Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/KRa2QmHdldT1FGXaoNuJz09UqCc.roa
File: KRa2QmHdldT1FGXaoNuJz09UqCc.roa (raw, json)
Hash identifier: YGF8JO123OChpETUEb54cBHvpmynDkWLG//uW1pw/tI=
Subject key identifier: 29:16:B6:42:61:DD:95:D4:F5:14:65:DA:A0:DB:89:CF:4F:54:A8:27
Certificate issuer: /CN=fd37cc8f16b3c6cbd3346aa3ed61771f3e83ac97
Certificate serial: 01856C813A3070E677F7AF5E9E685C182F28
Authority key identifier: FD:37:CC:8F:16:B3:C6:CB:D3:34:6A:A3:ED:61:77:1F:3E:83:AC:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_TfMjxazxsvTNGqj7WF3Hz6DrJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/KRa2QmHdldT1FGXaoNuJz09UqCc.roa
Signing time: Sun 01 Jan 2023 08:44:46 +0000
ROA not before: Sun 01 Jan 2023 08:44:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 64474
IP address blocks: 2a0d:7440:22::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:30:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:81:3a:30:70:e6:77:f7:af:5e:9e:68:5c:18:2f:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd37cc8f16b3c6cbd3346aa3ed61771f3e83ac97
Validity
Not Before: Jan 1 08:44:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2916b64261dd95d4f51465daa0db89cf4f54a827
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:12:b8:42:6d:65:ed:01:4e:d2:c8:5b:e3:3d:
d1:78:04:aa:a6:16:d0:35:31:fc:70:cc:c5:a7:96:
cc:09:40:82:a5:4a:a2:d5:99:7f:dd:86:3b:f7:3f:
46:29:f6:27:6f:e1:26:d6:37:66:93:9e:d9:80:53:
75:87:b9:c4:8d:46:bb:3f:07:c1:7f:db:ab:45:94:
0c:76:ad:bf:00:44:1f:a2:70:4d:42:8a:8d:6d:a5:
f1:43:93:07:3f:2a:ae:b5:c3:f9:45:33:05:ac:a9:
cf:a4:5b:bf:63:8b:58:63:8f:ce:7a:dc:20:70:86:
fb:89:08:1a:49:58:b0:80:81:64:c9:68:49:35:cd:
93:2e:78:a3:72:1a:fc:d4:53:64:bd:82:8c:6a:59:
ec:e4:e1:6e:55:74:88:8d:f6:2c:52:9d:0b:27:1f:
7a:74:2c:4a:d6:29:5d:42:59:53:dd:a7:9a:77:d6:
48:67:69:8d:d0:84:18:09:73:d4:71:c0:3d:b3:9a:
e1:5f:f6:16:eb:a6:b4:95:a3:05:02:a7:cb:6f:7f:
55:48:6d:6c:19:24:74:a5:b4:6d:1d:e2:0c:6a:60:
ab:f8:f9:64:a0:8c:8c:5f:76:82:09:58:8e:9f:53:
17:df:1b:ad:f5:1f:69:e6:9f:2c:0d:9b:5a:fb:22:
2f:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:16:B6:42:61:DD:95:D4:F5:14:65:DA:A0:DB:89:CF:4F:54:A8:27
X509v3 Authority Key Identifier:
keyid:FD:37:CC:8F:16:B3:C6:CB:D3:34:6A:A3:ED:61:77:1F:3E:83:AC:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_TfMjxazxsvTNGqj7WF3Hz6DrJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/KRa2QmHdldT1FGXaoNuJz09UqCc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/_TfMjxazxsvTNGqj7WF3Hz6DrJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:7440:22::/48
