Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/KBQPbFIsnvb_rrXzpUNdir3WiyU.roa
File: KBQPbFIsnvb_rrXzpUNdir3WiyU.roa (raw, json)
Hash identifier: LKkOnMANr9GEv2f2w/8gikRfv4ZLd3yzGAOBLqTPaY4=
Subject key identifier: 28:14:0F:6C:52:2C:9E:F6:FF:AE:B5:F3:A5:43:5D:8A:BD:D6:8B:25
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 019175647377B3DAF0E7A831E5186BBC6647
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/KBQPbFIsnvb_rrXzpUNdir3WiyU.roa
Signing time: Wed 21 Aug 2024 14:43:23 +0000
ROA not before: Wed 21 Aug 2024 14:43:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 2a06:de01:d8::/45 maxlen: 48
2a0c:3b87:ff00::/40 maxlen: 48
2a0c:3b87:ffff::/48 maxlen: 48
2a0e:97c0:750::/48 maxlen: 48
2a0e:97c0:791::/48 maxlen: 48
2a0e:97c0:792::/48 maxlen: 48
2a0e:97c1:8a2f::/48 maxlen: 48
2a0e:97c4:ac00::/38 maxlen: 48
2a0e:b107:9f4::/48 maxlen: 48
2a0e:b107:9f6::/48 maxlen: 48
2a0e:b107:df2::/48 maxlen: 48
2a0e:b107:1870::/48 maxlen: 48
2a0e:b107:1b9e::/48 maxlen: 48
2a0e:b107:278b::/48 maxlen: 48
2a10:ccc3:ccca::/48 maxlen: 48
2a10:ccc3:cccc::/48 maxlen: 48
2a10:ccc7:9000::/38 maxlen: 48
Validation: Failed, certificate revoked on Sun 01 Sep 2024 10:44:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:75:64:73:77:b3:da:f0:e7:a8:31:e5:18:6b:bc:66:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Aug 21 14:43:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=28140f6c522c9ef6ffaeb5f3a5435d8abdd68b25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:09:ab:06:ee:fe:63:d9:ff:90:bb:de:db:33:
72:0f:93:6f:37:11:63:16:d1:8c:eb:c7:17:f3:b2:
7e:02:87:11:61:4e:94:10:98:69:a0:55:df:c4:a8:
1d:b2:2f:45:45:c4:b9:2d:23:44:fa:76:1e:18:56:
99:32:ea:ef:38:be:6f:7f:39:0a:5f:9d:ba:a0:32:
ec:fd:34:35:e2:70:e9:9d:5d:0c:4c:bd:9f:fc:7d:
f0:7a:e9:bc:23:52:12:f8:3d:1d:02:34:50:39:02:
f3:7b:7c:0f:7e:73:c2:18:19:67:c2:1f:fc:bc:cd:
b6:46:a1:9e:bb:99:f7:87:04:e5:cd:e1:57:e9:4e:
0c:7d:0a:73:93:b8:25:e6:f4:b3:a2:38:24:78:5a:
1e:30:36:0f:14:0d:b0:ab:68:7e:51:9e:e4:03:a3:
a3:22:f1:9c:b3:32:14:1a:e0:94:0e:1f:3d:cb:ae:
ba:96:e2:6b:65:f5:43:fd:a1:ee:8c:02:07:be:41:
c5:d5:15:02:a5:66:ad:71:8a:e8:4e:b8:58:42:33:
be:6f:02:8d:86:1b:e7:d8:d3:48:08:e0:88:b7:bc:
3a:17:6e:f0:64:56:0f:36:b8:d1:b9:2e:33:0e:bb:
ce:fc:ca:cf:81:d4:61:a5:cb:e2:5c:55:e2:ee:88:
77:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:14:0F:6C:52:2C:9E:F6:FF:AE:B5:F3:A5:43:5D:8A:BD:D6:8B:25
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/KBQPbFIsnvb_rrXzpUNdir3WiyU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:de01:d8::/45
2a0c:3b87:ff00::/40
2a0e:97c0:750::/48
2a0e:97c0:791::-2a0e:97c0:792:ffff:ffff:ffff:ffff:ffff
