU4ZjEyMDlmMjg2OTdlOWJhYzViYjM2M2Y1MWNiYTQwOTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzUjQDKD2964CzVauh50pCWKTzkTn
+gC8jRp/himf3gWHlmJp7ueuYW7pfJyOLEvVQu3WaqXN1gacpCRu6vpDVlNAkdUz
C/2j/G+2CWiJm1AR/Cv9hahGfrLEBnOt0bHSq0b66GDgEyEL3bc+XFMvgjbl8W8Q
fN9+vcdcX8dpVpKkYnJaNiqI8yZODjNjCwHR+7Im7CM1rfRN3UwX4/pXsDldhC1Q
QUTrHMXQYhKpPeB9uTyrTigzA6+007mszzyph4Ra7n2eDkDaQq0cRpedVDaHw4Jd
EAv57N5wP+pTJ2gZxOKpICmFPTlA6qeQliUH1Yk/qWR7h+z6Ai3MInkAzQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJL2FY8SCfKGl+m6xbs2P1HLpAmQMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEva3ZZVmp4SUo4b2FYNmJyRnV6WV9VY3VrQ1pBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgylhjAN
BgkqhkiG9w0BAQsFAAOCAQEAbQM7PtDqxRzotHz9HQw9xrthmf5I6iT+xcW0ggL/
mE1CuCDAd6cslnA1f+fdbQ8oCYqyAg3jsF6vLU3vuAqZ4WWMdjHtK0HnOLS9ryPM
CiQfVh5DXniQ7rgbxlkqHB4K5SK3u7JkUajW6FSJfqiZBan0mCPgdmrt2VRxg61+
xZ6KN/NUU0MAuOlUsbIpSUkii6rtx1GGPmLGLXLYnl2HRVfIQYE7A1cvDiXdfTNb
4y4zWAlva7AnI6ntW0knszPpbr+UdLKaF8FGcApVeA2TiUNxY2nURIGYZiYBJj5F
45oaIn6g7LXTWYPFFAQh0sbc2KdTF6OEYD6ZquqG89uLrA==
-----END CERTIFICATE-----
Generated at Mon Aug 5 18:29:35 2024 by rpki-client on console-ams.rpki-client.org