Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/c4dada-1a29-449a-9ac6-b12ebf345bc3/1/KcYP1NGg-r2e41FID4YKU7WnffM.roa
File: KcYP1NGg-r2e41FID4YKU7WnffM.roa (raw, json)
Hash identifier: ivnGXMhmrmEUrR+fQYp2OnC6ZqYVMLcDdqzbAZ4DlOg=
Subject key identifier: 29:C6:0F:D4:D1:A0:FA:BD:9E:E3:51:48:0F:86:0A:53:B5:A7:7D:F3
Certificate issuer: /CN=a5a8a69009ad2e890986bdd76c633c1b31f06f3a
Certificate serial: 018F0C4041928E339003D3009D64CB3893BA
Authority key identifier: A5:A8:A6:90:09:AD:2E:89:09:86:BD:D7:6C:63:3C:1B:31:F0:6F:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/paimkAmtLokJhr3XbGM8GzHwbzo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/c4dada-1a29-449a-9ac6-b12ebf345bc3/1/KcYP1NGg-r2e41FID4YKU7WnffM.roa
Signing time: Tue 23 Apr 2024 18:38:08 +0000
ROA not before: Tue 23 Apr 2024 18:38:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216219
IP address blocks: 2a13:f740::/48 maxlen: 48
2a13:f740:1::/48 maxlen: 48
2a13:f740:2::/48 maxlen: 48
2a13:f740:3::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 24 Jul 2024 17:08:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:0c:40:41:92:8e:33:90:03:d3:00:9d:64:cb:38:93:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5a8a69009ad2e890986bdd76c633c1b31f06f3a
Validity
Not Before: Apr 23 18:38:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=29c60fd4d1a0fabd9ee351480f860a53b5a77df3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:ec:b5:6d:83:38:a9:b0:a9:77:83:04:cc:74:
72:7f:8c:c2:f8:64:17:6c:65:b9:a2:0e:4e:e9:79:
88:60:19:7c:1a:de:b2:50:ec:b4:42:b4:b5:d4:a8:
d2:2b:2a:4f:d5:a1:7f:7e:93:0b:c5:b4:31:70:df:
79:59:c0:41:50:bf:95:90:a2:97:08:2d:52:0d:a0:
34:9f:b3:bc:3f:ee:f4:f5:0e:99:ae:13:d1:d6:9b:
09:b8:53:08:ce:6b:77:3f:22:8c:09:03:3c:96:a8:
e3:f0:88:da:88:f4:de:f2:49:f1:ca:32:a3:47:51:
d7:09:5c:48:8b:04:a0:48:82:77:01:ac:ed:fe:53:
a1:4d:98:f5:69:84:28:44:77:3f:ca:62:34:54:f4:
90:c8:67:6f:17:b9:9f:8f:1b:01:f1:1a:a0:a8:65:
2a:78:24:ce:3c:a2:80:4d:90:d3:4b:19:e4:19:76:
40:12:da:d2:6b:02:01:8b:6c:93:b1:a3:88:ef:b9:
61:19:7b:12:9d:af:89:9b:4e:29:23:cb:33:30:80:
17:dc:3c:92:90:01:5d:11:89:83:4c:93:6d:94:78:
30:d5:91:44:c2:95:d9:9b:44:24:c1:81:b6:cb:0c:
20:be:05:90:1b:d2:e0:33:a5:84:d4:ff:19:a9:87:
ff:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:C6:0F:D4:D1:A0:FA:BD:9E:E3:51:48:0F:86:0A:53:B5:A7:7D:F3
X509v3 Authority Key Identifier:
keyid:A5:A8:A6:90:09:AD:2E:89:09:86:BD:D7:6C:63:3C:1B:31:F0:6F:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/paimkAmtLokJhr3XbGM8GzHwbzo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/c4dada-1a29-449a-9ac6-b12ebf345bc3/1/KcYP1NGg-r2e41FID4YKU7WnffM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/c4dada-1a29-449a-9ac6-b12ebf345bc3/1/paimkAmtLokJhr3XbGM8GzHwbzo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:f740::/46
