Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/df38da-75cd-4e21-ad38-f2a2a5d5045e/1/KVOIZDJArnbSLeT9k2tUY1h3MoM.roa
File: KVOIZDJArnbSLeT9k2tUY1h3MoM.roa (raw, json)
Hash identifier: JCEZL5oEvMvBCyS0o/fDWQ58Z/qUt/3FEkcDoXR4xSQ=
Subject key identifier: 29:53:88:64:32:40:AE:76:D2:2D:E4:FD:93:6B:54:63:58:77:32:83
Certificate issuer: /CN=c1c26bb574b89b8c1866f8474bb1cb003264ec20
Certificate serial: 018CC3494D018D35E92DF0E83AD54E066A26
Authority key identifier: C1:C2:6B:B5:74:B8:9B:8C:18:66:F8:47:4B:B1:CB:00:32:64:EC:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wcJrtXS4m4wYZvhHS7HLADJk7CA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/df38da-75cd-4e21-ad38-f2a2a5d5045e/1/KVOIZDJArnbSLeT9k2tUY1h3MoM.roa
Signing time: Mon 01 Jan 2024 04:30:10 +0000
ROA not before: Mon 01 Jan 2024 04:30:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 396982
IP address blocks: 2a0c:4a01:1b::/48 maxlen: 48
2a0c:4a01:3b::/48 maxlen: 48
2a0c:4a00:2b::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:49:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:4d:01:8d:35:e9:2d:f0:e8:3a:d5:4e:06:6a:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1c26bb574b89b8c1866f8474bb1cb003264ec20
Validity
Not Before: Jan 1 04:30:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=295388643240ae76d22de4fd936b546358773283
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:b8:08:d8:81:6d:8a:47:fe:5f:f8:a3:79:ff:
99:70:a4:73:f0:c8:22:dd:c8:48:99:7d:08:1d:33:
29:d0:db:3d:0c:e7:f0:de:f2:c3:fe:42:da:0c:b0:
8d:35:a8:fa:7f:d8:c7:9b:b3:74:41:d4:59:00:ca:
05:21:8e:0c:53:4f:a3:b2:cf:c8:9b:f3:97:a6:55:
c7:68:71:f8:ba:75:65:51:a4:fa:1d:dc:77:1d:d4:
22:a1:cb:a9:fc:25:24:d4:90:83:b8:6a:9e:2a:a2:
f3:0e:86:b2:c0:8b:96:bf:bc:8a:a5:15:8f:93:bf:
ae:96:c4:b9:f1:5b:41:85:34:20:17:16:13:63:70:
33:0a:25:6b:c8:bf:15:85:7d:13:24:10:a9:9e:e9:
4f:67:44:94:ac:cb:85:85:36:df:56:d5:fb:35:42:
ca:cd:7c:30:d5:72:ee:19:c3:06:ab:09:4f:09:53:
e6:01:7e:15:80:ea:0e:f8:82:93:f2:ba:fb:aa:88:
93:10:6a:c5:1d:71:d9:98:73:d1:75:5e:66:d0:cc:
8c:5e:d8:9c:51:e1:e1:47:c3:89:b5:fd:f7:70:6f:
79:5f:e4:de:aa:48:d2:5e:97:28:bf:40:a0:cc:2f:
e8:16:1e:3a:84:37:ab:5f:d7:76:44:5f:d3:fe:0e:
48:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:53:88:64:32:40:AE:76:D2:2D:E4:FD:93:6B:54:63:58:77:32:83
X509v3 Authority Key Identifier:
keyid:C1:C2:6B:B5:74:B8:9B:8C:18:66:F8:47:4B:B1:CB:00:32:64:EC:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wcJrtXS4m4wYZvhHS7HLADJk7CA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/df38da-75cd-4e21-ad38-f2a2a5d5045e/1/KVOIZDJArnbSLeT9k2tUY1h3MoM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/df38da-75cd-4e21-ad38-f2a2a5d5045e/1/wcJrtXS4m4wYZvhHS7HLADJk7CA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:4a00:2b::/48
