Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/KR2Ihm0LtGhr5-WzL0l20wlOhvs.roa
File: KR2Ihm0LtGhr5-WzL0l20wlOhvs.roa (raw, json)
Hash identifier: TDTB9370PWprBtTNM1TmaNU7Ad99idG4jfW6CKDuhog=
Subject key identifier: 29:1D:88:86:6D:0B:B4:68:6B:E7:E5:B3:2F:49:76:D3:09:4E:86:FB
Certificate issuer: /CN=21021b252222997bfe33b7e4b315ac8d5e067954
Certificate serial: 018571D79127350A8E1AEE8647E2C4610A9F
Authority key identifier: 21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/KR2Ihm0LtGhr5-WzL0l20wlOhvs.roa
Signing time: Mon 02 Jan 2023 09:37:10 +0000
ROA not before: Mon 02 Jan 2023 09:37:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212238
IP address blocks: 2a0d:3900::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:d7:91:27:35:0a:8e:1a:ee:86:47:e2:c4:61:0a:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21021b252222997bfe33b7e4b315ac8d5e067954
Validity
Not Before: Jan 2 09:37:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=291d88866d0bb4686be7e5b32f4976d3094e86fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:e8:5c:19:b0:23:1b:ad:6d:1c:ec:14:42:70:
e6:f5:48:f0:bb:fb:fc:3f:48:4f:c9:84:76:55:67:
fc:d1:2e:37:4f:c4:00:f0:64:05:d4:46:ba:b4:0d:
d6:e9:02:65:07:5b:e3:eb:78:8e:b9:f7:95:aa:e2:
94:eb:f7:07:d0:3a:45:be:a4:9a:bf:3b:01:02:4b:
c0:d9:18:07:dc:b5:18:8d:09:ee:20:a3:35:85:df:
97:7e:84:6e:b3:7e:55:92:dd:96:6e:e5:35:a4:55:
07:c6:0a:1a:cc:a0:c6:f1:d7:12:d8:0e:be:b5:2e:
14:81:2e:16:0b:c9:cb:cd:bb:e8:4d:9e:22:5d:6b:
42:46:46:ed:62:24:5f:bd:83:32:21:10:4f:d5:ac:
ec:82:7f:8d:ad:00:86:36:46:b1:95:e0:29:42:77:
dc:1e:9e:f3:a3:a7:66:86:5c:d4:e6:7c:5d:e8:1a:
bd:a3:3b:c0:60:25:e4:1c:8f:a0:fc:1e:e4:b5:ad:
5c:bf:f7:3c:94:a0:64:75:c1:d9:03:3f:1c:ed:9c:
e1:62:b3:3a:7b:a3:44:44:45:20:7e:f8:db:5a:eb:
4f:16:96:58:3e:57:05:7f:4d:a8:9a:36:63:17:b2:
ac:f5:6a:d3:f3:da:08:db:30:22:1b:c0:44:09:28:
c2:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:1D:88:86:6D:0B:B4:68:6B:E7:E5:B3:2F:49:76:D3:09:4E:86:FB
X509v3 Authority Key Identifier:
keyid:21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/KR2Ihm0LtGhr5-WzL0l20wlOhvs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:3900::/29
Signature Algorithm: sha256WithRSAEncryption
45:b9:8d:fd:6a:07:da:cc:7f:ab:3f:96:48:cb:25:50:ab:55:
50:cd:54:47:8e:70:46:a2:25:d2:bb:bc:cd:99:5d:1a:56:40:
77:ba:4c:35:2e:82:bb:68:93:a8:98:e0:96:a4:19:5b:8a:4c:
