Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/c261bf-6c6b-4b07-b5aa-c08c0446d613/1/K_0sSUNruEiBcfgm0TH7S0zodVk.roa
File: K_0sSUNruEiBcfgm0TH7S0zodVk.roa (raw, json)
Hash identifier: omaTBZDDM79Fy0QtZOA5vbS1rxCit26az+EcM8fB334=
Subject key identifier: 2B:FD:2C:49:43:6B:B8:48:81:71:F8:26:D1:31:FB:4B:4C:E8:75:59
Certificate issuer: /CN=b9e6c41a2b04fcd8f8e95718fa7d2e12cc44ac1f
Certificate serial: 018B862CA9E68C561913DA75DE4EA5525836
Authority key identifier: B9:E6:C4:1A:2B:04:FC:D8:F8:E9:57:18:FA:7D:2E:12:CC:44:AC:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uebEGisE_Nj46VcY-n0uEsxErB8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/c261bf-6c6b-4b07-b5aa-c08c0446d613/1/K_0sSUNruEiBcfgm0TH7S0zodVk.roa
Signing time: Tue 31 Oct 2023 14:39:15 +0000
ROA not before: Tue 31 Oct 2023 14:39:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216063
IP address blocks: 2a12:de40:200::/40 maxlen: 40
2a12:de40:20::/48 maxlen: 48
2a12:de40:21::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:33:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:86:2c:a9:e6:8c:56:19:13:da:75:de:4e:a5:52:58:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9e6c41a2b04fcd8f8e95718fa7d2e12cc44ac1f
Validity
Not Before: Oct 31 14:39:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2bfd2c49436bb8488171f826d131fb4b4ce87559
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:02:5a:66:d0:85:ad:72:3c:47:df:01:bd:7a:
5c:54:63:87:9f:bd:ad:10:80:13:84:29:75:3b:45:
77:b0:20:66:ee:00:e7:dd:e2:f9:53:db:9e:d6:67:
4d:f7:4f:d4:be:40:7c:96:27:b6:af:9e:99:32:3b:
24:55:43:c1:6e:fd:3e:f1:56:5d:b7:59:e1:1b:e2:
a9:93:c7:37:c7:b3:d5:34:f1:57:6a:ff:3e:91:a1:
48:1f:f8:c2:9d:6b:2b:15:28:24:f9:ba:6b:bb:38:
7e:7c:f8:99:0c:4d:c7:f1:0c:70:3e:cc:88:ec:cd:
5a:70:e2:ed:32:a9:c7:e8:28:cc:cc:51:7a:7c:48:
79:2e:8b:6d:93:e5:79:e8:14:21:de:c4:28:ae:b9:
ba:1d:7d:ab:1c:b7:54:db:0d:73:33:94:4b:64:59:
57:54:fd:b5:17:f4:f8:6b:28:91:29:96:e8:45:46:
00:f8:38:4f:38:a2:37:6c:f7:da:a9:ae:24:7a:6a:
31:c6:60:ff:38:2e:c0:a0:5b:af:7d:56:27:82:65:
24:a8:b2:9e:e8:48:21:69:26:21:d6:5e:33:06:2e:
f7:80:87:71:55:53:c2:50:6f:06:70:36:bc:19:08:
dc:5b:cb:28:df:b9:2c:32:75:42:77:6e:2c:5c:2a:
32:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:FD:2C:49:43:6B:B8:48:81:71:F8:26:D1:31:FB:4B:4C:E8:75:59
X509v3 Authority Key Identifier:
keyid:B9:E6:C4:1A:2B:04:FC:D8:F8:E9:57:18:FA:7D:2E:12:CC:44:AC:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uebEGisE_Nj46VcY-n0uEsxErB8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/c261bf-6c6b-4b07-b5aa-c08c0446d613/1/K_0sSUNruEiBcfgm0TH7S0zodVk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/c261bf-6c6b-4b07-b5aa-c08c0446d613/1/uebEGisE_Nj46VcY-n0uEsxErB8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:de40:20::/47
