Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/KgW8W1UyatSZmaeOVeBFDssbuzY.roa
File: KgW8W1UyatSZmaeOVeBFDssbuzY.roa (raw, json)
Hash identifier: 6gL0w5T4xPY+UKX+GBfy37OkJ5PVUwxWZzlrsVOUp58=
Subject key identifier: 2A:05:BC:5B:55:32:6A:D4:99:99:A7:8E:55:E0:45:0E:CB:1B:BB:36
Certificate issuer: /CN=76670236cd0e038684a33194bde7d4b95adc66f7
Certificate serial: 018A0473B03DD50D058041A01945E808FB27
Authority key identifier: 76:67:02:36:CD:0E:03:86:84:A3:31:94:BD:E7:D4:B9:5A:DC:66:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dmcCNs0OA4aEozGUvefUuVrcZvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/KgW8W1UyatSZmaeOVeBFDssbuzY.roa
Signing time: Thu 17 Aug 2023 17:03:25 +0000
ROA not before: Thu 17 Aug 2023 17:03:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207713
IP address blocks: 2a05:541:125::/48 maxlen: 48
2a05:541:122::/48 maxlen: 48
2a05:541:132::/48 maxlen: 48
2a05:541:123::/48 maxlen: 48
2a05:541:129::/48 maxlen: 48
2a05:541:109::/48 maxlen: 48
2a05:541:119::/48 maxlen: 48
2a05:541:131::/48 maxlen: 48
2a05:541:121::/48 maxlen: 48
2a05:541:126::/48 maxlen: 48
2a05:541:127::/48 maxlen: 48
2a05:541:114::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:04:73:b0:3d:d5:0d:05:80:41:a0:19:45:e8:08:fb:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76670236cd0e038684a33194bde7d4b95adc66f7
Validity
Not Before: Aug 17 17:03:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a05bc5b55326ad49999a78e55e0450ecb1bbb36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:73:b7:7c:e8:cb:07:ac:d4:ea:34:36:2a:3f:
fe:e9:1c:c1:06:72:c1:91:e2:f7:7d:20:41:d8:51:
79:7f:1f:18:79:fe:df:f7:80:9b:c3:2e:84:52:22:
a1:cd:64:07:60:2e:3a:81:f8:74:a1:89:75:d6:d3:
92:11:34:3d:56:dc:26:e5:5f:1f:de:9e:bd:a9:11:
62:02:2e:4a:3c:59:ad:2f:1a:88:96:24:02:b3:cd:
ee:48:38:cd:14:d0:9a:36:5d:1e:d8:8f:65:85:ab:
33:4a:dc:71:6d:3f:bd:ca:51:ea:63:35:80:6e:6e:
65:99:24:70:29:ff:e1:f9:bc:4e:35:f9:ea:d2:ec:
09:6f:73:1d:1b:fe:53:c0:1d:ff:81:b6:cd:7c:43:
6a:93:c2:59:04:ea:2a:4e:19:47:f3:67:19:be:2f:
91:43:90:d7:9b:ab:b0:87:08:d2:1d:3b:3a:64:e6:
5d:39:61:b8:dd:e8:7d:f5:2a:10:b7:04:f1:4a:8b:
8f:43:83:cb:f9:6b:89:43:15:39:15:36:86:2d:13:
12:2c:4d:53:66:dd:e5:be:ed:71:df:c0:cc:ea:03:
44:e2:f2:83:ce:b0:b6:29:72:07:96:ec:98:5a:81:
a6:4b:94:f5:f7:27:2e:d2:69:dc:e9:f7:0f:ee:0d:
a4:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:05:BC:5B:55:32:6A:D4:99:99:A7:8E:55:E0:45:0E:CB:1B:BB:36
X509v3 Authority Key Identifier:
keyid:76:67:02:36:CD:0E:03:86:84:A3:31:94:BD:E7:D4:B9:5A:DC:66:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dmcCNs0OA4aEozGUvefUuVrcZvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/KgW8W1UyatSZmaeOVeBFDssbuzY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/dmcCNs0OA4aEozGUvefUuVrcZvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:541:109::/48
2a05:541:114::/48
2a05:541:119::/48
