Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/O3ptBcH5Mq4I-5ZWtniXKmCO6CU.roa
File: O3ptBcH5Mq4I-5ZWtniXKmCO6CU.roa (raw, json)
Hash identifier: aF77xHJ0GbMmrpXpcZLwtAqaUn4U6AweX9dSs9Qsl28=
Subject key identifier: 3B:7A:6D:05:C1:F9:32:AE:08:FB:96:56:B6:78:97:2A:60:8E:E8:25
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 01856F0232B6DE459D7E1167B0CCD25F22D8
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/O3ptBcH5Mq4I-5ZWtniXKmCO6CU.roa
Signing time: Sun 01 Jan 2023 20:24:52 +0000
ROA not before: Sun 01 Jan 2023 20:24:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 159.148.137.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:02:32:b6:de:45:9d:7e:11:67:b0:cc:d2:5f:22:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 1 20:24:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3b7a6d05c1f932ae08fb9656b678972a608ee825
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:fc:df:10:16:b6:2b:58:74:8f:f9:ee:f9:b8:
e7:7b:29:16:3b:b0:e3:f4:91:f4:ac:79:fa:f0:b5:
a1:3a:76:2e:67:58:14:6f:4a:2a:03:6b:ac:90:0e:
2a:36:90:59:46:c0:2d:f5:cd:ba:9c:5c:85:d7:35:
46:b1:d5:b4:3c:26:bf:3a:2a:67:03:3a:f5:54:13:
25:3a:b6:14:31:c9:c7:7d:8d:72:58:a6:2b:f4:e2:
b5:d2:eb:23:a8:ca:41:a7:5b:fb:24:cc:56:06:14:
4f:e8:a6:fd:db:49:3f:94:a2:6d:fb:4b:eb:fc:ef:
e0:c2:ab:d7:3a:d3:ff:d4:37:9b:c4:80:f8:5b:db:
8a:64:86:de:1a:1e:20:55:23:dc:6c:6f:75:9b:eb:
12:96:25:3a:ce:e6:b5:e2:01:05:74:a7:99:de:3d:
37:40:d7:77:94:8e:2f:78:42:7f:5c:7c:96:eb:d1:
dd:17:c5:ec:90:28:b0:03:0b:e2:42:c3:5a:d1:c9:
14:b1:a7:fa:1b:fd:de:fc:8a:c1:b9:41:68:9d:b3:
f4:38:d6:5e:56:b3:10:ae:0a:6e:fe:4f:3f:6e:24:
52:dc:ed:a4:c2:7d:6c:4f:a3:8a:c7:f1:fe:b0:c2:
f6:27:e1:a6:bd:f0:ab:f5:53:29:73:a9:8b:6a:a5:
19:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:7A:6D:05:C1:F9:32:AE:08:FB:96:56:B6:78:97:2A:60:8E:E8:25
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/O3ptBcH5Mq4I-5ZWtniXKmCO6CU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.148.137.0/24
Signature Algorithm: sha256WithRSAEncryption
56:ef:4e:36:a7:5c:30:24:fb:5d:34:75:a4:d8:d0:e4:3e:c9:
8b:fc:48:22:6b:9d:26:d9:3c:2c:93:0d:c3:a5:e3:d2:3c:3e:
fe:f9:e2:01:9d:c9:ad:6d:a1:f6:34:b8:6b:46:f1:14:ed:f1:
35:d4:2f:a0:ec:ce:7d:d5:24:bd:67:00:90:23:21:2c:b3:ac:
64:bd:fd:e7:7e:da:91:50:e2:0d:58:9a:84:71:e6:4f:5e:a2:
81:3c:7a:f0:9d:f0:bd:ba:88:0a:76:82:38:b0:ca:c9:23:63:
5a:cd:c1:c8:2a:d6:87:a8:25:31:11:3e:44:30:5b:d5:05:e9:
f9:96:2e:31:eb:89:20:3c:1d:32:26:6a:e8:01:55:f4:1a:5b:
5d:91:24:9e:a6:21:c9:52:6f:bb:8c:c3:4f:71:92:fc:e4:ad:
e9:85:b3:a4:48:35:b2:16:55:ae:03:7c:46:66:9e:56:77:e2:
12:3d:2f:ba:79:a1:41:cb:86:a2:01:47:ba:c4:77:b0:da:4a:
f3:14:cc:15:56:92:93:a6:79:f1:dd:e8:21:a2:7e:13:4c:67:
5f:6c:97:3c:4a:7b:e3:e7:b8:8a:a8:a1:9a:fb:e2:7b:0e:af:
61:f9:b3:7f:be:24:07:5f:49:7d:9a:f0:48:87:1b:7d:34:c3:
88:6c:1a:fe
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvAjK23kWdfhFnsMzSXyLYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjMwMTAxMjAyNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjdhNmQwNWMxZjkzMmFlMDhmYjk2NTZiNjc4OTcyYTYwOGVlODI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/zfEBa2K1h0j/nu+bjneykWO7Dj
9JH0rHn68LWhOnYuZ1gUb0oqA2uskA4qNpBZRsAt9c26nFyF1zVGsdW0PCa/Oipn
Azr1VBMlOrYUMcnHfY1yWKYr9OK10usjqMpBp1v7JMxWBhRP6Kb920k/lKJt+0vr
/O/gwqvXOtP/1DebxID4W9uKZIbeGh4gVSPcbG91m+sSliU6zua14gEFdKeZ3j03
QNd3lI4veEJ/XHyW69HdF8XskCiwAwviQsNa0ckUsaf6G/3e/IrBuUFonbP0ONZe
VrMQrgpu/k8/biRS3O2kwn1sT6OKx/H+sML2J+GmvfCr9VMpc6mLaqUZEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDt6bQXB+TKuCPuWVrZ4lypgjuglMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvTzNwdEJjSDVNcTRJLTVaV3RuaVhLbUNPNkNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAn5SJMA0G
CSqGSIb3DQEBCwUAA4IBAQBW7042p1wwJPtdNHWk2NDkPsmL/Egia50m2Twskw3D
pePSPD7++eIBncmtbaH2NLhrRvEU7fE11C+g7M591SS9ZwCQIyEss6xkvf3nftqR
UOINWJqEceZPXqKBPHrwnfC9uogKdoI4sMrJI2NazcHIKtaHqCUxET5EMFvVBen5
li4x64kgPB0yJmroAVX0GltdkSSepiHJUm+7jMNPcZL85K3phbOkSDWyFlWuA3xG
Zp5Wd+ISPS+6eaFBy4aiAUe6xHew2krzFMwVVpKTpnnx3eghon4TTGdfbJc8Snvj
57iKqKGa++J7Dq9h+bN/viQHX0l9mvBIhxt9NMOIbBr+
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:49:38 2024 by rpki-client on console-fra.rpki-client.org