Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/4de9ba-0a6b-47f8-9770-f92019375bc8/1/KMb5QKKy3gQ-nrcDehEeJTIXQJM.roa
File: KMb5QKKy3gQ-nrcDehEeJTIXQJM.roa (raw, json)
Hash identifier: W1v33ivYo7cXAC+OA7A4yIbRgwHdDtO0a0eZ1V51OK4=
Subject key identifier: 28:C6:F9:40:A2:B2:DE:04:3E:9E:B7:03:7A:11:1E:25:32:17:40:93
Certificate issuer: /CN=7587902ce7a6a334a4e0db73e721989015d6489b
Certificate serial: 01856EC1F2F4F63EC406F1B74A056DFBC947
Authority key identifier: 75:87:90:2C:E7:A6:A3:34:A4:E0:DB:73:E7:21:98:90:15:D6:48:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dYeQLOemozSk4Ntz5yGYkBXWSJs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/4de9ba-0a6b-47f8-9770-f92019375bc8/1/KMb5QKKy3gQ-nrcDehEeJTIXQJM.roa
Signing time: Sun 01 Jan 2023 19:14:42 +0000
ROA not before: Sun 01 Jan 2023 19:14:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207111
IP address blocks: 2001:67c:770::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:c1:f2:f4:f6:3e:c4:06:f1:b7:4a:05:6d:fb:c9:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7587902ce7a6a334a4e0db73e721989015d6489b
Validity
Not Before: Jan 1 19:14:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=28c6f940a2b2de043e9eb7037a111e2532174093
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:6d:3b:e8:4f:9c:65:6d:0e:9a:37:e7:79:37:
37:47:18:7d:57:84:4a:fb:6e:d9:ea:b7:35:76:89:
46:70:22:41:00:c1:bf:aa:c7:43:0c:c3:f8:25:87:
98:9a:bb:a3:7e:06:f5:7f:77:79:95:78:ca:b0:58:
71:70:a7:52:df:7d:69:38:45:7d:9f:d9:ff:02:c4:
7c:f7:71:13:fb:5c:d9:c0:94:f2:22:f7:6f:fa:ef:
7f:68:e0:fb:0a:46:39:16:80:c0:ad:76:8a:ce:89:
29:e5:14:ab:34:93:15:97:f2:89:57:2c:b6:db:bf:
5d:6d:27:e3:a3:29:75:69:12:c8:cc:bd:d4:ee:eb:
80:2e:67:15:f4:57:45:a1:35:50:f2:1b:fc:4d:42:
ff:ac:a9:68:7f:ba:82:56:e7:66:c1:cd:67:a4:8d:
9b:f0:7f:4c:b0:58:74:61:46:77:5e:85:95:40:38:
b3:47:88:65:d0:a5:a0:53:b3:c6:67:ef:0c:a0:bc:
39:f4:3a:4b:36:a1:0b:a5:e6:0d:68:49:c1:b4:29:
9f:f6:35:03:a7:d9:99:7f:7c:c6:fe:22:a4:b3:04:
70:2a:ba:83:52:8c:09:60:48:92:46:7d:46:07:e8:
e2:a9:53:9f:b5:42:b9:eb:29:34:fe:44:09:5b:2d:
9d:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:C6:F9:40:A2:B2:DE:04:3E:9E:B7:03:7A:11:1E:25:32:17:40:93
X509v3 Authority Key Identifier:
keyid:75:87:90:2C:E7:A6:A3:34:A4:E0:DB:73:E7:21:98:90:15:D6:48:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dYeQLOemozSk4Ntz5yGYkBXWSJs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/4de9ba-0a6b-47f8-9770-f92019375bc8/1/KMb5QKKy3gQ-nrcDehEeJTIXQJM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/4de9ba-0a6b-47f8-9770-f92019375bc8/1/dYeQLOemozSk4Ntz5yGYkBXWSJs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:770::/48
