Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/KYlPam3p5r6azBxxrCYmRGVgmbo.roa
File: KYlPam3p5r6azBxxrCYmRGVgmbo.roa (raw, json)
Hash identifier: n+Z/heQi4i+8XDnG5WcXsnW4qWulRCjHL+n2AZEIhBI=
Subject key identifier: 29:89:4F:6A:6D:E9:E6:BE:9A:CC:1C:71:AC:26:26:44:65:60:99:BA
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CC9BD074B5241FC9A085FDAE7813F25E1
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/KYlPam3p5r6azBxxrCYmRGVgmbo.roa
Signing time: Tue 02 Jan 2024 10:34:17 +0000
ROA not before: Tue 02 Jan 2024 10:34:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204160
IP address blocks: 2a0e:97c0:b70::/44 maxlen: 48
2a0e:97c0:b78::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 23 Jul 2024 22:51:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bd:07:4b:52:41:fc:9a:08:5f:da:e7:81:3f:25:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 10:34:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=29894f6a6de9e6be9acc1c71ac262644656099ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:28:cf:01:69:73:c8:8b:46:4f:e5:44:96:4c:
4f:37:67:e7:98:85:a7:43:00:36:4d:53:6d:e8:8a:
fe:03:10:c0:f3:82:07:cc:61:a2:5b:98:9a:6d:99:
df:ea:26:47:40:18:e9:c1:38:6d:85:ac:5a:37:4b:
dd:64:89:32:ee:ab:70:42:e5:30:1c:40:d4:09:58:
ad:89:77:19:6b:d7:9b:8d:47:d5:a7:a3:34:6f:3b:
04:77:78:0a:6a:f3:90:8f:c5:91:b8:da:eb:2e:50:
2a:ed:82:2f:19:30:3b:7e:b6:54:4a:cc:80:68:88:
05:b9:7e:c5:16:14:42:61:20:da:a9:6b:e2:63:df:
b7:84:24:17:26:d1:01:9a:99:bc:e9:2a:0e:5d:16:
64:4c:d1:3e:c7:19:5b:56:a9:e0:2e:08:f1:3f:2c:
dc:59:c3:6a:82:b8:87:f5:c0:c3:18:b4:97:bf:b5:
26:67:52:86:b1:12:5e:e6:b1:ce:c0:da:86:2e:f8:
2a:cb:df:92:2a:a5:52:90:e1:d2:b7:9e:61:ca:e4:
ae:a7:b0:a0:63:36:4d:8b:ec:46:24:5e:4e:68:4c:
13:8e:20:93:e8:a4:ca:3c:0d:2a:cc:5f:12:79:8a:
05:c2:a3:3f:c6:e8:f8:9a:40:f5:99:c1:8b:be:d9:
c8:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:89:4F:6A:6D:E9:E6:BE:9A:CC:1C:71:AC:26:26:44:65:60:99:BA
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/KYlPam3p5r6azBxxrCYmRGVgmbo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:b70::/44
Signature Algorithm: sha256WithRSAEncryption
c6:0c:b0:04:ae:0a:89:9f:92:7c:d0:95:d9:2a:95:f0:1e:6f:
72:ad:b8:db:5e:d9:2b:c4:9d:37:72:73:0d:22:45:1a:72:99:
46:67:53:36:64:b9:31:36:5e:25:eb:99:4c:28:30:f2:46:0a:
c9:54:b7:3c:cd:57:e4:4d:89:0d:98:80:7b:87:79:e0:f6:87:
25:ca:90:2c:36:9c:71:b0:e0:12:5d:39:3c:93:ae:5c:4f:80:
33:ee:db:5e:c0:32:fb:de:d2:4f:16:6b:0e:31:dc:43:0d:87:
b4:06:b3:02:c6:ec:44:6d:c4:7c:00:81:8a:ca:4b:af:29:15:
16:50:40:f6:c9:c4:12:91:ab:10:4e:d7:47:56:71:78:ed:92:
11:d9:cd:9c:2b:ef:67:c7:0e:ba:67:63:04:cb:b7:17:02:5f:
5a:e6:29:15:bb:98:fb:42:39:ac:34:7b:88:b2:f2:58:94:ef:
d4:b3:fa:42:c6:a2:06:fe:fe:96:63:20:fa:35:9b:db:78:57:
bc:e7:07:61:e1:15:2b:55:3a:cb:de:d9:03:8f:f5:40:90:e8:
41:8a:32:c7:53:21:d2:d3:e5:1b:4d:20:c4:3e:9a:9c:49:f8:
23:56:4d:52:1e:6d:be:13:3b:76:82:7e:78:74:bd:4d:4f:7a:
bd:a9:c1:f8
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzJvQdLUkH8mghf2ueBPyXhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTg5NGY2YTZkZTllNmJlOWFjYzFjNzFhYzI2MjY0NDY1NjA5OWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqSjPAWlzyItGT+VElkxPN2fnmIWn
QwA2TVNt6Ir+AxDA84IHzGGiW5iabZnf6iZHQBjpwThthaxaN0vdZIky7qtwQuUw
HEDUCVitiXcZa9ebjUfVp6M0bzsEd3gKavOQj8WRuNrrLlAq7YIvGTA7frZUSsyA
aIgFuX7FFhRCYSDaqWviY9+3hCQXJtEBmpm86SoOXRZkTNE+xxlbVqngLgjxPyzc
WcNqgriH9cDDGLSXv7UmZ1KGsRJe5rHOwNqGLvgqy9+SKqVSkOHSt55hyuSup7Cg
YzZNi+xGJF5OaEwTjiCT6KTKPA0qzF8SeYoFwqM/xuj4mkD1mcGLvtnI/QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCmJT2pt6ea+mswccawmJkRlYJm6MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvS1lsUGFtM3A1cjZhekJ4eHJDWW1SR1ZnbWJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwAtw
MA0GCSqGSIb3DQEBCwUAA4IBAQDGDLAErgqJn5J80JXZKpXwHm9yrbjbXtkrxJ03
cnMNIkUacplGZ1M2ZLkxNl4l65lMKDDyRgrJVLc8zVfkTYkNmIB7h3ng9oclypAs
NpxxsOASXTk8k65cT4Az7ttewDL73tJPFmsOMdxDDYe0BrMCxuxEbcR8AIGKykuv
KRUWUED2ycQSkasQTtdHVnF47ZIR2c2cK+9nxw66Z2MEy7cXAl9a5ikVu5j7Qjms
NHuIsvJYlO/Us/pCxqIG/v6WYyD6NZvbeFe85wdh4RUrVTrL3tkDj/VAkOhBijLH
UyHS0+UbTSDEPpqcSfgjVk1SHm2+Ezt2gn54dL1NT3q9qcH4
-----END CERTIFICATE-----
Generated at Wed Jul 24 01:25:08 2024 by rpki-client on console-ams.rpki-client.org