Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/KMjSLtIgZsc4z9qCHSVmqSgqlXY.roa
File: KMjSLtIgZsc4z9qCHSVmqSgqlXY.roa (raw, json)
Hash identifier: /dXbudrTBhqIgEol3rCYLljLTYY3T45i4Xm0DdfFDK8=
Subject key identifier: 28:C8:D2:2E:D2:20:66:C7:38:CF:DA:82:1D:25:66:A9:28:2A:95:76
Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Certificate serial: 0187371597B431F26EC2ADA0D92DBF17C15D
Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/KMjSLtIgZsc4z9qCHSVmqSgqlXY.roa
Signing time: Fri 31 Mar 2023 09:52:54 +0000
ROA not before: Fri 31 Mar 2023 09:52:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199030
IP address blocks: 2a12:bec0:1e0::/44 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:29:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:37:15:97:b4:31:f2:6e:c2:ad:a0:d9:2d:bf:17:c1:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Validity
Not Before: Mar 31 09:52:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=28c8d22ed22066c738cfda821d2566a9282a9576
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:07:77:79:97:c8:72:af:45:38:a7:76:2b:52:
60:9a:b2:96:a5:c5:8d:95:b7:8f:fd:10:4d:aa:c3:
22:84:f9:b8:cb:06:66:e5:e2:ca:c3:81:3d:b9:b4:
bc:6b:2f:f7:38:4c:52:d9:ed:35:8f:0c:f9:99:e7:
8e:b3:27:28:d8:b7:d6:33:23:21:8b:ff:51:81:9d:
24:1b:2f:eb:52:98:1f:f3:a5:d8:7b:0b:3f:47:79:
16:b5:fd:e0:d2:20:0f:3f:21:5d:e6:a0:7b:45:38:
c2:82:67:24:f3:e0:e0:ac:de:e2:3b:66:6b:94:f0:
70:52:ab:af:e9:74:47:06:83:65:5c:6e:e2:e3:7e:
df:eb:4b:4c:ed:a0:71:14:ac:a3:09:80:2b:42:85:
ca:c6:d7:7e:cf:a5:0d:0e:1e:80:bd:3c:45:9e:a8:
3e:f5:fe:3d:d4:99:4d:6b:5b:cb:e4:f4:37:df:f5:
7c:8c:bc:ed:f6:ce:65:43:79:18:db:d1:87:5a:fb:
7d:3c:f5:54:af:bf:0a:e3:70:aa:49:cf:1b:8e:f6:
df:2d:c2:6a:be:3f:54:1d:88:74:79:94:ee:7d:84:
4a:9b:da:2e:5a:dd:31:12:a3:c1:cc:81:01:6e:22:
25:2e:01:e9:2e:6f:7c:07:1d:0e:12:54:5e:1f:da:
cf:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:C8:D2:2E:D2:20:66:C7:38:CF:DA:82:1D:25:66:A9:28:2A:95:76
X509v3 Authority Key Identifier:
keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/KMjSLtIgZsc4z9qCHSVmqSgqlXY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:bec0:1e0::/44
Signature Algorithm: sha256WithRSAEncryption
b6:0f:90:ad:57:ed:71:53:43:07:d4:c4:21:e0:ed:3c:7a:fe:
e8:fe:92:69:a3:2a:c0:fe:45:ea:08:00:b6:84:ff:80:6a:40:
62:00:e4:f4:0b:d8:c9:c1:fd:26:38:43:fb:1a:ae:5d:1f:54:
5a:20:6b:32:77:ec:15:43:af:af:11:21:ca:44:08:49:3a:66:
d5:72:0d:48:44:a4:e6:d9:37:6b:f9:c2:14:80:03:52:52:46:
31:dc:a7:56:3b:61:f3:bb:66:31:07:af:c0:17:6e:57:f0:d7:
f4:54:e0:07:d2:68:1b:c8:1c:88:4d:15:63:40:9e:e3:d3:f5:
2f:4b:71:c9:b8:d3:e6:72:d7:2c:41:c6:ae:0e:b3:11:a4:a1:
10:47:3d:93:eb:b3:ac:98:4f:5e:b6:c8:72:9b:1f:77:f6:22:
58:42:a1:ce:37:98:1e:68:00:c3:06:0c:11:3a:7d:88:02:5f:
ec:be:61:39:5e:3e:36:c6:31:4a:57:ab:84:1d:ba:0e:d8:a6:
2e:15:9b:80:29:16:b1:0a:87:61:c8:c5:36:a0:7d:c6:16:f0:
61:93:63:b0:b1:09:12:43:eb:24:09:62:ca:b1:18:df:80:75:
97:29:8b:8d:11:99:1d:68:e4:a4:e9:24:a6:51:99:a8:dc:b3:
a4:ca:d2:64
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYc3FZe0MfJuwq2g2S2/F8FdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj
M2Q2NmYwHhcNMjMwMzMxMDk1MjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGM4ZDIyZWQyMjA2NmM3MzhjZmRhODIxZDI1NjZhOTI4MmE5NTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuQd3eZfIcq9FOKd2K1JgmrKWpcWN
lbeP/RBNqsMihPm4ywZm5eLKw4E9ubS8ay/3OExS2e01jwz5meeOsyco2LfWMyMh
i/9RgZ0kGy/rUpgf86XYews/R3kWtf3g0iAPPyFd5qB7RTjCgmck8+DgrN7iO2Zr
lPBwUquv6XRHBoNlXG7i437f60tM7aBxFKyjCYArQoXKxtd+z6UNDh6AvTxFnqg+
9f491JlNa1vL5PQ33/V8jLzt9s5lQ3kY29GHWvt9PPVUr78K43CqSc8bjvbfLcJq
vj9UHYh0eZTufYRKm9ouWt0xEqPBzIEBbiIlLgHpLm98Bx0OElReH9rPtwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCjI0i7SIGbHOM/agh0lZqkoKpV2MB8GA1UdIwQY
MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt
NTUzNjljZjUwN2VlLzEvS01qU0x0SWdac2M0ejlxQ0hTVm1xU2dxbFhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl
LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhK+wAHg
MA0GCSqGSIb3DQEBCwUAA4IBAQC2D5CtV+1xU0MH1MQh4O08ev7o/pJpoyrA/kXq
CAC2hP+AakBiAOT0C9jJwf0mOEP7Gq5dH1RaIGsyd+wVQ6+vESHKRAhJOmbVcg1I
RKTm2Tdr+cIUgANSUkYx3KdWO2Hzu2YxB6/AF25X8Nf0VOAH0mgbyByITRVjQJ7j
0/UvS3HJuNPmctcsQcauDrMRpKEQRz2T67OsmE9etshymx939iJYQqHON5geaADD
BgwROn2IAl/svmE5Xj42xjFKV6uEHboO2KYuFZuAKRaxCodhyMU2oH3GFvBhk2Ow
sQkSQ+skCWLKsRjfgHWXKYuNEZkdaOSk6SSmUZmo3LOkytJk
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:48 2024 by rpki-client on console-fra.rpki-client.org