Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/59a3aa-4eae-44e7-acc1-6f16834bc847/1/KgXWQ9seA0EFUzmzmkSsdhiQrp4.roa
File: KgXWQ9seA0EFUzmzmkSsdhiQrp4.roa (raw, json)
Hash identifier: LvslJGl3T+mc4TQKPa12XMSOBOozB7X6SIl/b7VflRs=
Subject key identifier: 2A:05:D6:43:DB:1E:03:41:05:53:39:B3:9A:44:AC:76:18:90:AE:9E
Certificate issuer: /CN=7803558ea6e5165b3876097af75bf1e92a142cf2
Certificate serial: 01929C194D78969C2C05B965A38DB1267728
Authority key identifier: 78:03:55:8E:A6:E5:16:5B:38:76:09:7A:F7:5B:F1:E9:2A:14:2C:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eANVjqblFls4dgl691vx6SoULPI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/59a3aa-4eae-44e7-acc1-6f16834bc847/1/KgXWQ9seA0EFUzmzmkSsdhiQrp4.roa
Signing time: Thu 17 Oct 2024 20:09:16 +0000
ROA not before: Thu 17 Oct 2024 20:09:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57271
IP address blocks: 2a0d:cdc4::/32 maxlen: 32
2a0e:eec3::/32 maxlen: 32
2a0e:eec6::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 25 Oct 2024 10:32:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:9c:19:4d:78:96:9c:2c:05:b9:65:a3:8d:b1:26:77:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7803558ea6e5165b3876097af75bf1e92a142cf2
Validity
Not Before: Oct 17 20:09:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2a05d643db1e0341055339b39a44ac761890ae9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:d8:eb:34:dc:49:b1:bf:e6:40:cf:b4:66:22:
31:7e:d9:4a:87:87:c9:1e:8e:1b:46:f3:84:fa:12:
60:e3:1d:58:30:85:cb:e8:3f:79:f3:c5:fa:6b:b7:
b8:36:71:f6:9f:64:d1:79:a8:ab:13:50:64:ca:04:
b8:56:83:53:dd:8e:39:86:a8:b3:11:9b:b5:87:db:
90:92:df:f0:e5:26:6f:6f:28:c3:92:18:86:6f:7a:
e8:b4:3c:06:ac:7b:70:e3:af:91:24:23:ab:04:6e:
ee:12:f4:43:3b:bd:1e:bd:10:0e:f4:c2:47:3f:ad:
c3:93:be:62:d9:db:eb:20:db:65:82:6b:9b:79:9d:
fa:71:67:05:5e:62:0c:0b:13:7f:50:89:a0:33:ba:
91:04:11:55:da:11:53:5a:e9:6a:1c:de:ce:64:0f:
1c:24:21:b6:d4:93:32:3d:9d:00:f2:d2:cd:21:2a:
06:7c:1c:35:07:06:1d:b2:28:a7:6b:dd:9f:9a:fb:
49:68:9c:d8:5c:8d:bf:c8:9a:7a:69:c6:73:27:ef:
10:71:55:51:7f:8f:bd:0a:c7:62:22:4b:92:a0:6e:
dd:fd:9f:2c:eb:5f:46:a4:c8:c2:3e:10:12:7b:b7:
b2:b1:af:0b:bd:2a:38:06:ed:b2:c9:ce:77:d5:14:
4d:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:05:D6:43:DB:1E:03:41:05:53:39:B3:9A:44:AC:76:18:90:AE:9E
X509v3 Authority Key Identifier:
keyid:78:03:55:8E:A6:E5:16:5B:38:76:09:7A:F7:5B:F1:E9:2A:14:2C:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eANVjqblFls4dgl691vx6SoULPI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/59a3aa-4eae-44e7-acc1-6f16834bc847/1/KgXWQ9seA0EFUzmzmkSsdhiQrp4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/59a3aa-4eae-44e7-acc1-6f16834bc847/1/eANVjqblFls4dgl691vx6SoULPI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:cdc4::/32
