Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/KNDqND3lKR04bywRjGj2XsDbiCo.roa
File: KNDqND3lKR04bywRjGj2XsDbiCo.roa (raw, json)
Hash identifier: gsYYo3wiXtKotfe7sPigiKLHnLqOJeyS10xy7QzGZOQ=
Subject key identifier: 28:D0:EA:34:3D:E5:29:1D:38:6F:2C:11:8C:68:F6:5E:C0:DB:88:2A
Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Certificate serial: 01870AE1D50C8446E2E59C341B368C51CAEE
Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/KNDqND3lKR04bywRjGj2XsDbiCo.roa
Signing time: Wed 22 Mar 2023 19:53:04 +0000
ROA not before: Wed 22 Mar 2023 19:53:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41108
IP address blocks: 2a12:bec0:240::/44 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:29:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:0a:e1:d5:0c:84:46:e2:e5:9c:34:1b:36:8c:51:ca:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Validity
Not Before: Mar 22 19:53:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=28d0ea343de5291d386f2c118c68f65ec0db882a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:6a:4a:53:8e:48:1c:e1:eb:91:4f:d6:76:37:
92:1f:1e:c8:21:6b:2b:30:98:59:f8:4b:98:24:6b:
3b:bd:61:12:93:12:57:fe:6a:c1:3d:e4:e6:11:d7:
4b:db:58:5d:82:32:19:45:7d:fc:6f:d9:40:f4:9d:
12:66:9a:43:a0:6f:08:dd:01:33:ba:1c:bc:4b:1f:
25:24:f4:f0:53:a1:d6:fa:25:70:3b:d5:bc:7d:14:
9e:8b:3c:ae:84:c6:d9:5c:11:2d:8e:6e:df:54:06:
25:42:96:79:94:ca:d9:51:96:d3:c0:15:f6:46:9d:
b1:ea:b3:9d:81:aa:c5:83:b4:1f:e0:0e:42:fa:c3:
7f:75:bc:dc:e5:ef:7f:ac:a9:3b:c5:cf:3b:38:ec:
53:71:c5:a7:87:ae:05:2a:eb:a3:b0:fb:9f:be:35:
79:c4:cd:b0:a7:12:4a:66:0a:46:f2:f7:9e:43:4d:
dd:72:ae:68:d0:17:4e:35:63:98:9b:5e:70:6d:7b:
13:44:ee:d5:46:f4:6b:69:da:86:25:d6:a0:a8:bb:
2a:d3:f5:14:08:b7:d2:3b:02:7f:e7:f3:93:98:ee:
8e:45:11:a7:0c:07:5d:6d:ef:47:88:b1:2a:31:76:
6a:7f:e1:31:1d:42:f9:45:51:10:c3:59:09:04:0b:
76:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:D0:EA:34:3D:E5:29:1D:38:6F:2C:11:8C:68:F6:5E:C0:DB:88:2A
X509v3 Authority Key Identifier:
keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/KNDqND3lKR04bywRjGj2XsDbiCo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:bec0:240::/44
Signature Algorithm: sha256WithRSAEncryption
9b:4a:91:73:8c:8d:90:68:71:4a:12:85:55:3c:9b:2a:eb:85:
01:6c:9a:40:28:4d:30:60:a9:7b:97:99:e3:23:43:0f:0a:50:
fb:52:72:52:ef:99:38:28:25:78:a3:1b:78:8d:91:97:3b:95:
75:91:f5:88:01:91:74:8b:4b:40:c2:11:dd:70:09:11:0a:21:
ce:df:14:45:46:d9:35:67:2c:f4:31:8f:0b:89:ea:79:76:8c:
96:2f:66:36:21:2a:ec:a9:9c:08:bf:c2:b1:86:0b:ec:3e:7f:
81:f3:3e:a1:3a:3d:38:f5:a6:7f:9f:b4:6e:c8:df:a4:be:18:
d6:6f:e6:26:e5:51:cb:62:f8:45:60:d0:d8:fe:51:95:3f:fd:
5a:9d:5e:7d:13:73:5b:f3:3c:6d:f3:a1:c4:b3:ce:b8:17:8a:
20:2d:17:32:45:5b:a1:68:4e:e2:6f:5f:69:00:64:38:18:22:
82:9c:6b:06:73:d7:cc:27:46:77:9b:7b:72:4f:60:5e:ff:ce:
24:42:a0:42:b9:aa:95:b1:11:8f:f5:c7:a9:ca:42:d4:0a:af:
07:57:bb:4e:4c:0d:95:47:a5:a0:43:cc:df:be:02:5c:38:5e:
ee:31:2d:d0:bb:d9:26:ee:6d:16:71:98:d3:a1:3e:05:b3:be:
f8:34:17:e4
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYcK4dUMhEbi5Zw0GzaMUcruMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj
M2Q2NmYwHhcNMjMwMzIyMTk1MzA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGQwZWEzNDNkZTUyOTFkMzg2ZjJjMTE4YzY4ZjY1ZWMwZGI4ODJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjGpKU45IHOHrkU/WdjeSHx7IIWsr
MJhZ+EuYJGs7vWESkxJX/mrBPeTmEddL21hdgjIZRX38b9lA9J0SZppDoG8I3QEz
uhy8Sx8lJPTwU6HW+iVwO9W8fRSeizyuhMbZXBEtjm7fVAYlQpZ5lMrZUZbTwBX2
Rp2x6rOdgarFg7Qf4A5C+sN/dbzc5e9/rKk7xc87OOxTccWnh64FKuujsPufvjV5
xM2wpxJKZgpG8veeQ03dcq5o0BdONWOYm15wbXsTRO7VRvRradqGJdagqLsq0/UU
CLfSOwJ/5/OTmO6ORRGnDAddbe9HiLEqMXZqf+ExHUL5RVEQw1kJBAt2pwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCjQ6jQ95SkdOG8sEYxo9l7A24gqMB8GA1UdIwQY
MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt
NTUzNjljZjUwN2VlLzEvS05EcU5EM2xLUjA0Ynl3UmpHajJYc0RiaUNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl
LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhK+wAJA
MA0GCSqGSIb3DQEBCwUAA4IBAQCbSpFzjI2QaHFKEoVVPJsq64UBbJpAKE0wYKl7
l5njI0MPClD7UnJS75k4KCV4oxt4jZGXO5V1kfWIAZF0i0tAwhHdcAkRCiHO3xRF
Rtk1Zyz0MY8Liep5doyWL2Y2ISrsqZwIv8KxhgvsPn+B8z6hOj049aZ/n7RuyN+k
vhjWb+Ym5VHLYvhFYNDY/lGVP/1anV59E3Nb8zxt86HEs864F4ogLRcyRVuhaE7i
b19pAGQ4GCKCnGsGc9fMJ0Z3m3tyT2Be/84kQqBCuaqVsRGP9cepykLUCq8HV7tO
TA2VR6WgQ8zfvgJcOF7uMS3Qu9km7m0WcZjToT4Fs774NBfk
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:48 2024 by rpki-client on console-fra.rpki-client.org