Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/5NSUBRTX9CQDBo9T1ILPSn9ONl4.roa
File: 5NSUBRTX9CQDBo9T1ILPSn9ONl4.roa (raw, json)
Hash identifier: GMvy7lfMHEccqb+UhaZSA0E6417Em2i2FJARuuXkPu0=
Subject key identifier: E4:D4:94:05:14:D7:F4:24:03:06:8F:53:D4:82:CF:4A:7F:4E:36:5E
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 0189CFEB1B6DECA1D97359D23A5BC43F55BC
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/5NSUBRTX9CQDBo9T1ILPSn9ONl4.roa
Signing time: Mon 07 Aug 2023 12:13:58 +0000
ROA not before: Mon 07 Aug 2023 12:13:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57844
IP address blocks: 159.148.109.0/24 maxlen: 24
159.148.234.0/24 maxlen: 24
159.148.66.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:cf:eb:1b:6d:ec:a1:d9:73:59:d2:3a:5b:c4:3f:55:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Aug 7 12:13:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e4d4940514d7f42403068f53d482cf4a7f4e365e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:82:3f:a1:04:6a:63:26:ac:6a:d9:ce:c5:7e:
79:9b:fb:c3:77:55:fb:62:ac:38:e3:eb:22:e4:78:
11:23:c5:b3:d3:27:d5:5e:30:31:91:fc:9b:9d:d0:
6f:46:0c:c5:24:df:e9:1d:d9:e2:75:5c:f5:f5:64:
1d:b3:4a:6b:38:7d:69:2f:da:85:17:a6:c1:43:ca:
ad:1a:a9:ca:40:21:78:e4:9d:f1:a7:91:c0:9c:29:
71:cb:b9:bb:6d:50:bf:b5:e5:3d:c0:1c:2f:ed:94:
a6:d6:15:d5:fc:fe:aa:53:d4:53:d8:e6:08:7a:e6:
3a:c3:d0:a0:e2:73:01:75:b4:97:40:7f:aa:f4:ff:
5a:f2:25:bd:d5:d0:8d:70:f3:fa:de:8b:9e:9d:54:
c4:c1:61:a1:c2:9d:d3:14:48:7d:ef:2e:cb:19:ac:
03:40:43:c1:d5:86:d8:c5:76:89:d6:86:d1:34:a0:
54:30:05:ad:6f:39:1c:c6:7b:67:6b:4c:3b:6d:2d:
18:39:ac:7a:9c:07:ea:7f:8b:5a:85:34:9e:1a:77:
5f:dd:09:54:4d:97:7a:08:27:7c:89:0c:6c:02:81:
87:b1:1a:e6:a6:cd:3b:ec:bc:be:c1:5b:27:e6:7e:
61:60:72:00:4b:be:d6:3f:a6:b3:0d:21:76:2c:bb:
58:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:D4:94:05:14:D7:F4:24:03:06:8F:53:D4:82:CF:4A:7F:4E:36:5E
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/5NSUBRTX9CQDBo9T1ILPSn9ONl4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.148.66.0/24
159.148.109.0/24
159.148.234.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:e7:25:ca:f7:5c:15:73:ab:3a:50:02:bc:cc:92:bd:b3:b7:
0c:84:d2:dd:2d:7d:e9:c5:e0:7a:0f:4f:21:86:65:b6:e6:b0:
5c:fd:57:d5:32:99:9f:41:f9:07:94:ad:54:7c:d8:12:32:fb:
c2:d0:a5:1b:44:37:7e:1a:91:cd:f2:ab:14:1b:e6:3b:e2:29:
9d:bd:ea:19:ed:c9:c5:45:2c:ce:2f:da:a8:da:96:70:e1:75:
3a:6e:b4:50:af:80:e4:d8:9e:87:69:f2:7a:d7:5a:62:e1:ad:
06:83:6e:5e:74:85:2e:b1:a1:c0:3e:e0:2f:12:47:66:2e:2e:
c8:36:52:c3:37:aa:56:3c:14:52:b1:8e:a0:fa:64:50:46:b9:
a0:95:5a:25:36:79:a3:24:f9:29:0d:7a:28:20:14:6a:e1:ff:
55:92:aa:54:48:e7:fe:96:37:22:37:49:a7:ae:57:30:ca:8c:
9c:f3:d9:c9:10:86:fd:f6:c9:62:7a:c0:3c:1b:ea:ad:3d:47:
8f:b9:8b:66:6c:03:cc:37:4f:b9:45:6c:7e:b6:5c:4a:c0:c9:
a6:1f:fd:80:d2:41:ea:da:e9:6b:72:37:5f:46:d8:7f:0e:34:
45:c7:6d:95:0c:14:a4:1b:c8:b3:b6:08:ff:88:d1:5e:13:61:
e4:cf:c1:6e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYnP6xtt7KHZc1nSOlvEP1W8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjMwODA3MTIxMzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGQ0OTQwNTE0ZDdmNDI0MDMwNjhmNTNkNDgyY2Y0YTdmNGUzNjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnII/oQRqYyasatnOxX55m/vDd1X7
Yqw44+si5HgRI8Wz0yfVXjAxkfybndBvRgzFJN/pHdnidVz19WQds0prOH1pL9qF
F6bBQ8qtGqnKQCF45J3xp5HAnClxy7m7bVC/teU9wBwv7ZSm1hXV/P6qU9RT2OYI
euY6w9Cg4nMBdbSXQH+q9P9a8iW91dCNcPP63ouenVTEwWGhwp3TFEh97y7LGawD
QEPB1YbYxXaJ1obRNKBUMAWtbzkcxntna0w7bS0YOax6nAfqf4tahTSeGndf3QlU
TZd6CCd8iQxsAoGHsRrmps077Ly+wVsn5n5hYHIAS77WP6azDSF2LLtYrQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOTUlAUU1/QkAwaPU9SCz0p/TjZeMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvNU5TVUJSVFg5Q1FEQm85VDFJTFBTbjlPTmw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAn5RCAwQA
n5RtAwQAn5TqMA0GCSqGSIb3DQEBCwUAA4IBAQBL5yXK91wVc6s6UAK8zJK9s7cM
hNLdLX3pxeB6D08hhmW25rBc/VfVMpmfQfkHlK1UfNgSMvvC0KUbRDd+GpHN8qsU
G+Y74imdveoZ7cnFRSzOL9qo2pZw4XU6brRQr4Dk2J6HafJ611pi4a0Gg25edIUu
saHAPuAvEkdmLi7INlLDN6pWPBRSsY6g+mRQRrmglVolNnmjJPkpDXooIBRq4f9V
kqpUSOf+ljciN0mnrlcwyoyc89nJEIb99sliesA8G+qtPUePuYtmbAPMN0+5RWx+
tlxKwMmmH/2A0kHq2ulrcjdfRth/DjRFx22VDBSkG8iztgj/iNFeE2Hkz8Fu
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:49:38 2024 by rpki-client on console-fra.rpki-client.org