Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/kblCjQryeNb9MdaQH4TDBolxEWM.roa
File: kblCjQryeNb9MdaQH4TDBolxEWM.roa (raw, json)
Hash identifier: BK/kDJMb1idXXISwvfJYKyohL88vbHB2H8g3d0FLwJY=
Subject key identifier: 91:B9:42:8D:0A:F2:78:D6:FD:31:D6:90:1F:84:C3:06:89:71:11:63
Certificate issuer: /CN=57c670c8db32dd748df797c5c93013d8c91fa839
Certificate serial: 018DD131D93B007D419C9E960D3EA6D96ABD
Authority key identifier: 57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/kblCjQryeNb9MdaQH4TDBolxEWM.roa
Signing time: Thu 22 Feb 2024 14:22:01 +0000
ROA not before: Thu 22 Feb 2024 14:22:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49505
IP address blocks: 2a0b:e9c0::/30 maxlen: 30
2a0b:e9c4::/30 maxlen: 30
2a0c:f640::/32 maxlen: 32
2a0c:f641::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 27 Aug 2024 17:40:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:d1:31:d9:3b:00:7d:41:9c:9e:96:0d:3e:a6:d9:6a:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57c670c8db32dd748df797c5c93013d8c91fa839
Validity
Not Before: Feb 22 14:22:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=91b9428d0af278d6fd31d6901f84c30689711163
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:35:b4:f5:77:d4:f3:03:3a:50:58:e4:94:f8:
77:fe:64:f0:6f:19:d0:d1:df:93:23:d6:47:ea:fb:
b6:f4:60:75:c0:e7:09:6f:c4:1a:9c:94:6c:1b:35:
2b:f1:da:8a:83:79:a4:5a:30:10:bb:20:b8:4f:89:
4b:f9:08:17:ce:38:93:13:98:a1:cb:a6:31:67:be:
03:29:a0:75:21:fe:94:d8:ec:66:4c:ec:b9:77:7e:
9d:57:4b:1a:a3:fa:6d:06:00:6e:32:80:a8:92:df:
73:ab:41:c6:c7:35:99:68:35:2a:03:f5:b0:c0:d6:
e8:a4:73:7f:ec:f2:56:93:4b:3f:f4:98:06:5c:52:
3d:a5:25:c7:18:e7:b0:94:23:74:7d:3b:c7:fb:d1:
de:cd:9d:17:94:d2:15:a9:f3:5d:ec:34:bd:7b:65:
a5:d1:e1:7d:4b:f8:b8:e7:df:9f:34:54:99:77:cf:
0d:7a:6e:04:9a:ad:99:53:bf:69:2c:82:56:d8:11:
fe:56:39:ad:63:5c:c1:b8:81:1b:57:c5:40:ad:21:
79:9a:86:fb:35:27:71:e7:1b:8e:1e:4e:53:33:2b:
47:e0:8c:93:02:ae:f0:e7:7f:be:ae:14:c5:d3:63:
96:d9:c5:d6:93:d4:43:42:ad:cd:ce:54:0d:b4:05:
93:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:B9:42:8D:0A:F2:78:D6:FD:31:D6:90:1F:84:C3:06:89:71:11:63
X509v3 Authority Key Identifier:
keyid:57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/kblCjQryeNb9MdaQH4TDBolxEWM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:e9c0::/29
2a0c:f640::/31
Signature Algorithm: sha256WithRSAEncryption
