Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/KPO3kuc34Sl7AbI9jVrfeqo8zIY.roa
File: KPO3kuc34Sl7AbI9jVrfeqo8zIY.roa (raw, json)
Hash identifier: 8R3OowDUQHQcvoC+GgnoCz5ZjfrDAAEL8gzuCxHYZes=
Subject key identifier: 28:F3:B7:92:E7:37:E1:29:7B:01:B2:3D:8D:5A:DF:7A:AA:3C:CC:86
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0185E48B0B35EDAD43B100BBB14A05BE24C0
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/KPO3kuc34Sl7AbI9jVrfeqo8zIY.roa
Signing time: Tue 24 Jan 2023 16:09:55 +0000
ROA not before: Tue 24 Jan 2023 16:09:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212858
IP address blocks: 2a0e:b107:88b::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e4:8b:0b:35:ed:ad:43:b1:00:bb:b1:4a:05:be:24:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 24 16:09:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=28f3b792e737e1297b01b23d8d5adf7aaa3ccc86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:7d:65:56:11:df:28:76:fb:2c:c3:53:1b:9c:
fe:98:e1:a8:ae:7a:d6:88:b2:43:31:f6:5d:f8:fc:
60:e9:d7:b0:ef:4e:06:c9:65:d6:ba:36:74:9a:33:
d8:b1:25:a0:2e:9c:8c:ba:2f:08:3d:ed:25:1b:8b:
fd:2b:43:dd:7f:d6:69:26:09:bb:fa:7e:73:4c:78:
0d:ee:0c:c4:01:0d:9b:c1:8f:a9:6f:e3:ca:8b:cf:
bf:73:6e:b8:f8:6d:60:bc:85:34:c3:26:a8:96:d9:
e3:26:b7:24:ce:b3:3d:20:a8:6a:da:36:3c:2b:8b:
48:3a:7f:fb:94:be:54:d1:5c:d8:e5:21:7f:d0:81:
b9:51:7c:b7:a3:22:9c:0f:e2:0b:58:0a:c9:ea:26:
12:df:7a:85:43:fc:04:93:a9:dd:61:48:48:b2:70:
9e:c3:3f:ae:05:07:55:47:11:73:32:54:56:c2:5f:
c1:bc:5e:42:8b:fd:c6:49:72:d9:34:c4:83:c4:1f:
89:63:a7:52:79:f8:c7:cb:56:de:88:30:51:8b:09:
70:f0:8e:09:07:bc:bf:81:91:f9:75:2f:7e:ff:c1:
87:95:81:c7:ad:b7:28:6c:1c:35:75:c6:dc:29:0e:
1b:d4:88:a5:dc:80:42:b1:f2:cf:2d:7a:42:da:d2:
3f:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:F3:B7:92:E7:37:E1:29:7B:01:B2:3D:8D:5A:DF:7A:AA:3C:CC:86
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/KPO3kuc34Sl7AbI9jVrfeqo8zIY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:88b::/48
Signature Algorithm: sha256WithRSAEncryption
65:bd:05:d7:5d:12:a7:a9:2e:1e:7d:b3:99:3d:4e:b1:46:c3:
d4:84:df:49:c0:33:4c:6d:e0:e5:f3:63:6e:8a:df:3b:bd:f3:
5b:18:33:70:51:c8:63:fe:49:14:34:05:79:db:c9:f2:e2:d0:
6d:a7:7b:17:0d:10:e3:f7:9a:f9:bf:b9:74:6a:d9:42:44:a2:
8e:62:38:64:5f:d9:13:52:7c:e7:6f:e4:8b:de:d3:85:f7:da:
60:48:83:76:a4:42:1a:1d:72:81:12:b6:e1:bc:46:ca:77:5c:
40:c7:2b:90:04:57:39:b9:a5:9b:74:97:36:87:27:8a:3c:7f:
b3:40:b3:96:0c:60:83:f7:57:55:ef:9e:39:2b:d2:74:c0:d6:
fd:d8:70:16:43:72:68:da:11:ba:23:b3:45:07:9c:81:69:3a:
f3:7a:00:42:c4:14:57:7e:aa:8b:fe:eb:d7:13:62:03:d2:9f:
2e:0b:e7:a2:7a:47:fb:7b:ff:37:43:ce:a4:c0:58:bd:7b:6d:
01:4f:cc:5a:43:0f:00:22:ca:a8:db:29:f9:2b:d2:1a:6d:fb:
2a:c7:ae:84:f1:20:d0:5f:48:4a:cc:fa:c2:b8:7a:1f:2a:32:
5d:c8:56:23:f3:c2:62:20:3b:75:34:0c:c4:48:f0:89:01:f3:
10:f5:7b:bd
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYXkiws17a1DsQC7sUoFviTAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTI0MTYwOTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGYzYjc5MmU3MzdlMTI5N2IwMWIyM2Q4ZDVhZGY3YWFhM2NjYzg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjH1lVhHfKHb7LMNTG5z+mOGornrW
iLJDMfZd+Pxg6dew704GyWXWujZ0mjPYsSWgLpyMui8IPe0lG4v9K0Pdf9ZpJgm7
+n5zTHgN7gzEAQ2bwY+pb+PKi8+/c264+G1gvIU0wyaoltnjJrckzrM9IKhq2jY8
K4tIOn/7lL5U0VzY5SF/0IG5UXy3oyKcD+ILWArJ6iYS33qFQ/wEk6ndYUhIsnCe
wz+uBQdVRxFzMlRWwl/BvF5Ci/3GSXLZNMSDxB+JY6dSefjHy1beiDBRiwlw8I4J
B7y/gZH5dS9+/8GHlYHHrbcobBw1dcbcKQ4b1Iil3IBCsfLPLXpC2tI/9QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCjzt5LnN+EpewGyPY1a33qqPMyGMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvS1BPM2t1YzM0U2w3QWJJOWpWcmZlcW84eklZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6xBwiL
MA0GCSqGSIb3DQEBCwUAA4IBAQBlvQXXXRKnqS4efbOZPU6xRsPUhN9JwDNMbeDl
82Nuit87vfNbGDNwUchj/kkUNAV528ny4tBtp3sXDRDj95r5v7l0atlCRKKOYjhk
X9kTUnznb+SL3tOF99pgSIN2pEIaHXKBErbhvEbKd1xAxyuQBFc5uaWbdJc2hyeK
PH+zQLOWDGCD91dV7545K9J0wNb92HAWQ3Jo2hG6I7NFB5yBaTrzegBCxBRXfqqL
/uvXE2ID0p8uC+eiekf7e/83Q86kwFi9e20BT8xaQw8AIsqo2yn5K9Iabfsqx66E
8SDQX0hKzPrCuHofKjJdyFYj88JiIDt1NAzESPCJAfMQ9Xu9
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:50 2024 by rpki-client on console-ams.rpki-client.org