Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/KYY_jCweBpvxh4fdTWhZuHCTAFQ.roa
File: KYY_jCweBpvxh4fdTWhZuHCTAFQ.roa (raw, json)
Hash identifier: GqTvAiUSeP4RCmJuoSseaepz9pYXzeDrj2mkvMuKK8Y=
Subject key identifier: 29:86:3F:8C:2C:1E:06:9B:F1:87:87:DD:4D:68:59:B8:70:93:00:54
Certificate issuer: /CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Certificate serial: 01856F2FEB032CA39D514EAAA851391FB791
Authority key identifier: 93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/KYY_jCweBpvxh4fdTWhZuHCTAFQ.roa
Signing time: Sun 01 Jan 2023 21:14:49 +0000
ROA not before: Sun 01 Jan 2023 21:14:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203899
IP address blocks: 2a0e:aa07:e042::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:2f:eb:03:2c:a3:9d:51:4e:aa:a8:51:39:1f:b7:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Validity
Not Before: Jan 1 21:14:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=29863f8c2c1e069bf18787dd4d6859b870930054
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:6b:9b:0b:09:a6:3b:e0:2d:02:82:92:60:03:
54:51:a7:3d:8a:f1:3e:87:d8:06:d0:3a:9b:7c:3b:
6c:be:23:10:f6:23:3a:cc:d6:f9:06:6d:b5:94:3d:
cc:37:4b:28:45:fe:09:0f:5e:c6:e8:9a:d9:b1:f2:
d5:47:e6:2c:7c:a5:fd:c8:1e:0e:4f:fb:cb:1e:12:
2d:8a:ee:ce:07:01:31:74:6d:7f:00:67:b8:9f:80:
c2:09:ca:17:e3:3b:cd:01:e5:02:67:a0:7f:4f:67:
89:02:d6:af:2e:2e:b6:82:70:27:ab:95:13:b7:be:
aa:11:2b:b7:c0:4f:fe:51:dc:b5:59:db:aa:53:b1:
ce:a3:08:36:fa:21:52:4c:1c:b4:a1:8c:31:da:7a:
21:7e:18:45:6c:89:b4:91:4b:ef:a4:4e:74:74:12:
93:42:63:2a:00:0d:d2:43:ce:f7:b6:35:d4:31:3a:
6f:57:3d:ad:93:6d:33:41:62:b9:e0:93:4d:da:6c:
31:47:21:2d:6d:65:d0:9c:b7:82:f5:30:a4:20:59:
0e:98:6c:66:01:08:39:1d:6e:f6:65:43:dd:fa:f3:
41:f0:49:75:f3:32:d9:25:21:67:ee:9f:72:ed:25:
28:7e:d5:eb:24:1e:fb:48:30:e7:bf:45:09:ec:1a:
cf:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:86:3F:8C:2C:1E:06:9B:F1:87:87:DD:4D:68:59:B8:70:93:00:54
X509v3 Authority Key Identifier:
keyid:93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/KYY_jCweBpvxh4fdTWhZuHCTAFQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:aa07:e042::/48
Signature Algorithm: sha256WithRSAEncryption
0d:fc:af:4d:9b:89:1e:d2:86:d3:d5:f3:f8:9b:0a:2e:7f:ca:
75:1a:5c:db:66:13:bb:b6:9e:38:92:9b:0c:cd:3c:90:84:00:
0d:2d:ea:87:37:20:61:44:5b:fb:8c:fd:a0:a7:e7:b8:2d:81:
7b:31:46:27:aa:88:10:e0:45:fb:3c:a2:c0:3d:52:eb:03:d1:
9c:4c:1a:c4:db:04:28:df:07:ab:07:13:b6:1c:b4:de:33:29:
f3:40:c7:be:35:22:41:36:4d:31:cf:ac:7c:f5:3a:a5:f8:44:
8a:85:5c:ec:bd:dc:95:ab:ba:aa:da:d2:a9:d3:e0:d4:54:32:
6b:b0:2c:de:26:68:aa:9a:0d:02:03:18:6f:57:76:ec:2e:27:
f4:df:20:5e:b9:ac:76:cc:0e:48:b6:1a:ae:14:d7:66:75:c9:
28:e8:05:07:a0:99:23:c5:e9:0a:41:b9:03:aa:d3:90:a4:97:
ce:14:4e:6a:2b:f5:8e:1a:b6:0f:99:84:f6:62:68:e7:54:f9:
d3:85:5b:f2:23:23:a6:cc:0d:44:b9:f5:ee:8f:7e:58:a8:fe:
b1:b9:85:84:9f:75:de:3e:71:7a:5e:29:4b:2d:9b:7f:b2:2a:
a1:be:a5:4c:a6:91:fa:b5:f8:80:46:c2:92:e7:25:ac:45:90:
6d:ce:59:16
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvL+sDLKOdUU6qqFE5H7eRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjFiNWNkNjk2ODI1Yjc0ZmNjYmE3ZDk3YzNkMGEyNzI0
ZWYzYWEwHhcNMjMwMTAxMjExNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTg2M2Y4YzJjMWUwNjliZjE4Nzg3ZGQ0ZDY4NTliODcwOTMwMDU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm2ubCwmmO+AtAoKSYANUUac9ivE+
h9gG0DqbfDtsviMQ9iM6zNb5Bm21lD3MN0soRf4JD17G6JrZsfLVR+YsfKX9yB4O
T/vLHhItiu7OBwExdG1/AGe4n4DCCcoX4zvNAeUCZ6B/T2eJAtavLi62gnAnq5UT
t76qESu3wE/+Udy1WduqU7HOowg2+iFSTBy0oYwx2nohfhhFbIm0kUvvpE50dBKT
QmMqAA3SQ873tjXUMTpvVz2tk20zQWK54JNN2mwxRyEtbWXQnLeC9TCkIFkOmGxm
AQg5HW72ZUPd+vNB8El18zLZJSFn7p9y7SUoftXrJB77SDDnv0UJ7BrPswIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCmGP4wsHgab8YeH3U1oWbhwkwBUMB8GA1UdIwQY
MBaAFJNhtc1paCW3T8y6fZfD0KJyTvOqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEt
YTU0MWQxYmNlZTE5LzEvS1lZX2pDd2VCcHZ4aDRmZFRXaFp1SENUQUZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEtYTU0MWQxYmNlZTE5
LzEvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6qB+BC
MA0GCSqGSIb3DQEBCwUAA4IBAQAN/K9Nm4ke0obT1fP4mwouf8p1GlzbZhO7tp44
kpsMzTyQhAANLeqHNyBhRFv7jP2gp+e4LYF7MUYnqogQ4EX7PKLAPVLrA9GcTBrE
2wQo3werBxO2HLTeMynzQMe+NSJBNk0xz6x89Tql+ESKhVzsvdyVq7qq2tKp0+DU
VDJrsCzeJmiqmg0CAxhvV3bsLif03yBeuax2zA5IthquFNdmdcko6AUHoJkjxekK
QbkDqtOQpJfOFE5qK/WOGrYPmYT2YmjnVPnThVvyIyOmzA1EufXuj35YqP6xuYWE
n3XePnF6XilLLZt/siqhvqVMppH6tfiARsKS5yWsRZBtzlkW
-----END CERTIFICATE-----
Generated at Mon Jan 1 02:54:03 2024 by rpki-client on console-ams.rpki-client.org