Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/FKW8KhFRCsrTswMlHmcv9fegrP0.roa
File: FKW8KhFRCsrTswMlHmcv9fegrP0.roa (raw, json)
Hash identifier: 1tqPeMR5NJ93VuzoVcztGMfdgNA09/ePJuAUok1vGqU=
Subject key identifier: 14:A5:BC:2A:11:51:0A:CA:D3:B3:03:25:1E:67:2F:F5:F7:A0:AC:FD
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 01856F0253915B3094DBB939B2EBF6674E4F
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/FKW8KhFRCsrTswMlHmcv9fegrP0.roa
Signing time: Sun 01 Jan 2023 20:25:01 +0000
ROA not before: Sun 01 Jan 2023 20:25:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207689
IP address blocks: 159.148.99.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:02:53:91:5b:30:94:db:b9:39:b2:eb:f6:67:4e:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 1 20:25:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=14a5bc2a11510acad3b303251e672ff5f7a0acfd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:c1:9f:c6:9f:8d:07:9e:1d:03:3f:8b:09:e8:
a5:56:60:63:a5:cd:3f:cd:94:5d:ef:f4:91:65:6f:
76:c7:2f:cb:7b:c2:5a:a0:20:46:43:92:a7:cd:b6:
6e:cd:b8:c4:09:bd:5f:31:f2:6e:d2:83:cc:6f:bb:
75:07:9c:d2:0a:99:54:f3:2f:19:17:99:3a:29:3f:
8b:79:3a:0f:e6:28:d9:70:9b:d2:65:95:f5:20:d4:
c3:fb:48:aa:91:a7:f0:e3:3c:f7:c7:7d:9d:05:ff:
d0:a3:29:c3:92:b4:b3:bc:09:f6:04:b3:78:35:66:
9d:50:0e:e8:29:8d:d5:7d:0b:21:91:db:b5:65:e4:
f6:35:44:96:a7:81:f4:12:a4:d9:1b:dd:42:98:a9:
e1:33:74:a6:bc:76:53:7e:56:eb:98:f3:36:a8:5a:
af:20:8e:07:03:80:74:00:3a:2c:18:11:9b:5e:ad:
a3:4b:0f:8b:a9:9e:7c:f7:d6:d9:bc:0c:8f:6b:4e:
28:b6:e1:77:9c:19:44:0c:b4:c4:e2:5d:24:82:97:
7a:a0:5d:fd:df:9a:9d:e4:7f:8b:2e:6a:3c:ff:3b:
bc:f3:aa:9a:9b:96:6f:03:ce:1d:a0:f2:ca:ff:e4:
61:21:79:b7:6a:c2:54:5e:86:6e:76:c9:a1:01:bd:
70:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:A5:BC:2A:11:51:0A:CA:D3:B3:03:25:1E:67:2F:F5:F7:A0:AC:FD
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/FKW8KhFRCsrTswMlHmcv9fegrP0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.148.99.0/24
Signature Algorithm: sha256WithRSAEncryption
63:86:1d:9d:26:06:e2:93:d1:c0:1f:9b:81:9a:05:f7:10:69:
7a:10:b7:c6:41:04:e3:fc:95:d0:50:58:15:8f:89:61:13:e1:
1a:82:4d:92:fc:f4:36:86:51:ed:32:0f:b2:5f:60:c5:34:87:
8d:07:43:c8:f6:7d:b3:23:be:be:d1:c8:78:58:97:b8:b7:58:
69:4d:eb:84:4e:df:21:8d:3f:a6:10:b0:72:e2:60:e1:eb:2d:
c0:67:3b:af:d5:4c:78:34:e8:10:cf:c1:2a:66:50:5f:9f:bd:
fc:d7:0b:b6:74:d3:1e:7a:b3:a4:9a:a4:2e:2f:63:1b:74:06:
f6:95:06:7e:01:25:38:5d:89:b8:d1:d8:56:7a:5b:de:fe:3b:
1a:25:a1:1e:9b:2a:a3:b4:d0:fb:ca:e2:eb:d7:97:24:e7:d4:
2c:c9:b1:70:ed:4d:31:d0:2e:29:68:9e:56:0c:c8:ea:58:51:
2e:9e:03:84:0a:96:45:a4:f3:39:70:ee:d0:dc:f8:d7:fc:ea:
77:40:3b:c6:18:48:d8:62:43:e7:bf:5b:b5:ab:07:6d:91:32:
62:c1:cb:40:78:c9:64:d2:ee:d7:c7:f5:d1:24:74:93:6f:40:
15:9c:70:ef:3c:fd:5e:c5:f0:ba:c5:54:2f:e0:32:0b:11:48:
42:5c:fb:5f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvAlORWzCU27k5suv2Z05PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjMwMTAxMjAyNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGE1YmMyYTExNTEwYWNhZDNiMzAzMjUxZTY3MmZmNWY3YTBhY2ZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgsGfxp+NB54dAz+LCeilVmBjpc0/
zZRd7/SRZW92xy/Le8JaoCBGQ5KnzbZuzbjECb1fMfJu0oPMb7t1B5zSCplU8y8Z
F5k6KT+LeToP5ijZcJvSZZX1INTD+0iqkafw4zz3x32dBf/QoynDkrSzvAn2BLN4
NWadUA7oKY3VfQshkdu1ZeT2NUSWp4H0EqTZG91CmKnhM3SmvHZTflbrmPM2qFqv
II4HA4B0ADosGBGbXq2jSw+LqZ5899bZvAyPa04otuF3nBlEDLTE4l0kgpd6oF39
35qd5H+LLmo8/zu886qam5ZvA84doPLK/+RhIXm3asJUXoZudsmhAb1wEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBSlvCoRUQrK07MDJR5nL/X3oKz9MB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvRktXOEtoRlJDc3JUc3dNbEhtY3Y5ZmVnclAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAn5RjMA0G
CSqGSIb3DQEBCwUAA4IBAQBjhh2dJgbik9HAH5uBmgX3EGl6ELfGQQTj/JXQUFgV
j4lhE+Eagk2S/PQ2hlHtMg+yX2DFNIeNB0PI9n2zI76+0ch4WJe4t1hpTeuETt8h
jT+mELBy4mDh6y3AZzuv1Ux4NOgQz8EqZlBfn7381wu2dNMeerOkmqQuL2MbdAb2
lQZ+ASU4XYm40dhWelve/jsaJaEemyqjtND7yuLr15ck59QsybFw7U0x0C4paJ5W
DMjqWFEungOECpZFpPM5cO7Q3PjX/Op3QDvGGEjYYkPnv1u1qwdtkTJiwctAeMlk
0u7Xx/XRJHSTb0AVnHDvPP1exfC6xVQv4DILEUhCXPtf
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:49:38 2024 by rpki-client on console-fra.rpki-client.org