Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/KdMK2YjnFRZXNDXpathCxIQDf74.roa
File: KdMK2YjnFRZXNDXpathCxIQDf74.roa (raw, json)
Hash identifier: 7L3jAICzI3y2XKcLWRoaasfHNIsJ9HOpeXJPFSZwjm4=
Subject key identifier: 29:D3:0A:D9:88:E7:15:16:57:34:35:E9:6A:D8:42:C4:84:03:7F:BE
Certificate issuer: /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Certificate serial: 0186E964429780C106FFDD61C1EC2F532F91
Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/KdMK2YjnFRZXNDXpathCxIQDf74.roa
Signing time: Thu 16 Mar 2023 07:48:27 +0000
ROA not before: Thu 16 Mar 2023 07:48:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 2a0e:d780::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 28 Mar 2023 18:55:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:e9:64:42:97:80:c1:06:ff:dd:61:c1:ec:2f:53:2f:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Validity
Not Before: Mar 16 07:48:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=29d30ad988e71516573435e96ad842c484037fbe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:ab:21:43:85:de:99:fe:23:96:f1:ae:fe:6b:
a7:bd:36:06:34:63:82:02:c3:bf:63:95:f8:24:b5:
f7:19:f6:e4:da:62:02:91:96:71:61:35:fb:eb:d8:
70:4a:24:8e:1d:11:d8:15:5d:e6:05:63:a9:dc:89:
81:cb:58:fe:8f:9b:af:ff:f2:4c:cc:c7:30:db:f6:
6d:40:cc:28:99:66:34:58:51:e2:d4:d8:6f:b7:eb:
30:ae:a5:71:4a:54:a2:86:96:a9:53:8f:7d:d8:0c:
26:ed:5b:5a:f5:ff:d2:cb:38:df:61:6e:42:94:d8:
c9:4f:8c:26:9a:a6:83:40:1a:b6:8e:36:29:a5:03:
02:b1:3c:46:23:f6:ee:83:f8:83:fc:92:db:37:d0:
fa:ef:a8:d8:97:8f:d3:73:91:c1:8f:e3:30:80:31:
e6:19:3f:7c:4a:12:3f:07:1f:54:7b:04:93:61:df:
e2:5b:8f:db:60:ce:19:22:31:82:89:6b:b5:1b:05:
18:d4:82:e4:9e:57:37:19:5a:b1:a4:68:2e:9e:23:
b1:5b:de:ea:2d:ef:93:da:ad:dc:3f:c2:bc:dc:a7:
db:9b:bf:a9:85:5a:c3:b5:20:9a:63:7d:3b:ed:50:
17:f7:39:3c:51:b8:4d:f5:e4:8e:82:3f:9b:05:0a:
91:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:D3:0A:D9:88:E7:15:16:57:34:35:E9:6A:D8:42:C4:84:03:7F:BE
X509v3 Authority Key Identifier:
keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/KdMK2YjnFRZXNDXpathCxIQDf74.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:d780::/32
Signature Algorithm: sha256WithRSAEncryption
50:1a:dc:c3:9d:72:6d:82:1d:8c:7f:18:7e:9c:50:6a:3d:75:
08:6c:38:80:d1:c2:54:78:7a:28:58:b6:9f:b8:f1:93:cd:02:
8a:46:5a:0e:39:fd:e2:40:ff:d8:0d:0e:cc:07:65:ee:0c:7a:
9e:4e:c1:bd:bc:c7:f3:12:5c:50:00:c5:ad:87:50:a6:fb:dd:
53:18:c9:a6:96:ad:7e:94:d7:2c:92:a5:60:35:12:65:7f:73:
4a:fe:bb:7d:b7:40:5e:07:fa:6f:aa:5c:6d:e1:8b:4c:28:ab:
9a:8c:42:6f:a3:d6:fb:e4:de:81:d8:3f:0d:a7:2d:9e:57:42:
46:15:a1:28:45:41:16:9b:01:4a:08:31:b2:90:42:b6:fa:e4:
2e:9d:58:fb:e3:71:3f:b7:1b:3d:9a:37:0b:ab:5e:0f:26:12:
8c:be:28:c0:a7:2d:b1:7d:bf:7a:f2:41:ce:77:d7:a1:1b:69:
f6:27:b9:42:80:c7:a9:03:9c:6a:35:12:7e:b6:66:b8:01:e1:
3d:01:8c:8e:f5:5b:f5:e2:64:c9:7e:1c:44:23:62:15:4d:d0:
48:6e:16:56:92:81:65:45:e9:ce:bd:78:7c:08:7d:e4:f6:99:
c5:20:94:04:bd:cc:95:4b:0c:f5:ac:c4:b8:4a:b4:27:d5:54:
c3:f2:eb:55
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYbpZEKXgMEG/91hwewvUy+RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMjk5OTA0MmM1ZTIwMDZiZDVhZWI3YTA1ZGUxZTk2YTVl
NzM2NjQwHhcNMjMwMzE2MDc0ODI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWQzMGFkOTg4ZTcxNTE2NTczNDM1ZTk2YWQ4NDJjNDg0MDM3ZmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx6shQ4Xemf4jlvGu/munvTYGNGOC
AsO/Y5X4JLX3Gfbk2mICkZZxYTX769hwSiSOHRHYFV3mBWOp3ImBy1j+j5uv//JM
zMcw2/ZtQMwomWY0WFHi1Nhvt+swrqVxSlSihpapU4992Awm7Vta9f/SyzjfYW5C
lNjJT4wmmqaDQBq2jjYppQMCsTxGI/bug/iD/JLbN9D676jYl4/Tc5HBj+MwgDHm
GT98ShI/Bx9UewSTYd/iW4/bYM4ZIjGCiWu1GwUY1ILknlc3GVqxpGguniOxW97q
Le+T2q3cP8K83Kfbm7+phVrDtSCaY3077VAX9zk8UbhN9eSOgj+bBQqRuwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFCnTCtmI5xUWVzQ16WrYQsSEA3++MB8GA1UdIwQY
MBaAFA0pmQQsXiAGvVrregXeHpal5zZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUt
OGMxNTM5NjViYWM5LzEvS2RNSzJZam5GUlpYTkRYcGF0aEN4SVFEZjc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5
LzEvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg7XgDAN
BgkqhkiG9w0BAQsFAAOCAQEAUBrcw51ybYIdjH8YfpxQaj11CGw4gNHCVHh6KFi2
n7jxk80CikZaDjn94kD/2A0OzAdl7gx6nk7BvbzH8xJcUADFrYdQpvvdUxjJppat
fpTXLJKlYDUSZX9zSv67fbdAXgf6b6pcbeGLTCirmoxCb6PW++Tegdg/DactnldC
RhWhKEVBFpsBSggxspBCtvrkLp1Y++NxP7cbPZo3C6teDyYSjL4owKctsX2/evJB
znfXoRtp9ie5QoDHqQOcajUSfrZmuAHhPQGMjvVb9eJkyX4cRCNiFU3QSG4WVpKB
ZUXpzr14fAh95PaZxSCUBL3MlUsM9azEuEq0J9VUw/LrVQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:24 2024 by rpki-client on console-ams.rpki-client.org