Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/ca641f-db3a-4f64-a25b-cfa6a91481e2/1/KDtwUwHR7e5RC73nltqprKzg8AI.roa
File: KDtwUwHR7e5RC73nltqprKzg8AI.roa (raw, json)
Hash identifier: 4N4YluYJZMQQMNVfGROufZllgJa4YiejlRvdxrij76c=
Subject key identifier: 28:3B:70:53:01:D1:ED:EE:51:0B:BD:E7:96:DA:A9:AC:AC:E0:F0:02
Certificate issuer: /CN=97d23ae28cd860c8edfd618356f8b31f5e4dc928
Certificate serial: 018CC8DF85366E5534FC21C7EE4736D0D280
Authority key identifier: 97:D2:3A:E2:8C:D8:60:C8:ED:FD:61:83:56:F8:B3:1F:5E:4D:C9:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l9I64ozYYMjt_WGDVvizH15NySg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/ca641f-db3a-4f64-a25b-cfa6a91481e2/1/KDtwUwHR7e5RC73nltqprKzg8AI.roa
Signing time: Tue 02 Jan 2024 06:32:20 +0000
ROA not before: Tue 02 Jan 2024 06:32:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208046
IP address blocks: 2a13:29c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 04 Jan 2024 12:29:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:85:36:6e:55:34:fc:21:c7:ee:47:36:d0:d2:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97d23ae28cd860c8edfd618356f8b31f5e4dc928
Validity
Not Before: Jan 2 06:32:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=283b705301d1edee510bbde796daa9acace0f002
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:25:49:c1:29:88:e0:01:bb:fc:75:86:91:db:
15:13:4d:96:6e:03:29:de:80:f3:bf:2e:94:76:ae:
f0:c1:05:fb:68:1f:69:34:26:ea:22:f8:66:78:5d:
7a:73:30:f2:73:23:f5:60:d3:92:07:c2:52:a6:b2:
f4:83:56:e6:3e:56:af:37:1e:68:d5:57:6f:02:c6:
ad:52:46:00:1f:98:2a:be:64:dd:24:3d:2c:eb:54:
f8:1c:f3:11:2c:c6:e3:7a:da:b4:b9:d4:60:77:97:
49:89:4d:58:3f:91:5e:3b:ae:9b:ab:09:47:4e:e2:
38:82:1c:5c:49:7c:2a:13:fc:3e:a5:bb:54:9b:da:
f6:80:ad:5a:67:53:98:0f:57:f5:04:38:fc:4e:03:
ba:0f:bc:56:a7:3b:fe:f6:b9:f1:73:f7:4d:2a:86:
73:50:f8:eb:60:e8:47:d7:cd:b9:3b:90:29:f8:ba:
c4:79:90:c0:3c:9e:74:6a:c5:93:c2:64:65:ef:1e:
5d:4e:18:50:a1:33:1a:7c:00:98:90:e5:e5:51:72:
ab:54:29:94:e0:61:dc:e6:d2:c7:4c:4a:e4:a0:e0:
fb:87:34:00:fd:9b:94:76:fd:9e:93:e6:bd:4e:e7:
57:9e:36:f6:9d:62:ba:0c:82:49:ef:28:54:1b:e6:
0a:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:3B:70:53:01:D1:ED:EE:51:0B:BD:E7:96:DA:A9:AC:AC:E0:F0:02
X509v3 Authority Key Identifier:
keyid:97:D2:3A:E2:8C:D8:60:C8:ED:FD:61:83:56:F8:B3:1F:5E:4D:C9:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l9I64ozYYMjt_WGDVvizH15NySg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/ca641f-db3a-4f64-a25b-cfa6a91481e2/1/KDtwUwHR7e5RC73nltqprKzg8AI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/ca641f-db3a-4f64-a25b-cfa6a91481e2/1/l9I64ozYYMjt_WGDVvizH15NySg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:29c0::/29
