Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/bn6_vGzeC8h9PEoXTpVBiD-dshU.roa
File: bn6_vGzeC8h9PEoXTpVBiD-dshU.roa (raw, json)
Hash identifier: gsZs/pkzh/3wFI1mzAK47BzGXQnOnMhJmW0Al6b1+L8=
Subject key identifier: 6E:7E:BF:BC:6C:DE:0B:C8:7D:3C:4A:17:4E:95:41:88:3F:9D:B2:15
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 019424B2EC9D38679935DF836EF1F44DB1FA
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/bn6_vGzeC8h9PEoXTpVBiD-dshU.roa
Signing time: Thu 02 Jan 2025 01:48:13 +0000
ROA not before: Thu 02 Jan 2025 01:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35685
IP address blocks: 159.148.82.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 06 Jan 2025 11:08:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:ec:9d:38:67:99:35:df:83:6e:f1:f4:4d:b1:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 2 01:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6e7ebfbc6cde0bc87d3c4a174e9541883f9db215
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:c4:74:3c:5c:16:d2:83:6f:e2:15:77:fd:47:
d4:c2:c0:c5:21:49:3d:bb:9d:8a:fb:7b:6c:7f:8b:
20:8f:8f:72:3a:d3:6e:5a:98:66:42:2c:d8:db:af:
4f:f0:f8:7e:1a:a9:67:31:4c:be:ee:77:8f:df:f6:
da:f8:68:25:1d:29:a3:8c:69:5d:e0:46:b4:d8:d9:
ed:af:68:5e:d8:81:df:17:bb:51:15:d1:46:24:9e:
9b:0f:96:e1:3f:45:e6:b4:57:58:7c:b5:94:35:a6:
69:73:99:d0:98:57:d8:78:11:b3:ba:bf:17:5e:9a:
0e:f9:c8:d6:68:47:38:68:99:02:5e:cb:d7:8b:48:
86:62:df:89:ff:a2:a2:f4:85:be:fa:d2:7e:26:56:
86:4c:a8:39:d8:6b:92:74:94:7a:f3:be:eb:1b:ed:
c7:86:c7:db:2c:40:c4:dd:33:a3:b8:2d:64:44:76:
69:ec:5a:b1:c2:51:73:77:89:2d:b1:8f:6e:f0:c8:
bb:85:90:88:87:33:b7:15:26:fe:94:e5:ab:9f:99:
e1:0c:3e:cf:03:cb:96:8b:cc:21:e4:db:0e:51:d6:
97:dc:ed:fb:0a:91:49:8e:e2:c7:24:8c:8e:4d:8f:
eb:51:76:e7:7d:9f:6c:77:83:e8:1f:90:4f:d1:60:
41:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:7E:BF:BC:6C:DE:0B:C8:7D:3C:4A:17:4E:95:41:88:3F:9D:B2:15
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/bn6_vGzeC8h9PEoXTpVBiD-dshU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.148.82.0/24
Signature Algorithm: sha256WithRSAEncryption
84:49:17:15:13:3f:6d:b1:57:f6:05:eb:61:8e:61:6c:7e:b7:
93:bb:ed:b1:45:f3:1e:05:01:dc:55:26:29:f3:6f:5e:06:c7:
19:db:1e:a4:f0:7d:91:32:b6:af:a8:35:81:8b:29:08:0b:2a:
ec:fd:45:f2:f7:33:2b:c5:20:34:ac:32:a4:f1:54:60:42:42:
29:8c:4c:ea:84:90:b4:1d:4b:ce:e9:10:2d:fd:cd:c4:9f:9b:
b5:4f:88:dd:2f:8c:17:3f:02:22:f5:28:2e:ea:65:33:c5:46:
b0:16:b3:99:eb:84:2f:56:ff:a9:1c:ed:5f:33:39:5b:83:0c:
11:23:b6:6a:9b:be:a7:03:a6:63:78:8c:ca:c5:e8:5d:64:d6:
e1:24:ca:3d:84:92:6f:f1:d7:71:59:74:7e:ea:dd:21:4a:23:
3e:6b:8a:29:ce:3e:83:9c:99:68:5d:8a:8a:d7:1f:9b:75:6b:
5c:ce:5f:f5:ed:27:6e:a4:e0:8d:4b:91:12:8c:9e:54:3c:21:
e7:12:69:e6:9b:0e:70:d6:a5:2e:ff:f4:60:fa:b0:f8:e3:fc:
3d:30:53:f8:97:06:d2:d3:fc:7a:43:69:54:25:d0:2d:6b:af:
ba:65:78:5f:12:d4:e9:c5:a0:21:60:5e:da:03:f1:ce:21:6f:
f4:c2:f8:df
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQksuydOGeZNd+DbvH0TbH6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjUwMTAyMDE0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTdlYmZiYzZjZGUwYmM4N2QzYzRhMTc0ZTk1NDE4ODNmOWRiMjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv8R0PFwW0oNv4hV3/UfUwsDFIUk9
u52K+3tsf4sgj49yOtNuWphmQizY269P8Ph+GqlnMUy+7neP3/ba+GglHSmjjGld
4Ea02Nntr2he2IHfF7tRFdFGJJ6bD5bhP0XmtFdYfLWUNaZpc5nQmFfYeBGzur8X
XpoO+cjWaEc4aJkCXsvXi0iGYt+J/6Ki9IW++tJ+JlaGTKg52GuSdJR6877rG+3H
hsfbLEDE3TOjuC1kRHZp7FqxwlFzd4ktsY9u8Mi7hZCIhzO3FSb+lOWrn5nhDD7P
A8uWi8wh5NsOUdaX3O37CpFJjuLHJIyOTY/rUXbnfZ9sd4PoH5BP0WBB6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG5+v7xs3gvIfTxKF06VQYg/nbIVMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvYm42X3ZHemVDOGg5UEVvWFRwVkJpRC1kc2hVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAn5RSMA0G
CSqGSIb3DQEBCwUAA4IBAQCESRcVEz9tsVf2BethjmFsfreTu+2xRfMeBQHcVSYp
829eBscZ2x6k8H2RMravqDWBiykICyrs/UXy9zMrxSA0rDKk8VRgQkIpjEzqhJC0
HUvO6RAt/c3En5u1T4jdL4wXPwIi9Sgu6mUzxUawFrOZ64QvVv+pHO1fMzlbgwwR
I7Zqm76nA6ZjeIzKxehdZNbhJMo9hJJv8ddxWXR+6t0hSiM+a4opzj6DnJloXYqK
1x+bdWtczl/17SdupOCNS5ESjJ5UPCHnEmnmmw5w1qUu//Rg+rD44/w9MFP4lwbS
0/x6Q2lUJdAta6+6ZXhfEtTpxaAhYF7aA/HOIW/0wvjf
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:21:48 2025 by rpki-client