Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/6b87af-a212-480d-a4d4-a3df3b69ce5a/1/KpcIsyV1c1eixmzKaSrh5NALIFU.roa
File: KpcIsyV1c1eixmzKaSrh5NALIFU.roa (raw, json)
Hash identifier: 4RhpYh9pNesPyr9OPVi5EWWAugkopfA6xCzs7AGCZyA=
Subject key identifier: 2A:97:08:B3:25:75:73:57:A2:C6:6C:CA:69:2A:E1:E4:D0:0B:20:55
Certificate issuer: /CN=dfb8ff2f3a0bfc41eadc18af9e52acd100524149
Certificate serial: 018570F08BFD0FA51B686BAA37E87ABBB52D
Authority key identifier: DF:B8:FF:2F:3A:0B:FC:41:EA:DC:18:AF:9E:52:AC:D1:00:52:41:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/37j_LzoL_EHq3BivnlKs0QBSQUk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/6b87af-a212-480d-a4d4-a3df3b69ce5a/1/KpcIsyV1c1eixmzKaSrh5NALIFU.roa
Signing time: Mon 02 Jan 2023 05:24:50 +0000
ROA not before: Mon 02 Jan 2023 05:24:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 2a0a:2b00:20::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:31:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:f0:8b:fd:0f:a5:1b:68:6b:aa:37:e8:7a:bb:b5:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dfb8ff2f3a0bfc41eadc18af9e52acd100524149
Validity
Not Before: Jan 2 05:24:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a9708b325757357a2c66cca692ae1e4d00b2055
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:64:05:ad:cd:e3:cc:ef:7e:90:8b:19:53:62:
4a:b2:13:4d:e7:a6:50:50:8b:c1:27:43:be:73:eb:
d7:6d:99:cb:da:7c:81:c1:c9:b6:c5:2c:f6:3b:a6:
57:ec:3a:3d:35:55:9b:a2:1e:04:15:b3:0c:33:31:
48:82:15:0b:4e:54:4c:54:f0:73:93:60:c4:d3:c1:
85:00:e8:04:f7:a3:98:0c:b2:d6:69:b5:5a:f0:ad:
c6:40:17:e6:55:a6:72:22:11:e1:ee:f2:ed:74:55:
8b:7f:1a:c3:a0:b2:c3:6a:55:ec:1a:4a:ab:b2:2e:
ee:d2:21:13:4e:01:ba:b1:20:1a:b0:89:b6:66:f0:
91:6b:11:56:fd:d9:05:51:41:52:44:93:db:cb:c6:
c3:5f:cc:9f:25:47:e9:72:60:b8:de:66:32:d2:4b:
b4:b2:85:2a:3e:02:b0:e4:b6:ce:9d:67:ca:86:24:
c7:4f:ab:10:57:f7:52:d9:5e:6f:f9:bf:24:bb:61:
df:8d:0a:98:16:65:39:e4:fb:38:3a:0b:57:84:06:
f1:1d:b2:eb:9f:10:0a:b4:d3:21:bf:67:c7:8a:f3:
33:77:5d:23:a9:42:78:90:f7:bc:b1:b8:d9:0a:2c:
7c:a8:22:6a:15:bb:6f:d5:00:51:1c:0b:94:48:b0:
ff:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:97:08:B3:25:75:73:57:A2:C6:6C:CA:69:2A:E1:E4:D0:0B:20:55
X509v3 Authority Key Identifier:
keyid:DF:B8:FF:2F:3A:0B:FC:41:EA:DC:18:AF:9E:52:AC:D1:00:52:41:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/37j_LzoL_EHq3BivnlKs0QBSQUk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/6b87af-a212-480d-a4d4-a3df3b69ce5a/1/KpcIsyV1c1eixmzKaSrh5NALIFU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/6b87af-a212-480d-a4d4-a3df3b69ce5a/1/37j_LzoL_EHq3BivnlKs0QBSQUk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:2b00:20::/48
