Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/Gctn3wVZLiK93gDf_7hEJdxqUXk.roa
File: Gctn3wVZLiK93gDf_7hEJdxqUXk.roa (raw, json)
Hash identifier: q+MRKzkLGWQDtJNRtFeF27GzVEzDn0Trof3VSWtpxm4=
Subject key identifier: 19:CB:67:DF:05:59:2E:22:BD:DE:00:DF:FF:B8:44:25:DC:6A:51:79
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 01856F0233E94D9CFC805F8495928CC86C79
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/Gctn3wVZLiK93gDf_7hEJdxqUXk.roa
Signing time: Sun 01 Jan 2023 20:24:53 +0000
ROA not before: Sun 01 Jan 2023 20:24:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15684
IP address blocks: 159.148.208.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:02:33:e9:4d:9c:fc:80:5f:84:95:92:8c:c8:6c:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 1 20:24:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=19cb67df05592e22bdde00dfffb84425dc6a5179
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:cd:2b:26:16:18:88:d8:87:10:35:7b:6d:30:
09:8e:2a:fa:7b:83:b9:46:d5:27:4f:07:1e:a3:06:
cd:ea:47:c5:74:19:5e:0a:8c:66:ee:50:f7:c2:ad:
39:8f:56:2e:37:8e:46:c6:85:42:82:90:9d:42:16:
b1:53:71:ed:0f:ec:2b:76:da:19:dc:f4:ee:54:b2:
27:0d:8f:68:38:c2:c9:4c:c6:ca:79:28:a5:13:43:
1a:ef:be:89:7a:78:01:52:5b:34:63:39:99:5b:6a:
d7:77:c8:52:d0:71:cd:8e:b6:06:07:ab:96:e9:83:
86:00:2e:d5:90:0d:cb:1c:16:a8:33:bd:a1:5f:28:
06:05:24:45:20:ba:89:cb:f8:2a:53:79:b2:d5:f8:
2b:5f:a4:1d:2e:2a:43:c9:25:cf:15:8a:87:fd:e1:
47:9a:83:19:c0:fb:9e:6e:1b:d2:a5:3b:f2:8b:38:
f5:2b:78:46:11:14:cf:f9:18:97:ae:02:89:96:ae:
45:7d:ed:d7:22:28:a7:66:9f:f8:4b:29:24:42:4b:
c6:94:b0:f7:c4:0a:70:fb:54:ba:5f:1a:c9:f2:f5:
63:59:75:ec:27:06:06:c7:50:b2:f8:f5:5d:4f:a0:
82:09:78:1b:55:20:6a:3d:f8:fe:e3:02:13:44:be:
ab:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:CB:67:DF:05:59:2E:22:BD:DE:00:DF:FF:B8:44:25:DC:6A:51:79
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/Gctn3wVZLiK93gDf_7hEJdxqUXk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.148.208.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:3b:45:3c:01:e2:4c:a8:02:37:0c:b1:e2:02:33:c7:2c:ed:
53:8a:2e:0c:ba:80:70:15:c2:d8:aa:8b:66:93:f0:9d:0c:38:
d7:4f:33:e5:77:10:13:54:4f:70:46:31:0a:a6:7e:4e:9c:ad:
04:fd:0e:af:71:60:d7:59:17:74:8e:ae:a7:cb:2c:af:89:77:
41:b8:f5:7a:17:cb:3d:4f:a7:91:4a:2d:37:d4:a8:51:96:7e:
06:f9:7d:6f:5f:e4:8f:7d:5b:cc:34:6d:5d:d1:d3:71:3f:c7:
0b:f9:59:a1:6a:6e:78:a2:ab:65:be:89:89:3f:ff:77:e3:00:
f1:31:f7:63:96:5c:05:f8:48:d1:c7:39:61:6f:f9:1b:c4:90:
e6:5f:76:9e:d2:58:4a:0a:0a:df:78:45:bc:0a:ca:92:46:0f:
7b:2d:0e:97:45:c5:dd:18:de:a6:da:a4:67:01:46:0a:f2:97:
fb:50:5a:4f:16:bc:78:b4:38:52:28:9b:ec:7e:2f:df:11:22:
49:d6:dc:5f:40:fc:65:e4:90:ea:2d:55:77:9e:f0:f7:ae:72:
db:72:92:4c:7f:c5:0f:e4:b6:82:5b:a5:cc:25:42:4e:47:2d:
5f:54:a1:91:d4:3c:8d:a0:3d:f6:42:bb:40:f8:94:97:fa:41:
d6:35:9c:61
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvAjPpTZz8gF+ElZKMyGx5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjMwMTAxMjAyNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWNiNjdkZjA1NTkyZTIyYmRkZTAwZGZmZmI4NDQyNWRjNmE1MTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs80rJhYYiNiHEDV7bTAJjir6e4O5
RtUnTwceowbN6kfFdBleCoxm7lD3wq05j1YuN45GxoVCgpCdQhaxU3HtD+wrdtoZ
3PTuVLInDY9oOMLJTMbKeSilE0Ma776JengBUls0YzmZW2rXd8hS0HHNjrYGB6uW
6YOGAC7VkA3LHBaoM72hXygGBSRFILqJy/gqU3my1fgrX6QdLipDySXPFYqH/eFH
moMZwPuebhvSpTvyizj1K3hGERTP+RiXrgKJlq5Ffe3XIiinZp/4SykkQkvGlLD3
xApw+1S6XxrJ8vVjWXXsJwYGx1Cy+PVdT6CCCXgbVSBqPfj+4wITRL6rMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBnLZ98FWS4ivd4A3/+4RCXcalF5MB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvR2N0bjN3VlpMaUs5M2dEZl83aEVKZHhxVVhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAn5TQMA0G
CSqGSIb3DQEBCwUAA4IBAQCeO0U8AeJMqAI3DLHiAjPHLO1Tii4MuoBwFcLYqotm
k/CdDDjXTzPldxATVE9wRjEKpn5OnK0E/Q6vcWDXWRd0jq6nyyyviXdBuPV6F8s9
T6eRSi031KhRln4G+X1vX+SPfVvMNG1d0dNxP8cL+Vmham54oqtlvomJP/934wDx
MfdjllwF+EjRxzlhb/kbxJDmX3ae0lhKCgrfeEW8CsqSRg97LQ6XRcXdGN6m2qRn
AUYK8pf7UFpPFrx4tDhSKJvsfi/fESJJ1txfQPxl5JDqLVV3nvD3rnLbcpJMf8UP
5LaCW6XMJUJORy1fVKGR1DyNoD32QrtA+JSX+kHWNZxh
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:31:48 2024 by rpki-client on console-ams.rpki-client.org