Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/KoKiGrO8-5vwJjm0SdZSe5JyLyA.roa
File: KoKiGrO8-5vwJjm0SdZSe5JyLyA.roa (raw, json)
Hash identifier: UjLpVS+zT7Vd3lbBOzlOkEoRF3GJxbcPHgl0WRMIAyM=
Subject key identifier: 2A:82:A2:1A:B3:BC:FB:9B:F0:26:39:B4:49:D6:52:7B:92:72:2F:20
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018BDD97E7A7827782120FE16806BFA7FA5E
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/KoKiGrO8-5vwJjm0SdZSe5JyLyA.roa
Signing time: Fri 17 Nov 2023 14:03:21 +0000
ROA not before: Fri 17 Nov 2023 14:03:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 2a0e:b107:19a0::/48 maxlen: 48
2a10:ccc0:3000::/48 maxlen: 48
2a06:de00:10::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:dd:97:e7:a7:82:77:82:12:0f:e1:68:06:bf:a7:fa:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Nov 17 14:03:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a82a21ab3bcfb9bf02639b449d6527b92722f20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:6f:46:46:54:8a:79:de:1e:ef:3f:b7:83:20:
75:63:35:01:c5:11:74:8b:f9:3b:91:09:58:c5:ce:
c9:f9:7a:5e:df:4d:fb:15:43:61:bf:a5:bd:e3:aa:
e4:d1:dd:41:97:d1:77:86:63:35:a1:9f:75:75:30:
cd:90:f2:2b:36:d9:32:1a:89:56:76:32:b8:36:47:
03:6c:58:1e:58:f5:f5:96:18:8c:0f:19:a0:5a:85:
fa:ae:a8:e2:4f:bc:b5:34:0c:ca:09:73:47:fa:38:
71:fb:1f:3e:02:53:52:48:55:1e:ab:75:20:64:24:
67:14:3e:cf:03:3f:e2:81:2f:d6:53:6f:b3:48:44:
94:16:1d:4f:41:87:be:21:0d:c4:aa:c8:03:b1:83:
db:12:b1:64:af:c8:1e:00:b0:bd:c3:53:57:7a:71:
24:5f:02:53:31:11:7a:b7:f1:c9:4e:c7:21:b1:f9:
41:6b:16:a7:8f:1c:95:e2:f0:65:c0:91:a3:e5:ed:
8a:a7:32:a6:37:3a:b4:7a:17:77:70:94:dd:16:05:
a8:c9:ef:60:73:00:5c:99:7e:11:70:e6:35:a8:9e:
48:c5:9b:35:82:b2:d6:be:62:f1:b7:ad:23:fd:9d:
71:9f:27:ef:6c:8c:f7:f2:7a:b4:a0:9a:77:c0:06:
4f:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:82:A2:1A:B3:BC:FB:9B:F0:26:39:B4:49:D6:52:7B:92:72:2F:20
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/KoKiGrO8-5vwJjm0SdZSe5JyLyA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:de00:10::/48
2a0e:b107:19a0::/48
2a10:ccc0:3000::/48
Signature Algorithm: sha256WithRSAEncryption
53:1b:31:5c:1f:95:7c:26:0e:d5:3d:24:ce:a1:b7:3e:ec:92:
2b:3b:17:2c:f7:a2:b9:4c:35:3f:f3:5f:48:89:ef:25:65:c6:
f6:d7:ad:c8:da:e1:b0:5a:47:ea:4d:71:f1:56:b3:52:1c:e1:
a0:c8:45:6d:30:71:f5:c1:01:80:c4:50:60:6f:1c:3e:b2:78:
00:a6:71:cb:5f:09:d3:dc:8d:d0:d9:8d:9c:a5:dd:ea:23:a2:
15:91:32:8d:78:88:91:ad:38:a8:3e:a5:38:78:7d:19:58:7f:
8d:b4:c7:d4:79:fc:8b:5d:e0:a6:16:77:eb:d8:c1:27:f3:4a:
fe:27:0d:5d:43:d4:de:f5:8a:46:e7:3b:c7:c2:a0:92:c5:aa:
0f:99:d6:27:68:d4:f5:fa:e1:42:e8:95:da:a3:84:2f:73:98:
e7:f9:f1:07:f9:b7:d3:c0:9b:de:72:ed:c1:fc:00:79:e0:1c:
f6:9d:f8:74:7f:24:95:80:75:66:37:0d:eb:c1:86:37:5c:fe:
57:87:38:ae:cf:0f:55:97:f5:61:13:68:55:32:6b:a5:41:b3:
70:64:1e:e5:54:07:07:c7:41:23:77:59:21:ea:bc:9d:de:5b:
df:16:b0:f6:6e:02:4e:1e:bb:f9:17:57:88:64:22:fa:3d:56:
e6:d8:b8:60
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYvdl+engneCEg/haAa/p/peMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMxMTE3MTQwMzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTgyYTIxYWIzYmNmYjliZjAyNjM5YjQ0OWQ2NTI3YjkyNzIyZjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnG9GRlSKed4e7z+3gyB1YzUBxRF0
i/k7kQlYxc7J+Xpe3037FUNhv6W946rk0d1Bl9F3hmM1oZ91dTDNkPIrNtkyGolW
djK4NkcDbFgeWPX1lhiMDxmgWoX6rqjiT7y1NAzKCXNH+jhx+x8+AlNSSFUeq3Ug
ZCRnFD7PAz/igS/WU2+zSESUFh1PQYe+IQ3EqsgDsYPbErFkr8geALC9w1NXenEk
XwJTMRF6t/HJTschsflBaxanjxyV4vBlwJGj5e2KpzKmNzq0ehd3cJTdFgWoye9g
cwBcmX4RcOY1qJ5IxZs1grLWvmLxt60j/Z1xnyfvbIz38nq0oJp3wAZPiQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCqCohqzvPub8CY5tEnWUnuSci8gMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvS29LaUdyTzgtNXZ3SmptMFNkWlNlNUp5THlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcAKgbeAAAQ
AwcAKg6xBxmgAwcAKhDMwDAAMA0GCSqGSIb3DQEBCwUAA4IBAQBTGzFcH5V8Jg7V
PSTOobc+7JIrOxcs96K5TDU/819Iie8lZcb2163I2uGwWkfqTXHxVrNSHOGgyEVt
MHH1wQGAxFBgbxw+sngApnHLXwnT3I3Q2Y2cpd3qI6IVkTKNeIiRrTioPqU4eH0Z
WH+NtMfUefyLXeCmFnfr2MEn80r+Jw1dQ9Te9YpG5zvHwqCSxaoPmdYnaNT1+uFC
6JXao4Qvc5jn+fEH+bfTwJvecu3B/AB54Bz2nfh0fySVgHVmNw3rwYY3XP5Xhziu
zw9Vl/VhE2hVMmulQbNwZB7lVAcHx0Ejd1kh6ryd3lvfFrD2bgJOHrv5F1eIZCL6
PVbm2Lhg
-----END CERTIFICATE-----
Generated at Sun Nov 19 00:44:07 2023 by rpki-client on console-fra.rpki-client.org