Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f696fd-4d9d-4e28-926e-0aa5b46bf8aa/1/kNNYEX4mJ909Umb3K4ni5mXzTPw.roa
File: kNNYEX4mJ909Umb3K4ni5mXzTPw.roa (raw, json)
Hash identifier: Gx4SdHTljn0IR8aXNeM2Hv5hKKOxhKyr/js/F3swIEE=
Subject key identifier: 90:D3:58:11:7E:26:27:DD:3D:52:66:F7:2B:89:E2:E6:65:F3:4C:FC
Certificate issuer: /CN=b0dfafd36730396fe338e772dadbe4c3c85cd952
Certificate serial: 01856F7993A8C021FCF6D55AD80B18EDC106
Authority key identifier: B0:DF:AF:D3:67:30:39:6F:E3:38:E7:72:DA:DB:E4:C3:C8:5C:D9:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sN-v02cwOW_jOOdy2tvkw8hc2VI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f696fd-4d9d-4e28-926e-0aa5b46bf8aa/1/kNNYEX4mJ909Umb3K4ni5mXzTPw.roa
Signing time: Sun 01 Jan 2023 22:35:16 +0000
ROA not before: Sun 01 Jan 2023 22:35:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42721
IP address blocks: 2a09:6340::/44 maxlen: 44
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:79:93:a8:c0:21:fc:f6:d5:5a:d8:0b:18:ed:c1:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0dfafd36730396fe338e772dadbe4c3c85cd952
Validity
Not Before: Jan 1 22:35:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=90d358117e2627dd3d5266f72b89e2e665f34cfc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:0e:10:01:64:77:bb:27:42:24:d9:26:58:4c:
11:a7:51:8f:d3:0e:04:fd:fa:59:f2:af:8c:03:66:
ef:07:9d:e3:7f:46:bc:a6:e6:a6:2d:fc:5d:a2:30:
ff:76:29:09:fc:4b:dd:e2:d8:92:a4:3a:57:31:80:
6f:46:80:db:28:8b:ac:b2:bb:aa:a0:56:86:56:0e:
49:ab:d6:b8:76:a8:36:d9:75:07:ae:9a:2c:28:77:
6a:40:38:39:84:8b:b7:0c:d0:32:14:79:fd:93:6b:
1f:c3:55:21:e7:d0:49:56:d3:bc:aa:81:e3:a1:22:
51:df:f4:9a:a4:57:aa:80:0a:33:24:29:9c:ad:cb:
3d:0a:f7:b7:00:38:f9:90:3c:5f:42:f5:33:4a:4b:
8e:74:3b:e4:f6:5e:d3:b1:ed:7b:1b:64:20:c4:7d:
10:dd:33:7a:75:10:e1:83:98:aa:e7:d8:91:12:ac:
aa:b3:31:17:76:6c:54:14:fd:e1:8c:fa:7f:86:ca:
af:52:f0:6a:54:3e:09:f6:58:12:8e:9f:f7:91:33:
6e:3e:fd:bd:8e:b7:0d:53:c0:8e:bf:ef:ed:ac:53:
5f:7f:e0:71:c0:96:97:79:62:4a:ef:52:70:45:0d:
a4:82:15:98:e9:ba:b8:1a:be:4d:f6:46:56:04:50:
4b:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:D3:58:11:7E:26:27:DD:3D:52:66:F7:2B:89:E2:E6:65:F3:4C:FC
X509v3 Authority Key Identifier:
keyid:B0:DF:AF:D3:67:30:39:6F:E3:38:E7:72:DA:DB:E4:C3:C8:5C:D9:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sN-v02cwOW_jOOdy2tvkw8hc2VI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f696fd-4d9d-4e28-926e-0aa5b46bf8aa/1/kNNYEX4mJ909Umb3K4ni5mXzTPw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f696fd-4d9d-4e28-926e-0aa5b46bf8aa/1/sN-v02cwOW_jOOdy2tvkw8hc2VI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:6340::/44
