Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/d582c4-36e3-4a57-8752-e641e713d1fa/1/KPiOtqt9uk6XW-laUj3B8N-RRwI.roa
File: KPiOtqt9uk6XW-laUj3B8N-RRwI.roa (raw, json)
Hash identifier: QWM+LG4adXemCc1X02Lav5D9/fWpDg2wJE0hl18Q9yg=
Subject key identifier: 28:F8:8E:B6:AB:7D:BA:4E:97:5B:E9:5A:52:3D:C1:F0:DF:91:47:02
Certificate issuer: /CN=d0299cf12b38ff12d95ffc0d13ac12c69fe2c1ca
Certificate serial: 0188CED93D8673FF4D5F3F82961DA34A69F6
Authority key identifier: D0:29:9C:F1:2B:38:FF:12:D9:5F:FC:0D:13:AC:12:C6:9F:E2:C1:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Cmc8Ss4_xLZX_wNE6wSxp_iwco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/d582c4-36e3-4a57-8752-e641e713d1fa/1/KPiOtqt9uk6XW-laUj3B8N-RRwI.roa
Signing time: Sun 18 Jun 2023 14:12:03 +0000
ROA not before: Sun 18 Jun 2023 14:12:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50643
IP address blocks: 176.117.88.0/21 maxlen: 21
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:ce:d9:3d:86:73:ff:4d:5f:3f:82:96:1d:a3:4a:69:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0299cf12b38ff12d95ffc0d13ac12c69fe2c1ca
Validity
Not Before: Jun 18 14:12:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=28f88eb6ab7dba4e975be95a523dc1f0df914702
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:b1:e0:bb:c8:79:cc:80:42:92:e3:b6:7e:53:
6c:8c:e1:55:64:6c:38:f3:5b:90:82:2f:51:c9:dd:
1d:aa:55:46:1f:4a:64:d8:08:71:fe:12:00:65:cd:
24:21:72:68:12:68:3f:60:b2:9a:8e:33:25:1c:9a:
00:85:af:ea:25:e4:5c:cb:4e:bb:17:c0:2f:f9:42:
5e:ad:cc:64:df:cf:23:f3:c6:25:cf:39:6d:90:5f:
80:f3:3c:c0:84:54:79:65:7a:de:7d:5b:30:e1:80:
bf:7f:83:87:dd:24:3b:58:15:fa:06:f4:4c:7a:72:
5f:47:9e:47:86:30:56:16:d4:89:1d:24:c2:24:76:
d3:46:d3:33:17:bd:59:6b:d1:d3:9a:d5:fb:da:b1:
35:ea:fb:1c:de:30:2e:66:84:38:28:1c:5b:2b:b9:
88:6b:e4:c8:4a:b5:92:f7:63:fa:d0:66:b1:65:fb:
74:95:1d:c3:98:5b:06:f5:45:9c:f6:62:9b:6d:70:
32:7e:b8:d3:e5:6a:95:31:c0:b5:1a:96:4b:be:4d:
81:c2:d9:1f:77:39:f3:d3:b8:dd:9b:ce:3a:3b:86:
12:dc:bb:18:c9:f0:b7:5a:d9:5b:77:4d:60:30:5d:
c2:f0:c4:68:d3:2a:66:ca:62:1d:d5:48:a2:66:e7:
9c:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:F8:8E:B6:AB:7D:BA:4E:97:5B:E9:5A:52:3D:C1:F0:DF:91:47:02
X509v3 Authority Key Identifier:
keyid:D0:29:9C:F1:2B:38:FF:12:D9:5F:FC:0D:13:AC:12:C6:9F:E2:C1:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Cmc8Ss4_xLZX_wNE6wSxp_iwco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/d582c4-36e3-4a57-8752-e641e713d1fa/1/KPiOtqt9uk6XW-laUj3B8N-RRwI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/d582c4-36e3-4a57-8752-e641e713d1fa/1/0Cmc8Ss4_xLZX_wNE6wSxp_iwco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.117.88.0/21
