Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/kg0T4-lnJIkI1BtAut67_mtYvMg.roa
File: kg0T4-lnJIkI1BtAut67_mtYvMg.roa (raw, json)
Hash identifier: TXxhPwTJhGreH0nspLPoWGjWk4R/ZCOaQEhR+XM9+Zo=
Subject key identifier: 92:0D:13:E3:E9:67:24:89:08:D4:1B:40:BA:DE:BB:FE:6B:58:BC:C8
Certificate issuer: /CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Certificate serial: 018571C32626915F375AEBF8CC72E88D92EC
Authority key identifier: B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/kg0T4-lnJIkI1BtAut67_mtYvMg.roa
Signing time: Mon 02 Jan 2023 09:14:52 +0000
ROA not before: Mon 02 Jan 2023 09:14:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209859
IP address blocks: 2a06:e881:5300::/40 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:c3:26:26:91:5f:37:5a:eb:f8:cc:72:e8:8d:92:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Validity
Not Before: Jan 2 09:14:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=920d13e3e967248908d41b40badebbfe6b58bcc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:3d:d5:c9:85:14:7b:f5:af:6e:dc:d7:86:0b:
a4:4c:6d:cd:33:97:78:d6:ef:a1:e0:8e:c4:33:8d:
aa:89:92:78:ed:9e:33:95:b6:b7:c4:f1:6f:27:0a:
de:bf:fc:dd:9b:44:c6:a2:4d:4d:54:f9:8e:28:38:
c7:47:79:a3:9b:5c:6a:16:72:37:96:c3:0c:29:33:
7b:68:35:33:1c:05:2d:fd:a6:3c:d3:3d:2d:57:f6:
34:72:23:aa:6b:c5:9f:da:7c:4c:70:58:de:72:ed:
a4:76:96:13:a8:19:50:fa:bf:04:55:68:7f:27:d1:
12:07:e6:52:5c:17:cf:27:05:1c:92:4e:60:dd:b5:
37:e3:d7:45:ef:f6:a8:9e:da:e7:4e:22:f2:c9:25:
6e:62:b4:40:6d:97:af:ac:1b:86:34:a7:bc:53:f8:
29:0e:98:07:c9:2d:2c:ea:49:ae:ff:d7:68:ac:41:
67:b1:dd:f9:77:2b:e5:80:fa:d8:f9:58:32:65:55:
fc:e9:46:ca:ec:d6:d0:29:01:f6:1a:41:dd:f9:1b:
d6:24:cb:6c:53:48:d9:c0:be:8a:e7:0e:e2:ef:85:
72:51:fc:88:7a:e0:f4:31:8d:fc:b9:31:c3:dd:53:
72:23:f1:1c:08:aa:1b:42:7e:81:2d:6a:e4:45:49:
60:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:0D:13:E3:E9:67:24:89:08:D4:1B:40:BA:DE:BB:FE:6B:58:BC:C8
X509v3 Authority Key Identifier:
keyid:B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/kg0T4-lnJIkI1BtAut67_mtYvMg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:e881:5300::/40
Signature Algorithm: sha256WithRSAEncryption
70:6a:1e:0d:fa:e9:65:33:38:f2:b9:4c:b4:61:52:d6:c2:da:
ca:c9:6d:eb:51:9b:af:eb:e2:c2:38:a0:b4:e3:05:15:fe:3e:
97:f0:97:fd:d4:cd:9f:85:12:ca:fd:0d:74:bc:ec:b1:aa:b5:
0d:8b:31:c2:3b:3e:56:e3:b0:8f:2a:d1:7e:0a:ad:b1:ce:03:
b1:06:e1:92:ee:9e:bd:ef:1d:c1:1d:7b:a8:5a:af:9d:19:64:
ba:07:f8:45:22:6e:34:f8:67:d5:b4:ca:a5:49:87:0f:86:ab:
42:22:b8:77:76:a2:75:15:a4:50:ca:d1:e5:57:1f:f1:6f:13:
d3:82:5b:68:b9:cf:0a:3e:b6:6d:62:18:50:85:36:90:d1:05:
8f:6b:cb:7d:53:06:4d:23:5d:ca:7b:35:7e:a5:c7:d3:ec:85:
cf:80:67:6f:0e:52:37:df:0e:4c:80:79:43:b6:0e:df:b5:ed:
e6:7a:f3:41:a2:56:2a:0f:28:3f:d1:22:ff:ae:a4:d1:2f:71:
90:f9:1e:60:1a:50:57:3f:48:9b:8c:7a:4f:bd:69:c2:ce:14:
63:1a:10:18:2b:bb:9e:80:c3:b3:84:f6:b2:c6:2e:4d:35:34:
73:50:08:50:8b:96:f1:47:5e:1f:5f:3b:1c:28:f7:ef:c0:18:
f1:6c:04:ee
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVxwyYmkV83Wuv4zHLojZLsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4MDc0YjQxOWVhZDRjZWZlYTJmMmFkMmMyNTlkOTc4YzVl
ZDc5NTQwHhcNMjMwMTAyMDkxNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjBkMTNlM2U5NjcyNDg5MDhkNDFiNDBiYWRlYmJmZTZiNThiY2M4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnD3VyYUUe/WvbtzXhgukTG3NM5d4
1u+h4I7EM42qiZJ47Z4zlba3xPFvJwrev/zdm0TGok1NVPmOKDjHR3mjm1xqFnI3
lsMMKTN7aDUzHAUt/aY80z0tV/Y0ciOqa8Wf2nxMcFjecu2kdpYTqBlQ+r8EVWh/
J9ESB+ZSXBfPJwUckk5g3bU349dF7/aontrnTiLyySVuYrRAbZevrBuGNKe8U/gp
DpgHyS0s6kmu/9dorEFnsd35dyvlgPrY+VgyZVX86UbK7NbQKQH2GkHd+RvWJMts
U0jZwL6K5w7i74VyUfyIeuD0MY38uTHD3VNyI/EcCKobQn6BLWrkRUlglQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFJINE+PpZySJCNQbQLreu/5rWLzIMB8GA1UdIwQY
MBaAFLgHS0GerUzv6i8q0sJZ2XjF7XlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYt
M2Q5MWVkZTViMmIxLzEva2cwVDQtbG5KSWtJMUJ0QXV0NjdfbXRZdk1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYtM2Q5MWVkZTViMmIx
LzEvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgbogVMw
DQYJKoZIhvcNAQELBQADggEBAHBqHg366WUzOPK5TLRhUtbC2srJbetRm6/r4sI4
oLTjBRX+Ppfwl/3UzZ+FEsr9DXS87LGqtQ2LMcI7PlbjsI8q0X4KrbHOA7EG4ZLu
nr3vHcEde6har50ZZLoH+EUibjT4Z9W0yqVJhw+Gq0IiuHd2onUVpFDK0eVXH/Fv
E9OCW2i5zwo+tm1iGFCFNpDRBY9ry31TBk0jXcp7NX6lx9Pshc+AZ28OUjffDkyA
eUO2Dt+17eZ680GiVioPKD/RIv+upNEvcZD5HmAaUFc/SJuMek+9acLOFGMaEBgr
u56Aw7OE9rLGLk01NHNQCFCLlvFHXh9fOxwo9+/AGPFsBO4=
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:22:04 2024 by rpki-client on console-ams.rpki-client.org