Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/a28ca6-af2f-40cd-b549-7eead1461a54/1/KIwFNCAnXgoVFRfBAU59iHMfY4U.roa
File: KIwFNCAnXgoVFRfBAU59iHMfY4U.roa (raw, json)
Hash identifier: rICa7CFLLIBCQ+l+48wnNLlv0fHbtO1IwKETXP62SVQ=
Subject key identifier: 28:8C:05:34:20:27:5E:0A:15:15:17:C1:01:4E:7D:88:73:1F:63:85
Certificate issuer: /CN=99b8fd292c8a1b896b8752344a3da92378f2ae5a
Certificate serial: 018EC6B924D738B93EE5821EE9D3CA808D13
Authority key identifier: 99:B8:FD:29:2C:8A:1B:89:6B:87:52:34:4A:3D:A9:23:78:F2:AE:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mbj9KSyKG4lrh1I0Sj2pI3jyrlo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/a28ca6-af2f-40cd-b549-7eead1461a54/1/KIwFNCAnXgoVFRfBAU59iHMfY4U.roa
Signing time: Wed 10 Apr 2024 06:36:46 +0000
ROA not before: Wed 10 Apr 2024 06:36:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 2a07:5900::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 13 Apr 2024 10:45:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c6:b9:24:d7:38:b9:3e:e5:82:1e:e9:d3:ca:80:8d:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99b8fd292c8a1b896b8752344a3da92378f2ae5a
Validity
Not Before: Apr 10 06:36:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=288c053420275e0a151517c1014e7d88731f6385
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:7a:d6:f8:bb:1d:5a:d5:a0:5f:28:38:27:4d:
e5:6c:40:b7:37:12:d4:c1:4e:67:f2:51:fe:77:f0:
5b:6b:20:a5:8c:d6:36:34:2e:54:68:eb:af:a9:5a:
03:ce:38:8d:f5:d4:2b:d0:1e:73:e8:44:8e:de:f9:
b7:34:98:52:ec:c0:57:dd:0b:7f:a7:93:98:d1:44:
b7:66:3e:b0:a6:92:06:81:3e:3f:9a:32:8c:fd:80:
84:40:73:f4:f0:ff:a1:a1:fd:30:f4:46:b4:73:eb:
f3:ad:35:fc:d5:85:97:70:58:39:b9:21:77:8f:82:
c5:02:f7:13:c7:44:ed:3f:bb:a1:78:27:12:8b:ae:
25:fb:5c:6b:38:24:04:e3:da:49:de:ea:9a:bd:02:
bc:38:72:25:e6:8d:b7:a0:df:60:c8:67:28:80:54:
83:a9:55:d5:d1:40:1c:5b:95:62:6c:0d:4d:02:5d:
98:af:54:5c:dd:ca:5d:8b:7a:3e:4a:54:e5:0d:b4:
1d:b6:69:ff:d6:b7:d8:13:9a:d2:be:65:cf:a9:74:
64:06:39:b6:c9:73:49:d8:98:c7:d5:ee:7b:be:a1:
64:20:02:1f:de:01:a7:5b:4a:c8:43:f4:f0:42:c1:
ce:80:3d:2c:55:cf:6e:e3:0e:c8:a7:d4:26:f6:2b:
b0:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:8C:05:34:20:27:5E:0A:15:15:17:C1:01:4E:7D:88:73:1F:63:85
X509v3 Authority Key Identifier:
keyid:99:B8:FD:29:2C:8A:1B:89:6B:87:52:34:4A:3D:A9:23:78:F2:AE:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mbj9KSyKG4lrh1I0Sj2pI3jyrlo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/a28ca6-af2f-40cd-b549-7eead1461a54/1/KIwFNCAnXgoVFRfBAU59iHMfY4U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/a28ca6-af2f-40cd-b549-7eead1461a54/1/mbj9KSyKG4lrh1I0Sj2pI3jyrlo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:5900::/29
