Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/S-vk_fUggl5gVHSV7EQeTFDdQYc.roa
File: S-vk_fUggl5gVHSV7EQeTFDdQYc.roa (raw, json)
Hash identifier: B1BRT39CnChJk9yysSYIGfeJZHWHKJseHEB2HRdSSp8=
Subject key identifier: 4B:EB:E4:FD:F5:20:82:5E:60:54:74:95:EC:44:1E:4C:50:DD:41:87
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 01856F0246CF66E08BF5D894386844291F32
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/S-vk_fUggl5gVHSV7EQeTFDdQYc.roa
Signing time: Sun 01 Jan 2023 20:24:58 +0000
ROA not before: Sun 01 Jan 2023 20:24:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56560
IP address blocks: 159.148.124.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:02:46:cf:66:e0:8b:f5:d8:94:38:68:44:29:1f:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 1 20:24:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4bebe4fdf520825e60547495ec441e4c50dd4187
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:3e:dd:41:b8:9a:38:2f:18:4a:cc:6b:e8:4b:
63:8d:be:d5:9f:70:d5:81:50:a8:01:18:cc:75:d2:
b0:dd:7c:45:16:34:0c:08:26:c2:69:d9:b6:8b:89:
d1:03:57:5e:63:83:55:97:e1:02:83:e0:db:29:df:
bc:91:6f:fa:28:a3:c5:ad:3b:47:be:4d:c0:0d:0c:
fa:e0:40:5d:42:4b:05:12:64:14:3d:e0:7a:5e:51:
a5:a7:a4:49:5f:2a:46:f2:7c:8b:f3:8b:ca:03:bc:
81:d4:8e:34:b5:d0:0d:a4:f1:03:35:11:f4:60:56:
c9:24:da:24:51:68:da:8b:29:93:ba:6b:cb:74:62:
d0:2a:d4:ac:ed:60:59:df:c4:70:ae:dc:42:fe:12:
42:a6:ba:fe:c6:15:cd:77:95:d1:22:a9:ca:cd:13:
28:98:1f:4c:dc:7b:36:ec:42:90:62:c3:17:84:a0:
17:f9:f8:54:6e:c4:2e:26:fe:47:1a:d1:3f:a7:67:
e1:cb:e5:da:10:08:5f:c3:c5:11:5b:52:b3:b6:2a:
94:1e:fe:8a:de:69:4c:5c:36:5c:d9:1d:40:1c:d1:
2d:5c:35:71:6f:d8:b2:00:bc:76:e6:33:98:f0:f4:
d7:36:56:24:66:0d:71:f4:14:28:33:aa:8f:71:76:
ef:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:EB:E4:FD:F5:20:82:5E:60:54:74:95:EC:44:1E:4C:50:DD:41:87
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/S-vk_fUggl5gVHSV7EQeTFDdQYc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.148.124.0/24
Signature Algorithm: sha256WithRSAEncryption
c8:13:f7:1b:b2:6e:2b:44:e3:fa:3a:99:d1:32:10:7f:f0:6c:
09:da:6e:5a:03:db:52:76:1d:81:94:73:fd:95:01:a7:70:eb:
19:2c:33:fd:8c:91:bf:59:9d:83:92:16:e8:22:87:3e:64:a7:
47:98:6b:ed:1c:42:93:a6:cf:42:84:2d:64:b1:6a:6f:ac:5c:
85:ab:95:bb:fd:49:fb:0c:ee:30:20:16:0b:2d:9e:8b:6c:28:
95:44:36:22:d7:22:86:7d:76:a2:ad:ea:44:09:30:8b:31:bd:
a4:58:61:79:7a:db:5b:ce:49:b3:dd:31:c9:59:e7:c7:a2:d9:
dd:a9:cb:a6:78:94:71:cc:fb:fb:57:d7:67:a9:24:f8:12:7b:
05:63:b4:f3:33:54:6b:f7:96:54:0e:1c:b6:16:c5:da:f5:4b:
91:e2:fb:a8:0c:2f:85:4c:65:f2:10:d7:ca:87:aa:57:03:29:
9b:da:12:df:6e:87:5a:4e:9c:b5:29:97:5e:42:ca:9c:37:e7:
72:7d:2b:37:f9:ad:2d:15:2b:93:82:4f:4f:9c:47:f2:31:39:
9a:c1:56:06:73:0b:39:4e:3d:db:92:f6:bd:47:c1:41:49:82:
b9:0b:df:ac:f9:4e:11:43:fd:d6:ee:05:ee:4c:49:4e:25:93:
94:b6:05:7f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvAkbPZuCL9diUOGhEKR8yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjMwMTAxMjAyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmViZTRmZGY1MjA4MjVlNjA1NDc0OTVlYzQ0MWU0YzUwZGQ0MTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjj7dQbiaOC8YSsxr6Etjjb7Vn3DV
gVCoARjMddKw3XxFFjQMCCbCadm2i4nRA1deY4NVl+ECg+DbKd+8kW/6KKPFrTtH
vk3ADQz64EBdQksFEmQUPeB6XlGlp6RJXypG8nyL84vKA7yB1I40tdANpPEDNRH0
YFbJJNokUWjaiymTumvLdGLQKtSs7WBZ38RwrtxC/hJCprr+xhXNd5XRIqnKzRMo
mB9M3Hs27EKQYsMXhKAX+fhUbsQuJv5HGtE/p2fhy+XaEAhfw8URW1KztiqUHv6K
3mlMXDZc2R1AHNEtXDVxb9iyALx25jOY8PTXNlYkZg1x9BQoM6qPcXbvsQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEvr5P31IIJeYFR0lexEHkxQ3UGHMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvUy12a19mVWdnbDVnVkhTVjdFUWVURkRkUVljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAn5R8MA0G
CSqGSIb3DQEBCwUAA4IBAQDIE/cbsm4rROP6OpnRMhB/8GwJ2m5aA9tSdh2BlHP9
lQGncOsZLDP9jJG/WZ2DkhboIoc+ZKdHmGvtHEKTps9ChC1ksWpvrFyFq5W7/Un7
DO4wIBYLLZ6LbCiVRDYi1yKGfXairepECTCLMb2kWGF5ettbzkmz3THJWefHotnd
qcumeJRxzPv7V9dnqST4EnsFY7TzM1Rr95ZUDhy2FsXa9UuR4vuoDC+FTGXyENfK
h6pXAymb2hLfbodaTpy1KZdeQsqcN+dyfSs3+a0tFSuTgk9PnEfyMTmawVYGcws5
Tj3bkva9R8FBSYK5C9+s+U4RQ/3W7gXuTElOJZOUtgV/
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:49:38 2024 by rpki-client on console-fra.rpki-client.org