Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/Fu9hcthSWxo5dF9E3eW85najGJY.roa
File: Fu9hcthSWxo5dF9E3eW85najGJY.roa (raw, json)
Hash identifier: iZeYNavSpGYcxm8Wj2zwDB3oHKFN7B1YM6LI2h8e5Oc=
Subject key identifier: 16:EF:61:72:D8:52:5B:1A:39:74:5F:44:DD:E5:BC:E6:76:A3:18:96
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 018BAF326693E2FBDDC970CE6EDB3F07327A
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/Fu9hcthSWxo5dF9E3eW85najGJY.roa
Signing time: Wed 08 Nov 2023 13:49:57 +0000
ROA not before: Wed 08 Nov 2023 13:49:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59993
IP address blocks: 159.148.121.0/24 maxlen: 24
159.148.129.0/24 maxlen: 24
159.148.143.0/24 maxlen: 24
159.148.149.0/24 maxlen: 24
159.148.159.0/24 maxlen: 24
159.148.77.0/24 maxlen: 24
159.148.73.0/24 maxlen: 24
159.148.74.0/24 maxlen: 24
159.148.98.0/24 maxlen: 24
159.148.243.0/24 maxlen: 24
159.148.242.0/24 maxlen: 24
159.148.182.0/24 maxlen: 24
159.148.183.0/24 maxlen: 24
159.148.185.0/24 maxlen: 24
159.148.204.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:af:32:66:93:e2:fb:dd:c9:70:ce:6e:db:3f:07:32:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Nov 8 13:49:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=16ef6172d8525b1a39745f44dde5bce676a31896
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:0a:0c:e2:86:c8:aa:e4:6d:f5:f3:5a:ad:ff:
0d:94:55:18:69:4c:bd:72:cd:f9:2a:61:53:52:58:
58:71:a8:b0:75:cd:f9:92:cc:16:86:48:d5:7a:18:
0d:27:3b:20:5d:21:ba:14:f9:0c:94:65:3e:7c:3c:
11:3a:9a:95:04:99:58:1c:20:46:2d:f3:46:9f:c7:
32:34:4a:bc:7b:30:4c:33:e4:6a:db:ed:bb:b6:c8:
b6:bd:54:53:96:89:db:16:fe:7a:00:97:b2:ab:3d:
18:da:56:67:3b:e6:d7:ef:59:9a:c1:1c:45:e9:0d:
68:89:a2:ff:70:af:5e:5a:af:10:a5:b0:f3:d0:7a:
3b:a2:44:60:dd:63:88:bf:fd:73:53:6d:10:62:5b:
e2:11:a4:4c:98:d6:55:f8:a6:dd:b4:69:3a:3f:ce:
ac:52:1b:b8:7f:3d:b4:c9:51:7c:d2:c8:13:22:70:
a9:d4:c3:90:3f:7c:df:69:99:54:c3:7c:e7:a3:87:
cf:7f:d2:48:57:7e:8a:b3:4c:c1:62:e0:76:63:14:
b6:84:91:02:bf:af:82:58:01:09:bb:2e:44:32:a4:
61:53:c5:41:a3:e4:8b:5f:e1:2e:91:e5:10:a2:4a:
42:d3:49:99:17:87:ae:ca:cf:c0:37:7c:e8:1d:63:
a4:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:EF:61:72:D8:52:5B:1A:39:74:5F:44:DD:E5:BC:E6:76:A3:18:96
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/Fu9hcthSWxo5dF9E3eW85najGJY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.148.73.0-159.148.74.255
159.148.77.0/24
159.148.98.0/24
159.148.121.0/24