Signature Algorithm: sha256WithRSAEncryption
89:51:2c:67:d4:73:01:c7:e4:7c:e1:91:7e:36:a6:de:dc:da:
c1:5b:1b:90:39:f5:9e:a0:b1:58:5a:d3:8b:25:01:ec:61:b8:
ad:0d:4e:5e:32:dd:46:25:56:08:1b:87:d5:38:d0:2c:4b:bf:
7d:b9:d3:60:f5:1e:d2:8f:1e:b8:21:24:dd:d8:4a:10:db:5a:
23:22:cd:79:b9:ba:05:38:a7:98:08:f5:73:68:16:93:56:6c:
32:49:61:14:dd:b6:1f:14:f6:4d:5c:d8:82:16:6b:f4:fd:51:
eb:3b:c8:0b:f9:3a:70:25:d2:b6:be:34:fa:c2:ca:d9:61:3e:
ef:90:8b:e8:94:ce:bd:03:80:8c:0f:c8:5e:ad:52:09:a9:88:
a2:d4:a3:38:11:2f:ec:ca:f3:09:70:20:2c:02:2e:e9:43:2a:
b3:12:b5:cf:c5:23:56:bb:de:0a:1e:de:ac:88:5c:b3:e0:b3:
dc:35:0a:9f:e5:25:59:c0:13:c9:6a:6b:44:f8:39:ab:b8:d7:
0a:08:bb:57:8f:07:2e:a6:5d:e9:20:61:b2:24:88:d5:24:c7:
0b:ae:a6:98:48:4e:b1:83:53:1f:42:6c:c8:db:df:c0:1d:2c:
56:6a:4d:67:c4:ee:52:86:1f:f1:b6:2c:75:4f:27:27:24:85:
b1:39:b6:46
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVsgTowcOZ3969enmhcGC8oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkMzdjYzhmMTZiM2M2Y2JkMzM0NmFhM2VkNjE3NzFmM2U4
M2FjOTcwHhcNMjMwMTAxMDg0NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTE2YjY0MjYxZGQ5NWQ0ZjUxNDY1ZGFhMGRiODljZjRmNTRhODI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqxK4Qm1l7QFO0shb4z3ReASqphbQ
NTH8cMzFp5bMCUCCpUqi1Zl/3YY79z9GKfYnb+Em1jdmk57ZgFN1h7nEjUa7PwfB
f9urRZQMdq2/AEQfonBNQoqNbaXxQ5MHPyqutcP5RTMFrKnPpFu/Y4tYY4/Oetwg
cIb7iQgaSViwgIFkyWhJNc2TLnijchr81FNkvYKMalns5OFuVXSIjfYsUp0LJx96
dCxK1ildQllT3aead9ZIZ2mN0IQYCXPUccA9s5rhX/YW66a0laMFAqfLb39VSG1s
GSR0pbRtHeIMamCr+PlkoIyMX3aCCViOn1MX3xut9R9p5p8sDZta+yIvDQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCkWtkJh3ZXU9RRl2qDbic9PVKgnMB8GA1UdIwQY
MBaAFP03zI8Ws8bL0zRqo+1hdx8+g6yXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1RmTWp4YXp4c3ZUTkdxajdXRjNIejZEckpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8wNWUxN2YtZDMxZi00MzFmLWE4YmMt
N2UwNWFiNDFiNmU0LzEvS1JhMlFtSGRsZFQxRkdYYW9OdUp6MDlVcUNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8wNWUxN2YtZDMxZi00MzFmLWE4YmMtN2UwNWFiNDFiNmU0
LzEvX1RmTWp4YXp4c3ZUTkdxajdXRjNIejZEckpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg10QAAi
MA0GCSqGSIb3DQEBCwUAA4IBAQCJUSxn1HMBx+R84ZF+Nqbe3NrBWxuQOfWeoLFY
WtOLJQHsYbitDU5eMt1GJVYIG4fVONAsS799udNg9R7Sjx64ISTd2EoQ21ojIs15
uboFOKeYCPVzaBaTVmwySWEU3bYfFPZNXNiCFmv0/VHrO8gL+TpwJdK2vjT6wsrZ
YT7vkIvolM69A4CMD8herVIJqYii1KM4ES/syvMJcCAsAi7pQyqzErXPxSNWu94K
Ht6siFyz4LPcNQqf5SVZwBPJamtE+DmruNcKCLtXjwcupl3pIGGyJIjVJMcLrqaY
SE6xg1MfQmzI29/AHSxWak1nxO5Shh/xtix1TycnJIWxObZG
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:32 2024 by rpki-client on console-ams.rpki-client.org