Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/11a9ba-9d0e-4c44-ada4-4be127fa3118/1/KCf_NnTnAlFVuxrXKtFEfr4boXk.roa
File: KCf_NnTnAlFVuxrXKtFEfr4boXk.roa (raw, json)
Hash identifier: FfTjRGfLifCjFcMr06zECXb0kxbs3sdbvcHRHAI+jYY=
Subject key identifier: 28:27:FF:36:74:E7:02:51:55:BB:1A:D7:2A:D1:44:7E:BE:1B:A1:79
Certificate issuer: /CN=6f0c9a1117abd52ec8036b4f378644fa77a4b8a7
Certificate serial: 018AFEA0FC5FC4BC58D71EB6E8EAB4CD13FB
Authority key identifier: 6F:0C:9A:11:17:AB:D5:2E:C8:03:6B:4F:37:86:44:FA:77:A4:B8:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bwyaERer1S7IA2tPN4ZE-nekuKc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/11a9ba-9d0e-4c44-ada4-4be127fa3118/1/KCf_NnTnAlFVuxrXKtFEfr4boXk.roa
Signing time: Thu 05 Oct 2023 06:57:57 +0000
ROA not before: Thu 05 Oct 2023 06:57:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216235
IP address blocks: 2a13:f3c0:2::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:fe:a0:fc:5f:c4:bc:58:d7:1e:b6:e8:ea:b4:cd:13:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f0c9a1117abd52ec8036b4f378644fa77a4b8a7
Validity
Not Before: Oct 5 06:57:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2827ff3674e7025155bb1ad72ad1447ebe1ba179
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:f5:f2:21:31:6d:e6:32:f3:71:a2:31:2a:93:
43:f3:f9:c9:42:e2:02:d9:7c:6e:b0:71:99:fa:fd:
2b:c7:68:ca:13:c9:2a:ed:00:a3:67:dd:ef:44:87:
7b:bf:45:41:4a:81:02:6a:d4:2b:e0:fb:8a:fa:be:
71:45:46:e5:a1:4e:b3:f5:d6:da:2e:2f:fe:75:a5:
b6:75:89:63:0e:1f:66:dc:d9:17:b9:7e:01:08:15:
35:82:be:e8:99:37:a4:c8:03:0d:5f:bc:31:5c:91:
35:90:37:1a:d5:71:85:36:64:9a:4f:62:bd:6f:d2:
6d:37:a3:fc:56:b3:c4:43:4b:77:d4:47:ce:67:89:
6a:61:67:af:e8:24:15:e2:6c:76:b3:03:26:e7:6d:
5f:fa:ee:ab:3e:1a:95:95:bc:1c:c6:da:f1:de:62:
d2:9f:18:19:f1:15:68:6c:a8:a4:da:b9:54:66:f5:
9b:12:e9:ea:55:a3:13:f7:fa:a5:c0:7f:0b:fa:d9:
f9:3e:46:53:cf:d3:2e:be:e8:02:18:fa:40:ce:3f:
09:65:3a:37:09:f5:0b:b1:f3:74:4f:ef:79:bc:88:
78:29:19:79:f1:bc:a9:9b:4d:c1:7d:c8:91:bd:35:
2c:88:71:dd:64:4c:64:fb:ef:55:db:87:62:a8:fb:
48:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:27:FF:36:74:E7:02:51:55:BB:1A:D7:2A:D1:44:7E:BE:1B:A1:79
X509v3 Authority Key Identifier:
keyid:6F:0C:9A:11:17:AB:D5:2E:C8:03:6B:4F:37:86:44:FA:77:A4:B8:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bwyaERer1S7IA2tPN4ZE-nekuKc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/11a9ba-9d0e-4c44-ada4-4be127fa3118/1/KCf_NnTnAlFVuxrXKtFEfr4boXk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/11a9ba-9d0e-4c44-ada4-4be127fa3118/1/bwyaERer1S7IA2tPN4ZE-nekuKc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:f3c0:2::/48
