Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/KPWNXhO1YZb_-uqNDOl7QjSvR6o.roa
File: KPWNXhO1YZb_-uqNDOl7QjSvR6o.roa (raw, json)
Hash identifier: h6oXQCppfx6hccsnNAFqGvaL/rgrCcN8mw6Gb5PFJ/Y=
Subject key identifier: 28:F5:8D:5E:13:B5:61:96:FF:FA:EA:8D:0C:E9:7B:42:34:AF:47:AA
Certificate issuer: /CN=206f1c32bc0a9006081d552fede67d6842921ec3
Certificate serial: 018A65CD9B29B12CC6B2E45CEAF6F403FC76
Authority key identifier: 20:6F:1C:32:BC:0A:90:06:08:1D:55:2F:ED:E6:7D:68:42:92:1E:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IG8cMrwKkAYIHVUv7eZ9aEKSHsM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/KPWNXhO1YZb_-uqNDOl7QjSvR6o.roa
Signing time: Tue 05 Sep 2023 14:44:48 +0000
ROA not before: Tue 05 Sep 2023 14:44:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208806
IP address blocks: 2a10:4741:20::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:30:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:65:cd:9b:29:b1:2c:c6:b2:e4:5c:ea:f6:f4:03:fc:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=206f1c32bc0a9006081d552fede67d6842921ec3
Validity
Not Before: Sep 5 14:44:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=28f58d5e13b56196fffaea8d0ce97b4234af47aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:13:3c:3e:4e:f9:34:fd:75:c1:00:eb:f6:c2:
30:8e:9c:24:2b:91:9f:99:b5:c8:1e:7f:47:c9:73:
d1:19:b3:ef:17:ef:bc:13:f3:e1:ed:d2:88:cf:46:
c2:22:12:da:fe:53:46:e6:91:ea:c2:73:f4:f9:d9:
91:d8:e9:7d:72:a0:bb:87:07:fb:06:7a:17:81:e0:
2c:ef:1b:be:8f:b5:cb:7a:83:f0:7b:53:6b:b3:1f:
6a:7d:76:08:90:b1:46:3c:7b:4b:6a:d0:87:67:86:
78:a0:c1:8b:38:cf:e5:59:2f:67:2e:10:0f:8f:f2:
29:32:63:58:6d:e4:f6:64:7f:f4:90:26:7b:6f:c3:
69:ed:58:9d:1f:72:31:d9:7a:21:12:b6:66:0a:83:
4d:4d:3e:b5:23:ab:cc:dc:5b:7f:7c:c8:08:87:35:
fe:ca:29:ec:80:5e:e2:55:af:a2:ef:cd:d8:54:2f:
2f:5f:5d:ca:b1:76:47:98:94:bf:23:a8:b2:70:b1:
10:c6:21:0b:6f:33:0a:16:87:be:63:4f:d5:08:26:
9a:ff:1b:2e:b9:3f:4b:a5:a4:3e:30:c4:b4:ad:26:
d3:ba:ef:52:e6:83:11:0d:b0:e8:90:e1:84:5e:5a:
ec:ea:24:50:ee:ec:6c:76:8b:c7:be:4e:81:b7:7a:
66:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:F5:8D:5E:13:B5:61:96:FF:FA:EA:8D:0C:E9:7B:42:34:AF:47:AA
X509v3 Authority Key Identifier:
keyid:20:6F:1C:32:BC:0A:90:06:08:1D:55:2F:ED:E6:7D:68:42:92:1E:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IG8cMrwKkAYIHVUv7eZ9aEKSHsM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/KPWNXhO1YZb_-uqNDOl7QjSvR6o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/IG8cMrwKkAYIHVUv7eZ9aEKSHsM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:4741:20::/48
