Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/KPM5NoRGQfrcM_5kTETwe000JdM.roa
File: KPM5NoRGQfrcM_5kTETwe000JdM.roa (raw, json)
Hash identifier: TZISVBFxj6GOhUAVvQ/91Ub/JQxM4HwoLZzXXPL0He0=
Subject key identifier: 28:F3:39:36:84:46:41:FA:DC:33:FE:64:4C:44:F0:7B:4D:34:25:D3
Certificate issuer: /CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Certificate serial: 01877FA0DD59B0F92ABB9B474A0DF2CB6827
Authority key identifier: 1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/KPM5NoRGQfrcM_5kTETwe000JdM.roa
Signing time: Fri 14 Apr 2023 11:57:41 +0000
ROA not before: Fri 14 Apr 2023 11:57:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199459
IP address blocks: 2a0a:280:2800::/40 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:31:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:7f:a0:dd:59:b0:f9:2a:bb:9b:47:4a:0d:f2:cb:68:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Validity
Not Before: Apr 14 11:57:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=28f33936844641fadc33fe644c44f07b4d3425d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:33:b7:51:59:a2:43:5f:83:57:62:78:a0:12:
3c:61:49:45:61:a5:8b:5a:f9:2c:06:91:14:a5:b4:
4c:2e:6a:fc:b5:a2:39:12:10:93:88:e4:10:ad:c1:
dd:ca:74:33:27:c8:a0:c5:92:46:35:d6:6a:ef:5b:
af:82:e4:dd:ce:da:bf:cb:bf:94:86:b3:df:dc:4d:
47:42:f9:c1:ee:9e:5a:9d:bd:31:f1:a1:ab:cd:19:
ce:a6:3e:14:34:9a:b8:47:ab:f4:c1:51:58:9e:86:
e0:76:85:13:6a:41:42:1b:38:fd:ed:c3:99:e6:21:
4a:ad:bb:ed:2a:86:57:5a:0c:d1:21:46:1a:21:cc:
f3:9b:13:d8:a3:59:e5:bf:16:68:32:69:23:db:a4:
0c:84:9f:f4:57:9a:da:6f:30:3e:dc:05:08:2d:71:
c6:ce:5f:71:11:e3:58:08:28:91:e3:d9:f6:ac:41:
c5:69:ea:85:f1:7c:3b:71:b2:3d:86:ea:46:f0:18:
a5:02:59:57:ce:bb:9a:f7:89:5b:cd:3f:f8:b5:98:
7d:e8:0d:30:55:c6:82:45:2e:1d:0a:64:5a:f0:43:
af:04:c1:29:7b:93:71:85:48:59:cb:fb:48:36:9a:
20:4b:cb:65:43:35:9b:1f:6b:a8:73:37:65:3f:c2:
1b:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:F3:39:36:84:46:41:FA:DC:33:FE:64:4C:44:F0:7B:4D:34:25:D3
X509v3 Authority Key Identifier:
keyid:1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/KPM5NoRGQfrcM_5kTETwe000JdM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/G58hugTl4wd7OR49SP9bClCzNp8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:280:2800::/40
Signature Algorithm: sha256WithRSAEncryption
2c:b7:79:86:b2:38:af:a6:4c:e3:4c:7c:16:cd:03:5d:21:2c:
b7:09:b2:f0:c8:ec:02:95:af:bf:8d:a5:80:c4:21:6f:4f:4f:
8e:11:6f:80:2c:ad:1e:25:4a:a1:00:b5:eb:a8:3a:0d:4b:32:
27:27:3f:7f:3c:48:43:ae:67:2c:f5:8f:a2:ea:83:da:48:ca:
4e:de:0e:c0:37:60:8c:00:db:23:d8:e1:2a:49:57:a3:15:86:
f0:bd:31:a2:52:4b:2b:a7:0a:e4:18:35:8a:04:5a:84:b9:eb:
c3:a6:42:70:30:06:0b:cc:be:62:17:49:da:a3:b1:62:49:f4:
b7:94:9c:02:da:b2:66:31:70:60:f8:72:42:98:49:46:47:9a:
d4:7c:c5:b3:03:6e:47:5d:83:bd:bd:97:4c:21:e8:e1:65:e0:
3e:4a:4d:d8:7b:97:b4:64:90:9f:2d:43:b6:4b:17:23:f4:2b:
12:d1:e8:30:73:0a:03:18:22:c0:f0:b5:9c:24:cf:b3:5e:f2:
ba:74:0b:e8:d0:b6:ca:37:9e:a2:dd:66:7a:05:b8:44:d0:b9:
ea:05:8c:a0:4b:39:2e:11:b9:6a:14:94:cd:a7:0f:96:bf:b1:
76:2d:bb:1b:8e:b9:e6:38:58:f7:02:fc:82:9f:09:cb:b3:db:
16:32:5d:c0
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYd/oN1ZsPkqu5tHSg3yy2gnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiOWYyMWJhMDRlNWUzMDc3YjM5MWUzZDQ4ZmY1YjBhNTBi
MzM2OWYwHhcNMjMwNDE0MTE1NzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGYzMzkzNjg0NDY0MWZhZGMzM2ZlNjQ0YzQ0ZjA3YjRkMzQyNWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0zO3UVmiQ1+DV2J4oBI8YUlFYaWL
WvksBpEUpbRMLmr8taI5EhCTiOQQrcHdynQzJ8igxZJGNdZq71uvguTdztq/y7+U
hrPf3E1HQvnB7p5anb0x8aGrzRnOpj4UNJq4R6v0wVFYnobgdoUTakFCGzj97cOZ
5iFKrbvtKoZXWgzRIUYaIczzmxPYo1nlvxZoMmkj26QMhJ/0V5rabzA+3AUILXHG
zl9xEeNYCCiR49n2rEHFaeqF8Xw7cbI9hupG8BilAllXzrua94lbzT/4tZh96A0w
VcaCRS4dCmRa8EOvBMEpe5NxhUhZy/tINpogS8tlQzWbH2uoczdlP8IbiQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFCjzOTaERkH63DP+ZExE8HtNNCXTMB8GA1UdIwQY
MBaAFBufIboE5eMHezkePUj/WwpQszafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUt
ZjUxYzVmYjNkZjlhLzEvS1BNNU5vUkdRZnJjTV81a1RFVHdlMDAwSmRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUtZjUxYzVmYjNkZjlh
LzEvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgoCgCgw
DQYJKoZIhvcNAQELBQADggEBACy3eYayOK+mTONMfBbNA10hLLcJsvDI7AKVr7+N
pYDEIW9PT44Rb4AsrR4lSqEAteuoOg1LMicnP388SEOuZyz1j6Lqg9pIyk7eDsA3
YIwA2yPY4SpJV6MVhvC9MaJSSyunCuQYNYoEWoS568OmQnAwBgvMvmIXSdqjsWJJ
9LeUnALasmYxcGD4ckKYSUZHmtR8xbMDbkddg729l0wh6OFl4D5KTdh7l7RkkJ8t
Q7ZLFyP0KxLR6DBzCgMYIsDwtZwkz7Ne8rp0C+jQtso3nqLdZnoFuETQueoFjKBL
OS4RuWoUlM2nD5a/sXYtuxuOueY4WPcC/IKfCcuz2xYyXcA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:22 2024 by rpki-client on console-fra.rpki-client.org