Signature Algorithm: sha256WithRSAEncryption
5b:05:d3:38:02:0d:7f:e2:b8:ba:f0:d1:dc:ec:ef:74:ab:5c:
21:2b:a9:3d:ea:4f:20:e8:9a:6c:8d:2b:7f:7e:70:c5:2c:ad:
22:7f:6c:b1:9d:81:28:b7:f4:fe:9a:be:6d:bb:48:e9:24:18:
f5:09:bf:99:4c:94:58:e9:52:7d:c6:02:59:8d:84:2a:3d:c2:
50:0c:e9:df:2d:4a:3c:2b:00:48:47:89:c3:c9:11:40:6a:06:
d6:75:83:bc:58:8a:32:f7:01:ad:68:4d:49:73:f5:9b:a4:3d:
79:72:4f:3f:1c:b7:23:35:f9:5a:0a:ca:87:e3:5b:d6:92:f7:
2a:e3:d0:d6:d5:75:09:de:18:e6:1b:02:88:45:81:00:98:cc:
ad:38:66:b8:37:fb:d7:e0:f2:91:e5:28:b6:12:40:ea:4e:a6:
d6:d8:77:e4:3f:03:3f:18:ff:b7:ed:7d:04:74:54:dc:c7:e5:
74:47:64:2b:fd:1f:74:76:fb:bb:81:8c:1d:44:53:59:ea:13:
3e:c7:51:c8:b9:c9:ef:46:ea:88:21:c5:f8:5b:9a:6b:3c:40:
f7:99:76:c3:f3:b1:e7:be:ee:21:e7:52:86:13:c0:18:41:97:
68:08:8f:fb:33:26:4f:54:48:fe:6e:81:58:b1:f2:84:c5:b3:
7d:ed:39:97
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYr+oPxfxLxY1x626Oq0zRP7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmMGM5YTExMTdhYmQ1MmVjODAzNmI0ZjM3ODY0NGZhNzdh
NGI4YTcwHhcNMjMxMDA1MDY1NzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODI3ZmYzNjc0ZTcwMjUxNTViYjFhZDcyYWQxNDQ3ZWJlMWJhMTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAufXyITFt5jLzcaIxKpND8/nJQuIC
2XxusHGZ+v0rx2jKE8kq7QCjZ93vRId7v0VBSoECatQr4PuK+r5xRUbloU6z9dba
Li/+daW2dYljDh9m3NkXuX4BCBU1gr7omTekyAMNX7wxXJE1kDca1XGFNmSaT2K9
b9JtN6P8VrPEQ0t31EfOZ4lqYWev6CQV4mx2swMm521f+u6rPhqVlbwcxtrx3mLS
nxgZ8RVobKik2rlUZvWbEunqVaMT9/qlwH8L+tn5PkZTz9MuvugCGPpAzj8JZTo3
CfULsfN0T+95vIh4KRl58bypm03BfciRvTUsiHHdZExk++9V24diqPtIZwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCgn/zZ05wJRVbsa1yrRRH6+G6F5MB8GA1UdIwQY
MBaAFG8MmhEXq9UuyANrTzeGRPp3pLinMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnd5YUVSZXIxUzdJQTJ0UE40WkUtbmVrdUtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS8xMWE5YmEtOWQwZS00YzQ0LWFkYTQt
NGJlMTI3ZmEzMTE4LzEvS0NmX05uVG5BbEZWdXhyWEt0RkVmcjRib1hrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS8xMWE5YmEtOWQwZS00YzQ0LWFkYTQtNGJlMTI3ZmEzMTE4
LzEvYnd5YUVSZXIxUzdJQTJ0UE40WkUtbmVrdUtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhPzwAAC
MA0GCSqGSIb3DQEBCwUAA4IBAQBbBdM4Ag1/4ri68NHc7O90q1whK6k96k8g6Jps
jSt/fnDFLK0if2yxnYEot/T+mr5tu0jpJBj1Cb+ZTJRY6VJ9xgJZjYQqPcJQDOnf
LUo8KwBIR4nDyRFAagbWdYO8WIoy9wGtaE1Jc/WbpD15ck8/HLcjNflaCsqH41vW
kvcq49DW1XUJ3hjmGwKIRYEAmMytOGa4N/vX4PKR5Si2EkDqTqbW2HfkPwM/GP+3
7X0EdFTcx+V0R2Qr/R90dvu7gYwdRFNZ6hM+x1HIucnvRuqIIcX4W5prPED3mXbD
87Hnvu4h51KGE8AYQZdoCI/7MyZPVEj+boFYsfKExbN97TmX
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:23 2024 by rpki-client on console-ams.rpki-client.org