Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/771486-bee3-424a-b341-7cfdf2df6632/1/KlRzuyueb3Zq6XyLDQ58Y9DQow0.roa
File: KlRzuyueb3Zq6XyLDQ58Y9DQow0.roa (raw, json)
Hash identifier: 6wSOKtalceOdHSZnAD3T4CdKUPNWH9tlyLPey2ASCyo=
Subject key identifier: 2A:54:73:BB:2B:9E:6F:76:6A:E9:7C:8B:0D:0E:7C:63:D0:D0:A3:0D
Certificate issuer: /CN=310b05251378994cfa8088d23b6eeed4e9e6ab08
Certificate serial: 01915B80F3806A0C0E20C004B3D48408A16B
Authority key identifier: 31:0B:05:25:13:78:99:4C:FA:80:88:D2:3B:6E:EE:D4:E9:E6:AB:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MQsFJRN4mUz6gIjSO27u1Onmqwg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/771486-bee3-424a-b341-7cfdf2df6632/1/KlRzuyueb3Zq6XyLDQ58Y9DQow0.roa
Signing time: Fri 16 Aug 2024 14:04:23 +0000
ROA not before: Fri 16 Aug 2024 14:04:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216157
IP address blocks: 2a12:3740::/29 maxlen: 29
2a12:46c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 19 Aug 2024 21:30:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:5b:80:f3:80:6a:0c:0e:20:c0:04:b3:d4:84:08:a1:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=310b05251378994cfa8088d23b6eeed4e9e6ab08
Validity
Not Before: Aug 16 14:04:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2a5473bb2b9e6f766ae97c8b0d0e7c63d0d0a30d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:68:9c:d9:98:b5:a6:fe:3e:77:a0:e1:23:1d:
75:c1:7f:6d:70:8c:aa:82:af:d4:ce:2a:7d:a5:cf:
ac:61:d6:6b:cb:5c:7a:4b:7d:02:35:70:cc:5d:a9:
3a:39:d3:47:a0:21:a8:dd:a1:a8:ad:68:f8:46:5b:
b3:96:57:ab:58:29:ef:8a:5f:9d:42:7c:48:31:cd:
69:aa:9d:46:9b:9f:3f:13:ed:9f:e6:21:96:91:4b:
a1:51:44:f9:a0:94:b3:f3:a7:ba:44:f9:5d:91:91:
db:a4:70:39:31:1b:15:43:82:07:58:e7:ea:26:f8:
4c:81:ac:41:95:18:01:5f:ed:f4:6c:0f:13:f0:b2:
f6:de:38:b2:26:2d:5f:da:81:8d:07:74:78:92:9d:
25:bd:2b:eb:38:5a:ae:47:48:c5:2d:d5:f1:ef:0f:
11:68:8e:8d:a1:f1:53:79:88:40:2e:11:fa:87:33:
91:36:31:68:1f:eb:b1:c5:dd:11:7e:b6:98:1a:c0:
83:8d:57:77:68:1c:6f:85:2e:b7:bc:35:40:3b:a5:
ec:85:61:b6:ae:02:7a:9b:a6:6f:d7:49:c2:cf:47:
7b:6d:af:a1:c1:46:02:95:fb:88:bc:38:c8:5c:f0:
58:d0:a7:e2:cf:f7:bc:fd:78:0e:e3:a0:db:b3:de:
7e:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:54:73:BB:2B:9E:6F:76:6A:E9:7C:8B:0D:0E:7C:63:D0:D0:A3:0D
X509v3 Authority Key Identifier:
keyid:31:0B:05:25:13:78:99:4C:FA:80:88:D2:3B:6E:EE:D4:E9:E6:AB:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MQsFJRN4mUz6gIjSO27u1Onmqwg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/771486-bee3-424a-b341-7cfdf2df6632/1/KlRzuyueb3Zq6XyLDQ58Y9DQow0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/771486-bee3-424a-b341-7cfdf2df6632/1/MQsFJRN4mUz6gIjSO27u1Onmqwg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:3740::/29
