Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/KIPGdWVr_kvThR5ZY9vluB5IdJ4.roa
File: KIPGdWVr_kvThR5ZY9vluB5IdJ4.roa (raw, json)
Hash identifier: YviFr8LG8Y5jJE6Nougl++c1Ji902uPu1EyxdNxVaHA=
Subject key identifier: 28:83:C6:75:65:6B:FE:4B:D3:85:1E:59:63:DB:E5:B8:1E:48:74:9E
Certificate issuer: /CN=4a644c1156851803f37adeec0876ccf989d5aef0
Certificate serial: 018572BA877FE555BE1969DD89EF09B98B56
Authority key identifier: 4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/KIPGdWVr_kvThR5ZY9vluB5IdJ4.roa
Signing time: Mon 02 Jan 2023 13:45:04 +0000
ROA not before: Mon 02 Jan 2023 13:45:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212591
IP address blocks: 2a0f:5707:aad1::/48 maxlen: 48
2a0f:5707:aad0::/46 maxlen: 46
2a0f:5707:aad0::/44 maxlen: 48
2a0f:5707:aad0::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:ba:87:7f:e5:55:be:19:69:dd:89:ef:09:b9:8b:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a644c1156851803f37adeec0876ccf989d5aef0
Validity
Not Before: Jan 2 13:45:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2883c675656bfe4bd3851e5963dbe5b81e48749e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:26:ae:94:f8:19:29:3e:13:40:d3:8c:c4:f2:
8c:5d:65:76:f2:60:e1:a7:5c:b2:b7:8f:29:71:1e:
07:a7:97:e1:c2:73:27:f1:cd:a5:5f:95:37:75:c1:
16:1b:79:8c:67:df:c0:bf:26:05:ec:aa:f2:81:da:
15:78:54:c8:a5:92:a4:00:33:59:08:16:fe:47:0d:
01:d5:9f:a3:e6:68:00:c8:2c:d1:2e:4d:f1:17:a5:
78:f4:2a:ab:88:00:48:bc:1c:60:b8:24:46:99:01:
6e:d0:ae:80:9e:21:9b:a6:64:53:9f:7b:b7:ce:b0:
72:7d:a0:62:54:78:f1:35:68:59:90:4f:7e:1a:3d:
f9:c2:c0:25:c0:f8:9a:d5:3d:b9:b6:a4:00:00:72:
17:13:b5:c9:9a:5a:c6:4d:9e:7b:46:2a:c8:49:60:
4d:17:12:9f:57:a8:9e:b1:54:5b:aa:af:e5:ac:32:
60:6d:9f:64:55:33:50:da:0b:3e:4f:ed:bf:60:05:
f0:28:35:d9:72:1b:6e:11:b1:e0:c6:fe:5a:46:d1:
05:1b:29:32:00:4c:07:56:56:f7:c0:5f:dd:5f:97:
33:c4:99:82:27:7c:ea:e5:1c:f4:17:98:8c:8e:3f:
01:02:c1:d2:04:63:0a:d7:04:45:25:e3:49:a2:7b:
75:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:83:C6:75:65:6B:FE:4B:D3:85:1E:59:63:DB:E5:B8:1E:48:74:9E
X509v3 Authority Key Identifier:
keyid:4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/KIPGdWVr_kvThR5ZY9vluB5IdJ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/SmRMEVaFGAPzet7sCHbM-YnVrvA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:5707:aad0::/44
Signature Algorithm: sha256WithRSAEncryption
6f:f3:b3:7c:38:d8:67:36:06:b8:7a:77:f8:fd:8c:45:dd:fd:
4a:a5:5f:87:6a:e8:d3:6f:cc:c8:de:52:73:98:ac:f0:bb:14:
c1:f4:f3:37:5a:de:16:2a:db:07:42:81:ea:a0:a2:c9:de:ab:
b7:74:af:7d:44:2e:a6:26:ec:d8:c9:59:e6:f6:ca:df:17:a3:
df:c5:7f:5f:19:8b:bf:d0:1c:76:d3:22:c3:69:9b:11:9a:64:
1a:30:70:f0:d0:c5:92:ea:cd:23:d1:75:c9:72:33:81:bf:99:
28:5f:fb:f3:7b:ba:bd:60:b0:78:6e:5f:7a:61:d5:59:c8:44:
e3:28:34:49:b7:94:0c:23:f3:d2:f2:73:7c:6c:5a:c4:47:84:
b2:fe:9c:63:22:c5:2c:c7:48:b0:84:00:f3:d6:50:e4:d6:79:
b0:1e:df:3c:a7:a4:63:86:4b:d8:2d:19:64:21:9f:c8:26:30:
93:18:14:70:81:8d:5c:e0:b2:e5:9d:19:51:16:43:ca:95:7b:
6b:10:5f:a9:c5:24:69:cf:61:d4:a5:6d:d9:0d:db:0c:c7:2a:
c6:85:de:d4:85:75:f1:a1:d9:e7:97:f2:88:5b:03:aa:f4:74:
df:66:6d:a4:dd:2d:06:81:c6:fe:ce:14:e1:75:dc:bc:a9:23:
73:b4:95:71
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVyuod/5VW+GWndie8JuYtWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNjQ0YzExNTY4NTE4MDNmMzdhZGVlYzA4NzZjY2Y5ODlk
NWFlZjAwHhcNMjMwMTAyMTM0NTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODgzYzY3NTY1NmJmZTRiZDM4NTFlNTk2M2RiZTViODFlNDg3NDllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoyaulPgZKT4TQNOMxPKMXWV28mDh
p1yyt48pcR4Hp5fhwnMn8c2lX5U3dcEWG3mMZ9/AvyYF7KrygdoVeFTIpZKkADNZ
CBb+Rw0B1Z+j5mgAyCzRLk3xF6V49CqriABIvBxguCRGmQFu0K6AniGbpmRTn3u3
zrByfaBiVHjxNWhZkE9+Gj35wsAlwPia1T25tqQAAHIXE7XJmlrGTZ57RirISWBN
FxKfV6iesVRbqq/lrDJgbZ9kVTNQ2gs+T+2/YAXwKDXZchtuEbHgxv5aRtEFGyky
AEwHVlb3wF/dX5czxJmCJ3zq5Rz0F5iMjj8BAsHSBGMK1wRFJeNJont1AQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCiDxnVla/5L04UeWWPb5bgeSHSeMB8GA1UdIwQY
MBaAFEpkTBFWhRgD83re7Ah2zPmJ1a7wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3Mzkt
Y2MxYzliNWY2NjQwLzEvS0lQR2RXVnJfa3ZUaFI1Wlk5dmx1QjVJZEo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3MzktY2MxYzliNWY2NjQw
LzEvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg9XB6rQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBv87N8ONhnNga4enf4/YxF3f1KpV+HaujTb8zI
3lJzmKzwuxTB9PM3Wt4WKtsHQoHqoKLJ3qu3dK99RC6mJuzYyVnm9srfF6PfxX9f
GYu/0Bx20yLDaZsRmmQaMHDw0MWS6s0j0XXJcjOBv5koX/vze7q9YLB4bl96YdVZ
yETjKDRJt5QMI/PS8nN8bFrER4Sy/pxjIsUsx0iwhADz1lDk1nmwHt88p6RjhkvY
LRlkIZ/IJjCTGBRwgY1c4LLlnRlRFkPKlXtrEF+pxSRpz2HUpW3ZDdsMxyrGhd7U
hXXxodnnl/KIWwOq9HTfZm2k3S0Ggcb+zhThddy8qSNztJVx
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:22 2024 by rpki-client on console-ams.rpki-client.org