Signature Algorithm: sha256WithRSAEncryption
bb:d1:41:64:92:d0:f5:81:48:63:3a:d4:21:0d:4d:08:a5:89:
ee:cb:9d:36:73:14:8e:4b:08:6a:ec:db:70:cc:f6:51:00:cb:
7a:75:ee:30:24:84:1c:a7:cd:a3:c5:30:55:a5:3e:80:2d:51:
fa:3d:b1:26:d7:a3:88:2c:23:1b:ed:68:83:b2:f5:3a:a0:10:
fe:11:94:c0:6a:5f:64:10:a2:e9:b6:65:67:c8:b0:ee:b6:f9:
e3:0f:0f:38:fe:68:19:fa:46:ed:be:15:4f:fa:ed:49:8a:50:
1a:1b:cf:57:1b:a5:d3:44:04:a6:05:b7:30:de:1f:2f:01:95:
16:bd:aa:5a:79:c3:be:ef:cc:6b:77:0d:06:e7:11:51:83:6f:
8b:67:37:87:da:36:1a:0f:bb:67:f2:6f:7e:84:c9:4d:51:11:
93:12:ea:30:50:93:77:db:45:7c:8c:89:d0:ae:40:c0:80:a7:
d0:21:db:39:64:86:43:92:d5:f3:47:a9:27:28:17:f1:ab:bb:
71:7d:94:40:55:e2:96:0e:ef:30:df:e6:7c:28:28:af:35:1b:
36:70:6e:ca:32:df:5e:b1:47:71:be:33:db:c1:f4:d2:0f:49:
83:77:97:7f:5d:8f:c4:54:fe:0d:73:9a:a1:1f:fd:cf:b7:90:
2e:f2:00:56
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVuwfL09j7EBvG3SgVt+8lHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1ODc5MDJjZTdhNmEzMzRhNGUwZGI3M2U3MjE5ODkwMTVk
NjQ4OWIwHhcNMjMwMTAxMTkxNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGM2Zjk0MGEyYjJkZTA0M2U5ZWI3MDM3YTExMWUyNTMyMTc0MDkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsG076E+cZW0OmjfneTc3Rxh9V4RK
+27Z6rc1dolGcCJBAMG/qsdDDMP4JYeYmrujfgb1f3d5lXjKsFhxcKdS331pOEV9
n9n/AsR893ET+1zZwJTyIvdv+u9/aOD7CkY5FoDArXaKzokp5RSrNJMVl/KJVyy2
279dbSfjoyl1aRLIzL3U7uuALmcV9FdFoTVQ8hv8TUL/rKlof7qCVudmwc1npI2b
8H9MsFh0YUZ3XoWVQDizR4hl0KWgU7PGZ+8MoLw59DpLNqELpeYNaEnBtCmf9jUD
p9mZf3zG/iKkswRwKrqDUowJYEiSRn1GB+jiqVOftUK56yk0/kQJWy2dUwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCjG+UCist4EPp63A3oRHiUyF0CTMB8GA1UdIwQY
MBaAFHWHkCznpqM0pODbc+chmJAV1kibMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFllUUxPZW1velNrNE50ejV5R1lrQlhXU0pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy80ZGU5YmEtMGE2Yi00N2Y4LTk3NzAt
ZjkyMDE5Mzc1YmM4LzEvS01iNVFLS3kzZ1EtbnJjRGVoRWVKVElYUUpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy80ZGU5YmEtMGE2Yi00N2Y4LTk3NzAtZjkyMDE5Mzc1YmM4
LzEvZFllUUxPZW1velNrNE50ejV5R1lrQlhXU0pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAdw
MA0GCSqGSIb3DQEBCwUAA4IBAQC70UFkktD1gUhjOtQhDU0IpYnuy502cxSOSwhq
7NtwzPZRAMt6de4wJIQcp82jxTBVpT6ALVH6PbEm16OILCMb7WiDsvU6oBD+EZTA
al9kEKLptmVnyLDutvnjDw84/mgZ+kbtvhVP+u1JilAaG89XG6XTRASmBbcw3h8v
AZUWvapaecO+78xrdw0G5xFRg2+LZzeH2jYaD7tn8m9+hMlNURGTEuowUJN320V8
jInQrkDAgKfQIds5ZIZDktXzR6knKBfxq7txfZRAVeKWDu8w3+Z8KCivNRs2cG7K
Mt9esUdxvjPbwfTSD0mDd5d/XY/EVP4Nc5qhH/3Pt5Au8gBW
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:03 2024 by rpki-client on console-ams.rpki-client.org