Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/f507cb-7371-4ad1-b7e3-16a7d60d5bea/1/KBIK6PT5qvM9wll6PO6MR08_x9w.roa
File: KBIK6PT5qvM9wll6PO6MR08_x9w.roa (raw, json)
Hash identifier: xrX040vjcQU/q3xgJ7cUpnrZofbl92YOX7/NPeOkoZs=
Subject key identifier: 28:12:0A:E8:F4:F9:AA:F3:3D:C2:59:7A:3C:EE:8C:47:4F:3F:C7:DC
Certificate issuer: /CN=d116835d037786620a9e9f7a0e360498bb654127
Certificate serial: 0191BB8504DD035EEFD09B95A063EEEC1C41
Authority key identifier: D1:16:83:5D:03:77:86:62:0A:9E:9F:7A:0E:36:04:98:BB:65:41:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0RaDXQN3hmIKnp96DjYEmLtlQSc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/f507cb-7371-4ad1-b7e3-16a7d60d5bea/1/KBIK6PT5qvM9wll6PO6MR08_x9w.roa
Signing time: Wed 04 Sep 2024 05:32:22 +0000
ROA not before: Wed 04 Sep 2024 05:32:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15404
IP address blocks: 2001:678:274::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:49:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:bb:85:04:dd:03:5e:ef:d0:9b:95:a0:63:ee:ec:1c:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d116835d037786620a9e9f7a0e360498bb654127
Validity
Not Before: Sep 4 05:32:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=28120ae8f4f9aaf33dc2597a3cee8c474f3fc7dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:76:38:c3:e7:1d:b3:87:ef:51:a3:9e:e3:1a:
b7:b6:76:38:5e:93:dd:7e:c1:39:59:d6:09:c7:ef:
19:f7:7d:e7:76:9c:89:93:2d:d8:da:ee:7c:0a:df:
95:09:05:05:8b:75:8a:61:30:b3:04:82:6e:dd:a0:
b7:e3:fd:2e:ed:2f:c7:37:aa:51:54:75:0d:c2:4f:
cf:f0:f3:24:d5:b6:fe:c6:f2:b9:40:3e:eb:ba:9b:
6c:75:a7:9e:19:74:1a:54:56:f2:21:95:ea:8e:08:
41:41:0c:52:16:5d:4f:8e:24:ff:2b:c1:d7:f2:5a:
92:3e:61:6b:77:e8:4a:f5:01:5e:db:f1:49:77:db:
08:62:50:07:85:57:28:48:81:46:64:03:99:c0:a7:
3c:06:0a:9e:2b:0c:89:98:37:a9:f4:af:3b:0f:21:
90:0f:28:03:2d:b0:f2:e8:9d:98:63:4a:c0:6d:05:
4a:93:f5:6e:12:e5:06:76:c0:40:12:bf:78:8d:df:
6d:90:37:51:7d:da:38:71:9a:bd:c9:de:3b:71:b5:
fd:52:d8:04:95:1d:1c:7f:a8:7f:5f:14:a4:19:c5:
cf:e3:e2:13:bc:40:40:1d:f7:78:5b:8c:33:d0:61:
0e:40:8e:0b:4f:8c:8a:9f:c0:52:a1:46:49:c7:4e:
fa:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:12:0A:E8:F4:F9:AA:F3:3D:C2:59:7A:3C:EE:8C:47:4F:3F:C7:DC
X509v3 Authority Key Identifier:
keyid:D1:16:83:5D:03:77:86:62:0A:9E:9F:7A:0E:36:04:98:BB:65:41:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0RaDXQN3hmIKnp96DjYEmLtlQSc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/f507cb-7371-4ad1-b7e3-16a7d60d5bea/1/KBIK6PT5qvM9wll6PO6MR08_x9w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/f507cb-7371-4ad1-b7e3-16a7d60d5bea/1/0RaDXQN3hmIKnp96DjYEmLtlQSc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:274::/48
