Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/KhRxiKQMH361YkC7xQMtMEPPGQQ.roa
File: KhRxiKQMH361YkC7xQMtMEPPGQQ.roa (raw, json)
Hash identifier: Hy9G7Y5RZWEgqZkOiKBWGbeIco68Rm9tT19ImNP+W+A=
Subject key identifier: 2A:14:71:88:A4:0C:1F:7E:B5:62:40:BB:C5:03:2D:30:43:CF:19:04
Certificate issuer: /CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Certificate serial: 01856C6EF7D171EE6A2BE64D2CF81EC858CE
Authority key identifier: DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/KhRxiKQMH361YkC7xQMtMEPPGQQ.roa
Signing time: Sun 01 Jan 2023 08:24:49 +0000
ROA not before: Sun 01 Jan 2023 08:24:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43443
IP address blocks: 2a03:9c00:a::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:33:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:6e:f7:d1:71:ee:6a:2b:e6:4d:2c:f8:1e:c8:58:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Validity
Not Before: Jan 1 08:24:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a147188a40c1f7eb56240bbc5032d3043cf1904
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:60:25:34:ea:92:f8:7c:5f:e4:41:01:e9:60:
b9:83:35:56:41:a6:bd:69:3a:c4:b1:dd:00:77:87:
52:ea:a8:79:be:13:f9:21:d6:e6:a0:4f:fd:ca:44:
9d:37:5c:64:5c:fa:cd:a3:72:bf:25:2d:ee:6d:3e:
53:06:75:56:e4:73:64:cd:66:58:dd:b2:b0:50:eb:
f0:f4:37:95:e9:53:11:a3:67:2a:43:3a:24:9e:26:
3b:f1:59:87:d4:32:7b:b1:06:43:05:87:52:76:5a:
50:a9:86:23:0f:c5:62:9a:96:22:37:89:e1:de:37:
36:39:48:fd:25:cf:67:fc:30:0d:4e:4c:29:f8:fc:
d5:ff:ea:e4:66:b7:e2:8e:74:e8:88:33:64:6e:a9:
45:e8:c3:2f:bd:09:d2:3e:81:bf:16:12:36:39:41:
b9:3a:f6:1f:fc:07:38:fa:d9:fd:85:69:54:3c:aa:
37:8e:30:bf:2d:2a:8f:57:98:68:8e:15:f4:4e:e7:
ed:eb:67:08:da:df:8a:83:4f:10:28:45:54:5f:67:
f1:ca:49:71:a1:1a:97:24:a7:f1:ad:f7:73:38:46:
9f:c7:b8:f5:35:85:8e:93:5b:eb:de:57:e6:94:16:
a2:74:41:1e:ec:56:85:e6:ea:c0:7d:ec:e3:23:6b:
ec:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:14:71:88:A4:0C:1F:7E:B5:62:40:BB:C5:03:2D:30:43:CF:19:04
X509v3 Authority Key Identifier:
keyid:DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/KhRxiKQMH361YkC7xQMtMEPPGQQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3O9Y1M-jVUP4SIonVuaSTmR7RYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:9c00:a::/48
Signature Algorithm: sha256WithRSAEncryption
8a:72:05:1a:0c:60:17:90:d6:24:97:8e:85:59:64:6a:57:4b:
b4:0c:6c:f2:48:fb:bd:9c:b6:dd:3b:41:93:b1:ea:17:38:bb:
01:86:72:c8:64:7d:ab:47:65:fe:f4:66:1c:94:29:b3:e6:0b:
44:52:9d:5a:85:61:c6:1f:8b:d9:87:73:f4:60:20:4e:9a:d9:
fd:72:d6:e8:fd:2a:19:aa:33:d0:71:f6:f7:72:41:4c:da:ea:
5d:0f:17:0f:03:ea:08:1c:39:59:05:03:e4:cd:7c:7a:1d:0c:
39:72:7a:34:75:03:17:4b:99:10:c2:bd:d6:a3:63:3b:14:0e:
7d:ea:e0:fb:cf:14:0f:53:12:92:3a:27:89:6c:0f:0d:f1:78:
4a:c4:fe:5a:83:1e:1f:9a:92:71:36:bf:db:7d:3f:7b:ba:64:
3f:83:22:42:12:61:57:8a:68:f0:e5:ac:b2:04:a9:d1:9d:0f:
0b:f6:59:a0:c4:2d:e2:eb:c3:ea:34:86:1a:23:7c:ee:d9:2a:
ee:16:01:2b:1e:7a:38:c3:5a:84:e1:a7:78:e7:db:63:c3:95:
d6:bb:e8:c6:f5:ab:9b:35:50:3e:71:bc:6c:1a:d0:31:d9:50:
25:5b:e2:69:58:20:fa:73:61:36:5a:61:b8:ae:b8:67:54:50:
43:eb:65:8c
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVsbvfRce5qK+ZNLPgeyFjOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjZWY1OGQ0Y2ZhMzU1NDNmODQ4OGEyNzU2ZTY5MjRlNjQ3
YjQ1ODkwHhcNMjMwMTAxMDgyNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTE0NzE4OGE0MGMxZjdlYjU2MjQwYmJjNTAzMmQzMDQzY2YxOTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgmAlNOqS+Hxf5EEB6WC5gzVWQaa9
aTrEsd0Ad4dS6qh5vhP5IdbmoE/9ykSdN1xkXPrNo3K/JS3ubT5TBnVW5HNkzWZY
3bKwUOvw9DeV6VMRo2cqQzokniY78VmH1DJ7sQZDBYdSdlpQqYYjD8VimpYiN4nh
3jc2OUj9Jc9n/DANTkwp+PzV/+rkZrfijnToiDNkbqlF6MMvvQnSPoG/FhI2OUG5
OvYf/Ac4+tn9hWlUPKo3jjC/LSqPV5hojhX0Tuft62cI2t+Kg08QKEVUX2fxyklx
oRqXJKfxrfdzOEafx7j1NYWOk1vr3lfmlBaidEEe7FaF5urAfezjI2vs2wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCoUcYikDB9+tWJAu8UDLTBDzxkEMB8GA1UdIwQY
MBaAFNzvWNTPo1VD+EiKJ1bmkk5ke0WJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMt
MmVjZTA0ZTE4NWMyLzEvS2hSeGlLUU1IMzYxWWtDN3hRTXRNRVBQR1FRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMtMmVjZTA0ZTE4NWMy
LzEvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgOcAAAK
MA0GCSqGSIb3DQEBCwUAA4IBAQCKcgUaDGAXkNYkl46FWWRqV0u0DGzySPu9nLbd
O0GTseoXOLsBhnLIZH2rR2X+9GYclCmz5gtEUp1ahWHGH4vZh3P0YCBOmtn9ctbo
/SoZqjPQcfb3ckFM2updDxcPA+oIHDlZBQPkzXx6HQw5cno0dQMXS5kQwr3Wo2M7
FA596uD7zxQPUxKSOieJbA8N8XhKxP5agx4fmpJxNr/bfT97umQ/gyJCEmFXimjw
5ayyBKnRnQ8L9lmgxC3i68PqNIYaI3zu2SruFgErHno4w1qE4ad459tjw5XWu+jG
9aubNVA+cbxsGtAx2VAlW+JpWCD6c2E2WmG4rrhnVFBD62WM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:14 2024 by rpki-client on console-fra.rpki-client.org