2a0e:97c1:8a2f::/48
2a0e:97c4:ac00::/38
2a0e:b107:9f4::/48
2a0e:b107:9f6::/48
2a0e:b107:df2::/48
2a0e:b107:1870::/48
2a0e:b107:1b9e::/48
2a0e:b107:278b::/48
2a10:ccc3:ccca::/48
2a10:ccc3:cccc::/48
2a10:ccc7:9000::/38
Signature Algorithm: sha256WithRSAEncryption
8b:95:ec:9a:cc:d3:60:89:e3:47:12:40:63:02:9a:68:56:91:
4d:fa:bd:a3:4e:8d:60:26:9b:25:c3:0d:f8:b2:cf:97:df:bc:
ad:eb:27:5a:2f:11:94:46:29:34:c1:fd:a1:ee:1a:7e:8f:ea:
ff:d9:1b:a6:63:de:f3:8c:31:27:f6:3f:5c:05:ac:b9:df:69:
7b:f9:71:47:52:6d:ad:7e:2e:e8:6c:8c:10:c6:29:44:bf:50:
ab:4e:e4:6e:a1:ca:7e:d9:cb:6d:84:44:54:e8:0e:55:08:32:
8d:ab:1a:42:fd:81:98:3c:c3:b9:87:c4:e2:25:d5:ab:94:f5:
52:45:62:8e:62:4c:76:fc:0d:ff:70:7c:7e:81:e8:48:94:56:
86:e4:1f:75:b4:2d:ab:9f:2d:46:d5:2a:73:a5:5a:4e:cd:aa:
c2:ee:3f:4c:33:fd:7e:a3:86:de:1e:61:b0:7a:ab:1f:8c:f1:
9b:50:40:ae:0e:bb:06:7d:c6:8f:6d:60:5f:89:45:fd:37:a6:
2a:a3:02:97:57:b4:ed:21:d9:9c:d3:07:16:24:97:ce:a0:ed:
9d:58:43:c1:7e:1d:b2:73:82:f6:c5:93:7b:d6:a7:a9:ec:37:
71:1d:5c:75:e2:08:5b:41:52:fc:c5:93:9b:62:0b:f0:d0:81:
e3:b9:e3:48
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgISAZF1ZHN3s9rw56gx5RhrvGZHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwODIxMTQ0MzIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODE0MGY2YzUyMmM5ZWY2ZmZhZWI1ZjNhNTQzNWQ4YWJkZDY4YjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAywmrBu7+Y9n/kLve2zNyD5NvNxFj
FtGM68cX87J+AocRYU6UEJhpoFXfxKgdsi9FRcS5LSNE+nYeGFaZMurvOL5vfzkK
X526oDLs/TQ14nDpnV0MTL2f/H3weum8I1IS+D0dAjRQOQLze3wPfnPCGBlnwh/8
vM22RqGeu5n3hwTlzeFX6U4MfQpzk7gl5vSzojgkeFoeMDYPFA2wq2h+UZ7kA6Oj
IvGcszIUGuCUDh89y666luJrZfVD/aHujAIHvkHF1RUCpWatcYroTrhYQjO+bwKN
hhvn2NNICOCIt7w6F27wZFYPNrjRuS4zDrvO/MrPgdRhpcviXFXi7oh3awIDAQAB
o4IClzCCApMwHQYDVR0OBBYEFCgUD2xSLJ72/66186VDXYq91oslMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvS0JRUGJGSXNudmJfcnJYenBVTmRpcjNXaXlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGsBggrBgEFBQcBBwEB/wSBnDCBmTCBlgQCAAIwgY8DBwMq
Bt4BANgDBgAqDDuH/wMHACoOl8AHUDASAwcAKg6XwAeRAwcAKg6XwAeSAwcAKg6X
wYovAwYCKg6XxKwDBwAqDrEHCfQDBwAqDrEHCfYDBwAqDrEHDfIDBwAqDrEHGHAD
BwAqDrEHG54DBwAqDrEHJ4sDBwAqEMzDzMoDBwAqEMzDzMwDBgIqEMzHkDANBgkq
hkiG9w0BAQsFAAOCAQEAi5XsmszTYInjRxJAYwKaaFaRTfq9o06NYCabJcMN+LLP
l9+8resnWi8RlEYpNMH9oe4afo/q/9kbpmPe84wxJ/Y/XAWsud9pe/lxR1JtrX4u
6GyMEMYpRL9Qq07kbqHKftnLbYREVOgOVQgyjasaQv2BmDzDuYfE4iXVq5T1UkVi
jmJMdvwN/3B8foHoSJRWhuQfdbQtq58tRtUqc6VaTs2qwu4/TDP9fqOG3h5hsHqr
H4zxm1BArg67Bn3Gj21gX4lF/TemKqMCl1e07SHZnNMHFiSXzqDtnVhDwX4dsnOC
9sWTe9anqew3cR1cdeIIW0FS/MWTm2IL8NCB47njSA==
-----END CERTIFICATE-----
Generated at Sun Sep 1 13:39:41 2024 by rpki-client on console-ams.rpki-client.org