2a12:46c0::/29
Signature Algorithm: sha256WithRSAEncryption
7a:e9:cb:43:3c:31:02:4c:0c:20:05:96:6c:07:bb:0b:5d:f8:
2c:3c:fc:5b:4a:9b:93:36:9a:23:f9:6b:68:f2:55:7a:5b:23:
ab:c4:6c:90:5f:9e:eb:f4:68:ec:f6:00:67:7a:3b:b7:d6:96:
a4:d4:63:81:34:8e:a3:b9:b3:a9:fa:d0:e5:b6:be:8b:63:89:
a6:7f:c2:7f:08:96:ce:c3:bf:0e:e8:c7:5a:28:09:61:7d:c3:
32:a9:c7:a5:61:b6:a6:51:e8:44:35:cf:d3:c1:61:22:eb:5c:
55:ba:ab:26:13:e8:98:fe:e4:df:54:ee:88:f3:e1:af:f1:d9:
78:19:37:c7:64:7b:43:f5:39:72:1e:50:1f:d3:48:2e:71:f3:
f4:dd:b4:f7:68:b7:50:33:95:1b:a4:9f:02:29:c0:9a:71:6d:
ad:6c:61:8e:d0:6f:1f:72:09:88:6c:9d:da:8d:ce:2d:e0:d5:
1c:f3:6a:2d:77:1a:ef:fa:13:a2:33:da:e9:2e:71:cc:01:25:
eb:9e:a0:e3:67:3c:27:12:72:f5:69:6b:65:d2:f6:57:60:3e:
61:4c:4b:07:c9:6d:98:2f:b4:d3:53:4a:5b:aa:81:b4:9b:36:
e6:b8:a7:46:0c:5f:18:3f:4b:66:a2:65:42:c9:8a:a7:15:2a:
2d:e7:58:79
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZFbgPOAagwOIMAEs9SECKFrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxMGIwNTI1MTM3ODk5NGNmYTgwODhkMjNiNmVlZWQ0ZTll
NmFiMDgwHhcNMjQwODE2MTQwNDIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTU0NzNiYjJiOWU2Zjc2NmFlOTdjOGIwZDBlN2M2M2QwZDBhMzBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnGic2Zi1pv4+d6DhIx11wX9tcIyq
gq/Uzip9pc+sYdZry1x6S30CNXDMXak6OdNHoCGo3aGorWj4RluzllerWCnvil+d
QnxIMc1pqp1Gm58/E+2f5iGWkUuhUUT5oJSz86e6RPldkZHbpHA5MRsVQ4IHWOfq
JvhMgaxBlRgBX+30bA8T8LL23jiyJi1f2oGNB3R4kp0lvSvrOFquR0jFLdXx7w8R
aI6NofFTeYhALhH6hzORNjFoH+uxxd0RfraYGsCDjVd3aBxvhS63vDVAO6XshWG2
rgJ6m6Zv10nCz0d7ba+hwUYClfuIvDjIXPBY0Kfiz/e8/XgO46Dbs95+BQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFCpUc7srnm92aul8iw0OfGPQ0KMNMB8GA1UdIwQY
MBaAFDELBSUTeJlM+oCI0jtu7tTp5qsIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVFzRkpSTjRtVXo2Z0lqU08yN3UxT25tcXdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC83NzE0ODYtYmVlMy00MjRhLWIzNDEt
N2NmZGYyZGY2NjMyLzEvS2xSenV5dWViM1pxNlh5TERRNThZOURRb3cwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC83NzE0ODYtYmVlMy00MjRhLWIzNDEtN2NmZGYyZGY2NjMy
LzEvTVFzRkpSTjRtVXo2Z0lqU08yN3UxT25tcXdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKhI3QAMF
AyoSRsAwDQYJKoZIhvcNAQELBQADggEBAHrpy0M8MQJMDCAFlmwHuwtd+Cw8/FtK
m5M2miP5a2jyVXpbI6vEbJBfnuv0aOz2AGd6O7fWlqTUY4E0jqO5s6n60OW2votj
iaZ/wn8Ils7Dvw7ox1ooCWF9wzKpx6VhtqZR6EQ1z9PBYSLrXFW6qyYT6Jj+5N9U
7ojz4a/x2XgZN8dke0P1OXIeUB/TSC5x8/TdtPdot1AzlRuknwIpwJpxba1sYY7Q
bx9yCYhsndqNzi3g1Rzzai13Gu/6E6Iz2ukuccwBJeueoONnPCcScvVpa2XS9ldg
PmFMSwfJbZgvtNNTSluqgbSbNua4p0YMXxg/S2aiZULJiqcVKi3nWHk=
-----END CERTIFICATE-----
Generated at Mon Aug 19 23:51:29 2024 by rpki-client on console-ams.rpki-client.org