Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/554c35-a83c-4329-a08d-2d46d30dacbf/1/kexK-jt0bar0oiFgy-Sdf75WDSo.roa
File: kexK-jt0bar0oiFgy-Sdf75WDSo.roa (raw, json)
Hash identifier: 1u4rUzOu7uMnU5DNIjWXbKf9rTKiNqciID6ORyS7btI=
Subject key identifier: 91:EC:4A:FA:3B:74:6D:AA:F4:A2:21:60:CB:E4:9D:7F:BE:56:0D:2A
Certificate issuer: /CN=a5a56ebf01e00349f673019180560c9a31aea871
Certificate serial: 018D571E7DD93D6BECDD8491C8FA324A8B90
Authority key identifier: A5:A5:6E:BF:01:E0:03:49:F6:73:01:91:80:56:0C:9A:31:AE:A8:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/paVuvwHgA0n2cwGRgFYMmjGuqHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/554c35-a83c-4329-a08d-2d46d30dacbf/1/kexK-jt0bar0oiFgy-Sdf75WDSo.roa
Signing time: Mon 29 Jan 2024 21:27:12 +0000
ROA not before: Mon 29 Jan 2024 21:27:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47316
IP address blocks: 2a12:c6c7:100::/40 maxlen: 48
2a12:c6c7:200::/40 maxlen: 48
Validation: Failed, certificate revoked on Tue 30 Jan 2024 19:27:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:57:1e:7d:d9:3d:6b:ec:dd:84:91:c8:fa:32:4a:8b:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5a56ebf01e00349f673019180560c9a31aea871
Validity
Not Before: Jan 29 21:27:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=91ec4afa3b746daaf4a22160cbe49d7fbe560d2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:f7:35:78:0e:d1:d5:95:d7:4e:28:22:ef:a1:
ac:e4:fd:8c:69:75:87:80:62:49:95:32:5a:a2:22:
7d:74:fd:02:0b:bc:b0:36:d1:c7:74:19:54:9b:15:
00:64:2d:3b:d9:f3:6c:de:df:80:9d:00:01:f8:3b:
ab:d3:ee:2e:44:89:07:f9:73:df:ab:07:0c:c3:cf:
b8:2d:25:82:e8:4a:21:96:07:6c:04:ba:87:70:81:
4f:a1:ca:29:e9:db:b3:91:55:7a:60:e7:f0:b0:fe:
05:9d:1a:7f:79:1a:3e:68:c1:54:48:7a:6a:db:23:
cf:12:b7:bf:50:2e:47:cc:79:b5:89:d7:77:34:be:
65:91:4a:94:12:fa:b3:68:5e:2c:c8:8b:10:2f:d0:
b7:3d:84:26:46:a7:8f:53:c4:73:e8:ae:2a:82:88:
93:b0:19:85:a0:36:c2:92:13:94:ab:0f:d8:51:9f:
b9:19:7d:37:17:f9:44:15:11:78:3a:7f:3f:62:cd:
11:ef:f8:f6:40:5d:37:b8:17:f6:88:94:fa:af:83:
22:4b:05:b5:14:83:18:e0:59:b8:14:3e:bb:32:04:
0b:63:ff:6f:ed:d2:20:f6:74:0f:d7:fd:de:0c:b1:
bd:b6:8c:13:1d:12:0d:91:76:7d:05:55:f7:76:b9:
e1:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:EC:4A:FA:3B:74:6D:AA:F4:A2:21:60:CB:E4:9D:7F:BE:56:0D:2A
X509v3 Authority Key Identifier:
keyid:A5:A5:6E:BF:01:E0:03:49:F6:73:01:91:80:56:0C:9A:31:AE:A8:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/paVuvwHgA0n2cwGRgFYMmjGuqHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/554c35-a83c-4329-a08d-2d46d30dacbf/1/kexK-jt0bar0oiFgy-Sdf75WDSo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/554c35-a83c-4329-a08d-2d46d30dacbf/1/paVuvwHgA0n2cwGRgFYMmjGuqHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:c6c7:100::-2a12:c6c7:2ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