Signature Algorithm: sha256WithRSAEncryption
03:31:04:fa:2f:d4:b3:e7:9d:b9:64:b4:af:af:76:ae:5f:47:
29:04:5b:7c:23:e3:62:ec:9a:5e:df:cd:bb:47:60:a6:83:b2:
bf:b9:a7:59:c5:81:84:6d:a3:1d:fd:13:59:cb:e4:b9:b8:86:
95:3c:d1:5b:c8:62:89:55:fa:18:3e:3f:53:09:10:f9:91:50:
50:fe:e7:a1:b2:f1:2a:13:06:97:47:a2:34:a4:24:e9:ab:a7:
35:f0:ee:e3:be:22:dd:cc:3f:a5:65:2d:4e:3a:a4:31:0b:12:
92:61:90:8f:e1:13:21:3b:f0:56:89:5a:0d:ea:7b:53:b7:86:
dd:88:46:b1:88:a0:9a:1f:79:dd:22:e6:a9:a1:b2:26:b7:df:
1a:51:8a:2b:9d:ad:0b:93:23:14:e2:d0:d5:be:f3:d8:47:a4:
ee:fd:a9:8a:d0:ad:ce:b1:46:31:78:c1:56:43:05:67:a4:84:
28:4d:67:4a:69:a5:16:3c:25:b0:7e:7e:a0:ba:85:e5:67:58:
38:02:5f:29:1c:c1:70:af:a2:d2:c6:27:4f:17:58:24:63:e4:
78:ce:da:f8:f3:d8:f2:37:51:75:71:72:b9:87:22:61:e7:ba:
bb:d1:c8:4e:68:62:29:ba:b7:dd:77:25:84:94:51:ab:e7:5e:
81:30:04:36
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYjO2T2Gc/9NXz+Clh2jSmn2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMjk5Y2YxMmIzOGZmMTJkOTVmZmMwZDEzYWMxMmM2OWZl
MmMxY2EwHhcNMjMwNjE4MTQxMjAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGY4OGViNmFiN2RiYTRlOTc1YmU5NWE1MjNkYzFmMGRmOTE0NzAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsrHgu8h5zIBCkuO2flNsjOFVZGw4
81uQgi9Ryd0dqlVGH0pk2Ahx/hIAZc0kIXJoEmg/YLKajjMlHJoAha/qJeRcy067
F8Av+UJercxk388j88YlzzltkF+A8zzAhFR5ZXrefVsw4YC/f4OH3SQ7WBX6BvRM
enJfR55HhjBWFtSJHSTCJHbTRtMzF71Za9HTmtX72rE16vsc3jAuZoQ4KBxbK7mI
a+TISrWS92P60GaxZft0lR3DmFsG9UWc9mKbbXAyfrjT5WqVMcC1GpZLvk2Bwtkf
dznz07jdm846O4YS3LsYyfC3Wtlbd01gMF3C8MRo0ypmymId1UiiZuecnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCj4jrarfbpOl1vpWlI9wfDfkUcCMB8GA1UdIwQY
MBaAFNApnPErOP8S2V/8DROsEsaf4sHKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMENtYzhTczRfeExaWF93TkU2d1N4cF9pd2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9kNTgyYzQtMzZlMy00YTU3LTg3NTIt
ZTY0MWU3MTNkMWZhLzEvS1BpT3RxdDl1azZYVy1sYVVqM0I4Ti1SUndJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9kNTgyYzQtMzZlMy00YTU3LTg3NTItZTY0MWU3MTNkMWZh
LzEvMENtYzhTczRfeExaWF93TkU2d1N4cF9pd2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDsHVYMA0G
CSqGSIb3DQEBCwUAA4IBAQADMQT6L9Sz5525ZLSvr3auX0cpBFt8I+Ni7Jpe3827
R2Cmg7K/uadZxYGEbaMd/RNZy+S5uIaVPNFbyGKJVfoYPj9TCRD5kVBQ/uehsvEq
EwaXR6I0pCTpq6c18O7jviLdzD+lZS1OOqQxCxKSYZCP4RMhO/BWiVoN6ntTt4bd
iEaxiKCaH3ndIuapobImt98aUYorna0LkyMU4tDVvvPYR6Tu/amK0K3OsUYxeMFW
QwVnpIQoTWdKaaUWPCWwfn6guoXlZ1g4Al8pHMFwr6LSxidPF1gkY+R4ztr489jy
N1F1cXK5hyJh57q70chOaGIpurfddyWElFGr516BMAQ2
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:53 2023 by rpki-client on console-ams.rpki-client.org