Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/f651c1-02d6-448a-acad-14c590fec7e3/1/KK0omUhudn0uW7sikyE1pL6q3bk.roa
File: KK0omUhudn0uW7sikyE1pL6q3bk.roa (raw, json)
Hash identifier: hA/f0H9V0Qq17DBhGTU4rPJsx6NgIu3lrG0Ya36Oro4=
Subject key identifier: 28:AD:28:99:48:6E:76:7D:2E:5B:BB:22:93:21:35:A4:BE:AA:DD:B9
Certificate issuer: /CN=a35c5443ae203f647ee306b9ef72dac50b5df514
Certificate serial: 01856E267003DE4617EF73E80E8636DF14B1
Authority key identifier: A3:5C:54:43:AE:20:3F:64:7E:E3:06:B9:EF:72:DA:C5:0B:5D:F5:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o1xUQ64gP2R-4wa573LaxQtd9RQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/f651c1-02d6-448a-acad-14c590fec7e3/1/KK0omUhudn0uW7sikyE1pL6q3bk.roa
Signing time: Sun 01 Jan 2023 16:24:50 +0000
ROA not before: Sun 01 Jan 2023 16:24:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39729
IP address blocks: 81.88.48.0/20 maxlen: 24
2a01:8100::/29 maxlen: 48
2a01:8100:2000::/36 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:26:70:03:de:46:17:ef:73:e8:0e:86:36:df:14:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a35c5443ae203f647ee306b9ef72dac50b5df514
Validity
Not Before: Jan 1 16:24:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=28ad2899486e767d2e5bbb22932135a4beaaddb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:38:c3:20:57:80:18:f1:0c:c8:10:c9:72:3a:
7d:6e:8e:f6:ef:4a:3e:ff:33:e0:28:e0:91:5f:41:
45:19:98:ef:44:af:51:62:6f:bb:de:f8:cc:c5:32:
fa:f8:3b:3e:f1:be:1c:7e:06:fe:3f:33:b5:22:8e:
63:b8:87:5c:b8:a9:e9:6d:44:19:47:29:cc:1c:8b:
0b:aa:bf:58:82:e8:1d:e2:45:ab:6b:cd:ae:7c:b1:
fe:c7:b3:95:bb:d2:66:37:af:94:7f:e5:d7:e5:99:
41:ca:7f:c6:26:4d:2d:39:b6:aa:f1:3d:52:82:bf:
e8:e9:d4:b9:4d:a5:eb:55:25:c7:f2:cb:22:a0:41:
99:bc:4d:80:03:bf:d4:6e:e8:7b:fd:c8:1d:d4:6e:
2e:61:73:3b:9e:f5:1b:75:42:bd:da:ef:d4:20:72:
41:75:bd:dc:84:b5:3c:29:a8:17:0d:83:6b:46:cd:
90:68:88:fd:3d:bd:db:ad:34:6e:82:6c:7d:09:bc:
f1:7f:ba:d1:bd:40:9e:b9:85:f8:5c:35:f9:c7:ee:
fd:03:89:bc:54:fa:c0:41:b8:84:05:37:3f:7d:d8:
6d:3d:39:f8:a5:73:74:fe:00:a2:74:a9:cd:28:7c:
b3:ff:18:48:c7:b8:49:86:2d:c2:cd:f5:82:9e:64:
96:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:AD:28:99:48:6E:76:7D:2E:5B:BB:22:93:21:35:A4:BE:AA:DD:B9
X509v3 Authority Key Identifier:
keyid:A3:5C:54:43:AE:20:3F:64:7E:E3:06:B9:EF:72:DA:C5:0B:5D:F5:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o1xUQ64gP2R-4wa573LaxQtd9RQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/f651c1-02d6-448a-acad-14c590fec7e3/1/KK0omUhudn0uW7sikyE1pL6q3bk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/f651c1-02d6-448a-acad-14c590fec7e3/1/o1xUQ64gP2R-4wa573LaxQtd9RQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.88.48.0/20