2a0c:4a01:1b::/48
2a0c:4a01:3b::/48
Signature Algorithm: sha256WithRSAEncryption
53:03:55:f6:4b:6f:f5:67:32:ad:74:ad:1b:f3:48:9b:55:88:
4c:8f:64:27:c0:38:16:0d:96:46:d3:4f:0a:e7:4b:d5:25:30:
05:50:c3:1d:80:0f:3f:c8:2e:51:1a:8e:68:33:4c:fd:e8:b0:
69:e4:8a:4a:c9:45:ef:6e:3c:5e:09:21:1a:03:0f:c3:4d:ca:
17:41:e7:3d:1e:8a:eb:72:07:98:f2:44:f2:6d:19:f7:e4:a9:
be:e5:22:ad:a3:11:c2:6b:72:26:f0:81:1e:78:bd:03:70:2e:
ac:3a:d2:be:67:89:c2:6e:65:66:1b:f2:7b:9e:5a:c5:e0:e9:
3d:ee:c7:8a:c0:93:45:9e:c7:73:14:36:6e:eb:71:56:d6:e4:
da:e3:18:4c:6c:49:9b:28:10:47:cc:3d:0f:ee:90:e3:90:d0:
cf:63:26:61:bb:3f:0e:b2:d3:4f:cb:8f:3d:39:27:c8:6a:c7:
ec:03:f9:83:80:cb:f3:60:26:ba:5c:ef:c6:3f:23:6d:d3:89:
0c:3e:04:c2:1c:48:08:ea:bf:8a:d9:1e:cb:64:f9:f2:35:91:
c5:0e:94:7c:e4:e2:80:53:92:7d:c4:9e:03:fd:d6:bb:38:18:
6d:d7:81:0c:78:88:4d:c9:9c:2c:4f:d9:78:ce:94:e0:f3:d9:
01:3f:8f:c6
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzDSU0BjTXpLfDoOtVOBmomMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxYzI2YmI1NzRiODliOGMxODY2Zjg0NzRiYjFjYjAwMzI2
NGVjMjAwHhcNMjQwMTAxMDQzMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTUzODg2NDMyNDBhZTc2ZDIyZGU0ZmQ5MzZiNTQ2MzU4NzczMjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlLgI2IFtikf+X/ijef+ZcKRz8Mgi
3chImX0IHTMp0Ns9DOfw3vLD/kLaDLCNNaj6f9jHm7N0QdRZAMoFIY4MU0+jss/I
m/OXplXHaHH4unVlUaT6Hdx3HdQiocup/CUk1JCDuGqeKqLzDoaywIuWv7yKpRWP
k7+ulsS58VtBhTQgFxYTY3AzCiVryL8VhX0TJBCpnulPZ0SUrMuFhTbfVtX7NULK
zXww1XLuGcMGqwlPCVPmAX4VgOoO+IKT8rr7qoiTEGrFHXHZmHPRdV5m0MyMXtic
UeHhR8OJtf33cG95X+TeqkjSXpcov0CgzC/oFh46hDerX9d2RF/T/g5IFQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFClTiGQyQK520i3k/ZNrVGNYdzKDMB8GA1UdIwQY
MBaAFMHCa7V0uJuMGGb4R0uxywAyZOwgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2NKcnRYUzRtNHdZWnZoSFM3SExBREprN0NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9kZjM4ZGEtNzVjZC00ZTIxLWFkMzgt
ZjJhMmE1ZDUwNDVlLzEvS1ZPSVpESkFybmJTTGVUOWsydFVZMWgzTW9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9kZjM4ZGEtNzVjZC00ZTIxLWFkMzgtZjJhMmE1ZDUwNDVl
LzEvd2NKcnRYUzRtNHdZWnZoSFM3SExBREprN0NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcAKgxKAAAr
AwcAKgxKAQAbAwcAKgxKAQA7MA0GCSqGSIb3DQEBCwUAA4IBAQBTA1X2S2/1ZzKt
dK0b80ibVYhMj2QnwDgWDZZG008K50vVJTAFUMMdgA8/yC5RGo5oM0z96LBp5IpK
yUXvbjxeCSEaAw/DTcoXQec9HorrcgeY8kTybRn35Km+5SKtoxHCa3Im8IEeeL0D
cC6sOtK+Z4nCbmVmG/J7nlrF4Ok97seKwJNFnsdzFDZu63FW1uTa4xhMbEmbKBBH
zD0P7pDjkNDPYyZhuz8OstNPy489OSfIasfsA/mDgMvzYCa6XO/GPyNt04kMPgTC
HEgI6r+K2R7LZPnyNZHFDpR85OKAU5J9xJ4D/da7OBht14EMeIhNyZwsT9l4zpTg
89kBP4/G
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:15:53 2025 by rpki-client