Signature Algorithm: sha256WithRSAEncryption
96:fd:e1:20:18:92:bf:09:39:d4:0a:26:62:03:74:e5:f7:18:
78:55:af:8e:e1:8b:05:61:f6:84:cf:2d:a4:2e:1e:08:14:44:
fc:2f:68:3f:07:83:2e:07:9d:9a:9f:47:0a:fd:7d:6c:6d:9f:
a0:69:c2:8a:47:64:90:16:64:45:3e:51:2a:61:33:c1:9c:48:
ba:3e:bd:92:a2:49:f7:db:dd:33:3b:85:c4:3a:8a:38:0c:d1:
79:4d:38:d6:7f:3b:c3:9b:45:ef:b4:8c:63:cc:fd:c6:e9:b1:
4a:fa:e2:bf:d9:df:a7:0b:a7:58:7e:ec:79:d6:39:80:bb:7e:
32:3f:ba:8d:f8:6c:e2:30:2f:39:86:1b:39:91:a9:e9:31:45:
7d:3e:f4:c2:5e:86:ad:64:5a:fa:e4:fe:f3:80:4c:ae:f2:f6:
c6:82:4b:d3:dd:fe:01:eb:49:84:de:8b:bf:75:ae:f9:23:06:
f6:e0:8f:b8:08:01:f1:6f:28:f1:ee:20:25:2d:07:64:4f:fd:
0d:91:f3:fb:d5:5e:8e:28:26:08:e2:ee:f4:df:a5:d1:d5:86:
4e:b7:dc:eb:a5:de:91:9a:2e:f1:f0:4b:89:bc:3f:e3:01:37:
e6:a2:b7:ed:2c:0a:9b:c6:ce:64:f6:16:21:89:36:f2:5d:e7:
a0:5c:5f:81
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVw8Iv9D6UbaGuqN+h6u7UtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmYjhmZjJmM2EwYmZjNDFlYWRjMThhZjllNTJhY2QxMDA1
MjQxNDkwHhcNMjMwMTAyMDUyNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTk3MDhiMzI1NzU3MzU3YTJjNjZjY2E2OTJhZTFlNGQwMGIyMDU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqmQFrc3jzO9+kIsZU2JKshNN56ZQ
UIvBJ0O+c+vXbZnL2nyBwcm2xSz2O6ZX7Do9NVWboh4EFbMMMzFIghULTlRMVPBz
k2DE08GFAOgE96OYDLLWabVa8K3GQBfmVaZyIhHh7vLtdFWLfxrDoLLDalXsGkqr
si7u0iETTgG6sSAasIm2ZvCRaxFW/dkFUUFSRJPby8bDX8yfJUfpcmC43mYy0ku0
soUqPgKw5LbOnWfKhiTHT6sQV/dS2V5v+b8ku2HfjQqYFmU55Ps4OgtXhAbxHbLr
nxAKtNMhv2fHivMzd10jqUJ4kPe8sbjZCix8qCJqFbtv1QBRHAuUSLD/JwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCqXCLMldXNXosZsymkq4eTQCyBVMB8GA1UdIwQY
MBaAFN+4/y86C/xB6twYr55SrNEAUkFJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzdqX0x6b0xfRUhxM0Jpdm5sS3MwUUJTUVVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC82Yjg3YWYtYTIxMi00ODBkLWE0ZDQt
YTNkZjNiNjljZTVhLzEvS3BjSXN5VjFjMWVpeG16S2FTcmg1TkFMSUZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC82Yjg3YWYtYTIxMi00ODBkLWE0ZDQtYTNkZjNiNjljZTVh
LzEvMzdqX0x6b0xfRUhxM0Jpdm5sS3MwUUJTUVVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgorAAAg
MA0GCSqGSIb3DQEBCwUAA4IBAQCW/eEgGJK/CTnUCiZiA3Tl9xh4Va+O4YsFYfaE
zy2kLh4IFET8L2g/B4MuB52an0cK/X1sbZ+gacKKR2SQFmRFPlEqYTPBnEi6Pr2S
okn3290zO4XEOoo4DNF5TTjWfzvDm0XvtIxjzP3G6bFK+uK/2d+nC6dYfux51jmA
u34yP7qN+GziMC85hhs5kanpMUV9PvTCXoatZFr65P7zgEyu8vbGgkvT3f4B60mE
3ou/da75Iwb24I+4CAHxbyjx7iAlLQdkT/0NkfP71V6OKCYI4u7036XR1YZOt9zr
pd6Rmi7x8EuJvD/jATfmorftLAqbxs5k9hYhiTbyXeegXF+B
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:58 2024 by rpki-client on console-ams.rpki-client.org