Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/kaSKcPFNUqqDOrX75mE5-XkHbZM.roa
File: kaSKcPFNUqqDOrX75mE5-XkHbZM.roa (raw, json)
Hash identifier: bx4I8wXCbYCvfXc05mPMnc6iVw21zzuU7zkimJawXLU=
Subject key identifier: 91:A4:8A:70:F1:4D:52:AA:83:3A:B5:FB:E6:61:39:F9:79:07:6D:93
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 018CC8DFA69FEFFAF11C79DBA168604B7D91
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/kaSKcPFNUqqDOrX75mE5-XkHbZM.roa
Signing time: Tue 02 Jan 2024 06:32:29 +0000
ROA not before: Tue 02 Jan 2024 06:32:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202436
IP address blocks: 2a0e:d601:7220::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 30 May 2024 08:39:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:a6:9f:ef:fa:f1:1c:79:db:a1:68:60:4b:7d:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jan 2 06:32:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=91a48a70f14d52aa833ab5fbe66139f979076d93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:85:a7:bc:85:a7:5a:d5:ae:06:81:f1:51:2b:
2c:ae:0d:9c:6e:20:03:3e:c0:b9:a4:84:22:27:34:
30:0f:66:7b:68:f3:7c:a4:5e:a9:27:85:22:9c:36:
66:ca:8a:f2:14:12:a0:c0:37:96:51:6c:40:89:6e:
f3:c3:49:ba:fc:18:18:34:74:df:3e:5e:01:53:99:
49:2b:ac:5d:36:3f:71:18:ee:06:60:a4:74:3f:86:
c3:a7:2e:37:85:06:72:7d:c5:c2:4c:f5:3c:64:0c:
fb:b6:f6:af:c6:e7:ae:47:38:25:a2:57:57:92:d8:
69:a4:2a:37:26:76:ac:a8:4b:a0:4b:6d:f0:e7:79:
66:ae:bf:ff:80:d3:74:a4:bf:90:56:e9:99:0d:7c:
31:d1:b6:0c:ba:6b:5a:e4:e7:ec:1d:fd:33:f5:19:
4f:f9:b6:02:88:cc:e7:b9:bf:e7:7b:b8:d0:56:7e:
73:e7:c4:38:6a:aa:4d:71:70:a8:6c:32:00:8f:2f:
4c:01:bd:20:e4:e7:10:25:46:49:af:de:a9:de:9a:
d7:c3:44:8b:1b:33:ee:41:98:9a:a7:10:f7:f0:40:
fc:96:96:91:d0:2e:e5:8e:cc:d9:3d:d3:63:cc:00:
ec:39:35:72:19:bb:71:ce:4f:53:a9:5f:ca:c8:c7:
42:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:A4:8A:70:F1:4D:52:AA:83:3A:B5:FB:E6:61:39:F9:79:07:6D:93
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/kaSKcPFNUqqDOrX75mE5-XkHbZM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:d601:7220::/48
Signature Algorithm: sha256WithRSAEncryption
98:e5:50:65:c9:f5:7c:01:54:39:ad:a6:30:54:dc:7f:2a:2f:
f8:75:24:13:77:4f:db:21:ac:26:e0:ce:fd:41:84:31:8d:11:
b5:04:5a:46:ca:7d:27:cf:83:10:65:93:78:54:4c:2c:e5:1c:
cf:03:e8:b8:8f:17:a9:90:4e:8d:f1:7a:af:b5:5a:a8:32:be:
03:ac:2b:53:1e:17:a5:a0:e0:84:f1:05:d8:03:6e:3c:b2:5f:
3f:c2:33:cf:56:22:48:33:f9:ee:0b:45:98:a8:69:df:21:1e:
06:d3:cf:0f:7c:97:bf:64:1f:95:88:c3:db:6e:0e:cc:fa:cf:
f7:50:b7:65:11:96:85:ca:2a:91:ca:de:fb:9e:16:62:51:7b:
89:e0:fa:f4:03:11:d3:3b:cf:b2:8a:d8:3a:59:d7:91:f8:18:
0e:5f:ec:c8:74:b2:0d:4d:6c:c3:8b:1e:42:29:7e:f3:4d:46:
c8:74:a1:12:db:1b:83:95:eb:f2:76:b7:f5:93:e7:0e:a4:f9:
6b:0a:15:e6:d8:6f:a0:d1:c0:03:0f:b8:bf:98:08:dc:db:3f:
3a:93:6c:dc:03:02:f2:80:e6:d6:c3:9e:0f:f8:33:60:7b:93:
2a:1a:9e:a0:f9:ae:43:d9:8e:11:e2:aa:08:da:ea:63:05:33:
33:bf:c7:66
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzI36af7/rxHHnboWhgS32RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjQwMTAyMDYzMjI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWE0OGE3MGYxNGQ1MmFhODMzYWI1ZmJlNjYxMzlmOTc5MDc2ZDkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgIWnvIWnWtWuBoHxUSssrg2cbiAD
PsC5pIQiJzQwD2Z7aPN8pF6pJ4UinDZmyoryFBKgwDeWUWxAiW7zw0m6/BgYNHTf
Pl4BU5lJK6xdNj9xGO4GYKR0P4bDpy43hQZyfcXCTPU8ZAz7tvavxueuRzgloldX
kthppCo3JnasqEugS23w53lmrr//gNN0pL+QVumZDXwx0bYMumta5OfsHf0z9RlP
+bYCiMznub/ne7jQVn5z58Q4aqpNcXCobDIAjy9MAb0g5OcQJUZJr96p3prXw0SL
GzPuQZiapxD38ED8lpaR0C7ljszZPdNjzADsOTVyGbtxzk9TqV/KyMdCSwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJGkinDxTVKqgzq1++ZhOfl5B22TMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEva2FTS2NQRk5VcXFET3JYNzVtRTUtWGtIYlpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg7WAXIg
MA0GCSqGSIb3DQEBCwUAA4IBAQCY5VBlyfV8AVQ5raYwVNx/Ki/4dSQTd0/bIawm
4M79QYQxjRG1BFpGyn0nz4MQZZN4VEws5RzPA+i4jxepkE6N8XqvtVqoMr4DrCtT
HheloOCE8QXYA248sl8/wjPPViJIM/nuC0WYqGnfIR4G088PfJe/ZB+ViMPbbg7M
+s/3ULdlEZaFyiqRyt77nhZiUXuJ4Pr0AxHTO8+yitg6WdeR+BgOX+zIdLINTWzD
ix5CKX7zTUbIdKES2xuDlevydrf1k+cOpPlrChXm2G+g0cADD7i/mAjc2z86k2zc
AwLygObWw54P+DNge5MqGp6g+a5D2Y4R4qoI2upjBTMzv8dm
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:10 2024 by rpki-client on console-ams.rpki-client.org