Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/d140fb-03ae-45d9-8ddc-e1ed9dd2a02a/1/KIwb9FjCZawEQZTZ2iKrXUz5-ao.roa
File: KIwb9FjCZawEQZTZ2iKrXUz5-ao.roa (raw, json)
Hash identifier: Kc+3DxJaa0lr2gSMNnd58iOKKcLZQzKvcBmv5nQFp5E=
Subject key identifier: 28:8C:1B:F4:58:C2:65:AC:04:41:94:D9:DA:22:AB:5D:4C:F9:F9:AA
Certificate issuer: /CN=a79bba2805a988954e4fec42570530f16f9e7093
Certificate serial: 01856BAECE021CE0A964E70B75FBA84CC599
Authority key identifier: A7:9B:BA:28:05:A9:88:95:4E:4F:EC:42:57:05:30:F1:6F:9E:70:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p5u6KAWpiJVOT-xCVwUw8W-ecJM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/d140fb-03ae-45d9-8ddc-e1ed9dd2a02a/1/KIwb9FjCZawEQZTZ2iKrXUz5-ao.roa
Signing time: Sun 01 Jan 2023 04:54:56 +0000
ROA not before: Sun 01 Jan 2023 04:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20446
IP address blocks: 2001:4de0:2310:1::/64 maxlen: 64
2001:4de0:ac12::/48 maxlen: 48
2001:4de0:ac18::/48 maxlen: 48
2001:4de0:ac10::/48 maxlen: 48
2001:4de0:ac19::/48 maxlen: 48
2001:4de0:ac11::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:ae:ce:02:1c:e0:a9:64:e7:0b:75:fb:a8:4c:c5:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a79bba2805a988954e4fec42570530f16f9e7093
Validity
Not Before: Jan 1 04:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=288c1bf458c265ac044194d9da22ab5d4cf9f9aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:7c:4f:5e:ff:ac:3f:92:a5:ba:31:9c:df:3d:
4f:c2:e1:0a:27:7d:06:88:ae:3a:95:55:77:16:be:
93:b8:03:61:41:fe:2c:31:2b:99:f0:0a:dc:82:97:
75:49:00:11:c7:90:42:69:7c:de:1a:53:36:4f:33:
a5:89:f8:7d:6a:b2:05:89:16:1e:a5:d6:0d:97:10:
08:4e:97:d3:4b:52:b7:c8:0c:f2:9b:22:65:1b:cc:
51:4f:2b:40:da:74:49:98:b8:8c:8a:aa:4a:83:f7:
37:20:1a:9e:4b:60:81:44:84:a6:8a:20:eb:da:26:
c7:8b:86:a3:e3:2b:a9:2d:e2:9b:9b:8c:50:27:04:
7a:76:fa:3d:29:51:08:d6:49:93:23:d4:c2:6a:30:
3b:11:cf:89:1b:96:ce:f5:17:82:3b:80:7e:ee:16:
55:18:75:67:ee:c1:2d:bb:99:05:c3:f6:ab:bd:74:
86:c2:33:dd:8b:52:c5:64:5e:1c:b6:bf:de:9d:7d:
51:07:cc:ab:40:80:29:be:b0:02:8b:57:9a:8b:79:
8e:4e:72:d6:9c:b2:48:e1:55:93:7a:d8:8f:6a:aa:
50:fa:12:99:19:7e:09:aa:28:d9:fe:1f:df:06:55:
c9:c4:51:78:78:ed:84:e8:3d:fd:5d:ac:c2:5f:3b:
d3:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:8C:1B:F4:58:C2:65:AC:04:41:94:D9:DA:22:AB:5D:4C:F9:F9:AA
X509v3 Authority Key Identifier:
keyid:A7:9B:BA:28:05:A9:88:95:4E:4F:EC:42:57:05:30:F1:6F:9E:70:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p5u6KAWpiJVOT-xCVwUw8W-ecJM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/d140fb-03ae-45d9-8ddc-e1ed9dd2a02a/1/KIwb9FjCZawEQZTZ2iKrXUz5-ao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/d140fb-03ae-45d9-8ddc-e1ed9dd2a02a/1/p5u6KAWpiJVOT-xCVwUw8W-ecJM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:4de0:2310:1::/64