159.148.129.0/24
159.148.143.0/24
159.148.149.0/24
159.148.159.0/24
159.148.182.0/23
159.148.185.0/24
159.148.204.0/24
159.148.242.0/23
Signature Algorithm: sha256WithRSAEncryption
04:6e:15:a7:33:23:72:4c:4f:51:b0:24:ec:db:c7:45:75:55:
3b:fe:c9:ec:25:a7:33:7e:b7:99:ce:20:cd:96:80:f1:f5:dc:
b7:f9:71:b1:74:c0:50:7d:18:9a:81:4a:39:72:a5:65:f4:52:
61:66:11:16:41:8a:01:c3:aa:9d:77:ab:91:16:9d:0f:a3:60:
72:53:f9:2b:5a:71:03:1b:00:cd:71:36:a7:e5:c8:21:cb:14:
a4:64:b1:ab:d9:d7:05:59:ed:84:72:37:c1:3c:97:34:2d:8a:
4a:74:70:8e:e3:fa:7a:87:46:f9:a9:5a:ee:e3:5e:42:48:99:
7a:9e:1e:3d:12:f6:5d:ed:c6:17:8f:b7:52:d8:92:2b:a7:13:
a1:79:6b:7d:d2:fe:8d:08:9e:fd:2c:9a:d1:98:45:c8:25:aa:
5d:b6:57:d1:85:4b:4d:4e:ee:44:b6:4c:84:5a:5f:9a:42:9b:
fb:96:45:ef:c8:6c:7b:b0:39:d1:9f:77:19:8c:02:8b:2e:d8:
4e:ee:67:cd:24:3b:aa:1d:1f:00:ce:bc:c4:6f:11:ff:2f:63:
91:95:cd:b2:41:bf:36:ff:43:b4:0c:fb:aa:ad:e9:5c:8f:78:
6f:7b:32:1f:2c:cb:25:58:cc:c2:76:71:1a:84:b2:03:10:b0:
30:19:5a:73
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAYuvMmaT4vvdyXDObts/BzJ6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjMxMTA4MTM0OTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNmVmNjE3MmQ4NTI1YjFhMzk3NDVmNDRkZGU1YmNlNjc2YTMxODk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlgoM4obIquRt9fNarf8NlFUYaUy9
cs35KmFTUlhYcaiwdc35kswWhkjVehgNJzsgXSG6FPkMlGU+fDwROpqVBJlYHCBG
LfNGn8cyNEq8ezBMM+Rq2+27tsi2vVRTlonbFv56AJeyqz0Y2lZnO+bX71mawRxF
6Q1oiaL/cK9eWq8QpbDz0Ho7okRg3WOIv/1zU20QYlviEaRMmNZV+KbdtGk6P86s
Uhu4fz20yVF80sgTInCp1MOQP3zfaZlUw3zno4fPf9JIV36Ks0zBYuB2YxS2hJEC
v6+CWAEJuy5EMqRhU8VBo+SLX+EukeUQokpC00mZF4euys/AN3zoHWOkHwIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFBbvYXLYUlsaOXRfRN3lvOZ2oxiWMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvRnU5aGN0aFNXeG81ZEY5RTNlVzg1bmFqR0pZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQMAwDBACflEkD
BACflEoDBACflE0DBACflGIDBACflHkDBACflIEDBACflI8DBACflJUDBACflJ8D
BAGflLYDBACflLkDBACflMwDBAGflPIwDQYJKoZIhvcNAQELBQADggEBAARuFacz
I3JMT1GwJOzbx0V1VTv+yewlpzN+t5nOIM2WgPH13Lf5cbF0wFB9GJqBSjlypWX0
UmFmERZBigHDqp13q5EWnQ+jYHJT+StacQMbAM1xNqflyCHLFKRksavZ1wVZ7YRy
N8E8lzQtikp0cI7j+nqHRvmpWu7jXkJImXqeHj0S9l3txhePt1LYkiunE6F5a33S
/o0Inv0smtGYRcglql22V9GFS01O7kS2TIRaX5pCm/uWRe/IbHuwOdGfdxmMAosu
2E7uZ80kO6odHwDOvMRvEf8vY5GVzbJBvzb/Q7QM+6qt6VyPeG97Mh8syyVYzMJ2
cRqEsgMQsDAZWnM=
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:31:48 2024 by rpki-client on console-ams.rpki-client.org