Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/11e13f-4cea-44af-81f9-b2cccf0eadab/1/KGKwT1akamk5wLNareIpemTRVno.roa
File: KGKwT1akamk5wLNareIpemTRVno.roa (raw, json)
Hash identifier: IT1NVDmi+ZvhE6noF8IAv/C+LNt+VvijufsYzLPjaDQ=
Subject key identifier: 28:62:B0:4F:56:A4:6A:69:39:C0:B3:5A:AD:E2:29:7A:64:D1:56:7A
Certificate issuer: /CN=333361fba8409174fb3c482b8ca26f235ebd22c2
Certificate serial: 01856CEF33C5269D41B4577BA04C0D10CC88
Authority key identifier: 33:33:61:FB:A8:40:91:74:FB:3C:48:2B:8C:A2:6F:23:5E:BD:22:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MzNh-6hAkXT7PEgrjKJvI169IsI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/11e13f-4cea-44af-81f9-b2cccf0eadab/1/KGKwT1akamk5wLNareIpemTRVno.roa
Signing time: Sun 01 Jan 2023 10:44:53 +0000
ROA not before: Sun 01 Jan 2023 10:44:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1054
IP address blocks: 2a0f:7880:201::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ef:33:c5:26:9d:41:b4:57:7b:a0:4c:0d:10:cc:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=333361fba8409174fb3c482b8ca26f235ebd22c2
Validity
Not Before: Jan 1 10:44:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2862b04f56a46a6939c0b35aade2297a64d1567a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:3d:05:43:d3:bc:f5:be:51:d8:06:ac:93:01:
16:0a:5d:1e:97:20:ca:d9:07:66:87:0a:ba:45:23:
00:0c:6b:37:23:cc:91:c3:a3:35:ea:92:15:98:12:
47:4f:09:fd:0c:a7:58:2b:c2:6c:45:20:3b:ee:5e:
2c:e4:e9:dc:f0:b8:9c:83:13:f7:c1:16:d1:f2:be:
ae:99:2d:f3:03:0c:c4:a9:d0:f9:9a:81:2e:3a:2a:
56:81:78:c0:6c:15:dc:4b:52:ef:15:1c:5f:63:c3:
65:c8:ce:02:a8:5f:d9:7d:de:82:58:51:50:28:29:
31:5e:dc:a4:d1:94:40:f9:09:e3:ad:7a:bc:83:2e:
a8:97:f1:bd:67:06:d9:c0:9c:b8:53:74:fa:c7:0f:
5c:f8:37:42:83:a6:a6:34:34:27:ae:7f:c1:3b:c4:
85:8c:09:05:15:fe:9c:f4:4b:c3:9d:aa:7c:02:7e:
79:0b:1a:cc:f5:9e:84:f3:e8:c1:88:a1:e9:f7:6c:
e0:04:02:63:08:19:1a:ad:d6:bd:d2:dd:77:6b:2b:
2c:95:7c:0f:33:00:f9:c2:ad:5d:a7:20:7a:5b:98:
bf:70:50:9a:a3:fa:0b:37:27:cd:ae:51:ec:3e:11:
b0:c6:d0:b7:37:f0:04:ac:d1:65:e0:fb:e8:38:f4:
24:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:62:B0:4F:56:A4:6A:69:39:C0:B3:5A:AD:E2:29:7A:64:D1:56:7A
X509v3 Authority Key Identifier:
keyid:33:33:61:FB:A8:40:91:74:FB:3C:48:2B:8C:A2:6F:23:5E:BD:22:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MzNh-6hAkXT7PEgrjKJvI169IsI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/11e13f-4cea-44af-81f9-b2cccf0eadab/1/KGKwT1akamk5wLNareIpemTRVno.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/11e13f-4cea-44af-81f9-b2cccf0eadab/1/MzNh-6hAkXT7PEgrjKJvI169IsI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:7880:201::/48