Signature Algorithm: sha256WithRSAEncryption
86:af:24:a2:f6:bb:01:fe:57:38:97:9c:81:89:b7:5e:8b:07:
5c:ee:5e:0c:a4:69:e1:2d:e8:3b:8e:70:3b:84:37:55:de:fe:
4c:ad:59:ec:5a:fc:ca:74:63:03:22:b8:6d:d1:d3:2c:19:14:
d9:cd:c9:17:4d:ae:11:7d:b5:8c:97:8e:34:49:97:ee:00:ab:
f6:8b:53:7e:2a:41:00:a7:ff:74:27:da:73:1e:ee:47:41:59:
c7:c5:d9:0a:fa:e9:aa:ab:a7:13:3a:cb:94:8d:a6:39:8d:53:
72:81:d6:fb:47:2d:20:cf:71:eb:cd:9b:90:ec:2a:12:03:20:
9e:ad:e0:2c:fb:66:db:88:ea:f7:c4:69:18:e0:ab:cc:6e:9e:
00:44:21:12:09:ba:31:19:81:33:73:1d:52:4f:cc:b9:08:b5:
30:b6:1b:e5:58:77:96:05:15:5e:c1:f2:cc:3d:a0:b3:54:1e:
f7:61:c6:5d:52:30:c5:89:21:53:ad:84:92:d5:6a:34:b1:d0:
c8:0d:ba:c0:13:5e:51:9a:52:c0:04:ac:7f:36:65:7c:9c:51:
1d:c6:be:d8:f5:81:f9:99:c5:3e:15:45:e8:ab:9b:e6:45:42:
eb:3e:ab:5c:e5:03:7a:5d:cc:34:b0:00:37:38:17:19:2a:96:
77:d2:35:8e
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY7GuSTXOLk+5YIe6dPKgI0TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5YjhmZDI5MmM4YTFiODk2Yjg3NTIzNDRhM2RhOTIzNzhm
MmFlNWEwHhcNMjQwNDEwMDYzNjQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODhjMDUzNDIwMjc1ZTBhMTUxNTE3YzEwMTRlN2Q4ODczMWY2Mzg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjnrW+LsdWtWgXyg4J03lbEC3NxLU
wU5n8lH+d/BbayCljNY2NC5UaOuvqVoDzjiN9dQr0B5z6ESO3vm3NJhS7MBX3Qt/
p5OY0US3Zj6wppIGgT4/mjKM/YCEQHP08P+hof0w9Ea0c+vzrTX81YWXcFg5uSF3
j4LFAvcTx0TtP7uheCcSi64l+1xrOCQE49pJ3uqavQK8OHIl5o23oN9gyGcogFSD
qVXV0UAcW5VibA1NAl2Yr1Rc3cpdi3o+SlTlDbQdtmn/1rfYE5rSvmXPqXRkBjm2
yXNJ2JjH1e57vqFkIAIf3gGnW0rIQ/TwQsHOgD0sVc9u4w7Ip9Qm9iuw8wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFCiMBTQgJ14KFRUXwQFOfYhzH2OFMB8GA1UdIwQY
MBaAFJm4/SksihuJa4dSNEo9qSN48q5aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWJqOUtTeUtHNGxyaDFJMFNqMnBJM2p5cmxvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9hMjhjYTYtYWYyZi00MGNkLWI1NDkt
N2VlYWQxNDYxYTU0LzEvS0l3Rk5DQW5YZ29WRlJmQkFVNTlpSE1mWTRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9hMjhjYTYtYWYyZi00MGNkLWI1NDktN2VlYWQxNDYxYTU0
LzEvbWJqOUtTeUtHNGxyaDFJMFNqMnBJM2p5cmxvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgdZADAN
BgkqhkiG9w0BAQsFAAOCAQEAhq8kova7Af5XOJecgYm3XosHXO5eDKRp4S3oO45w
O4Q3Vd7+TK1Z7Fr8ynRjAyK4bdHTLBkU2c3JF02uEX21jJeONEmX7gCr9otTfipB
AKf/dCfacx7uR0FZx8XZCvrpqqunEzrLlI2mOY1TcoHW+0ctIM9x682bkOwqEgMg
nq3gLPtm24jq98RpGOCrzG6eAEQhEgm6MRmBM3MdUk/MuQi1MLYb5Vh3lgUVXsHy
zD2gs1Qe92HGXVIwxYkhU62EktVqNLHQyA26wBNeUZpSwASsfzZlfJxRHca+2PWB
+ZnFPhVF6Kub5kVC6z6rXOUDel3MNLAANzgXGSqWd9I1jg==
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:53:30 2025 by rpki-client