Signature Algorithm: sha256WithRSAEncryption
46:dc:15:40:64:65:b2:7d:28:61:71:47:e7:f0:0d:92:28:b0:
88:18:32:01:2b:04:9c:e9:3e:3e:aa:4b:27:f0:99:13:bc:43:
6e:03:64:9b:eb:f5:49:73:7d:41:68:91:c9:a8:21:df:96:a0:
88:2f:9b:0b:8d:b0:b2:4d:c4:3f:c8:1d:4c:58:f9:ad:73:ca:
e9:55:6d:c0:7d:b9:37:ad:7d:d0:dd:c8:3b:8d:8b:31:fd:9c:
74:51:ed:f4:9c:3d:df:f7:e1:0d:a7:c4:32:af:6e:24:50:32:
f6:fc:3b:20:87:28:d8:9d:69:b4:c2:91:2b:3e:d0:c4:13:5e:
88:e4:9a:42:d7:0b:c5:45:0d:8c:20:f9:3c:ab:f4:0f:dc:91:
5b:dd:a9:9c:63:b8:5d:78:d9:b6:96:46:35:2d:09:25:e8:cb:
a4:9b:cd:91:d6:01:fa:ee:a4:64:1f:8b:b2:54:4a:4d:78:04:
51:c7:45:a9:fe:32:97:86:58:ab:22:63:1f:7a:8b:0c:82:0c:
b7:ce:40:f2:15:34:f9:c7:e6:4d:f0:37:90:6d:22:32:3b:1b:
a7:ea:cf:bb:c2:e0:c6:f0:29:89:8e:02:16:09:da:86:b7:91:
62:41:3d:46:47:64:e2:27:13:0d:41:7d:3a:47:c5:0b:c4:75:
8b:dd:b6:ca
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY8MQEGSjjOQA9MAnWTLOJO6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YThhNjkwMDlhZDJlODkwOTg2YmRkNzZjNjMzYzFiMzFm
MDZmM2EwHhcNMjQwNDIzMTgzODA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWM2MGZkNGQxYTBmYWJkOWVlMzUxNDgwZjg2MGE1M2I1YTc3ZGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmey1bYM4qbCpd4MEzHRyf4zC+GQX
bGW5og5O6XmIYBl8Gt6yUOy0QrS11KjSKypP1aF/fpMLxbQxcN95WcBBUL+VkKKX
CC1SDaA0n7O8P+709Q6ZrhPR1psJuFMIzmt3PyKMCQM8lqjj8IjaiPTe8knxyjKj
R1HXCVxIiwSgSIJ3Aazt/lOhTZj1aYQoRHc/ymI0VPSQyGdvF7mfjxsB8RqgqGUq
eCTOPKKATZDTSxnkGXZAEtrSawIBi2yTsaOI77lhGXsSna+Jm04pI8szMIAX3DyS
kAFdEYmDTJNtlHgw1ZFEwpXZm0QkwYG2ywwgvgWQG9LgM6WE1P8ZqYf/XQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCnGD9TRoPq9nuNRSA+GClO1p33zMB8GA1UdIwQY
MBaAFKWoppAJrS6JCYa912xjPBsx8G86MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGFpbWtBbXRMb2tKaHIzWGJHTThHekh3YnpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy9jNGRhZGEtMWEyOS00NDlhLTlhYzYt
YjEyZWJmMzQ1YmMzLzEvS2NZUDFOR2ctcjJlNDFGSUQ0WUtVN1duZmZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy9jNGRhZGEtMWEyOS00NDlhLTlhYzYtYjEyZWJmMzQ1YmMz
LzEvcGFpbWtBbXRMb2tKaHIzWGJHTThHekh3YnpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcCKhP3QAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQBG3BVAZGWyfShhcUfn8A2SKLCIGDIBKwSc6T4+
qksn8JkTvENuA2Sb6/VJc31BaJHJqCHflqCIL5sLjbCyTcQ/yB1MWPmtc8rpVW3A
fbk3rX3Q3cg7jYsx/Zx0Ue30nD3f9+ENp8Qyr24kUDL2/DsghyjYnWm0wpErPtDE
E16I5JpC1wvFRQ2MIPk8q/QP3JFb3amcY7hdeNm2lkY1LQkl6Mukm82R1gH67qRk
H4uyVEpNeARRx0Wp/jKXhlirImMfeosMggy3zkDyFTT5x+ZN8DeQbSIyOxun6s+7
wuDG8CmJjgIWCdqGt5FiQT1GR2TiJxMNQX06R8ULxHWL3bbK
Generated at Wed Jul 24 19:34:33 2024 by rpki-client on console-fra.rpki-client.org