Signature Algorithm: sha256WithRSAEncryption
26:41:cf:04:e6:5e:c3:9c:c9:9d:2c:82:4f:48:06:04:2f:45:
37:ee:c5:9e:01:da:0e:1b:ef:27:1a:15:26:74:b7:6d:cf:61:
57:af:b1:4b:06:28:45:5d:de:32:ae:34:8c:b5:74:4e:65:4d:
ee:03:e5:77:92:ab:fe:09:ad:e8:23:ed:a6:bf:e6:a0:ad:f1:
ab:e5:27:c6:ff:42:0e:5a:fa:81:35:4f:13:cf:eb:28:ed:32:
e2:db:0f:9c:fd:82:11:82:e7:41:b0:b8:77:7d:50:35:5f:89:
52:b5:db:7d:00:f3:23:75:d6:2d:2c:25:da:db:4f:c4:e9:3a:
da:27:9e:c0:1b:64:04:06:60:24:9d:2b:be:89:34:7a:84:a8:
2c:83:4f:62:4a:96:a3:c9:96:cb:b0:bf:56:f9:36:94:f0:9e:
f8:56:9f:a7:6d:23:61:b4:75:af:e5:57:da:8b:27:6d:1a:75:
1d:fd:ec:dc:e5:93:f6:ed:e4:a2:19:74:e1:73:8e:70:70:31:
46:59:5e:bf:25:e6:37:73:a1:4a:c0:98:a8:8f:bd:db:85:ac:
7d:06:ea:45:19:03:ac:35:86:73:63:4e:eb:e6:cc:37:4b:fe:
9f:87:0a:1e:98:fe:d3:1e:78:ed:19:74:39:65:ac:fd:8f:84:
a1:5c:d7:62
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzI34U2blU0/CHH7kc20NKAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3ZDIzYWUyOGNkODYwYzhlZGZkNjE4MzU2ZjhiMzFmNWU0
ZGM5MjgwHhcNMjQwMTAyMDYzMjIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODNiNzA1MzAxZDFlZGVlNTEwYmJkZTc5NmRhYTlhY2FjZTBmMDAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3SVJwSmI4AG7/HWGkdsVE02WbgMp
3oDzvy6Udq7wwQX7aB9pNCbqIvhmeF16czDycyP1YNOSB8JSprL0g1bmPlavNx5o
1VdvAsatUkYAH5gqvmTdJD0s61T4HPMRLMbjetq0udRgd5dJiU1YP5FeO66bqwlH
TuI4ghxcSXwqE/w+pbtUm9r2gK1aZ1OYD1f1BDj8TgO6D7xWpzv+9rnxc/dNKoZz
UPjrYOhH1825O5Ap+LrEeZDAPJ50asWTwmRl7x5dThhQoTMafACYkOXlUXKrVCmU
4GHc5tLHTErkoOD7hzQA/ZuUdv2ek+a9TudXnjb2nWK6DIJJ7yhUG+YKKQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFCg7cFMB0e3uUQu955baqays4PACMB8GA1UdIwQY
MBaAFJfSOuKM2GDI7f1hg1b4sx9eTckoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDlJNjRvellZTWp0X1dHRFZ2aXpIMTVOeVNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC9jYTY0MWYtZGIzYS00ZjY0LWEyNWIt
Y2ZhNmE5MTQ4MWUyLzEvS0R0d1V3SFI3ZTVSQzczbmx0cXByS3pnOEFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC9jYTY0MWYtZGIzYS00ZjY0LWEyNWItY2ZhNmE5MTQ4MWUy
LzEvbDlJNjRvellZTWp0X1dHRFZ2aXpIMTVOeVNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhMpwDAN
BgkqhkiG9w0BAQsFAAOCAQEAJkHPBOZew5zJnSyCT0gGBC9FN+7FngHaDhvvJxoV
JnS3bc9hV6+xSwYoRV3eMq40jLV0TmVN7gPld5Kr/gmt6CPtpr/moK3xq+Unxv9C
Dlr6gTVPE8/rKO0y4tsPnP2CEYLnQbC4d31QNV+JUrXbfQDzI3XWLSwl2ttPxOk6
2ieewBtkBAZgJJ0rvok0eoSoLINPYkqWo8mWy7C/Vvk2lPCe+Fafp20jYbR1r+VX
2osnbRp1Hf3s3OWT9u3kohl04XOOcHAxRllevyXmN3OhSsCYqI+924WsfQbqRRkD
rDWGc2NO6+bMN0v+n4cKHpj+0x547Rl0OWWs/Y+EoVzXYg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:10 2024 by rpki-client on console-fra.rpki-client.org