Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/3794b1-ca7f-4a57-8b7b-06d3c4e63c20/1/KVXaxIiEB8fLbaJyu0CNFcLbI0I.roa
File: KVXaxIiEB8fLbaJyu0CNFcLbI0I.roa (raw, json)
Hash identifier: a8h57Faa7phnkM++M5q739Yrpqgd9iadqgydjG6TCFE=
Subject key identifier: 29:55:DA:C4:88:84:07:C7:CB:6D:A2:72:BB:40:8D:15:C2:DB:23:42
Certificate issuer: /CN=82b2e0d00dd771a9e4d60bbf4be52114ea77db03
Certificate serial: 018E374DBBF575E26FEA108D0A48109886B4
Authority key identifier: 82:B2:E0:D0:0D:D7:71:A9:E4:D6:0B:BF:4B:E5:21:14:EA:77:DB:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/grLg0A3Xcank1gu_S-UhFOp32wM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/3794b1-ca7f-4a57-8b7b-06d3c4e63c20/1/KVXaxIiEB8fLbaJyu0CNFcLbI0I.roa
Signing time: Wed 13 Mar 2024 10:13:45 +0000
ROA not before: Wed 13 Mar 2024 10:13:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207551
IP address blocks: 117.55.199.0/24 maxlen: 24
202.181.153.0/24 maxlen: 24
212.6.53.0/24 maxlen: 24
2a10:2080::/29 maxlen: 32
Validation: Failed, certificate revoked on Thu 21 Mar 2024 02:03:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:37:4d:bb:f5:75:e2:6f:ea:10:8d:0a:48:10:98:86:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=82b2e0d00dd771a9e4d60bbf4be52114ea77db03
Validity
Not Before: Mar 13 10:13:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2955dac4888407c7cb6da272bb408d15c2db2342
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:fa:2d:13:4e:2a:41:55:6b:45:f4:36:39:60:
a1:0a:70:0a:10:39:aa:ae:74:48:25:7f:f4:e1:48:
e4:7d:97:b9:93:3a:90:9d:f6:da:c1:dd:40:e3:6b:
f1:07:ec:74:a7:2b:b9:0d:76:de:97:68:f1:1c:09:
77:4c:b7:47:59:24:b1:c2:91:79:b4:f7:1d:06:63:
29:78:3a:79:6d:ae:24:01:8c:4b:d5:65:32:39:63:
97:b4:5c:e9:6f:1e:dd:5e:e2:b5:62:ae:58:d7:59:
b0:5d:c3:20:3c:8d:33:4d:0e:ed:1d:c1:df:b2:7f:
94:07:5e:d0:f5:a9:4d:25:f7:7c:1c:67:98:bb:2a:
0e:b5:5a:db:8a:8e:77:f8:54:7a:4e:72:c4:d3:c8:
5e:52:4f:3b:9b:d9:65:ad:d2:30:f1:54:4f:5d:a4:
af:18:a4:60:57:16:dd:1f:29:e7:3b:94:1f:07:95:
20:a4:e0:8a:cb:21:91:c9:5f:bb:04:99:cf:f8:d8:
2f:30:0d:c5:8d:60:44:0e:7d:2a:f1:b0:00:9e:c4:
75:a8:b7:5b:fc:6a:58:8e:e8:b4:e4:72:70:f9:36:
8e:4a:df:c9:31:ad:30:c3:c0:12:90:d4:ba:ce:ae:
a9:13:56:d8:82:47:0f:b5:b1:b4:05:de:cd:93:83:
65:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:55:DA:C4:88:84:07:C7:CB:6D:A2:72:BB:40:8D:15:C2:DB:23:42
X509v3 Authority Key Identifier:
keyid:82:B2:E0:D0:0D:D7:71:A9:E4:D6:0B:BF:4B:E5:21:14:EA:77:DB:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/grLg0A3Xcank1gu_S-UhFOp32wM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/3794b1-ca7f-4a57-8b7b-06d3c4e63c20/1/KVXaxIiEB8fLbaJyu0CNFcLbI0I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/3794b1-ca7f-4a57-8b7b-06d3c4e63c20/1/grLg0A3Xcank1gu_S-UhFOp32wM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
