Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/KWNYGc81V7bUo-1CKG5YHJ7rl00.roa
File: KWNYGc81V7bUo-1CKG5YHJ7rl00.roa (raw, json)
Hash identifier: 27CAyPN3BC1M18P4lR4bDoZ95ykhb2TgbPqSXuSbH30=
Subject key identifier: 29:63:58:19:CF:35:57:B6:D4:A3:ED:42:28:6E:58:1C:9E:EB:97:4D
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0185E48AE552F9D806DDCAC7DFA87A5D99C1
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/KWNYGc81V7bUo-1CKG5YHJ7rl00.roa
Signing time: Tue 24 Jan 2023 16:09:45 +0000
ROA not before: Tue 24 Jan 2023 16:09:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209218
IP address blocks: 2a0e:b107:a0::/44 maxlen: 48
2a0e:b107:ab::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e4:8a:e5:52:f9:d8:06:dd:ca:c7:df:a8:7a:5d:99:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 24 16:09:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=29635819cf3557b6d4a3ed42286e581c9eeb974d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:a2:35:f9:07:b3:a8:63:48:45:5d:1d:7c:b5:
f4:19:da:a6:a4:91:10:f8:5a:fc:17:4e:32:e2:a1:
81:21:48:e6:a3:4d:eb:fe:de:75:43:7c:2e:58:41:
4f:57:3f:c8:4e:0a:eb:e2:58:e7:7e:7c:0a:00:6a:
82:03:2a:a1:ac:90:46:9e:7c:d3:0a:ea:ea:37:c9:
39:7e:cd:21:e5:46:5e:ed:20:e7:74:73:5a:f7:d3:
77:7a:b0:b6:12:fa:e0:1b:30:31:02:ab:12:a0:40:
9d:1b:da:aa:5e:4e:6e:6a:43:9a:2b:ba:3b:4f:ba:
96:87:74:06:dc:83:99:ef:04:40:31:34:19:19:d4:
1b:7f:fe:a4:1d:e4:1d:15:49:d9:2f:c9:5a:6b:94:
b2:4b:cc:9f:61:b2:fc:4d:15:33:23:6c:80:b0:ad:
14:04:f5:e2:e8:9c:5e:d0:79:4d:26:d1:ff:55:cf:
f0:3e:8c:36:b0:de:6a:1e:58:cf:03:d3:42:e0:fb:
74:4b:9b:cb:61:dc:3e:1d:25:92:33:1b:5d:d1:0e:
a8:08:98:a9:f6:2a:db:78:25:9f:9e:6c:a8:ee:7a:
c8:77:75:ca:82:62:96:da:92:11:dc:3f:82:65:92:
93:2c:2d:5e:5a:16:6f:40:9d:54:19:73:30:01:20:
64:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:63:58:19:CF:35:57:B6:D4:A3:ED:42:28:6E:58:1C:9E:EB:97:4D
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/KWNYGc81V7bUo-1CKG5YHJ7rl00.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:a0::/44
Signature Algorithm: sha256WithRSAEncryption
42:5c:8a:aa:fe:4f:be:71:60:75:75:2b:5e:45:9f:f4:de:57:
b9:9b:93:e5:90:dc:d5:9d:b4:04:9a:9e:16:9d:f9:47:4b:b4:
9f:16:4d:f3:54:19:e7:3b:ab:11:3d:09:9c:89:e6:fa:bb:d5:
a0:0e:4d:07:76:1f:ba:a5:c5:bc:94:96:43:39:32:ff:57:86:
6e:94:b4:78:15:3d:0b:e4:64:a0:43:26:20:ca:22:03:be:4a:
89:a6:69:d7:3d:16:b0:51:30:c6:12:41:18:4a:af:11:0a:c9:
97:5a:6f:d8:a7:30:f7:e3:ee:1a:36:e2:bc:da:bb:1b:ac:78:
b3:8b:36:b5:e3:23:6d:2f:42:4f:94:40:66:b4:35:48:c1:4f:
9a:01:83:81:43:66:e8:a1:a2:13:ed:15:2f:8c:d6:3e:a6:fa:
da:89:c6:01:a9:73:16:39:17:29:f7:5b:18:3c:3a:ad:ea:0c:
25:20:48:1d:a6:69:de:d7:12:2e:bb:8c:0b:a4:9c:bd:78:bd:
e7:c7:4d:93:12:c3:08:94:a8:22:46:36:54:4e:4f:ec:d5:54:
ae:8b:f9:83:fa:d1:00:a8:0d:36:f2:b6:74:74:f8:45:3d:5b:
d4:ef:1d:f5:38:10:56:12:3c:9a:15:31:28:73:94:6b:79:73:
3d:1b:f9:7c
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYXkiuVS+dgG3crH36h6XZnBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTI0MTYwOTQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTYzNTgxOWNmMzU1N2I2ZDRhM2VkNDIyODZlNTgxYzllZWI5NzRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyKI1+QezqGNIRV0dfLX0GdqmpJEQ
+Fr8F04y4qGBIUjmo03r/t51Q3wuWEFPVz/ITgrr4ljnfnwKAGqCAyqhrJBGnnzT
CurqN8k5fs0h5UZe7SDndHNa99N3erC2EvrgGzAxAqsSoECdG9qqXk5uakOaK7o7
T7qWh3QG3IOZ7wRAMTQZGdQbf/6kHeQdFUnZL8laa5SyS8yfYbL8TRUzI2yAsK0U
BPXi6Jxe0HlNJtH/Vc/wPow2sN5qHljPA9NC4Pt0S5vLYdw+HSWSMxtd0Q6oCJip
9irbeCWfnmyo7nrId3XKgmKW2pIR3D+CZZKTLC1eWhZvQJ1UGXMwASBkIQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCljWBnPNVe21KPtQihuWBye65dNMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvS1dOWUdjODFWN2JVby0xQ0tHNVlISjdybDAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6xBwCg
MA0GCSqGSIb3DQEBCwUAA4IBAQBCXIqq/k++cWB1dSteRZ/03le5m5PlkNzVnbQE
mp4WnflHS7SfFk3zVBnnO6sRPQmcieb6u9WgDk0Hdh+6pcW8lJZDOTL/V4ZulLR4
FT0L5GSgQyYgyiIDvkqJpmnXPRawUTDGEkEYSq8RCsmXWm/YpzD34+4aNuK82rsb
rHiziza14yNtL0JPlEBmtDVIwU+aAYOBQ2booaIT7RUvjNY+pvraicYBqXMWORcp
91sYPDqt6gwlIEgdpmne1xIuu4wLpJy9eL3nx02TEsMIlKgiRjZUTk/s1VSui/mD
+tEAqA028rZ0dPhFPVvU7x31OBBWEjyaFTEoc5RreXM9G/l8
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:36:30 2024 by rpki-client on console-fra.rpki-client.org