2a12:de40:200::/40
Signature Algorithm: sha256WithRSAEncryption
9c:54:e0:fe:d3:99:77:c1:38:71:ea:71:19:8d:08:76:4f:cf:
bd:04:e1:98:1d:73:05:94:ff:16:93:99:b6:27:47:bb:53:df:
c5:3f:2f:38:df:d3:7a:3e:00:c8:03:e4:65:7c:4b:64:e2:b7:
f8:60:32:5f:8c:3a:6b:b2:14:5e:ad:1f:75:b2:e4:11:e1:8d:
d6:91:70:c9:00:93:f7:2f:15:66:e3:7e:f2:22:c7:a7:9a:92:
53:ca:66:1a:8f:a8:e0:3c:25:c5:4c:52:ee:42:df:6f:8b:7a:
b3:88:b8:e7:e9:02:cd:39:0a:c0:dc:7f:08:0b:f0:47:bc:61:
cc:5e:8f:07:25:c7:e1:28:59:83:64:6b:0a:14:e1:6b:66:c0:
9b:71:ca:08:65:0c:e4:31:6f:a7:c2:ea:08:3c:af:c5:ab:2a:
70:2f:79:c3:3e:2c:c4:af:09:7c:4a:c9:16:13:86:35:a8:ca:
2f:89:d2:ca:62:31:d9:3b:fb:03:b8:17:09:f0:d2:83:fa:d6:
86:a2:54:47:80:ff:01:5b:6e:f2:c0:c5:76:66:8a:c1:e8:d6:
20:44:c3:1d:93:9f:cc:1b:2f:7a:d3:0e:a4:29:3f:d5:77:16:
34:4f:73:c4:4c:75:a0:04:26:5b:e2:71:7f:77:16:a3:63:95:
92:fe:77:77
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAYuGLKnmjFYZE9p13k6lUlg2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ZTZjNDFhMmIwNGZjZDhmOGU5NTcxOGZhN2QyZTEyY2M0
NGFjMWYwHhcNMjMxMDMxMTQzOTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmZkMmM0OTQzNmJiODQ4ODE3MWY4MjZkMTMxZmI0YjRjZTg3NTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvQJaZtCFrXI8R98BvXpcVGOHn72t
EIAThCl1O0V3sCBm7gDn3eL5U9ue1mdN90/UvkB8lie2r56ZMjskVUPBbv0+8VZd
t1nhG+Kpk8c3x7PVNPFXav8+kaFIH/jCnWsrFSgk+bpruzh+fPiZDE3H8QxwPsyI
7M1acOLtMqnH6CjMzFF6fEh5Lottk+V56BQh3sQorrm6HX2rHLdU2w1zM5RLZFlX
VP21F/T4ayiRKZboRUYA+DhPOKI3bPfaqa4kemoxxmD/OC7AoFuvfVYngmUkqLKe
6EghaSYh1l4zBi73gIdxVVPCUG8GcDa8GQjcW8so37ksMnVCd24sXCoyBQIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFCv9LElDa7hIgXH4JtEx+0tM6HVZMB8GA1UdIwQY
MBaAFLnmxBorBPzY+OlXGPp9LhLMRKwfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWViRUdpc0VfTmo0NlZjWS1uMHVFc3hFckI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9jMjYxYmYtNmM2Yi00YjA3LWI1YWEt
YzA4YzA0NDZkNjEzLzEvS18wc1NVTnJ1RWlCY2ZnbTBUSDdTMHpvZFZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9jMjYxYmYtNmM2Yi00YjA3LWI1YWEtYzA4YzA0NDZkNjEz
LzEvdWViRUdpc0VfTmo0NlZjWS1uMHVFc3hFckI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARAwcBKhLeQAAg
AwYAKhLeQAIwDQYJKoZIhvcNAQELBQADggEBAJxU4P7TmXfBOHHqcRmNCHZPz70E
4ZgdcwWU/xaTmbYnR7tT38U/Lzjf03o+AMgD5GV8S2Tit/hgMl+MOmuyFF6tH3Wy
5BHhjdaRcMkAk/cvFWbjfvIix6eaklPKZhqPqOA8JcVMUu5C32+LerOIuOfpAs05
CsDcfwgL8Ee8Ycxejwclx+EoWYNkawoU4WtmwJtxyghlDOQxb6fC6gg8r8WrKnAv
ecM+LMSvCXxKyRYThjWoyi+J0spiMdk7+wO4Fwnw0oP61oaiVEeA/wFbbvLAxXZm
isHo1iBEwx2Tn8wbL3rTDqQpP9V3FjRPc8RMdaAEJlvicX93FqNjlZL+d3c=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:01 2024 by rpki-client on console-ams.rpki-client.org