1d:f5:6f:a2:c8:c7:6e:de:1d:20:f3:47:f7:4e:da:91:59:ec:
fa:47:f8:86:7f:a3:55:e7:ea:21:0b:db:c0:22:17:50:91:cc:
88:84:eb:a2:93:6e:e0:77:40:33:18:23:17:59:75:d3:ec:df:
14:c3:e9:72:5d:84:f8:88:bd:3d:e2:6c:99:8a:d6:40:5b:79:
76:5c:1a:83:e5:15:a6:6e:bb:1a:0f:74:28:21:a1:3f:77:39:
38:5c:78:34:6a:b7:29:d3:f2:be:07:c8:3a:1a:98:98:84:5b:
f3:65:6c:eb:2f:39:2e:24:72:00:2a:64:8b:cf:30:99:d7:47:
91:5b:9e:ba:fe:f5:d5:f5:5e:5f:52:fe:b8:06:08:7c:8c:82:
15:ea:ad:fe:39:0c:ea:bb:04:f1:c5:b7:e7:b9:83:a3:3f:09:
10:8d:b9:de:22:9b:29:ba:88:f1:25:57:d0:37:31:be:7e:8b:
9d:c6:aa:07:39:cb:01:54:17:31:cb:e1:58:2f:49:11:be:5f:
27:b1:17:ac:71:59:e5:79:ac:ee:e2:50:8d:4b:9c:ef:05:04:
ab:34:e7:fd:9f:13:2e:c8:06:05:48:1e:04:c5:1c:9d:6d:a1:
f4:67:22:0e:d3:66:85:2a:f7:9a:6d:c9:28:cb:12:31:a0:c4:
63:3c:ca:f9
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY3RMdk7AH1BnJ6WDT6m2Wq9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3YzY3MGM4ZGIzMmRkNzQ4ZGY3OTdjNWM5MzAxM2Q4Yzkx
ZmE4MzkwHhcNMjQwMjIyMTQyMjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWI5NDI4ZDBhZjI3OGQ2ZmQzMWQ2OTAxZjg0YzMwNjg5NzExMTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyzW09XfU8wM6UFjklPh3/mTwbxnQ
0d+TI9ZH6vu29GB1wOcJb8QanJRsGzUr8dqKg3mkWjAQuyC4T4lL+QgXzjiTE5ih
y6YxZ74DKaB1If6U2OxmTOy5d36dV0sao/ptBgBuMoCokt9zq0HGxzWZaDUqA/Ww
wNbopHN/7PJWk0s/9JgGXFI9pSXHGOewlCN0fTvH+9HezZ0XlNIVqfNd7DS9e2Wl
0eF9S/i459+fNFSZd88Nem4Emq2ZU79pLIJW2BH+VjmtY1zBuIEbV8VArSF5mob7
NSdx5xuOHk5TMytH4IyTAq7w53++rhTF02OW2cXWk9RDQq3NzlQNtAWTJQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJG5Qo0K8njW/THWkB+EwwaJcRFjMB8GA1UdIwQY
MBaAFFfGcMjbMt10jfeXxckwE9jJH6g5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQt
MzA0OTVmNDAzNzg0LzEva2JsQ2pRcnllTmI5TWRhUUg0VERCb2x4RVdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQtMzA0OTVmNDAzNzg0
LzEvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKgvpwAMF
ASoM9kAwDQYJKoZIhvcNAQELBQADggEBAB31b6LIx27eHSDzR/dO2pFZ7PpH+IZ/
o1Xn6iEL28AiF1CRzIiE66KTbuB3QDMYIxdZddPs3xTD6XJdhPiIvT3ibJmK1kBb
eXZcGoPlFaZuuxoPdCghoT93OThceDRqtynT8r4HyDoamJiEW/NlbOsvOS4kcgAq
ZIvPMJnXR5Fbnrr+9dX1Xl9S/rgGCHyMghXqrf45DOq7BPHFt+e5g6M/CRCNud4i
mym6iPElV9A3Mb5+i53Gqgc5ywFUFzHL4VgvSRG+XyexF6xxWeV5rO7iUI1LnO8F
BKs05/2fEy7IBgVIHgTFHJ1tofRnIg7TZoUq95ptySjLEjGgxGM8yvk=
-----END CERTIFICATE-----
Generated at Tue Aug 27 20:06:10 2024 by rpki-client on console-fra.rpki-client.org