Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/0fydYwrw4AtMyIqTeHCej49dkEM.roa
File: 0fydYwrw4AtMyIqTeHCej49dkEM.roa (raw, json)
Hash identifier: LUwDVsm8djxzdIpQONIjz6euWOYJT9XOZKNmEYA3rGw=
Subject key identifier: D1:FC:9D:63:0A:F0:E0:0B:4C:C8:8A:93:78:70:9E:8F:8F:5D:90:43
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 01856F0256D6D340099E7B3F8FD3884B3941
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/0fydYwrw4AtMyIqTeHCej49dkEM.roa
Signing time: Sun 01 Jan 2023 20:25:02 +0000
ROA not before: Sun 01 Jan 2023 20:25:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213022
IP address blocks: 159.148.103.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:02:56:d6:d3:40:09:9e:7b:3f:8f:d3:88:4b:39:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 1 20:25:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d1fc9d630af0e00b4cc88a9378709e8f8f5d9043
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:66:e2:b4:5a:f7:48:b7:b4:f1:7e:9c:53:fd:
3c:26:a8:8c:ff:cf:76:96:b3:25:14:9c:57:d2:e2:
64:00:8a:74:44:76:5a:ed:38:84:0d:69:ff:1e:5c:
34:9b:25:30:ba:df:95:90:5e:0f:dc:d1:fb:13:81:
33:fd:83:a5:56:ee:8a:fc:a9:e9:a8:0b:60:1b:59:
99:6c:89:f3:dc:0e:c6:06:97:92:dd:25:83:ac:45:
26:db:01:07:fe:5b:07:3c:9f:88:10:d9:55:7e:bb:
86:14:19:7d:7e:08:c2:34:5a:53:6f:56:5a:18:58:
ac:56:de:b4:40:7b:1b:41:f6:7e:fb:12:0e:1e:0b:
2e:c6:53:f0:b0:78:b9:61:e0:86:c5:b1:59:4b:b0:
8b:06:50:f5:87:0a:67:6e:12:ae:07:7f:38:a4:20:
ae:fb:a6:a6:2f:ee:aa:f8:65:85:1d:e7:ff:19:df:
a6:dc:1b:3b:91:ca:2b:ca:43:61:30:6f:20:7d:cc:
47:fe:28:2e:79:99:23:a4:cb:6f:a4:9f:9c:42:72:
ce:1b:df:86:b1:e9:94:68:43:66:51:88:01:34:a3:
12:5f:52:78:a2:51:3b:dc:2c:0d:e6:3c:7e:62:d2:
c5:18:7e:90:c2:6d:fd:db:22:1e:92:19:a3:16:28:
de:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:FC:9D:63:0A:F0:E0:0B:4C:C8:8A:93:78:70:9E:8F:8F:5D:90:43
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/0fydYwrw4AtMyIqTeHCej49dkEM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.148.103.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:8e:91:d5:15:a0:44:f6:d7:11:07:2a:e4:99:3c:43:ad:87:
6f:1a:ee:94:38:f1:93:5b:3d:19:bb:ba:cc:a4:c3:75:d7:15:
c9:91:5f:55:99:8f:63:6f:39:72:3d:ef:7a:87:c2:13:19:38:
f4:38:3b:78:ab:c8:b6:ca:85:da:7c:8a:9f:ea:41:e7:b5:29:
fe:2b:fb:c9:e3:9d:38:e3:97:0e:2d:78:dc:37:c0:b8:f7:71:
87:03:b2:81:a6:83:5c:3c:8d:48:2d:cf:be:a3:fe:3c:9c:55:
45:52:85:82:b8:30:53:fb:52:d9:e3:d0:80:b0:f5:ec:52:5b:
ef:49:02:e2:b6:e4:6c:00:74:26:83:19:9a:3f:da:17:f3:5a:
4c:99:04:9e:59:ef:42:12:cb:7e:1d:fc:83:ca:56:19:5d:20:
bb:d4:6c:0f:d2:9c:92:cc:cb:ea:65:f0:56:cb:c8:62:43:ac:
e5:0f:54:7f:45:df:79:d6:82:63:e0:a9:2e:03:f9:90:56:93:
aa:e4:98:df:f1:1d:3a:80:0f:60:6f:9f:c2:08:2c:f1:aa:8a:
c7:f7:19:bf:be:59:aa:7d:2b:67:c7:98:9b:6e:7f:81:25:aa:
5a:48:61:b9:50:7c:08:93:fc:48:95:47:53:03:15:02:af:eb:
7d:bf:55:2a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvAlbW00AJnns/j9OISzlBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjMwMTAxMjAyNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWZjOWQ2MzBhZjBlMDBiNGNjODhhOTM3ODcwOWU4ZjhmNWQ5MDQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr2bitFr3SLe08X6cU/08JqiM/892
lrMlFJxX0uJkAIp0RHZa7TiEDWn/Hlw0myUwut+VkF4P3NH7E4Ez/YOlVu6K/Knp
qAtgG1mZbInz3A7GBpeS3SWDrEUm2wEH/lsHPJ+IENlVfruGFBl9fgjCNFpTb1Za
GFisVt60QHsbQfZ++xIOHgsuxlPwsHi5YeCGxbFZS7CLBlD1hwpnbhKuB384pCCu
+6amL+6q+GWFHef/Gd+m3Bs7kcorykNhMG8gfcxH/igueZkjpMtvpJ+cQnLOG9+G
semUaENmUYgBNKMSX1J4olE73CwN5jx+YtLFGH6Qwm392yIekhmjFijejQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNH8nWMK8OALTMiKk3hwno+PXZBDMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvMGZ5ZFl3cnc0QXRNeUlxVGVIQ2VqNDlka0VNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAn5RnMA0G
CSqGSIb3DQEBCwUAA4IBAQB6jpHVFaBE9tcRByrkmTxDrYdvGu6UOPGTWz0Zu7rM
pMN11xXJkV9VmY9jbzlyPe96h8ITGTj0ODt4q8i2yoXafIqf6kHntSn+K/vJ4504
45cOLXjcN8C493GHA7KBpoNcPI1ILc++o/48nFVFUoWCuDBT+1LZ49CAsPXsUlvv
SQLituRsAHQmgxmaP9oX81pMmQSeWe9CEst+HfyDylYZXSC71GwP0pySzMvqZfBW
y8hiQ6zlD1R/Rd951oJj4KkuA/mQVpOq5Jjf8R06gA9gb5/CCCzxqorH9xm/vlmq
fStnx5ibbn+BJapaSGG5UHwIk/xIlUdTAxUCr+t9v1Uq
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:31:48 2024 by rpki-client on console-ams.rpki-client.org