Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/KkCbS6wpEzqBwm-kiLQOwTsGa3M.roa
File: KkCbS6wpEzqBwm-kiLQOwTsGa3M.roa (raw, json)
Hash identifier: /rN1ctg+3NjRnzpyOqOvEnsrhdf32DZOeMSReR7Ql4k=
Subject key identifier: 2A:40:9B:4B:AC:29:13:3A:81:C2:6F:A4:88:B4:0E:C1:3B:06:6B:73
Certificate issuer: /CN=0c21b925b4c4bcc30f77c9c41ba8d040ac95dfc6
Certificate serial: 01856BDC6B6B09D9448B4B16D324602C3B2E
Authority key identifier: 0C:21:B9:25:B4:C4:BC:C3:0F:77:C9:C4:1B:A8:D0:40:AC:95:DF:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DCG5JbTEvMMPd8nEG6jQQKyV38Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/KkCbS6wpEzqBwm-kiLQOwTsGa3M.roa
Signing time: Sun 01 Jan 2023 05:44:45 +0000
ROA not before: Sun 01 Jan 2023 05:44:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57401
IP address blocks: 2a0f:607:1059::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:30:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:dc:6b:6b:09:d9:44:8b:4b:16:d3:24:60:2c:3b:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c21b925b4c4bcc30f77c9c41ba8d040ac95dfc6
Validity
Not Before: Jan 1 05:44:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a409b4bac29133a81c26fa488b40ec13b066b73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:1b:be:3e:32:91:82:1d:13:15:16:17:7f:12:
e2:e2:50:fd:1e:ca:50:48:30:68:59:84:31:26:7a:
9b:28:ba:13:d8:c4:13:93:dc:f1:4e:c0:28:7a:41:
11:ec:51:46:90:03:cb:ce:95:20:1d:87:de:ff:ad:
fd:38:14:6a:6b:fe:82:b7:4e:24:43:75:f7:0d:8a:
62:86:0d:d2:50:43:72:9f:4e:bc:af:43:79:91:bc:
dd:f1:eb:ac:6e:6d:5f:f5:3a:bc:b2:aa:e0:8a:92:
87:fe:6b:da:a5:a1:c2:c6:2e:85:a9:3b:59:fe:cc:
9b:5b:a0:7b:ca:6b:57:e0:0b:82:16:90:21:6c:1e:
4d:03:04:f7:cd:e2:1a:5c:c6:82:6e:53:91:4a:98:
11:27:04:3e:ec:59:7c:f8:9e:61:87:74:da:c3:9e:
ed:81:0d:14:88:23:f4:9c:bc:47:03:ca:1f:0f:cf:
aa:5d:d8:43:c6:94:28:a9:50:09:1c:22:c1:93:d3:
63:a8:01:79:19:ce:b6:da:ad:75:24:43:dd:74:cf:
0c:ce:51:a5:19:47:57:d6:ad:44:6b:57:8d:7f:c4:
2e:83:a6:17:a7:f0:1d:3d:f8:a3:f6:1d:32:75:6a:
76:0f:e5:90:24:7d:ba:74:f6:33:c5:c5:5c:80:af:
91:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:40:9B:4B:AC:29:13:3A:81:C2:6F:A4:88:B4:0E:C1:3B:06:6B:73
X509v3 Authority Key Identifier:
keyid:0C:21:B9:25:B4:C4:BC:C3:0F:77:C9:C4:1B:A8:D0:40:AC:95:DF:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DCG5JbTEvMMPd8nEG6jQQKyV38Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/KkCbS6wpEzqBwm-kiLQOwTsGa3M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/DCG5JbTEvMMPd8nEG6jQQKyV38Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:607:1059::/48
