Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/KKeNIXxDFa4DxzXSggLOyKw6fpE.roa
File: KKeNIXxDFa4DxzXSggLOyKw6fpE.roa (raw, json)
Hash identifier: J+GlZxAnTvhMIMRZl6Opoy/nlctTji29Ojv5zcH9CyQ=
Subject key identifier: 28:A7:8D:21:7C:43:15:AE:03:C7:35:D2:82:02:CE:C8:AC:3A:7E:91
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D81F0B5AE925D54C643C7CB821CDF1A1C
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/KKeNIXxDFa4DxzXSggLOyKw6fpE.roa
Signing time: Wed 07 Feb 2024 05:00:52 +0000
ROA not before: Wed 07 Feb 2024 05:00:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215748
IP address blocks: 2a0f:b241:151::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 27 Mar 2024 01:36:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:81:f0:b5:ae:92:5d:54:c6:43:c7:cb:82:1c:df:1a:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 7 05:00:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=28a78d217c4315ae03c735d28202cec8ac3a7e91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:5e:b9:55:24:eb:6a:e3:64:a9:c0:9b:a3:3d:
02:c9:ec:d7:fb:60:98:b6:9c:ce:46:7b:d5:5a:b9:
ca:df:8c:d6:44:d0:e1:f2:4a:f9:ce:a5:e6:f6:9a:
c9:ce:6c:6a:d2:f8:71:81:84:53:5d:ae:7f:72:2d:
24:f1:c1:e5:79:d4:0c:13:d6:db:3d:ed:a6:ad:24:
42:f6:26:c8:b0:ec:76:b6:32:29:c9:6b:e7:c1:b9:
ac:49:5f:b5:e7:0b:56:1d:ad:28:69:4e:92:93:c3:
62:4d:3c:f0:65:54:14:97:85:88:c2:9b:09:a0:27:
6c:1c:b1:18:0c:a9:85:d1:d0:73:51:96:b2:eb:36:
c8:4f:e5:ea:5d:ad:cf:7d:04:81:9a:93:1b:5c:b1:
bb:ee:d6:37:43:bd:99:d8:3f:fb:f6:62:15:f2:3b:
b0:0b:0c:36:46:5e:ea:94:ca:db:32:d8:c3:a4:35:
db:c8:da:a2:1c:49:38:91:12:1a:99:f5:de:0d:4c:
e4:f2:63:22:38:30:b9:86:f0:79:c4:06:81:51:6c:
30:7d:8a:7c:f1:bb:37:76:dc:1c:0c:89:f8:0e:66:
f4:25:15:7a:ca:2a:6b:45:73:17:6e:f3:6d:e9:c2:
18:f1:32:21:a0:08:56:5b:2c:74:f1:d1:66:b7:a7:
d6:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:A7:8D:21:7C:43:15:AE:03:C7:35:D2:82:02:CE:C8:AC:3A:7E:91
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/KKeNIXxDFa4DxzXSggLOyKw6fpE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:151::/48
Signature Algorithm: sha256WithRSAEncryption
89:6c:60:97:92:82:05:2f:69:49:7b:b2:28:d5:9d:3e:a2:f2:
53:18:cd:4f:d4:c1:e8:03:7a:96:b4:0f:53:84:d8:cd:7d:2c:
d6:5b:5a:74:24:8a:c0:f4:25:9a:0c:4d:33:a5:8b:a3:92:91:
6b:57:03:9a:47:8d:e7:de:43:dc:c8:f7:84:82:82:d1:67:3a:
2c:47:09:bf:dd:2b:3e:8e:c6:b4:58:17:93:51:cc:33:ce:9e:
cf:54:d0:81:07:ef:09:82:12:fe:eb:32:d5:f0:87:c8:de:a2:
8a:48:fb:0b:89:ea:93:38:02:9c:6e:0f:dd:c9:7d:42:9f:bc:
86:a7:ca:65:c2:94:ea:a6:46:cb:a3:1d:96:8a:d8:2f:b4:d2:
8b:27:a3:ab:29:85:04:05:32:0b:84:87:ea:68:43:9d:d1:5c:
97:fd:51:98:e8:fe:fc:07:53:44:dc:3d:30:95:9e:18:6e:bf:
15:24:78:62:f1:9f:7f:b7:e7:67:da:84:bc:71:07:86:17:5f:
1c:33:98:eb:66:eb:cc:36:34:cd:ca:b3:5d:44:2a:cc:37:a0:
f1:85:91:3b:22:30:c7:e7:a1:93:77:9a:b9:26:69:02:93:cf:
e8:4b:da:78:4d:df:40:78:3a:3b:a1:a8:7c:8e:2d:c6:a1:39:
99:29:fc:be
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY2B8LWukl1UxkPHy4Ic3xocMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA3MDUwMDUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGE3OGQyMTdjNDMxNWFlMDNjNzM1ZDI4MjAyY2VjOGFjM2E3ZTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhV65VSTrauNkqcCboz0CyezX+2CY
tpzORnvVWrnK34zWRNDh8kr5zqXm9prJzmxq0vhxgYRTXa5/ci0k8cHledQME9bb
Pe2mrSRC9ibIsOx2tjIpyWvnwbmsSV+15wtWHa0oaU6Sk8NiTTzwZVQUl4WIwpsJ
oCdsHLEYDKmF0dBzUZay6zbIT+XqXa3PfQSBmpMbXLG77tY3Q72Z2D/79mIV8juw
Cww2Rl7qlMrbMtjDpDXbyNqiHEk4kRIamfXeDUzk8mMiODC5hvB5xAaBUWwwfYp8
8bs3dtwcDIn4Dmb0JRV6yiprRXMXbvNt6cIY8TIhoAhWWyx08dFmt6fW+QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCinjSF8QxWuA8c10oICzsisOn6RMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvS0tlTklYeERGYTREeHpYU2dnTE95S3c2ZnBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQFR
MA0GCSqGSIb3DQEBCwUAA4IBAQCJbGCXkoIFL2lJe7Io1Z0+ovJTGM1P1MHoA3qW
tA9ThNjNfSzWW1p0JIrA9CWaDE0zpYujkpFrVwOaR43n3kPcyPeEgoLRZzosRwm/
3Ss+jsa0WBeTUcwzzp7PVNCBB+8JghL+6zLV8IfI3qKKSPsLieqTOAKcbg/dyX1C
n7yGp8plwpTqpkbLox2WitgvtNKLJ6OrKYUEBTILhIfqaEOd0VyX/VGY6P78B1NE
3D0wlZ4Ybr8VJHhi8Z9/t+dn2oS8cQeGF18cM5jrZuvMNjTNyrNdRCrMN6DxhZE7
IjDH56GTd5q5JmkCk8/oS9p4Td9AeDo7oah8ji3GoTmZKfy+
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:08 2024 by rpki-client on console-ams.rpki-client.org