Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/16b7b4-bb21-4b3e-aeb4-b27ca291bd77/1/KngMaIMpH9vU7rpYPWo_a3O-KWA.roa
File: KngMaIMpH9vU7rpYPWo_a3O-KWA.roa (raw, json)
Hash identifier: gFBFPFPIcMkOqKabFUbRmNUCLxmb0x4iurpPx+h/j9k=
Subject key identifier: 2A:78:0C:68:83:29:1F:DB:D4:EE:BA:58:3D:6A:3F:6B:73:BE:29:60
Certificate issuer: /CN=b817162877da9f4030bbcb9fe8ac143e6ab2871b
Certificate serial: 018571276E497326BAD36C67EC838ECEDFCF
Authority key identifier: B8:17:16:28:77:DA:9F:40:30:BB:CB:9F:E8:AC:14:3E:6A:B2:87:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uBcWKHfan0Awu8uf6KwUPmqyhxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/16b7b4-bb21-4b3e-aeb4-b27ca291bd77/1/KngMaIMpH9vU7rpYPWo_a3O-KWA.roa
Signing time: Mon 02 Jan 2023 06:24:47 +0000
ROA not before: Mon 02 Jan 2023 06:24:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 64484
IP address blocks: 2a0e:1e40:1::/48 maxlen: 48
2a0e:1e40:c::/48 maxlen: 48
2a0e:1e40::/29 maxlen: 29
2a0e:1e40::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:27:6e:49:73:26:ba:d3:6c:67:ec:83:8e:ce:df:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b817162877da9f4030bbcb9fe8ac143e6ab2871b
Validity
Not Before: Jan 2 06:24:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a780c6883291fdbd4eeba583d6a3f6b73be2960
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:4a:bd:bc:dd:1f:6d:be:1e:c3:f5:c1:0c:6a:
0c:28:59:70:39:b5:76:9a:df:3d:7a:af:19:cf:d8:
51:d4:5f:ed:e5:18:75:82:f7:b2:c7:9b:a8:a1:36:
17:96:7e:9c:27:10:c6:6e:11:a7:8f:2b:5f:10:93:
e9:dd:d2:c4:71:a4:39:e7:39:4f:c5:2c:a9:e4:aa:
15:b8:1f:2d:65:e5:98:ca:35:ff:8c:92:96:5c:c9:
9d:7b:ae:38:ad:cd:58:2d:8c:b8:99:39:e8:de:50:
c2:84:54:51:0a:1c:ea:22:1e:27:d9:f7:b1:e3:dd:
0c:6e:ef:08:c3:a8:76:45:d6:3c:d2:16:55:d0:4b:
f8:4c:65:4c:a7:b9:42:ec:96:f1:bb:16:c8:4a:ff:
d8:48:30:10:d2:3f:5e:74:f9:51:9d:64:05:6f:0a:
9f:d3:66:62:db:81:06:16:3c:ad:f5:43:c3:da:e8:
20:8a:ce:76:cc:24:07:37:12:e5:ca:0a:13:8e:52:
84:e7:66:d3:fa:a9:80:32:9a:63:f4:7a:5e:27:e5:
69:0e:19:f8:6b:90:bb:2b:b0:9e:a5:6b:6e:d0:d9:
3c:ca:b8:47:34:a8:9f:51:79:fd:3f:94:6d:b2:9c:
f3:f5:fc:79:fc:3d:1e:3f:5d:f3:a3:b6:e9:4b:84:
1a:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:78:0C:68:83:29:1F:DB:D4:EE:BA:58:3D:6A:3F:6B:73:BE:29:60
X509v3 Authority Key Identifier:
keyid:B8:17:16:28:77:DA:9F:40:30:BB:CB:9F:E8:AC:14:3E:6A:B2:87:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uBcWKHfan0Awu8uf6KwUPmqyhxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/16b7b4-bb21-4b3e-aeb4-b27ca291bd77/1/KngMaIMpH9vU7rpYPWo_a3O-KWA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/16b7b4-bb21-4b3e-aeb4-b27ca291bd77/1/uBcWKHfan0Awu8uf6KwUPmqyhxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:1e40::/29
