Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/KPSp8Yie6mxF_PB5f9gbsOGVRJ0.roa
File: KPSp8Yie6mxF_PB5f9gbsOGVRJ0.roa (raw, json)
Hash identifier: CAfcPeif6WMcTCnuEza14XqdbO4HxP1hG8fzfej6Gc4=
Subject key identifier: 28:F4:A9:F1:88:9E:EA:6C:45:FC:F0:79:7F:D8:1B:B0:E1:95:44:9D
Certificate issuer: /CN=b0f619ef200840dfa8fd43567c7a978c15312d7f
Certificate serial: 018CF5B889436068045ED1E3F19B4D793DCA
Authority key identifier: B0:F6:19:EF:20:08:40:DF:A8:FD:43:56:7C:7A:97:8C:15:31:2D:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sPYZ7yAIQN-o_UNWfHqXjBUxLX8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/KPSp8Yie6mxF_PB5f9gbsOGVRJ0.roa
Signing time: Wed 10 Jan 2024 23:32:40 +0000
ROA not before: Wed 10 Jan 2024 23:32:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56534
IP address blocks: 2a12:1807::/32 maxlen: 32
2a11:f185::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 13 Mar 2024 14:42:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f5:b8:89:43:60:68:04:5e:d1:e3:f1:9b:4d:79:3d:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0f619ef200840dfa8fd43567c7a978c15312d7f
Validity
Not Before: Jan 10 23:32:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=28f4a9f1889eea6c45fcf0797fd81bb0e195449d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:af:ee:b4:0e:68:7d:b8:44:ce:07:a8:58:7f:
b4:48:63:c0:3a:3b:b6:17:2d:9e:8d:5a:f8:83:d2:
e9:62:10:b5:26:97:a0:22:d4:b2:55:a7:34:d6:c4:
b3:ec:c6:fc:71:01:83:7f:51:d8:50:b5:74:50:05:
02:a8:ed:29:ac:19:a8:75:b8:af:a6:8c:4e:7c:30:
24:bc:e5:5b:bf:2c:92:da:bb:50:e4:3b:3e:4a:3c:
f6:f4:c0:d1:7c:83:79:54:f2:bd:97:64:17:6c:8a:
02:01:29:f3:f0:3a:6b:47:fd:37:09:44:cf:2e:b3:
2f:dc:8e:51:3e:fc:97:24:fe:8f:9f:b0:02:ea:dc:
b9:e8:31:21:25:bd:52:8d:54:79:2d:c2:75:32:61:
e2:2f:9a:f6:92:59:b0:fb:a4:97:64:ea:4c:f2:32:
14:99:de:c6:de:d1:8b:a2:52:dc:85:25:b1:8b:20:
e8:5d:d3:b1:28:7b:da:6f:17:5d:83:85:53:00:ab:
50:29:be:e9:6a:b2:7e:c3:41:a9:9c:02:a0:98:a6:
df:8d:45:9d:dc:ba:77:e1:6d:f5:b4:a8:f9:64:ea:
6d:b1:7f:a8:c3:89:0e:10:22:3f:a2:10:d8:24:dc:
40:1f:7e:0a:54:fd:7c:e6:e0:82:81:0d:bc:b1:97:
5f:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:F4:A9:F1:88:9E:EA:6C:45:FC:F0:79:7F:D8:1B:B0:E1:95:44:9D
X509v3 Authority Key Identifier:
keyid:B0:F6:19:EF:20:08:40:DF:A8:FD:43:56:7C:7A:97:8C:15:31:2D:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sPYZ7yAIQN-o_UNWfHqXjBUxLX8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/KPSp8Yie6mxF_PB5f9gbsOGVRJ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/sPYZ7yAIQN-o_UNWfHqXjBUxLX8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:f185::/32