Signature Algorithm: sha256WithRSAEncryption
85:d4:ed:fe:36:2c:7f:5d:61:bb:81:91:54:aa:7f:aa:a6:96:
17:4f:4a:23:69:b2:90:63:8e:26:92:94:c8:47:65:14:8f:c6:
41:d4:85:a9:26:e4:61:07:9b:c1:7c:91:a6:5f:b0:71:31:5f:
dc:fc:5d:0a:38:9e:b6:ca:39:1b:7b:99:3d:0a:76:2c:fd:43:
73:fe:7a:28:3d:f4:85:17:74:92:fa:e4:60:83:98:77:92:e6:
95:6f:55:d3:db:7e:4f:fa:36:fe:73:70:a0:51:3d:2b:e5:68:
bd:85:c0:95:79:f8:92:c4:ed:d8:fa:a9:32:d7:b9:b6:8e:dc:
d6:78:ca:10:34:a7:59:7b:20:c6:43:dd:d8:09:99:92:c7:f9:
7c:ab:75:9f:6a:3b:f8:37:f6:e5:6d:ca:d6:50:71:5f:0a:b6:
8f:7c:85:08:46:cc:0d:1e:da:0d:39:8f:40:47:0e:4b:5a:6a:
be:2c:d7:7c:5a:89:83:96:cf:15:83:95:45:78:41:ab:a2:63:
5e:b1:42:ca:91:6a:14:96:4f:82:a7:1f:b9:10:1b:d8:3f:69:
41:74:9a:72:00:1a:dd:11:4c:4f:56:58:ac:04:71:1e:20:8a:
16:ce:cf:65:79:ce:42:55:31:09:25:dc:5f:bf:98:e4:eb:9a:
39:6f:b6:bf
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVveZOowCH89tVa2AsY7cEGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwZGZhZmQzNjczMDM5NmZlMzM4ZTc3MmRhZGJlNGMzYzg1
Y2Q5NTIwHhcNMjMwMTAxMjIzNTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGQzNTgxMTdlMjYyN2RkM2Q1MjY2ZjcyYjg5ZTJlNjY1ZjM0Y2ZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1w4QAWR3uydCJNkmWEwRp1GP0w4E
/fpZ8q+MA2bvB53jf0a8puamLfxdojD/dikJ/Evd4tiSpDpXMYBvRoDbKIussruq
oFaGVg5Jq9a4dqg22XUHrposKHdqQDg5hIu3DNAyFHn9k2sfw1Uh59BJVtO8qoHj
oSJR3/SapFeqgAozJCmcrcs9Cve3ADj5kDxfQvUzSkuOdDvk9l7Tse17G2QgxH0Q
3TN6dRDhg5iq59iREqyqszEXdmxUFP3hjPp/hsqvUvBqVD4J9lgSjp/3kTNuPv29
jrcNU8COv+/trFNff+BxwJaXeWJK71JwRQ2kghWY6bq4Gr5N9kZWBFBL4wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJDTWBF+JifdPVJm9yuJ4uZl80z8MB8GA1UdIwQY
MBaAFLDfr9NnMDlv4zjnctrb5MPIXNlSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc04tdjAyY3dPV19qT09keTJ0dmt3OGhjMlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mNjk2ZmQtNGQ5ZC00ZTI4LTkyNmUt
MGFhNWI0NmJmOGFhLzEva05OWUVYNG1KOTA5VW1iM0s0bmk1bVh6VFB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mNjk2ZmQtNGQ5ZC00ZTI4LTkyNmUtMGFhNWI0NmJmOGFh
LzEvc04tdjAyY3dPV19qT09keTJ0dmt3OGhjMlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgljQAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQCF1O3+Nix/XWG7gZFUqn+qppYXT0ojabKQY44m
kpTIR2UUj8ZB1IWpJuRhB5vBfJGmX7BxMV/c/F0KOJ62yjkbe5k9CnYs/UNz/noo
PfSFF3SS+uRgg5h3kuaVb1XT235P+jb+c3CgUT0r5Wi9hcCVefiSxO3Y+qky17m2
jtzWeMoQNKdZeyDGQ93YCZmSx/l8q3Wfajv4N/blbcrWUHFfCraPfIUIRswNHtoN
OY9ARw5LWmq+LNd8WomDls8Vg5VFeEGromNesULKkWoUlk+Cpx+5EBvYP2lBdJpy
ABrdEUxPVlisBHEeIIoWzs9lec5CVTEJJdxfv5jk65o5b7a/
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:00:24 2024 by rpki-client on console-ams.rpki-client.org