Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/FGSBcrEEyjDF8OXNCL8_-Ek5PI8.roa
File: FGSBcrEEyjDF8OXNCL8_-Ek5PI8.roa (raw, json)
Hash identifier: UqT3yqHATuctGAlD085hPWxXvD4IJOuzlCOhc+lQg/c=
Subject key identifier: 14:64:81:72:B1:04:CA:30:C5:F0:E5:CD:08:BF:3F:F8:49:39:3C:8F
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 018CC801221CF38929FE677E4FFCEFF8552C
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/FGSBcrEEyjDF8OXNCL8_-Ek5PI8.roa
Signing time: Tue 02 Jan 2024 02:29:26 +0000
ROA not before: Tue 02 Jan 2024 02:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 159.148.137.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:48:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:22:1c:f3:89:29:fe:67:7e:4f:fc:ef:f8:55:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 2 02:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=14648172b104ca30c5f0e5cd08bf3ff849393c8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:5e:a8:17:c2:d8:27:45:da:57:21:25:45:a2:
13:76:ce:af:72:f9:d4:74:be:ab:a1:4f:ae:36:65:
c0:6b:11:55:7c:0f:87:e3:ef:2e:2f:93:ac:10:67:
90:92:a6:cd:f2:8c:2e:e9:c9:26:98:d5:92:96:d7:
df:9d:a6:04:d0:fe:47:72:72:21:9f:22:ed:8a:c8:
2d:ff:46:69:04:ff:6a:95:83:41:d2:ad:81:b1:82:
7c:83:db:d9:5b:fc:19:d8:98:e2:a7:99:8f:0d:bb:
d2:10:4f:d0:82:72:51:34:3d:ef:b7:24:13:8f:b8:
86:f0:2b:62:3a:5b:b9:1a:a2:2a:a4:b7:cc:64:03:
f8:54:a7:e8:6b:50:64:1e:17:05:cc:06:a4:e0:24:
f1:ec:ed:b7:c0:ce:2f:a3:3a:65:5a:50:c9:7d:ba:
91:a1:03:54:85:19:9c:3b:59:b4:67:23:32:2a:d5:
50:95:87:67:78:0c:27:c1:8b:5f:87:e5:44:f0:75:
18:e2:b1:6a:8c:dd:99:e5:66:4d:cb:5f:09:86:c5:
ca:bd:e6:72:86:29:27:6a:60:53:2e:dc:96:0b:41:
38:7f:57:c3:2e:7f:2d:9a:78:ee:6f:4f:28:0a:38:
b3:95:3b:b2:c2:5c:2d:4f:8b:51:3d:f7:b9:6f:bf:
48:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:64:81:72:B1:04:CA:30:C5:F0:E5:CD:08:BF:3F:F8:49:39:3C:8F
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/FGSBcrEEyjDF8OXNCL8_-Ek5PI8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.148.137.0/24
Signature Algorithm: sha256WithRSAEncryption
98:22:07:c4:65:10:06:ef:3d:1f:88:e9:0b:2b:d6:49:4c:9f:
34:d5:ef:71:ed:69:db:ce:33:99:fd:29:6d:b3:d7:88:74:99:
df:49:79:ab:18:82:3a:9c:97:7e:10:66:64:b7:cd:27:f1:bc:
fb:93:3a:9f:36:6c:6e:ed:78:c1:e6:74:d7:cb:38:9c:d3:18:
8f:2f:57:3c:66:27:37:29:bb:9d:2c:a0:f2:50:34:6d:7e:df:
fa:7d:4b:5b:a7:bd:31:ca:65:3a:81:59:a1:f2:b9:e4:8e:0a:
fc:ac:61:95:88:28:ec:29:ff:ce:48:af:fe:89:3c:a1:1c:98:
d7:d0:bf:e2:cc:59:04:99:01:95:55:d5:5b:6d:2e:4a:23:e7:
e5:cc:1b:c0:80:f0:9f:7e:ad:b1:6b:81:90:bd:43:8b:ee:eb:
a0:1c:f7:a7:d3:04:03:db:f5:38:8c:fc:e0:0a:27:32:06:fd:
9c:8f:f7:db:93:93:93:f7:7e:33:99:b1:61:35:2f:bf:2d:5c:
55:30:19:f6:cc:9b:b5:b4:b5:73:86:ff:b7:38:c7:9c:a7:f5:
fe:bd:a9:18:21:0b:ff:22:d8:54:a4:07:91:12:a7:21:de:08:
b2:e6:c3:5d:19:08:0b:e4:79:92:49:35:4d:93:85:78:26:ce:
46:eb:d6:e8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIASIc84kp/md+T/zv+FUsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjQwMTAyMDIyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDY0ODE3MmIxMDRjYTMwYzVmMGU1Y2QwOGJmM2ZmODQ5MzkzYzhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4V6oF8LYJ0XaVyElRaITds6vcvnU
dL6roU+uNmXAaxFVfA+H4+8uL5OsEGeQkqbN8owu6ckmmNWSltffnaYE0P5HcnIh
nyLtisgt/0ZpBP9qlYNB0q2BsYJ8g9vZW/wZ2Jjip5mPDbvSEE/QgnJRND3vtyQT
j7iG8CtiOlu5GqIqpLfMZAP4VKfoa1BkHhcFzAak4CTx7O23wM4vozplWlDJfbqR
oQNUhRmcO1m0ZyMyKtVQlYdneAwnwYtfh+VE8HUY4rFqjN2Z5WZNy18JhsXKveZy
hiknamBTLtyWC0E4f1fDLn8tmnjub08oCjizlTuywlwtT4tRPfe5b79I8QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBRkgXKxBMowxfDlzQi/P/hJOTyPMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvRkdTQmNyRUV5akRGOE9YTkNMOF8tRWs1UEk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAn5SJMA0G
CSqGSIb3DQEBCwUAA4IBAQCYIgfEZRAG7z0fiOkLK9ZJTJ801e9x7WnbzjOZ/Slt
s9eIdJnfSXmrGII6nJd+EGZkt80n8bz7kzqfNmxu7XjB5nTXyzic0xiPL1c8Zic3
KbudLKDyUDRtft/6fUtbp70xymU6gVmh8rnkjgr8rGGViCjsKf/OSK/+iTyhHJjX
0L/izFkEmQGVVdVbbS5KI+flzBvAgPCffq2xa4GQvUOL7uugHPen0wQD2/U4jPzg
CicyBv2cj/fbk5OT934zmbFhNS+/LVxVMBn2zJu1tLVzhv+3OMecp/X+vakYIQv/
IthUpAeREqch3giy5sNdGQgL5HmSSTVNk4V4Js5G69bo
-----END CERTIFICATE-----
Generated at Thu Mar 13 21:26:02 2025 by rpki-client