Signature Algorithm: sha256WithRSAEncryption
a9:0f:d3:a9:33:20:50:00:bf:f5:9f:02:b2:21:ec:84:13:7c:
9f:06:50:f4:bc:b2:09:10:42:f7:a9:2e:82:03:16:5b:8a:7b:
fc:2d:e8:8f:93:44:91:84:00:6d:e5:d0:2a:27:12:26:5e:df:
a3:25:12:0e:e2:86:e2:49:01:d2:a6:55:94:b4:84:ce:df:04:
a6:cd:2d:ed:fe:4c:43:ad:91:1c:70:7c:11:29:75:e9:68:d6:
30:9b:37:2e:ff:72:4a:35:2e:eb:eb:39:90:09:56:f8:ba:b3:
54:3a:21:3a:17:8d:21:56:94:7d:09:2d:2a:3d:0c:a6:5c:65:
d3:0f:d1:70:9f:d9:fc:6c:d4:fd:4b:23:fe:c7:ac:ae:0c:64:
7a:9d:18:df:b7:28:76:84:dc:2d:48:f4:c9:bf:6e:ae:54:ca:
88:17:14:1b:14:5e:09:9c:d7:f8:09:6a:6d:12:48:49:ff:91:
bf:7f:02:b4:68:ca:ce:59:49:0e:0b:3f:3a:75:1c:ce:e4:0c:
a0:7c:64:bd:7a:08:4e:c1:3a:2c:55:9a:3a:08:4e:de:a0:be:
9f:e4:a8:c6:26:06:4a:08:fc:98:c2:41:1f:f7:06:91:59:fc:
ea:97:69:39:1f:e3:f3:25:de:d9:5e:ca:29:44:5c:b4:eb:5a:
80:75:eb:b9
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVr3GtrCdlEi0sW0yRgLDsuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjMjFiOTI1YjRjNGJjYzMwZjc3YzljNDFiYThkMDQwYWM5
NWRmYzYwHhcNMjMwMTAxMDU0NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTQwOWI0YmFjMjkxMzNhODFjMjZmYTQ4OGI0MGVjMTNiMDY2YjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnRu+PjKRgh0TFRYXfxLi4lD9HspQ
SDBoWYQxJnqbKLoT2MQTk9zxTsAoekER7FFGkAPLzpUgHYfe/639OBRqa/6Ct04k
Q3X3DYpihg3SUENyn068r0N5kbzd8eusbm1f9Tq8sqrgipKH/mvapaHCxi6FqTtZ
/sybW6B7ymtX4AuCFpAhbB5NAwT3zeIaXMaCblORSpgRJwQ+7Fl8+J5hh3Taw57t
gQ0UiCP0nLxHA8ofD8+qXdhDxpQoqVAJHCLBk9NjqAF5Gc622q11JEPddM8MzlGl
GUdX1q1Ea1eNf8Qug6YXp/AdPfij9h0ydWp2D+WQJH26dPYzxcVcgK+RiwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCpAm0usKRM6gcJvpIi0DsE7BmtzMB8GA1UdIwQY
MBaAFAwhuSW0xLzDD3fJxBuo0ECsld/GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRENHNUpiVEV2TU1QZDhuRUc2alFRS3lWMzhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jMGJkNjctZjdkZC00Y2UyLWFiN2Ut
YTM0NzU2NDE1OGY4LzEvS2tDYlM2d3BFenFCd20ta2lMUU93VHNHYTNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9jMGJkNjctZjdkZC00Y2UyLWFiN2UtYTM0NzU2NDE1OGY4
LzEvRENHNUpiVEV2TU1QZDhuRUc2alFRS3lWMzhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg8GBxBZ
MA0GCSqGSIb3DQEBCwUAA4IBAQCpD9OpMyBQAL/1nwKyIeyEE3yfBlD0vLIJEEL3
qS6CAxZbinv8LeiPk0SRhABt5dAqJxImXt+jJRIO4obiSQHSplWUtITO3wSmzS3t
/kxDrZEccHwRKXXpaNYwmzcu/3JKNS7r6zmQCVb4urNUOiE6F40hVpR9CS0qPQym
XGXTD9Fwn9n8bNT9SyP+x6yuDGR6nRjftyh2hNwtSPTJv26uVMqIFxQbFF4JnNf4
CWptEkhJ/5G/fwK0aMrOWUkOCz86dRzO5AygfGS9eghOwTosVZo6CE7eoL6f5KjG
JgZKCPyYwkEf9waRWfzql2k5H+PzJd7ZXsopRFy061qAdeu5
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:12 2024 by rpki-client on console-ams.rpki-client.org