Signature Algorithm: sha256WithRSAEncryption
04:16:ea:2a:1b:2a:f5:1a:d0:ce:9b:0d:6b:ed:f4:b3:5e:b5:
0a:50:9d:d0:e3:70:d8:3c:37:be:2d:82:81:3b:92:8f:44:39:
9b:6e:0f:7c:d3:ca:22:06:59:2a:26:e8:c7:9a:92:0f:a9:e1:
c3:53:2c:3c:87:5e:53:3a:28:d4:02:87:1e:a8:49:b4:47:31:
08:68:fe:8e:ca:da:2c:8b:0f:df:ad:ab:b0:60:ef:68:78:d4:
55:9d:aa:5a:7f:81:27:89:c2:fa:7a:f7:91:bf:c3:54:87:e6:
31:94:58:38:ba:d2:ad:1d:93:23:44:3a:90:3d:ef:95:33:a6:
f2:6c:bf:c1:94:b8:f6:7f:36:34:d2:9d:08:0b:38:6e:59:5a:
50:05:5c:44:17:39:91:61:31:dd:fe:e8:8c:e7:51:81:c2:be:
48:bf:e4:f7:04:8e:d9:7c:02:5e:76:00:a5:b1:76:09:1e:d9:
db:66:13:46:4e:1b:60:03:d0:62:1e:bd:6a:39:25:d9:59:3e:
7f:c6:ad:fb:7d:49:b4:8f:1f:06:3b:05:1c:f5:db:29:02:7f:
cd:07:98:0e:df:12:d6:90:92:8a:c3:ea:63:d0:40:e3:fc:61:
34:2f:3d:30:32:f6:78:0b:8d:f5:58:15:7b:b9:b1:9c:ee:49:
69:13:af:35
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYplzZspsSzGsuRc6vb0A/x2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwNmYxYzMyYmMwYTkwMDYwODFkNTUyZmVkZTY3ZDY4NDI5
MjFlYzMwHhcNMjMwOTA1MTQ0NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGY1OGQ1ZTEzYjU2MTk2ZmZmYWVhOGQwY2U5N2I0MjM0YWY0N2FhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoBM8Pk75NP11wQDr9sIwjpwkK5Gf
mbXIHn9HyXPRGbPvF++8E/Ph7dKIz0bCIhLa/lNG5pHqwnP0+dmR2Ol9cqC7hwf7
BnoXgeAs7xu+j7XLeoPwe1Nrsx9qfXYIkLFGPHtLatCHZ4Z4oMGLOM/lWS9nLhAP
j/IpMmNYbeT2ZH/0kCZ7b8Np7VidH3Ix2XohErZmCoNNTT61I6vM3Ft/fMgIhzX+
yinsgF7iVa+i783YVC8vX13KsXZHmJS/I6iycLEQxiELbzMKFoe+Y0/VCCaa/xsu
uT9LpaQ+MMS0rSbTuu9S5oMRDbDokOGEXlrs6iRQ7uxsdovHvk6Bt3pmWwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCj1jV4TtWGW//rqjQzpe0I0r0eqMB8GA1UdIwQY
MBaAFCBvHDK8CpAGCB1VL+3mfWhCkh7DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUc4Y01yd0trQVlJSFZVdjdlWjlhRUtTSHNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9hOTE4ODQtNmY1OC00ZGRkLTg5MzIt
YmJhODYwYjI2YzAyLzEvS1BXTlhoTzFZWmJfLXVxTkRPbDdRalN2UjZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9hOTE4ODQtNmY1OC00ZGRkLTg5MzItYmJhODYwYjI2YzAy
LzEvSUc4Y01yd0trQVlJSFZVdjdlWjlhRUtTSHNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhBHQQAg
MA0GCSqGSIb3DQEBCwUAA4IBAQAEFuoqGyr1GtDOmw1r7fSzXrUKUJ3Q43DYPDe+
LYKBO5KPRDmbbg9808oiBlkqJujHmpIPqeHDUyw8h15TOijUAoceqEm0RzEIaP6O
ytosiw/frauwYO9oeNRVnapaf4EnicL6eveRv8NUh+YxlFg4utKtHZMjRDqQPe+V
M6bybL/BlLj2fzY00p0ICzhuWVpQBVxEFzmRYTHd/uiM51GBwr5Iv+T3BI7ZfAJe
dgClsXYJHtnbZhNGThtgA9BiHr1qOSXZWT5/xq37fUm0jx8GOwUc9dspAn/NB5gO
3xLWkJKKw+pj0EDj/GE0Lz0wMvZ4C431WBV7ubGc7klpE681
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:10 2024 by rpki-client on console-fra.rpki-client.org