Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/6e79b8-2b8f-4ecc-9a6e-70e898bb38dd/1/kn24JlzDI3Q7XtUsomwiG6MV10s.roa
File: kn24JlzDI3Q7XtUsomwiG6MV10s.roa (raw, json)
Hash identifier: gDShZ44UV0NLqqxPNrnD7OK2VBVZNUTh2PZv8M5pfL0=
Subject key identifier: 92:7D:B8:26:5C:C3:23:74:3B:5E:D5:2C:A2:6C:22:1B:A3:15:D7:4B
Certificate issuer: /CN=e14ac611614dd165d94557296ed7ed46c8fc025f
Certificate serial: 018D31B091A7DC65FEA400A7A7DEBB8C241C
Authority key identifier: E1:4A:C6:11:61:4D:D1:65:D9:45:57:29:6E:D7:ED:46:C8:FC:02:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4UrGEWFN0WXZRVcpbtftRsj8Al8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/6e79b8-2b8f-4ecc-9a6e-70e898bb38dd/1/kn24JlzDI3Q7XtUsomwiG6MV10s.roa
Signing time: Mon 22 Jan 2024 15:01:11 +0000
ROA not before: Mon 22 Jan 2024 15:01:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199854
IP address blocks: 2a0d:2146:bdb0::/44 maxlen: 48
Validation: Failed, certificate revoked on Mon 11 Mar 2024 16:47:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:31:b0:91:a7:dc:65:fe:a4:00:a7:a7:de:bb:8c:24:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e14ac611614dd165d94557296ed7ed46c8fc025f
Validity
Not Before: Jan 22 15:01:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=927db8265cc323743b5ed52ca26c221ba315d74b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:60:20:0a:d2:b4:ad:96:a2:61:14:c5:8d:0f:
f8:9b:ff:ca:69:55:f9:63:4d:d1:14:2c:22:71:52:
af:7d:90:8b:75:77:b8:aa:7d:9d:b0:23:fb:14:61:
b9:04:cf:20:30:e1:02:ad:4a:91:78:63:42:2d:d9:
ab:d6:c2:2d:ef:e2:60:3f:41:82:f3:09:13:20:04:
d7:be:79:16:0d:b2:ad:a9:5c:9a:77:5b:33:fb:15:
9f:7c:ef:0c:dc:46:e0:33:b8:47:52:9f:48:42:95:
17:95:7e:21:43:49:ed:60:9f:49:d0:47:97:de:6e:
55:a5:66:f8:42:d7:8a:79:b3:e6:5d:0c:3e:50:c7:
c3:a0:7b:fb:89:7b:9a:61:7b:e4:39:cd:e0:f3:c1:
0c:cf:b3:3e:96:cb:cc:0b:9b:90:e3:b8:81:84:fa:
53:13:c5:13:15:25:0b:7c:40:0c:1c:60:67:66:b5:
1f:02:19:0f:11:a1:77:a7:a1:e1:4f:79:97:9a:06:
44:e3:58:ae:1c:8d:d2:ca:cf:3e:a3:ca:d5:c8:d0:
e7:16:4e:8b:1d:44:78:55:11:2e:a7:0d:1d:c0:bd:
14:06:fd:fd:2a:c9:1f:9f:29:76:1f:0a:e3:3f:49:
51:7e:51:ca:cd:75:ec:c9:57:0a:d1:ae:45:42:6d:
cf:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:7D:B8:26:5C:C3:23:74:3B:5E:D5:2C:A2:6C:22:1B:A3:15:D7:4B
X509v3 Authority Key Identifier:
keyid:E1:4A:C6:11:61:4D:D1:65:D9:45:57:29:6E:D7:ED:46:C8:FC:02:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4UrGEWFN0WXZRVcpbtftRsj8Al8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/6e79b8-2b8f-4ecc-9a6e-70e898bb38dd/1/kn24JlzDI3Q7XtUsomwiG6MV10s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/6e79b8-2b8f-4ecc-9a6e-70e898bb38dd/1/4UrGEWFN0WXZRVcpbtftRsj8Al8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:2146:bdb0::/44
