Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/EqmOgQlhjQX5BFX6lhg0s1lUTJo.roa
File: EqmOgQlhjQX5BFX6lhg0s1lUTJo.roa (raw, json)
Hash identifier: 3X2KYgaa1q8rzErq3nf8VFi/fJ5cy3u9RdbHZjfLH8g=
Subject key identifier: 12:A9:8E:81:09:61:8D:05:F9:04:55:FA:96:18:34:B3:59:54:4C:9A
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 018F28B810A348768380130E82271F050098
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/EqmOgQlhjQX5BFX6lhg0s1lUTJo.roa
Signing time: Mon 29 Apr 2024 07:18:22 +0000
ROA not before: Mon 29 Apr 2024 07:18:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 133296
IP address blocks: 159.148.109.0/24 maxlen: 24
159.148.157.0/24 maxlen: 24
159.148.236.0/24 maxlen: 24
159.148.239.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 03 Jul 2024 09:54:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:28:b8:10:a3:48:76:83:80:13:0e:82:27:1f:05:00:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Apr 29 07:18:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=12a98e8109618d05f90455fa961834b359544c9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:0c:37:17:15:29:94:1d:6f:67:17:f4:df:b7:
27:a6:50:0d:77:b7:4f:09:a6:1b:ac:f7:e2:3d:b1:
1b:24:83:e9:f3:d1:18:56:3f:69:11:f9:29:1c:dd:
00:3e:7f:ae:bb:75:ed:79:01:75:fc:ea:2f:bb:4d:
c8:b3:04:d9:b4:21:49:6c:36:42:cd:14:1a:86:be:
04:e1:77:74:18:38:80:1d:00:d7:20:16:00:51:51:
48:43:c7:1c:cf:01:38:1f:b8:96:49:c9:df:cd:7b:
2d:db:83:d1:e1:97:82:82:2c:35:a9:56:bd:62:52:
58:9f:cb:97:33:9f:34:04:4f:63:c9:3a:34:f1:aa:
f4:e9:50:b8:24:56:b0:a4:f4:2a:f6:43:7c:fe:99:
6d:f5:66:b5:88:6f:6f:9b:a7:8a:7c:3c:24:c1:79:
cd:63:0c:c9:a6:1c:5e:5e:73:cf:3a:be:11:42:6d:
4c:a1:ad:e8:66:2d:da:6c:1c:41:da:a6:3c:0c:a4:
99:68:fc:bf:35:17:66:b4:75:b6:63:9c:27:b1:5a:
df:2b:3e:9e:8c:1b:e0:2c:19:48:51:04:7e:c5:5c:
de:16:3b:40:03:cb:08:1e:12:48:09:b4:1e:07:45:
d9:d0:45:f7:04:34:86:bd:48:63:6b:5d:7e:69:06:
e9:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:A9:8E:81:09:61:8D:05:F9:04:55:FA:96:18:34:B3:59:54:4C:9A
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/EqmOgQlhjQX5BFX6lhg0s1lUTJo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.148.109.0/24
159.148.157.0/24
159.148.236.0/24
159.148.239.0/24
Signature Algorithm: sha256WithRSAEncryption
bf:7d:0e:a7:a4:51:ef:d4:11:8c:73:37:1a:7d:58:0a:ec:c5:
cc:7d:c6:6c:5b:3a:d9:67:49:e6:c2:5c:f7:d9:28:cc:80:32:
9c:00:8c:25:0e:bb:96:e8:e7:7c:f6:51:ef:6b:61:9c:45:1f:
02:74:6f:d8:c8:07:0b:ac:31:37:c9:ce:f6:cf:c5:e7:d6:1e:
28:e7:af:77:8a:0c:f3:88:e0:9e:c9:89:51:55:27:46:ab:61:
90:08:86:b9:93:75:49:5c:a7:1c:bc:80:47:21:2e:c5:eb:c8:
42:80:83:9e:ec:56:af:ce:d1:1d:89:e2:e5:b7:2d:a3:d7:21:
6a:12:13:40:62:2f:11:a0:ac:bf:60:59:0a:a4:8b:32:cb:a7:
4d:bb:1b:ce:75:56:c8:3c:3b:e2:1a:5e:e1:3e:9d:3a:42:59:
d2:89:fd:88:57:86:18:b6:2b:d7:23:f9:6b:29:5a:42:ae:78:
40:23:4b:04:42:98:e9:23:a2:3c:32:ed:d3:e2:9d:f1:3b:68:
44:af:56:7b:ab:75:ea:bb:05:8e:30:5e:c3:bd:ca:59:b7:54:
71:dd:61:52:4d:96:9e:bc:e0:41:8b:85:88:1d:16:e6:8b:cf:
61:a5:3b:c4:a5:d3:55:89:4d:67:4c:50:b1:ef:8a:e3:76:21:
ee:49:9c:60
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY8ouBCjSHaDgBMOgicfBQCYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjQwNDI5MDcxODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMmE5OGU4MTA5NjE4ZDA1ZjkwNDU1ZmE5NjE4MzRiMzU5NTQ0YzlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsww3FxUplB1vZxf037cnplANd7dP
CaYbrPfiPbEbJIPp89EYVj9pEfkpHN0APn+uu3XteQF1/Oovu03IswTZtCFJbDZC
zRQahr4E4Xd0GDiAHQDXIBYAUVFIQ8cczwE4H7iWScnfzXst24PR4ZeCgiw1qVa9
YlJYn8uXM580BE9jyTo08ar06VC4JFawpPQq9kN8/plt9Wa1iG9vm6eKfDwkwXnN
YwzJphxeXnPPOr4RQm1Moa3oZi3abBxB2qY8DKSZaPy/NRdmtHW2Y5wnsVrfKz6e
jBvgLBlIUQR+xVzeFjtAA8sIHhJICbQeB0XZ0EX3BDSGvUhja11+aQbpywIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBKpjoEJYY0F+QRV+pYYNLNZVEyaMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvRXFtT2dRbGhqUVg1QkZYNmxoZzBzMWxVVEpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAn5RtAwQA
n5SdAwQAn5TsAwQAn5TvMA0GCSqGSIb3DQEBCwUAA4IBAQC/fQ6npFHv1BGMczca
fVgK7MXMfcZsWzrZZ0nmwlz32SjMgDKcAIwlDruW6Od89lHva2GcRR8CdG/YyAcL
rDE3yc72z8Xn1h4o5693igzziOCeyYlRVSdGq2GQCIa5k3VJXKccvIBHIS7F68hC
gIOe7FavztEdieLlty2j1yFqEhNAYi8RoKy/YFkKpIsyy6dNuxvOdVbIPDviGl7h
Pp06QlnSif2IV4YYtivXI/lrKVpCrnhAI0sEQpjpI6I8Mu3T4p3xO2hEr1Z7q3Xq
uwWOMF7DvcpZt1Rx3WFSTZaevOBBi4WIHRbmi89hpTvEpdNViU1nTFCx74rjdiHu
SZxg
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:27:43 2025 by rpki-client