117.55.199.0/24
202.181.153.0/24
212.6.53.0/24
IPv6:
2a10:2080::/29
Signature Algorithm: sha256WithRSAEncryption
9c:52:56:54:e1:ed:d8:1a:15:eb:a9:e9:be:5a:28:6d:ad:2a:
70:97:92:ec:b1:02:4d:da:2a:c4:06:49:11:63:34:0b:36:51:
eb:53:56:9e:63:e0:2b:fc:d0:c2:bf:74:77:35:b0:04:1b:8d:
40:02:ba:6c:f7:3a:dc:4d:45:11:78:6c:d6:62:ab:f9:04:6e:
a0:ee:fe:74:9f:51:96:24:31:52:4f:0e:fc:4d:28:31:c9:f0:
ee:f8:11:1e:6d:4f:f8:58:ee:53:e7:b6:bf:b4:8c:57:57:43:
ef:f3:67:a0:93:2a:fe:1a:4a:95:00:13:4b:e0:61:c0:75:33:
5c:ac:54:4a:ed:1f:69:de:93:0c:dc:5e:1a:f8:43:24:05:ad:
91:15:54:bb:7f:ac:0a:86:03:fd:f8:b2:83:aa:b4:05:1b:25:
28:06:d1:c2:9d:0f:1e:13:10:ab:2d:96:2f:13:b9:5e:43:b6:
9d:22:7a:4c:b2:87:84:d5:b4:b6:68:f4:ac:50:ff:94:0e:90:
77:8d:1b:c7:a2:07:f7:f0:cd:64:82:3c:27:74:87:98:10:04:
65:da:5e:1f:83:ab:b3:3e:0e:f6:a4:f2:68:f9:84:1d:e9:f7:
b2:02:4d:53:65:7d:bd:d8:b1:6b:3d:bd:bd:62:35:a0:e2:bb:
f4:9a:1b:06
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY43Tbv1deJv6hCNCkgQmIa0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyYjJlMGQwMGRkNzcxYTllNGQ2MGJiZjRiZTUyMTE0ZWE3
N2RiMDMwHhcNMjQwMzEzMTAxMzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTU1ZGFjNDg4ODQwN2M3Y2I2ZGEyNzJiYjQwOGQxNWMyZGIyMzQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn/otE04qQVVrRfQ2OWChCnAKEDmq
rnRIJX/04UjkfZe5kzqQnfbawd1A42vxB+x0pyu5DXbel2jxHAl3TLdHWSSxwpF5
tPcdBmMpeDp5ba4kAYxL1WUyOWOXtFzpbx7dXuK1Yq5Y11mwXcMgPI0zTQ7tHcHf
sn+UB17Q9alNJfd8HGeYuyoOtVrbio53+FR6TnLE08heUk87m9llrdIw8VRPXaSv
GKRgVxbdHynnO5QfB5UgpOCKyyGRyV+7BJnP+NgvMA3FjWBEDn0q8bAAnsR1qLdb
/GpYjui05HJw+TaOSt/JMa0ww8ASkNS6zq6pE1bYgkcPtbG0Bd7Nk4Nl0QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFClV2sSIhAfHy22icrtAjRXC2yNCMB8GA1UdIwQY
MBaAFIKy4NAN13Gp5NYLv0vlIRTqd9sDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3JMZzBBM1hjYW5rMWd1X1MtVWhGT3AzMndNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi8zNzk0YjEtY2E3Zi00YTU3LThiN2It
MDZkM2M0ZTYzYzIwLzEvS1ZYYXhJaUVCOGZMYmFKeXUwQ05GY0xiSTBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi8zNzk0YjEtY2E3Zi00YTU3LThiN2ItMDZkM2M0ZTYzYzIw
LzEvZ3JMZzBBM1hjYW5rMWd1X1MtVWhGT3AzMndNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAdTfHAwQA
yrWZAwQA1AY1MA0EAgACMAcDBQMqECCAMA0GCSqGSIb3DQEBCwUAA4IBAQCcUlZU
4e3YGhXrqem+WihtrSpwl5LssQJN2irEBkkRYzQLNlHrU1aeY+Ar/NDCv3R3NbAE
G41AArps9zrcTUUReGzWYqv5BG6g7v50n1GWJDFSTw78TSgxyfDu+BEebU/4WO5T
57a/tIxXV0Pv82egkyr+GkqVABNL4GHAdTNcrFRK7R9p3pMM3F4a+EMkBa2RFVS7
f6wKhgP9+LKDqrQFGyUoBtHCnQ8eExCrLZYvE7leQ7adInpMsoeE1bS2aPSsUP+U
DpB3jRvHogf38M1kgjwndIeYEARl2l4fg6uzPg72pPJo+YQd6feyAk1TZX292LFr
Pb29YjWg4rv0mhsG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:57 2024 by rpki-client on console-fra.rpki-client.org