2a12:1807::/32
Signature Algorithm: sha256WithRSAEncryption
3d:60:16:14:ed:84:46:00:a3:87:9f:92:98:c9:36:39:65:c1:
e4:32:26:e5:e2:9c:ef:6f:a8:a1:33:3a:4b:bc:00:d0:c6:74:
53:21:18:a2:a0:11:58:d5:38:fb:fa:48:85:e9:d8:ee:42:f2:
59:8e:35:9d:de:13:1e:d1:32:50:e5:9f:2c:b7:0c:ad:19:fa:
be:20:7b:d2:c4:bf:5b:d1:42:72:70:4d:c4:f2:71:c2:36:85:
44:84:bf:66:98:c0:2d:f9:3c:f8:15:3c:1a:70:be:01:98:68:
e7:eb:69:d0:a7:4b:3c:6a:23:04:65:83:83:8f:74:12:30:4c:
4b:fd:82:b0:19:80:8d:29:b8:37:7d:8f:4c:86:41:c5:05:21:
50:f6:57:fa:af:0f:15:50:24:f2:f3:a8:0a:14:7b:1d:89:db:
cf:ec:67:30:f5:0e:f7:71:75:51:90:8d:09:b7:7e:f2:cd:3e:
3c:2c:9e:a4:81:b2:32:4d:14:35:74:33:7a:cc:c1:a7:db:cf:
b7:d2:72:ac:cf:88:2e:32:f2:a2:73:b7:62:66:98:2a:21:87:
fb:71:3a:1e:30:c3:54:69:ca:63:41:d7:ee:a0:bc:7a:28:09:
be:21:0b:3c:6b:9b:c1:0b:45:b3:04:d6:aa:24:7f:3c:d8:56:
cd:3d:e2:f0
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYz1uIlDYGgEXtHj8ZtNeT3KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwZjYxOWVmMjAwODQwZGZhOGZkNDM1NjdjN2E5NzhjMTUz
MTJkN2YwHhcNMjQwMTEwMjMzMjQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGY0YTlmMTg4OWVlYTZjNDVmY2YwNzk3ZmQ4MWJiMGUxOTU0NDlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkK/utA5ofbhEzgeoWH+0SGPAOju2
Fy2ejVr4g9LpYhC1JpegItSyVac01sSz7Mb8cQGDf1HYULV0UAUCqO0prBmodbiv
poxOfDAkvOVbvyyS2rtQ5Ds+Sjz29MDRfIN5VPK9l2QXbIoCASnz8DprR/03CUTP
LrMv3I5RPvyXJP6Pn7AC6ty56DEhJb1SjVR5LcJ1MmHiL5r2klmw+6SXZOpM8jIU
md7G3tGLolLchSWxiyDoXdOxKHvabxddg4VTAKtQKb7parJ+w0GpnAKgmKbfjUWd
3Lp34W31tKj5ZOptsX+ow4kOECI/ohDYJNxAH34KVP185uCCgQ28sZdfsQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFCj0qfGInupsRfzweX/YG7DhlUSdMB8GA1UdIwQY
MBaAFLD2Ge8gCEDfqP1DVnx6l4wVMS1/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1BZWjd5QUlRTi1vX1VOV2ZIcVhqQlV4TFg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8wZTE4ZDItZDgwYi00YWEwLWFhZWYt
MDY5NjYxNjc1MTA2LzEvS1BTcDhZaWU2bXhGX1BCNWY5Z2JzT0dWUkowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8wZTE4ZDItZDgwYi00YWEwLWFhZWYtMDY5NjYxNjc1MTA2
LzEvc1BZWjd5QUlRTi1vX1VOV2ZIcVhqQlV4TFg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKhHxhQMF
ACoSGAcwDQYJKoZIhvcNAQELBQADggEBAD1gFhTthEYAo4efkpjJNjllweQyJuXi
nO9vqKEzOku8ANDGdFMhGKKgEVjVOPv6SIXp2O5C8lmONZ3eEx7RMlDlnyy3DK0Z
+r4ge9LEv1vRQnJwTcTyccI2hUSEv2aYwC35PPgVPBpwvgGYaOfradCnSzxqIwRl
g4OPdBIwTEv9grAZgI0puDd9j0yGQcUFIVD2V/qvDxVQJPLzqAoUex2J28/sZzD1
DvdxdVGQjQm3fvLNPjwsnqSBsjJNFDV0M3rMwafbz7fScqzPiC4y8qJzt2JmmCoh
h/txOh4ww1RpymNB1+6gvHooCb4hCzxrm8ELRbME1qokfzzYVs094vA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:50 2024 by rpki-client on console-fra.rpki-client.org