26:ad:3f:a2:69:3d:ee:9f:cf:94:30:bf:32:46:4a:c4:95:98:
1e:6a:d4:1d:aa:54:ea:61:c5:e5:b9:13:b9:64:cd:86:2a:7c:
90:7c:0b:79:e8:9e:d2:08:3b:0f:8a:df:86:f6:dc:2d:3c:31:
19:90:44:92:2c:d8:5f:92:71:b9:53:85:46:6b:d3:d5:5f:9c:
4a:da:59:ba:76:c7:69:84:db:84:55:02:47:c4:1a:30:42:d2:
ba:e3:9b:94:83:e3:31:1d:9a:dc:dd:84:c6:36:e6:72:e7:bd:
11:28:20:ff:ac:91:c0:50:91:b6:f5:07:1f:89:cd:e8:ae:5f:
dd:b2:7f:d5:85:5f:b1:5e:54:01:72:69:ff:dc:88:4b:1b:4b:
9b:13:b3:b9:5a:8f:73:95:e3:62:7a:27:a9:dd:d6:cf:0b:06:
64:28:56:e0:88:d0:4c:ef:21:9c:1d:54:b3:b4:fd:c6:32:b6:
a3:47:7c:78:62:69:e1:7b:c1:73:05:16:4e:74:ec:ed:46:ad:
98:9f:17:a3
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVx15EnNQqOGu6GR+LEYQqfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMDIxYjI1MjIyMjk5N2JmZTMzYjdlNGIzMTVhYzhkNWUw
Njc5NTQwHhcNMjMwMTAyMDkzNzEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTFkODg4NjZkMGJiNDY4NmJlN2U1YjMyZjQ5NzZkMzA5NGU4NmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvuhcGbAjG61tHOwUQnDm9Ujwu/v8
P0hPyYR2VWf80S43T8QA8GQF1Ea6tA3W6QJlB1vj63iOufeVquKU6/cH0DpFvqSa
vzsBAkvA2RgH3LUYjQnuIKM1hd+XfoRus35Vkt2WbuU1pFUHxgoazKDG8dcS2A6+
tS4UgS4WC8nLzbvoTZ4iXWtCRkbtYiRfvYMyIRBP1azsgn+NrQCGNkaxleApQnfc
Hp7zo6dmhlzU5nxd6Bq9ozvAYCXkHI+g/B7kta1cv/c8lKBkdcHZAz8c7ZzhYrM6
e6NEREUgfvjbWutPFpZYPlcFf02omjZjF7Ks9WrT89oI2zAiG8BECSjCEQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFCkdiIZtC7Roa+flsy9JdtMJTob7MB8GA1UdIwQY
MBaAFCECGyUiIpl7/jO35LMVrI1eBnlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVFJYkpTSWltWHYtTTdma3N4V3NqVjRHZVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC81OTI5NGMtMGYyNC00MGM1LWI1YzMt
NmVhYzYyZTYwZGY3LzEvS1IySWhtMEx0R2hyNS1XekwwbDIwd2xPaHZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC81OTI5NGMtMGYyNC00MGM1LWI1YzMtNmVhYzYyZTYwZGY3
LzEvSVFJYkpTSWltWHYtTTdma3N4V3NqVjRHZVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg05ADAN
BgkqhkiG9w0BAQsFAAOCAQEARbmN/WoH2sx/qz+WSMslUKtVUM1UR45wRqIl0ru8
zZldGlZAd7pMNS6Cu2iTqJjglqQZW4pMJq0/omk97p/PlDC/MkZKxJWYHmrUHapU
6mHF5bkTuWTNhip8kHwLeeie0gg7D4rfhvbcLTwxGZBEkizYX5JxuVOFRmvT1V+c
StpZunbHaYTbhFUCR8QaMELSuuOblIPjMR2a3N2Exjbmcue9ESgg/6yRwFCRtvUH
H4nN6K5f3bJ/1YVfsV5UAXJp/9yISxtLmxOzuVqPc5XjYnonqd3WzwsGZChW4IjQ
TO8hnB1Us7T9xjK2o0d8eGJp4XvBcwUWTnTs7UatmJ8Xow==
-----END CERTIFICATE-----
Generated at Mon Jan 1 02:53:55 2024 by rpki-client on console-ams.rpki-client.org