Signature Algorithm: sha256WithRSAEncryption
47:bc:57:f9:2c:19:c6:0c:2e:33:1b:0e:0e:32:61:06:cb:35:
38:cf:e6:4f:4d:20:5d:58:07:d5:79:07:56:5f:95:a6:23:cf:
5b:75:51:ba:96:d7:7c:b2:dc:6d:cc:94:b9:b3:9d:16:b4:7a:
c7:d0:32:d3:85:06:6b:ea:6b:4c:a4:22:7d:ae:e2:1e:9b:4e:
fa:c2:5a:5f:84:ae:0f:7d:c2:86:bf:21:bb:ce:06:28:f0:9c:
9d:15:29:8a:4c:c3:5d:c7:f4:df:e7:18:54:6b:3b:1b:64:32:
68:83:ba:60:29:5d:32:fe:e9:ca:54:cb:8d:8e:dd:c3:9b:42:
25:1d:c1:e9:a2:b3:f0:b7:ea:56:6d:8d:2b:f7:32:a4:36:20:
f4:2d:c2:b8:af:b0:f5:ef:00:6c:25:54:b1:c3:0e:91:b8:23:
81:ae:1f:a8:48:11:82:3b:70:59:1e:2b:62:27:5d:63:33:89:
94:fd:c6:66:f1:d6:bb:ac:6d:3a:71:a8:53:3d:4f:af:36:06:
c8:b3:f1:95:9b:d8:3b:bf:53:e3:01:d0:76:74:3e:28:66:b5:
a8:6e:86:29:13:9f:a1:f7:25:dd:af:00:53:c2:aa:b5:d0:ba:
0b:8d:3e:d8:dc:ca:f3:a6:7e:05:55:c3:cf:07:44:fa:69:2a:
d3:a6:0f:4b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZG7hQTdA17v0JuVoGPu7BxBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxMTY4MzVkMDM3Nzg2NjIwYTllOWY3YTBlMzYwNDk4YmI2
NTQxMjcwHhcNMjQwOTA0MDUzMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODEyMGFlOGY0ZjlhYWYzM2RjMjU5N2EzY2VlOGM0NzRmM2ZjN2RjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0HY4w+cds4fvUaOe4xq3tnY4XpPd
fsE5WdYJx+8Z933ndpyJky3Y2u58Ct+VCQUFi3WKYTCzBIJu3aC34/0u7S/HN6pR
VHUNwk/P8PMk1bb+xvK5QD7ruptsdaeeGXQaVFbyIZXqjghBQQxSFl1PjiT/K8HX
8lqSPmFrd+hK9QFe2/FJd9sIYlAHhVcoSIFGZAOZwKc8BgqeKwyJmDep9K87DyGQ
DygDLbDy6J2YY0rAbQVKk/VuEuUGdsBAEr94jd9tkDdRfdo4cZq9yd47cbX9UtgE
lR0cf6h/XxSkGcXP4+ITvEBAHfd4W4wz0GEOQI4LT4yKn8BSoUZJx076BwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCgSCuj0+arzPcJZejzujEdPP8fcMB8GA1UdIwQY
MBaAFNEWg10Dd4ZiCp6feg42BJi7ZUEnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMFJhRFhRTjNobUlLbnA5NkRqWUVtTHRsUVNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9mNTA3Y2ItNzM3MS00YWQxLWI3ZTMt
MTZhN2Q2MGQ1YmVhLzEvS0JJSzZQVDVxdk05d2xsNlBPNk1SMDhfeDl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9mNTA3Y2ItNzM3MS00YWQxLWI3ZTMtMTZhN2Q2MGQ1YmVh
LzEvMFJhRFhRTjNobUlLbnA5NkRqWUVtTHRsUVNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAJ0
MA0GCSqGSIb3DQEBCwUAA4IBAQBHvFf5LBnGDC4zGw4OMmEGyzU4z+ZPTSBdWAfV
eQdWX5WmI89bdVG6ltd8stxtzJS5s50WtHrH0DLThQZr6mtMpCJ9ruIem076wlpf
hK4PfcKGvyG7zgYo8JydFSmKTMNdx/Tf5xhUazsbZDJog7pgKV0y/unKVMuNjt3D
m0IlHcHporPwt+pWbY0r9zKkNiD0LcK4r7D17wBsJVSxww6RuCOBrh+oSBGCO3BZ
HitiJ11jM4mU/cZm8da7rG06cahTPU+vNgbIs/GVm9g7v1PjAdB2dD4oZrWoboYp
E5+h9yXdrwBTwqq10LoLjT7Y3Mrzpn4FVcPPB0T6aSrTpg9L
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:44:52 2025 by rpki-client