Signature Algorithm: sha256WithRSAEncryption
25:61:33:ee:d4:43:d5:cb:b3:7d:90:99:30:f0:1c:84:7e:87:
4e:ea:b5:1b:a0:56:7f:30:59:bb:b9:11:13:2f:e0:1c:17:71:
c0:58:01:6e:f9:2a:ee:ac:1a:bb:df:b7:a7:1c:19:6b:00:70:
d3:45:9d:4f:bf:e9:e0:6a:75:08:ff:7c:70:85:e9:13:0e:19:
72:05:72:cc:70:ef:00:6e:85:6a:6c:49:73:f2:ab:6b:2f:f6:
41:5d:02:91:21:c1:3e:84:7e:13:e3:63:13:29:db:68:47:bc:
c8:ce:78:43:d6:ec:10:dc:cd:0a:5a:d0:9b:1d:3c:36:cd:a0:
18:e5:af:1b:50:17:69:69:de:32:36:d4:32:e5:c5:b2:db:77:
41:ed:3c:28:bb:df:b4:d9:e5:3d:1e:93:6e:15:b3:f2:0c:73:
0c:b3:25:62:a7:cf:c6:a4:91:7e:5b:ce:19:f8:76:a5:27:5f:
c8:ea:52:1c:d5:ba:dc:76:39:10:7d:4f:04:00:db:f3:1c:ff:
a1:ac:fb:b1:76:59:bf:00:6c:2c:2f:0f:0f:84:28:fc:76:c9:
ef:ed:90:b1:6f:d7:0d:14:01:ca:46:03:2d:09:cd:96:f8:c5:
c9:86:04:b5:cc:35:de:da:c0:e0:cf:5f:71:e0:9c:41:da:63:
bb:5d:97:76
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVxJ25Jcya602xn7IOOzt/PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4MTcxNjI4NzdkYTlmNDAzMGJiY2I5ZmU4YWMxNDNlNmFi
Mjg3MWIwHhcNMjMwMTAyMDYyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTc4MGM2ODgzMjkxZmRiZDRlZWJhNTgzZDZhM2Y2YjczYmUyOTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx0q9vN0fbb4ew/XBDGoMKFlwObV2
mt89eq8Zz9hR1F/t5Rh1gveyx5uooTYXln6cJxDGbhGnjytfEJPp3dLEcaQ55zlP
xSyp5KoVuB8tZeWYyjX/jJKWXMmde644rc1YLYy4mTno3lDChFRRChzqIh4n2fex
490Mbu8Iw6h2RdY80hZV0Ev4TGVMp7lC7JbxuxbISv/YSDAQ0j9edPlRnWQFbwqf
02Zi24EGFjyt9UPD2uggis52zCQHNxLlygoTjlKE52bT+qmAMppj9HpeJ+VpDhn4
a5C7K7CepWtu0Nk8yrhHNKifUXn9P5Rtspzz9fx5/D0eP13zo7bpS4QapQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFCp4DGiDKR/b1O66WD1qP2tzvilgMB8GA1UdIwQY
MBaAFLgXFih32p9AMLvLn+isFD5qsocbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUJjV0tIZmFuMEF3dTh1ZjZLd1VQbXF5aHhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS8xNmI3YjQtYmIyMS00YjNlLWFlYjQt
YjI3Y2EyOTFiZDc3LzEvS25nTWFJTXBIOXZVN3JwWVBXb19hM08tS1dBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS8xNmI3YjQtYmIyMS00YjNlLWFlYjQtYjI3Y2EyOTFiZDc3
LzEvdUJjV0tIZmFuMEF3dTh1ZjZLd1VQbXF5aHhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg4eQDAN
BgkqhkiG9w0BAQsFAAOCAQEAJWEz7tRD1cuzfZCZMPAchH6HTuq1G6BWfzBZu7kR
Ey/gHBdxwFgBbvkq7qwau9+3pxwZawBw00WdT7/p4Gp1CP98cIXpEw4ZcgVyzHDv
AG6FamxJc/Kray/2QV0CkSHBPoR+E+NjEynbaEe8yM54Q9bsENzNClrQmx08Ns2g
GOWvG1AXaWneMjbUMuXFstt3Qe08KLvftNnlPR6TbhWz8gxzDLMlYqfPxqSRflvO
Gfh2pSdfyOpSHNW63HY5EH1PBADb8xz/oaz7sXZZvwBsLC8PD4Qo/HbJ7+2QsW/X
DRQBykYDLQnNlvjFyYYEtcw13trA4M9fceCcQdpju12Xdg==
-----END CERTIFICATE-----
Generated at Wed Dec 20 00:13:02 2023 by rpki-client on console-fra.rpki-client.org