Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/7l-zV_vbGPew-G9rJRh6g1avHtk.roa
File: 7l-zV_vbGPew-G9rJRh6g1avHtk.roa (raw, json)
Hash identifier: IfmVKIOf7kELynfZj0fLkONjqY3N62BbOHBqIcCpvNs=
Subject key identifier: EE:5F:B3:57:FB:DB:18:F7:B0:F8:6F:6B:25:18:7A:83:56:AF:1E:D9
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 018F14EE50542F19738C9A680A4F5697A0CA
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/7l-zV_vbGPew-G9rJRh6g1avHtk.roa
Signing time: Thu 25 Apr 2024 11:05:13 +0000
ROA not before: Thu 25 Apr 2024 11:05:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 22773
IP address blocks: 159.255.32.0/21 maxlen: 24
188.214.236.0/22 maxlen: 24
188.253.12.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 28 May 2024 06:01:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:14:ee:50:54:2f:19:73:8c:9a:68:0a:4f:56:97:a0:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Apr 25 11:05:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ee5fb357fbdb18f7b0f86f6b25187a8356af1ed9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:16:55:4c:f3:a5:09:a8:28:0e:c2:8e:38:79:
16:40:17:b9:13:7a:1f:a9:b3:22:25:83:eb:11:f7:
63:28:14:96:48:5e:ce:92:a4:76:59:d0:2b:08:88:
b4:dd:41:53:20:e7:fe:11:8c:cc:6e:78:ee:cb:cd:
66:c9:62:0b:4c:ae:91:c8:f5:3e:29:79:77:b1:23:
ab:31:2c:1d:96:d1:4b:36:cb:1d:06:9c:67:da:96:
5d:52:5b:8f:84:9a:28:fa:37:63:72:7f:89:41:2d:
27:ab:65:a1:a3:4c:e7:27:b2:1e:07:40:d2:a6:77:
ee:cb:66:8e:42:19:13:55:d2:d0:86:71:8f:60:42:
46:c0:70:bd:a7:8b:ca:52:bf:cb:e3:ae:70:4e:d5:
50:0d:9d:51:12:bc:7e:3b:6a:16:60:87:a3:d2:11:
a7:5c:e5:15:a8:63:54:b2:28:f5:9f:5e:b1:87:4e:
0c:e0:6a:18:1e:21:b4:a8:29:0f:86:f8:71:d5:62:
04:d8:74:43:ac:f4:da:37:d4:1c:7c:a7:33:c4:3d:
ae:74:ad:c8:a2:bf:db:06:b0:41:ad:ff:74:00:65:
ef:c8:19:02:e0:66:f6:86:47:41:6e:1a:c9:4b:f7:
58:bb:ec:1e:bb:4d:59:7a:6e:6c:0f:5f:3e:0f:43:
f9:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:5F:B3:57:FB:DB:18:F7:B0:F8:6F:6B:25:18:7A:83:56:AF:1E:D9
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/7l-zV_vbGPew-G9rJRh6g1avHtk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.255.32.0/21
188.214.236.0/22
188.253.12.0/22
Signature Algorithm: sha256WithRSAEncryption
19:6a:5f:bd:13:98:ec:64:e9:68:b5:e8:99:38:36:d6:0d:ab:
83:d0:4b:3d:f8:bf:bc:37:19:e8:28:00:b4:fe:5c:95:b9:ba:
18:cd:19:8b:71:3f:ce:b7:25:5f:a0:f0:48:a8:6e:ee:82:ef:
16:66:1f:55:9a:22:2c:9e:52:ff:bc:6d:e2:e3:97:1c:ca:fe:
af:4d:c8:72:5f:31:6a:3a:6d:14:78:6d:84:23:73:0a:c8:19:
07:30:bc:d6:7e:9e:3a:d4:c9:8c:09:d1:d5:d4:b5:48:03:21:
44:2d:b7:3a:d8:f2:36:40:b9:77:74:73:06:b2:a6:7e:67:42:
0e:0f:05:6d:6f:58:03:23:95:45:fa:33:6f:22:27:b8:9a:20:
4d:dc:52:1e:f2:6c:14:77:cb:e8:1c:c3:b8:77:a2:8d:2f:e7:
98:a7:eb:06:a2:86:41:18:40:31:42:d5:87:8c:2c:ce:f6:4e:
be:88:e6:46:2c:89:3b:33:25:4b:1c:6b:52:db:e7:5b:5b:ec:
9d:74:57:4e:ff:21:72:41:39:f6:59:40:52:d4:ec:4b:f3:b7:
f9:32:13:b1:3c:4d:cb:d4:9c:ab:3c:1d:af:f3:e9:ec:70:3a:
72:2a:73:3e:e5:49:5b:95:b7:69:72:0b:2c:02:4b:9f:b8:31:
30:8e:a3:e1
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY8U7lBULxlzjJpoCk9Wl6DKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjQwNDI1MTEwNTEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTVmYjM1N2ZiZGIxOGY3YjBmODZmNmIyNTE4N2E4MzU2YWYxZWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAphZVTPOlCagoDsKOOHkWQBe5E3of
qbMiJYPrEfdjKBSWSF7OkqR2WdArCIi03UFTIOf+EYzMbnjuy81myWILTK6RyPU+
KXl3sSOrMSwdltFLNssdBpxn2pZdUluPhJoo+jdjcn+JQS0nq2Who0znJ7IeB0DS
pnfuy2aOQhkTVdLQhnGPYEJGwHC9p4vKUr/L465wTtVQDZ1RErx+O2oWYIej0hGn
XOUVqGNUsij1n16xh04M4GoYHiG0qCkPhvhx1WIE2HRDrPTaN9QcfKczxD2udK3I
or/bBrBBrf90AGXvyBkC4Gb2hkdBbhrJS/dYu+weu01Zem5sD18+D0P59wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFO5fs1f72xj3sPhvayUYeoNWrx7ZMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvN2wtelZfdmJHUGV3LUc5ckpSaDZnMWF2SHRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDn/8gAwQC
vNbsAwQCvP0MMA0GCSqGSIb3DQEBCwUAA4IBAQAZal+9E5jsZOloteiZODbWDauD
0Es9+L+8NxnoKAC0/lyVuboYzRmLcT/OtyVfoPBIqG7ugu8WZh9VmiIsnlL/vG3i
45ccyv6vTchyXzFqOm0UeG2EI3MKyBkHMLzWfp461MmMCdHV1LVIAyFELbc62PI2
QLl3dHMGsqZ+Z0IODwVtb1gDI5VF+jNvIie4miBN3FIe8mwUd8voHMO4d6KNL+eY
p+sGooZBGEAxQtWHjCzO9k6+iOZGLIk7MyVLHGtS2+dbW+yddFdO/yFyQTn2WUBS
1OxL87f5MhOxPE3L1JyrPB2v8+nscDpyKnM+5UlblbdpcgssAkufuDEwjqPh
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:15 2024 by rpki-client on console-ams.rpki-client.org