49:3a:37:30:e3:ff:ff:7b:ca:e2:bb:7b:69:51:29:94:3a:aa:
97:0f:61:02:52:19:8f:ef:5c:0f:24:81:a1:b9:f2:ee:2a:1f:
51:64:47:2c:8a:6f:87:0c:86:c7:63:74:c6:bc:88:9f:41:50:
4c:d9:ef:1f:ed:03:c7:60:45:25:c5:32:bd:55:f0:a0:48:1c:
0a:84:4e:7c:94:ca:51:8a:04:68:5e:97:66:ac:31:0a:75:e8:
e3:58:f4:61:5d:18:eb:8d:3b:6f:80:cb:e5:28:69:5f:71:df:
45:13:d0:1d:49:b9:80:51:dd:fd:78:e2:cb:a8:ff:26:ed:75:
4b:62:ad:1c:c7:e5:48:00:9d:75:d4:55:b0:ea:59:a9:87:eb:
e8:cb:94:a9:23:d1:65:62:73:33:e6:00:4d:9d:93:fe:66:23:
ad:e9:fc:d6:d4:1a:45:3c:a9:3b:e5:c6:5f:20:3b:50:2a:4b:
46:d8:e0:fb:f3:69:67:33:15:a2:58:d4:7f:d5:6d:32:7a:58:
0a:b1:c0:f4:c5:6a:fc:d4:50:1d:a4:85:10:77:f6:53:d5:5d:
e3:f9:0f:19:ea:6d:59:10:47:46:9e:96:22:8a:26:0e:53:05:
b3:ce:19:d6:8f:00:91:92:70:05:43:4b:64:7c:00:75:fc:1e:
2f:58:b4:73
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY1XHn3ZPWvs3YSRyPoySouQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YTU2ZWJmMDFlMDAzNDlmNjczMDE5MTgwNTYwYzlhMzFh
ZWE4NzEwHhcNMjQwMTI5MjEyNzEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWVjNGFmYTNiNzQ2ZGFhZjRhMjIxNjBjYmU0OWQ3ZmJlNTYwZDJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg/c1eA7R1ZXXTigi76Gs5P2MaXWH
gGJJlTJaoiJ9dP0CC7ywNtHHdBlUmxUAZC072fNs3t+AnQAB+Dur0+4uRIkH+XPf
qwcMw8+4LSWC6EohlgdsBLqHcIFPocop6duzkVV6YOfwsP4FnRp/eRo+aMFUSHpq
2yPPEre/UC5HzHm1idd3NL5lkUqUEvqzaF4syIsQL9C3PYQmRqePU8Rz6K4qgoiT
sBmFoDbCkhOUqw/YUZ+5GX03F/lEFRF4On8/Ys0R7/j2QF03uBf2iJT6r4MiSwW1
FIMY4Fm4FD67MgQLY/9v7dIg9nQP1/3eDLG9towTHRINkXZ9BVX3drnhzwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJHsSvo7dG2q9KIhYMvknX++Vg0qMB8GA1UdIwQY
MBaAFKWlbr8B4ANJ9nMBkYBWDJoxrqhxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGFWdXZ3SGdBMG4yY3dHUmdGWU1takd1cUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS81NTRjMzUtYTgzYy00MzI5LWEwOGQt
MmQ0NmQzMGRhY2JmLzEva2V4Sy1qdDBiYXIwb2lGZ3ktU2RmNzVXRFNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS81NTRjMzUtYTgzYy00MzI5LWEwOGQtMmQ0NmQzMGRhY2Jm
LzEvcGFWdXZ3SGdBMG4yY3dHUmdGWU1takd1cUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASMBADBgAqEsbH
AQMGACoSxscCMA0GCSqGSIb3DQEBCwUAA4IBAQBJOjcw4///e8riu3tpUSmUOqqX
D2ECUhmP71wPJIGhufLuKh9RZEcsim+HDIbHY3TGvIifQVBM2e8f7QPHYEUlxTK9
VfCgSBwKhE58lMpRigRoXpdmrDEKdejjWPRhXRjrjTtvgMvlKGlfcd9FE9AdSbmA
Ud39eOLLqP8m7XVLYq0cx+VIAJ111FWw6lmph+voy5SpI9FlYnMz5gBNnZP+ZiOt
6fzW1BpFPKk75cZfIDtQKktG2OD782lnMxWiWNR/1W0yelgKscD0xWr81FAdpIUQ
d/ZT1V3j+Q8Z6m1ZEEdGnpYiiiYOUwWzzhnWjwCRknAFQ0tkfAB1/B4vWLRz
-----END CERTIFICATE-----
Generated at Sat Apr 19 14:01:48 2025 by rpki-client