IPv6:
2a01:8100::/29
Signature Algorithm: sha256WithRSAEncryption
69:e0:89:97:c6:27:fe:5f:5c:a5:83:9a:89:05:90:8d:eb:69:
55:aa:4f:64:f8:33:68:66:b3:76:16:9c:1b:56:98:8b:91:8f:
1b:f1:6e:fd:ee:99:95:38:2d:35:15:fd:05:d6:a5:2d:2b:b8:
68:ee:6f:55:e3:5b:e5:f0:d1:a6:1c:4f:14:aa:38:5b:ee:db:
19:b7:b2:ef:8f:bd:60:7e:64:7d:bf:fd:ff:16:b3:97:c6:73:
0a:f1:ad:a5:d6:0a:3f:94:7d:2c:d6:ff:d5:dd:e8:8b:f5:ff:
a9:8c:a1:26:34:84:50:3d:0d:98:f6:b6:a2:7c:b1:ec:d7:79:
5c:46:85:95:9f:48:e2:a1:8b:fb:b5:b1:41:01:7d:13:75:4b:
cf:bc:aa:5a:f4:46:5d:55:bf:1e:4d:a5:21:9d:0f:07:ff:db:
3f:5e:c2:3a:9a:60:be:43:93:ea:1d:d9:af:4d:8d:0c:1e:30:
ba:65:45:85:f4:9c:d9:ef:09:3c:4d:4f:b7:13:92:91:21:0d:
61:7f:0d:04:7a:e6:c2:c8:10:25:9b:99:26:2d:a7:d2:51:26:
86:bf:42:1a:0b:de:a8:13:5d:80:ab:cd:73:1b:e5:b5:cb:67:
84:fb:92:73:2d:a9:e7:f0:60:32:10:5a:c2:c6:c4:e3:fe:1e:
06:88:fd:fa
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVuJnAD3kYX73PoDoY23xSxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNWM1NDQzYWUyMDNmNjQ3ZWUzMDZiOWVmNzJkYWM1MGI1
ZGY1MTQwHhcNMjMwMTAxMTYyNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGFkMjg5OTQ4NmU3NjdkMmU1YmJiMjI5MzIxMzVhNGJlYWFkZGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAljjDIFeAGPEMyBDJcjp9bo7270o+
/zPgKOCRX0FFGZjvRK9RYm+73vjMxTL6+Ds+8b4cfgb+PzO1Io5juIdcuKnpbUQZ
RynMHIsLqr9Ygugd4kWra82ufLH+x7OVu9JmN6+Uf+XX5ZlByn/GJk0tObaq8T1S
gr/o6dS5TaXrVSXH8ssioEGZvE2AA7/Ubuh7/cgd1G4uYXM7nvUbdUK92u/UIHJB
db3chLU8KagXDYNrRs2QaIj9Pb3brTRugmx9Cbzxf7rRvUCeuYX4XDX5x+79A4m8
VPrAQbiEBTc/fdhtPTn4pXN0/gCidKnNKHyz/xhIx7hJhi3CzfWCnmSWXwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCitKJlIbnZ9Llu7IpMhNaS+qt25MB8GA1UdIwQY
MBaAFKNcVEOuID9kfuMGue9y2sULXfUUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzF4VVE2NGdQMlItNHdhNTczTGF4UXRkOVJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9mNjUxYzEtMDJkNi00NDhhLWFjYWQt
MTRjNTkwZmVjN2UzLzEvS0swb21VaHVkbjB1VzdzaWt5RTFwTDZxM2JrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi9mNjUxYzEtMDJkNi00NDhhLWFjYWQtMTRjNTkwZmVjN2Uz
LzEvbzF4VVE2NGdQMlItNHdhNTczTGF4UXRkOVJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQEUVgwMA0E
AgACMAcDBQMqAYEAMA0GCSqGSIb3DQEBCwUAA4IBAQBp4ImXxif+X1ylg5qJBZCN
62lVqk9k+DNoZrN2FpwbVpiLkY8b8W797pmVOC01Ff0F1qUtK7ho7m9V41vl8NGm
HE8Uqjhb7tsZt7Lvj71gfmR9v/3/FrOXxnMK8a2l1go/lH0s1v/V3eiL9f+pjKEm
NIRQPQ2Y9raifLHs13lcRoWVn0jioYv7tbFBAX0TdUvPvKpa9EZdVb8eTaUhnQ8H
/9s/XsI6mmC+Q5PqHdmvTY0MHjC6ZUWF9JzZ7wk8TU+3E5KRIQ1hfw0EeubCyBAl
m5kmLafSUSaGv0IaC96oE12Aq81zG+W1y2eE+5JzLann8GAyEFrCxsTj/h4GiP36
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:04 2024 by rpki-client on console-ams.rpki-client.org