2a05:541:121::-2a05:541:123:ffff:ffff:ffff:ffff:ffff
2a05:541:125::-2a05:541:127:ffff:ffff:ffff:ffff:ffff
2a05:541:129::/48
2a05:541:131::-2a05:541:132:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
7f:44:f2:9b:64:50:20:24:b7:ed:a7:ba:a1:82:ca:6d:f2:8e:
7b:a2:fe:d9:dc:5e:51:d7:c2:32:14:bb:f6:0b:87:3b:2f:ca:
0e:ae:40:10:ca:50:0e:55:b1:85:3f:00:32:48:17:6a:46:f0:
7e:86:21:23:69:8f:02:80:c9:94:12:4d:b4:04:f1:39:b8:9f:
12:53:d9:1f:2d:c4:5e:ab:ca:ad:73:d6:47:f3:c2:06:4e:31:
95:78:a3:a0:39:1f:73:e7:43:08:db:ae:0b:2b:00:ca:2c:0b:
d2:86:2a:41:2c:3d:a9:c6:d4:a7:0f:15:e4:47:db:b6:4f:3b:
6a:61:a5:1a:7b:96:4b:be:ac:05:b6:3a:10:3e:13:2f:b1:c1:
b4:e1:ad:a1:b3:56:66:29:4f:3e:04:f6:8b:3e:44:fb:2d:db:
43:b7:76:5f:df:b0:5e:c6:92:62:bd:f9:4a:57:f1:0c:37:cb:
77:bf:5d:64:39:2c:59:9e:5c:d4:4b:be:35:64:68:89:f9:ce:
89:b0:d2:a5:d1:b2:07:d4:40:00:47:f3:70:27:c7:81:a5:e0:
d4:f2:e1:c8:09:8d:0a:99:d8:3e:c9:eb:5a:bb:7b:13:7b:ae:
1f:34:1e:3e:ee:81:92:fe:dd:ca:94:60:69:20:a6:18:8c:9e:
cd:89:2a:cf
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAYoEc7A91Q0FgEGgGUXoCPsnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2NjcwMjM2Y2QwZTAzODY4NGEzMzE5NGJkZTdkNGI5NWFk
YzY2ZjcwHhcNMjMwODE3MTcwMzI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTA1YmM1YjU1MzI2YWQ0OTk5OWE3OGU1NWUwNDUwZWNiMWJiYjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv3O3fOjLB6zU6jQ2Kj/+6RzBBnLB
keL3fSBB2FF5fx8Yef7f94Cbwy6EUiKhzWQHYC46gfh0oYl11tOSETQ9Vtwm5V8f
3p69qRFiAi5KPFmtLxqIliQCs83uSDjNFNCaNl0e2I9lhaszStxxbT+9ylHqYzWA
bm5lmSRwKf/h+bxONfnq0uwJb3MdG/5TwB3/gbbNfENqk8JZBOoqThlH82cZvi+R
Q5DXm6uwhwjSHTs6ZOZdOWG43eh99SoQtwTxSouPQ4PL+WuJQxU5FTaGLRMSLE1T
Zt3lvu1x38DM6gNE4vKDzrC2KXIHluyYWoGmS5T19ycu0mnc6fcP7g2kfQIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFCoFvFtVMmrUmZmnjlXgRQ7LG7s2MB8GA1UdIwQY
MBaAFHZnAjbNDgOGhKMxlL3n1Lla3Gb3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZG1jQ05zME9BNGFFb3pHVXZlZlV1VnJjWnZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8xODA5ZGEtMWM2Zi00NGRiLWFhMjgt
YmE0ZmMyMzQ2ODNlLzEvS2dXOFcxVXlhdFNabWFlT1ZlQkZEc3NidXpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8xODA5ZGEtMWM2Zi00NGRiLWFhMjgtYmE0ZmMyMzQ2ODNl
LzEvZG1jQ05zME9BNGFFb3pHVXZlZlV1VnJjWnZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBmBAIAAjBgAwcAKgUFQQEJ
AwcAKgUFQQEUAwcAKgUFQQEZMBIDBwAqBQVBASEDBwIqBQVBASAwEgMHACoFBUEB
JQMHAyoFBUEBIAMHACoFBUEBKTASAwcAKgUFQQExAwcAKgUFQQEyMA0GCSqGSIb3
DQEBCwUAA4IBAQB/RPKbZFAgJLftp7qhgspt8o57ov7Z3F5R18IyFLv2C4c7L8oO
rkAQylAOVbGFPwAySBdqRvB+hiEjaY8CgMmUEk20BPE5uJ8SU9kfLcReq8qtc9ZH
88IGTjGVeKOgOR9z50MI264LKwDKLAvShipBLD2pxtSnDxXkR9u2TztqYaUae5ZL
vqwFtjoQPhMvscG04a2hs1ZmKU8+BPaLPkT7LdtDt3Zf37BexpJivflKV/EMN8t3
v11kOSxZnlzUS741ZGiJ+c6JsNKl0bIH1EAAR/NwJ8eBpeDU8uHICY0Kmdg+yeta
u3sTe64fNB4+7oGS/t3KlGBpIKYYjJ7NiSrP
-----END CERTIFICATE-----
Generated at Fri Oct 13 19:39:50 2023 by rpki-client on console-ams.rpki-client.org