2001:4de0:ac10::-2001:4de0:ac12:ffff:ffff:ffff:ffff:ffff
2001:4de0:ac18::/47
Signature Algorithm: sha256WithRSAEncryption
ae:e6:c2:fc:73:d6:7b:20:38:b2:b6:5e:ed:d0:1c:63:5a:de:
d4:f7:ae:52:23:c7:e0:42:bb:b1:c5:7b:7f:de:48:9a:49:7a:
fe:23:bd:a8:98:a4:ba:2e:98:8c:88:de:dd:b7:7a:ee:a0:b2:
c3:07:16:c0:86:a4:99:7d:35:65:45:86:76:87:cb:b3:e3:89:
3f:45:14:a6:92:5a:6b:98:94:bc:48:6d:2a:8f:ac:02:82:6c:
9d:31:70:28:4d:b9:ca:21:b5:53:b8:b4:1d:ea:aa:1b:7b:de:
95:fd:80:e0:67:49:eb:0c:df:1b:23:f5:98:fb:ae:02:4f:36:
84:d8:28:27:3e:70:19:84:ef:f6:88:85:5e:ea:47:bc:a1:e8:
fa:10:05:c0:af:40:c7:28:bc:14:a4:f4:32:d8:a9:02:b2:d4:
af:eb:32:24:54:a4:29:17:92:10:3f:9a:29:6b:45:6c:a2:a5:
f0:52:5a:dd:9f:d9:84:02:a3:92:cc:47:82:d7:4c:17:93:28:
8c:b4:a8:4b:3c:b5:62:ee:2f:12:84:3c:02:2e:c4:7f:5d:ce:
a0:d6:ac:f5:a8:40:eb:75:c0:dd:34:26:57:6e:2c:5c:e2:e4:
c0:25:6b:27:35:96:b3:bf:4a:51:a7:bf:b0:ad:ae:12:11:5e:
0f:68:5f:5a
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYVrrs4CHOCpZOcLdfuoTMWZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3OWJiYTI4MDVhOTg4OTU0ZTRmZWM0MjU3MDUzMGYxNmY5
ZTcwOTMwHhcNMjMwMTAxMDQ1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODhjMWJmNDU4YzI2NWFjMDQ0MTk0ZDlkYTIyYWI1ZDRjZjlmOWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm3xPXv+sP5KlujGc3z1PwuEKJ30G
iK46lVV3Fr6TuANhQf4sMSuZ8Arcgpd1SQARx5BCaXzeGlM2TzOlifh9arIFiRYe
pdYNlxAITpfTS1K3yAzymyJlG8xRTytA2nRJmLiMiqpKg/c3IBqeS2CBRISmiiDr
2ibHi4aj4yupLeKbm4xQJwR6dvo9KVEI1kmTI9TCajA7Ec+JG5bO9ReCO4B+7hZV
GHVn7sEtu5kFw/arvXSGwjPdi1LFZF4ctr/enX1RB8yrQIApvrACi1eai3mOTnLW
nLJI4VWTetiPaqpQ+hKZGX4JqijZ/h/fBlXJxFF4eO2E6D39XazCXzvTwwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFCiMG/RYwmWsBEGU2doiq11M+fmqMB8GA1UdIwQY
MBaAFKebuigFqYiVTk/sQlcFMPFvnnCTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDV1NktBV3BpSlZPVC14Q1Z3VXc4Vy1lY0pNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9kMTQwZmItMDNhZS00NWQ5LThkZGMt
ZTFlZDlkZDJhMDJhLzEvS0l3YjlGakNaYXdFUVpUWjJpS3JYVXo1LWFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9kMTQwZmItMDNhZS00NWQ5LThkZGMtZTFlZDlkZDJhMDJh
LzEvcDV1NktBV3BpSlZPVC14Q1Z3VXc4Vy1lY0pNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAAjAoAwkAIAFN4CMQ
AAEwEgMHBCABTeCsEAMHACABTeCsEgMHASABTeCsGDANBgkqhkiG9w0BAQsFAAOC
AQEArubC/HPWeyA4srZe7dAcY1re1PeuUiPH4EK7scV7f95Imkl6/iO9qJikui6Y
jIje3bd67qCywwcWwIakmX01ZUWGdofLs+OJP0UUppJaa5iUvEhtKo+sAoJsnTFw
KE25yiG1U7i0HeqqG3velf2A4GdJ6wzfGyP1mPuuAk82hNgoJz5wGYTv9oiFXupH
vKHo+hAFwK9Axyi8FKT0MtipArLUr+syJFSkKReSED+aKWtFbKKl8FJa3Z/ZhAKj
ksxHgtdMF5MojLSoSzy1Yu4vEoQ8Ai7Ef13OoNas9ahA63XA3TQmV24sXOLkwCVr
JzWWs79KUae/sK2uEhFeD2hfWg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:51 2024 by rpki-client on console-fra.rpki-client.org