Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Kp5ntme1QY0bT5XvnRBO7b47ALs.roa
File: Kp5ntme1QY0bT5XvnRBO7b47ALs.roa (raw, json)
Hash identifier: 27KrqTP+KNvHF5PoqABdoT9UfIYo3zksfJBTDNypI64=
Subject key identifier: 2A:9E:67:B6:67:B5:41:8D:1B:4F:95:EF:9D:10:4E:ED:BE:3B:00:BB
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CE037969EC2CC98F35091689C1289EDC3
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Kp5ntme1QY0bT5XvnRBO7b47ALs.roa
Signing time: Sat 06 Jan 2024 19:19:48 +0000
ROA not before: Sat 06 Jan 2024 19:19:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205980
IP address blocks: 2a0e:b107:1e60::/44 maxlen: 48
Validation: Failed, certificate revoked on Mon 19 Feb 2024 15:18:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:e0:37:96:9e:c2:cc:98:f3:50:91:68:9c:12:89:ed:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 6 19:19:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2a9e67b667b5418d1b4f95ef9d104eedbe3b00bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:8b:91:69:26:bf:17:3b:6e:33:b8:80:93:4b:
fb:55:5b:d9:1f:ad:d8:4a:11:cf:72:d1:d8:28:6e:
b4:43:61:5d:35:e8:10:72:2f:6e:38:8c:a1:d4:8d:
b6:f6:e5:ce:fe:a3:c8:13:84:45:cf:bb:a0:9a:0f:
eb:85:a0:2d:75:3c:6e:fb:b4:6f:7c:2e:87:cd:46:
66:22:67:6a:83:18:0f:32:4c:51:d8:ca:8a:0a:89:
18:ba:65:2b:a4:53:07:25:c0:08:73:37:14:41:63:
15:b8:bc:e0:7b:9b:ab:6a:45:85:5f:7e:1b:d4:e5:
01:1d:e8:7a:2c:ed:21:81:1c:87:6b:f8:34:97:63:
21:2e:c0:35:d0:6a:8a:54:5f:51:a2:ff:93:5b:2c:
11:d1:3a:1c:99:91:57:c4:b2:b5:4a:c4:71:04:f3:
bf:b0:7a:32:83:f7:a6:53:cc:58:27:f2:7c:a1:e3:
7d:0d:33:81:c7:20:8b:57:bb:f2:6c:fa:20:38:41:
ed:84:fd:c3:4a:fe:98:b0:8e:47:06:08:63:7e:9f:
de:fe:bb:ea:9f:7c:74:f0:59:ae:d4:e4:b4:7c:86:
6e:92:ff:31:2a:fd:0a:07:9f:fb:0b:1a:0f:1d:48:
4f:89:67:9f:e4:b4:75:01:a6:e3:4a:c8:14:32:0c:
2c:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:9E:67:B6:67:B5:41:8D:1B:4F:95:EF:9D:10:4E:ED:BE:3B:00:BB
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Kp5ntme1QY0bT5XvnRBO7b47ALs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:1e60::/44
Signature Algorithm: sha256WithRSAEncryption
8a:47:27:24:42:5b:92:c7:81:40:3a:d9:45:76:7e:1c:41:e4:
15:b7:e4:d1:45:70:8a:6d:8b:65:de:6c:21:78:5c:68:4e:38:
68:91:ca:d2:c1:4e:d2:63:f9:56:f8:2f:65:d6:f1:86:b6:f9:
24:37:e6:1d:2f:5e:84:3e:a1:bd:b3:c9:05:ef:d4:98:f6:7d:
c9:fa:58:42:05:60:c4:34:00:46:c2:f0:4d:06:84:b5:6e:41:
86:8b:89:46:e7:65:d8:83:7e:d1:0d:8d:d2:a6:b9:b7:8d:56:
00:b9:64:33:7f:e5:4b:c0:ed:43:2d:ab:ec:b4:7a:d1:0a:41:
f4:3f:b8:91:b8:5e:15:dd:0c:fb:9d:3f:fa:e2:b5:30:1f:73:
c1:52:37:a6:48:35:b8:70:42:fb:bd:f1:a8:da:d6:bd:f0:f8:
34:8e:43:c8:5c:22:e5:2c:08:ca:d9:2f:8c:ee:3d:e9:e8:28:
0e:51:75:f5:87:85:c1:16:8b:29:29:bf:68:71:e8:c0:df:ba:
57:1b:6a:70:ec:8f:46:89:4a:6d:8e:67:f5:8b:05:7c:45:81:
5c:d4:0e:dc:09:25:50:83:74:86:c0:2c:83:05:d6:07:0d:02:
85:04:1c:dd:9e:25:de:84:66:b8:fd:67:b2:84:7b:ee:03:05:
02:1f:71:ba
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzgN5aewsyY81CRaJwSie3DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTA2MTkxOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTllNjdiNjY3YjU0MThkMWI0Zjk1ZWY5ZDEwNGVlZGJlM2IwMGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3YuRaSa/FztuM7iAk0v7VVvZH63Y
ShHPctHYKG60Q2FdNegQci9uOIyh1I229uXO/qPIE4RFz7ugmg/rhaAtdTxu+7Rv
fC6HzUZmImdqgxgPMkxR2MqKCokYumUrpFMHJcAIczcUQWMVuLzge5urakWFX34b
1OUBHeh6LO0hgRyHa/g0l2MhLsA10GqKVF9Rov+TWywR0TocmZFXxLK1SsRxBPO/
sHoyg/emU8xYJ/J8oeN9DTOBxyCLV7vybPogOEHthP3DSv6YsI5HBghjfp/e/rvq
n3x08Fmu1OS0fIZukv8xKv0KB5/7CxoPHUhPiWef5LR1AabjSsgUMgws9QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCqeZ7ZntUGNG0+V750QTu2+OwC7MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvS3A1bnRtZTFRWTBiVDVYdm5SQk83YjQ3QUxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6xBx5g
MA0GCSqGSIb3DQEBCwUAA4IBAQCKRyckQluSx4FAOtlFdn4cQeQVt+TRRXCKbYtl
3mwheFxoTjhokcrSwU7SY/lW+C9l1vGGtvkkN+YdL16EPqG9s8kF79SY9n3J+lhC
BWDENABGwvBNBoS1bkGGi4lG52XYg37RDY3Sprm3jVYAuWQzf+VLwO1DLavstHrR
CkH0P7iRuF4V3Qz7nT/64rUwH3PBUjemSDW4cEL7vfGo2ta98Pg0jkPIXCLlLAjK
2S+M7j3p6CgOUXX1h4XBFospKb9ocejA37pXG2pw7I9GiUptjmf1iwV8RYFc1A7c
CSVQg3SGwCyDBdYHDQKFBBzdniXehGa4/WeyhHvuAwUCH3G6
-----END CERTIFICATE-----
Generated at Mon Feb 19 18:16:55 2024 by rpki-client on console-fra.rpki-client.org