Signature Algorithm: sha256WithRSAEncryption
1b:bf:03:ce:2e:79:9e:a4:aa:6d:4e:ec:1d:f1:79:e6:0e:cc:
8e:23:42:8d:b0:a3:59:43:5e:4b:ca:2e:c3:f3:1c:f9:09:3b:
9d:55:e5:ba:d0:12:aa:17:5c:37:1e:9c:cf:85:d2:39:c0:99:
86:97:f1:47:25:da:db:7c:8b:ad:cc:c0:52:fe:a2:a4:59:9f:
d9:76:50:69:45:1d:f7:a1:cb:58:d3:39:28:96:f8:77:56:cb:
4e:69:0e:5b:b0:f8:c4:ed:6a:3a:cf:75:12:ee:f7:c8:17:db:
de:f3:23:35:4b:be:61:28:74:6f:ca:87:ba:7d:73:5f:d2:ff:
bd:0d:e8:96:af:c8:17:a4:45:91:55:f1:aa:22:b9:29:6a:c0:
27:ba:e1:78:75:c6:ca:04:d4:76:dc:9d:2a:37:05:72:93:2b:
31:3b:b6:f9:8b:a2:ef:3b:d7:9b:be:d2:d0:ee:f4:bb:0e:e3:
13:b4:ec:ca:48:bf:59:c9:ce:5a:66:02:44:ce:21:0d:ce:c9:
03:13:89:c0:5f:4f:8e:74:94:89:2d:2b:c8:5c:73:77:a0:18:
22:6f:e3:d6:54:3b:91:7f:b7:7f:d7:d0:43:c5:47:ab:4f:d7:
dc:3c:99:86:04:59:2d:6e:30:25:56:bb:84:55:ec:0f:65:55:
91:51:83:cc
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVs7zPFJp1BtFd7oEwNEMyIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzMzM2MWZiYTg0MDkxNzRmYjNjNDgyYjhjYTI2ZjIzNWVi
ZDIyYzIwHhcNMjMwMTAxMTA0NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODYyYjA0ZjU2YTQ2YTY5MzljMGIzNWFhZGUyMjk3YTY0ZDE1NjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjD0FQ9O89b5R2AaskwEWCl0elyDK
2Qdmhwq6RSMADGs3I8yRw6M16pIVmBJHTwn9DKdYK8JsRSA77l4s5Onc8LicgxP3
wRbR8r6umS3zAwzEqdD5moEuOipWgXjAbBXcS1LvFRxfY8NlyM4CqF/Zfd6CWFFQ
KCkxXtyk0ZRA+QnjrXq8gy6ol/G9ZwbZwJy4U3T6xw9c+DdCg6amNDQnrn/BO8SF
jAkFFf6c9EvDnap8An55CxrM9Z6E8+jBiKHp92zgBAJjCBkarda90t13aysslXwP
MwD5wq1dpyB6W5i/cFCao/oLNyfNrlHsPhGwxtC3N/AErNFl4PvoOPQkuwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFChisE9WpGppOcCzWq3iKXpk0VZ6MB8GA1UdIwQY
MBaAFDMzYfuoQJF0+zxIK4yibyNevSLCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXpOaC02aEFrWFQ3UEVncmpLSnZJMTY5SXNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi8xMWUxM2YtNGNlYS00NGFmLTgxZjkt
YjJjY2NmMGVhZGFiLzEvS0dLd1QxYWthbWs1d0xOYXJlSXBlbVRSVm5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi8xMWUxM2YtNGNlYS00NGFmLTgxZjktYjJjY2NmMGVhZGFi
LzEvTXpOaC02aEFrWFQ3UEVncmpLSnZJMTY5SXNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg94gAIB
MA0GCSqGSIb3DQEBCwUAA4IBAQAbvwPOLnmepKptTuwd8XnmDsyOI0KNsKNZQ15L
yi7D8xz5CTudVeW60BKqF1w3HpzPhdI5wJmGl/FHJdrbfIutzMBS/qKkWZ/ZdlBp
RR33octY0zkolvh3VstOaQ5bsPjE7Wo6z3US7vfIF9ve8yM1S75hKHRvyoe6fXNf
0v+9DeiWr8gXpEWRVfGqIrkpasAnuuF4dcbKBNR23J0qNwVykysxO7b5i6LvO9eb
vtLQ7vS7DuMTtOzKSL9Zyc5aZgJEziENzskDE4nAX0+OdJSJLSvIXHN3oBgib+PW
VDuRf7d/19BDxUerT9fcPJmGBFktbjAlVruEVewPZVWRUYPM
-----END CERTIFICATE-----
Generated at Tue Jan 2 16:34:51 2024 by rpki-client on console.sobornost.net