Signature Algorithm: sha256WithRSAEncryption
47:e4:0c:dd:ca:d4:bc:b0:08:7c:24:90:ab:b1:4e:f7:dd:74:
cb:73:4b:ff:4e:7e:ac:e0:30:1b:b6:15:99:e6:b5:5c:db:4e:
fe:91:42:e1:3a:03:59:56:57:d5:13:dc:d3:f3:86:5e:90:06:
84:8f:b6:8f:74:1c:7b:d2:5c:ba:9e:39:e1:f8:37:d5:a2:76:
20:5d:0f:05:0d:75:df:fd:33:10:4d:c6:ee:c8:0d:cb:a3:81:
23:42:76:3d:ee:3c:ee:51:3a:c7:96:14:df:c8:ba:f9:d7:54:
dc:3d:d3:e6:1d:05:b4:af:c3:5d:9d:05:3d:16:81:2d:db:26:
b2:ee:06:22:0a:5d:30:f1:96:d3:f0:3d:ed:53:1c:26:c3:ce:
cb:e1:6f:ea:66:bf:bd:1c:0e:ff:a5:c6:aa:6a:a4:74:a9:1a:
a2:79:0c:3e:08:4c:a6:83:b0:41:52:40:69:e3:c3:99:1d:02:
1a:af:14:74:1a:a7:05:61:55:be:e9:53:09:ff:4f:4e:6a:22:
68:bf:b7:46:f0:be:a1:b1:4c:76:5f:bc:b2:cc:e4:74:6c:72:
b4:1d:e3:5f:52:74:57:31:8f:f6:dc:91:5d:95:b3:fb:14:8a:
34:60:e3:4b:e1:f0:e8:0f:3f:34:09:5e:e5:79:9a:50:79:22:
37:74:80:27
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY0xsJGn3GX+pACnp967jCQcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxNGFjNjExNjE0ZGQxNjVkOTQ1NTcyOTZlZDdlZDQ2Yzhm
YzAyNWYwHhcNMjQwMTIyMTUwMTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjdkYjgyNjVjYzMyMzc0M2I1ZWQ1MmNhMjZjMjIxYmEzMTVkNzRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgWAgCtK0rZaiYRTFjQ/4m//KaVX5
Y03RFCwicVKvfZCLdXe4qn2dsCP7FGG5BM8gMOECrUqReGNCLdmr1sIt7+JgP0GC
8wkTIATXvnkWDbKtqVyad1sz+xWffO8M3EbgM7hHUp9IQpUXlX4hQ0ntYJ9J0EeX
3m5VpWb4QteKebPmXQw+UMfDoHv7iXuaYXvkOc3g88EMz7M+lsvMC5uQ47iBhPpT
E8UTFSULfEAMHGBnZrUfAhkPEaF3p6HhT3mXmgZE41iuHI3Sys8+o8rVyNDnFk6L
HUR4VREupw0dwL0UBv39Kskfnyl2HwrjP0lRflHKzXXsyVcK0a5FQm3PAwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJJ9uCZcwyN0O17VLKJsIhujFddLMB8GA1UdIwQY
MBaAFOFKxhFhTdFl2UVXKW7X7UbI/AJfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFVyR0VXRk4wV1haUlZjcGJ0ZnRSc2o4QWw4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS82ZTc5YjgtMmI4Zi00ZWNjLTlhNmUt
NzBlODk4YmIzOGRkLzEva24yNEpsekRJM1E3WHRVc29td2lHNk1WMTBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS82ZTc5YjgtMmI4Zi00ZWNjLTlhNmUtNzBlODk4YmIzOGRk
LzEvNFVyR0VXRk4wV1haUlZjcGJ0ZnRSc2o4QWw4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg0hRr2w
MA0GCSqGSIb3DQEBCwUAA4IBAQBH5AzdytS8sAh8JJCrsU733XTLc0v/Tn6s4DAb
thWZ5rVc207+kULhOgNZVlfVE9zT84ZekAaEj7aPdBx70ly6njnh+DfVonYgXQ8F
DXXf/TMQTcbuyA3Lo4EjQnY97jzuUTrHlhTfyLr511TcPdPmHQW0r8NdnQU9FoEt
2yay7gYiCl0w8ZbT8D3tUxwmw87L4W/qZr+9HA7/pcaqaqR0qRqieQw+CEymg7BB
UkBp48OZHQIarxR0GqcFYVW+6VMJ/09OaiJov7dG8L6hsUx2X7yyzOR0bHK0HeNf
UnRXMY/23JFdlbP7FIo0YONL4fDoDz80CV7leZpQeSI3dIAn
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:51:10 2025 by rpki-client