2a0e:eec3::/32
2a0e:eec6::/32
Signature Algorithm: sha256WithRSAEncryption
ab:93:cd:fd:8a:e9:98:71:8c:59:fa:00:56:82:4e:88:79:ab:
13:5b:b2:bf:dd:01:73:43:de:f6:9c:18:f8:5e:9d:72:17:6e:
cb:80:0f:78:6b:37:bb:2b:19:66:0c:80:22:17:9e:56:0c:c2:
db:43:16:3d:96:f7:b6:cb:fa:0b:42:c8:9f:4d:68:f4:20:7b:
2a:69:c1:92:a7:59:11:ed:4b:e3:3a:67:2c:1e:64:21:f5:5c:
fd:45:d8:87:79:e5:3c:38:1c:2b:5f:c8:e3:5f:d7:e8:47:c6:
04:05:2e:c8:a8:06:a4:ec:b6:ad:1e:4c:ff:71:04:cd:33:57:
5d:b2:a6:f6:d1:5a:82:95:50:38:d9:e7:20:8b:cd:1c:c1:af:
cc:69:73:30:a3:ed:6b:1b:ff:ed:42:f8:19:9f:c7:92:6a:ab:
f9:24:8f:77:30:e3:d5:71:37:a3:e2:71:16:54:a4:bd:ba:31:
82:e8:ea:75:fc:2d:0f:0d:24:51:4d:34:97:69:4c:4a:ee:e6:
71:1d:d3:b3:b6:b4:ad:d1:5d:58:62:c3:20:e4:3a:c3:9a:c4:
4e:74:12:31:92:18:0b:e5:62:2e:63:ea:84:85:5d:67:04:e8:
48:5e:c7:b2:71:79:a6:54:70:59:e2:1b:95:0e:1d:f6:56:75:
4e:3f:a2:5a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZKcGU14lpwsBbllo42xJncoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4MDM1NThlYTZlNTE2NWIzODc2MDk3YWY3NWJmMWU5MmEx
NDJjZjIwHhcNMjQxMDE3MjAwOTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTA1ZDY0M2RiMWUwMzQxMDU1MzM5YjM5YTQ0YWM3NjE4OTBhZTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmtjrNNxJsb/mQM+0ZiIxftlKh4fJ
Ho4bRvOE+hJg4x1YMIXL6D9588X6a7e4NnH2n2TReairE1BkygS4VoNT3Y45hqiz
EZu1h9uQkt/w5SZvbyjDkhiGb3rotDwGrHtw46+RJCOrBG7uEvRDO70evRAO9MJH
P63Dk75i2dvrINtlgmubeZ36cWcFXmIMCxN/UImgM7qRBBFV2hFTWulqHN7OZA8c
JCG21JMyPZ0A8tLNISoGfBw1BwYdsiina92fmvtJaJzYXI2/yJp6acZzJ+8QcVVR
f4+9CsdiIkuSoG7d/Z8s619GpMjCPhASe7eysa8LvSo4Bu2yyc531RRNywIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCoF1kPbHgNBBVM5s5pErHYYkK6eMB8GA1UdIwQY
MBaAFHgDVY6m5RZbOHYJevdb8ekqFCzyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUFOVmpxYmxGbHM0ZGdsNjkxdng2U29VTFBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS81OWEzYWEtNGVhZS00NGU3LWFjYzEt
NmYxNjgzNGJjODQ3LzEvS2dYV1E5c2VBMEVGVXptem1rU3NkaGlRcnA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS81OWEzYWEtNGVhZS00NGU3LWFjYzEtNmYxNjgzNGJjODQ3
LzEvZUFOVmpxYmxGbHM0ZGdsNjkxdng2U29VTFBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUAKg3NxAMF
ACoO7sMDBQAqDu7GMA0GCSqGSIb3DQEBCwUAA4IBAQCrk839iumYcYxZ+gBWgk6I
easTW7K/3QFzQ972nBj4Xp1yF27LgA94aze7KxlmDIAiF55WDMLbQxY9lve2y/oL
QsifTWj0IHsqacGSp1kR7UvjOmcsHmQh9Vz9RdiHeeU8OBwrX8jjX9foR8YEBS7I
qAak7LatHkz/cQTNM1ddsqb20VqClVA42ecgi80cwa/MaXMwo+1rG//tQvgZn8eS
aqv5JI93MOPVcTej4nEWVKS9ujGC6Op1/C0PDSRRTTSXaUxK7uZxHdOztrSt0V1Y
YsMg5DrDmsROdBIxkhgL5WIuY+qEhV1nBOhIXseycXmmVHBZ4huVDh32VnVOP6Ja
-----END CERTIFICATE-----
Generated at Fri Oct 25 12:38:02 2024 by rpki-client on console-ams.rpki-client.org