Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/_KCqUD67dQUYEZN75q3pUCWLShk.roa
File: _KCqUD67dQUYEZN75q3pUCWLShk.roa (raw, json)
Hash identifier: Xo3pUOyywkzvBO4GfLBra0/Rs2l4m7iax51j0pEBPHI=
Subject key identifier: FC:A0:AA:50:3E:BB:75:05:18:11:93:7B:E6:AD:E9:50:25:8B:4A:19
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01892BD9D5B20CC35F6DDC6B5B8A5C3FEC1D
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/_KCqUD67dQUYEZN75q3pUCWLShk.roa
Signing time: Thu 06 Jul 2023 15:37:23 +0000
ROA not before: Thu 06 Jul 2023 15:37:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50225
IP address blocks: 192.124.170.0/24 maxlen: 24
212.192.223.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:2b:d9:d5:b2:0c:c3:5f:6d:dc:6b:5b:8a:5c:3f:ec:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jul 6 15:37:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fca0aa503ebb75051811937be6ade950258b4a19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:17:6c:0f:9b:be:23:2c:c0:4a:ce:c3:07:58:
37:b1:07:5d:c3:97:fb:b2:a1:22:44:82:c3:8f:5c:
7e:9e:1f:59:70:a5:b4:4b:04:82:da:66:2e:8a:f1:
b4:2d:3b:bb:a5:e7:0b:4e:f1:7b:73:2e:9f:11:b8:
b9:53:c0:b2:c2:0f:c2:16:0d:2f:66:20:93:4a:2d:
87:78:39:78:70:8b:da:21:36:36:c0:de:76:d2:b1:
52:58:a4:f9:e5:5f:ea:c0:ac:a7:c1:24:5a:c1:b0:
10:53:45:f0:bc:c1:9d:bd:a7:c0:64:bf:c7:8c:ae:
5f:78:88:be:e2:bc:6b:f4:2b:39:c6:b1:36:73:41:
48:98:6a:90:8b:c4:db:9e:f1:8f:ad:e0:fd:2b:12:
98:51:79:a8:38:15:74:40:2a:8d:bb:d5:38:dd:fb:
5e:05:ee:9d:d9:53:cb:cc:e0:2d:3a:65:55:b8:64:
56:39:0c:9f:d7:34:57:0e:2d:51:d0:53:37:ae:cd:
74:1a:29:6a:1d:f5:be:78:6a:4d:5d:9b:4a:74:ee:
92:b2:fb:87:ce:ba:6a:3d:34:fb:50:51:98:67:b0:
bd:ed:3f:44:1c:c1:09:a5:6c:c1:c0:78:b2:8f:10:
57:13:cb:18:6e:6a:18:fd:ea:3e:63:6e:23:77:de:
d5:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:A0:AA:50:3E:BB:75:05:18:11:93:7B:E6:AD:E9:50:25:8B:4A:19
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/_KCqUD67dQUYEZN75q3pUCWLShk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.170.0/24
212.192.223.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:f6:70:35:c2:e1:7c:23:1f:43:52:ed:55:ba:55:f2:15:3d:
25:b2:1b:12:ec:53:e1:8f:e3:7e:c3:a1:05:71:15:4c:9f:c2:
37:4a:f1:27:e6:09:fb:46:c0:1c:0d:49:18:66:03:cb:9f:9a:
e4:b8:fb:91:cb:23:e1:69:25:6d:ee:2c:a2:5d:78:40:af:8e:
1c:4b:1f:c2:86:56:20:95:ee:ff:f5:0c:1a:37:6c:80:e1:09:
88:e7:1e:ed:4b:fa:4d:5e:db:71:84:53:d6:c1:bf:5b:36:c1:
3c:70:bb:98:ff:07:8e:b0:dd:f5:f3:51:e7:4b:9f:a7:14:ce:
58:a3:5d:a0:96:72:ac:d7:7e:c7:df:98:ae:dc:9d:f0:50:b5:
5b:df:56:86:7a:50:25:be:a1:a1:27:02:db:17:aa:1f:00:9c:
d9:6c:24:58:52:fb:75:35:2e:48:f6:cc:cc:0b:50:f0:59:b7:
08:d1:d9:40:e9:04:d8:d4:8f:3b:c9:68:0d:45:1c:ea:64:5b:
5d:4c:74:80:35:8a:74:a7:e5:94:95:48:f4:93:84:60:a5:f9:
88:b0:a9:c6:96:bd:b4:1c:cb:50:a1:09:b1:de:7e:b2:cc:95:
59:6a:9f:11:73:91:63:97:df:b1:20:7e:ac:12:8d:3e:21:85:
cb:cb:23:2e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYkr2dWyDMNfbdxrW4pcP+wdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNzA2MTUzNzIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2EwYWE1MDNlYmI3NTA1MTgxMTkzN2JlNmFkZTk1MDI1OGI0YTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiBdsD5u+IyzASs7DB1g3sQddw5f7
sqEiRILDj1x+nh9ZcKW0SwSC2mYuivG0LTu7pecLTvF7cy6fEbi5U8Cywg/CFg0v
ZiCTSi2HeDl4cIvaITY2wN520rFSWKT55V/qwKynwSRawbAQU0XwvMGdvafAZL/H
jK5feIi+4rxr9Cs5xrE2c0FImGqQi8TbnvGPreD9KxKYUXmoOBV0QCqNu9U43fte
Be6d2VPLzOAtOmVVuGRWOQyf1zRXDi1R0FM3rs10GilqHfW+eGpNXZtKdO6SsvuH
zrpqPTT7UFGYZ7C97T9EHMEJpWzBwHiyjxBXE8sYbmoY/eo+Y24jd97VlwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPygqlA+u3UFGBGTe+at6VAli0oZMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvX0tDcVVENjdkUVVZRVpONzVxM3BVQ1dMU2hrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwHyqAwQA
1MDfMA0GCSqGSIb3DQEBCwUAA4IBAQCP9nA1wuF8Ix9DUu1VulXyFT0lshsS7FPh
j+N+w6EFcRVMn8I3SvEn5gn7RsAcDUkYZgPLn5rkuPuRyyPhaSVt7iyiXXhAr44c
Sx/ChlYgle7/9QwaN2yA4QmI5x7tS/pNXttxhFPWwb9bNsE8cLuY/weOsN3181Hn
S5+nFM5Yo12glnKs137H35iu3J3wULVb31aGelAlvqGhJwLbF6ofAJzZbCRYUvt1
NS5I9szMC1DwWbcI0dlA6QTY1I87yWgNRRzqZFtdTHSANYp0p+WUlUj0k4RgpfmI
sKnGlr20HMtQoQmx3n6yzJVZap8Rc5Fjl9+xIH6sEo0+IYXLyyMu
-----END CERTIFICATE-----
Generated at Mon Sep 25 15:51:48 2023 by rpki-client on console-ams.rpki-client.org