Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/TU3vMX4KcGoZfuDg5XgxRiMhyV0.roa
File: TU3vMX4KcGoZfuDg5XgxRiMhyV0.roa (raw, json)
Hash identifier: +azH0heIvBuqlHMcsG5s6HQKVGLl/1M5zDWRz0IYTbE=
Subject key identifier: 4D:4D:EF:31:7E:0A:70:6A:19:7E:E0:E0:E5:78:31:46:23:21:C9:5D
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 01856F0244BFDE6DC6078DF5EFC2998450F9
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/TU3vMX4KcGoZfuDg5XgxRiMhyV0.roa
Signing time: Sun 01 Jan 2023 20:24:57 +0000
ROA not before: Sun 01 Jan 2023 20:24:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50485
IP address blocks: 159.148.231.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:02:44:bf:de:6d:c6:07:8d:f5:ef:c2:99:84:50:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 1 20:24:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4d4def317e0a706a197ee0e0e57831462321c95d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:ac:be:32:0b:0a:87:d0:02:1e:34:f4:4e:c2:
cf:a3:de:04:f2:32:72:7a:cf:0e:19:04:e0:06:38:
9a:41:a0:bb:9b:2e:d2:8a:bf:5a:3e:fd:20:d2:72:
ca:52:de:37:3b:56:7b:09:b4:76:c7:90:77:18:6a:
58:62:1b:e2:a4:e0:97:8a:1f:c0:88:9f:e5:2e:82:
4c:84:ac:57:e6:e8:f4:b1:7e:ca:23:1f:53:1a:ff:
0a:3d:0a:4d:1d:b0:aa:ed:e8:c4:41:f6:fe:ae:4c:
44:73:6f:97:ab:3e:4d:6f:be:db:84:1c:07:98:37:
df:58:74:71:e4:bf:c9:44:a2:54:fe:b6:3b:71:f8:
35:3f:a0:d0:c1:48:34:63:ec:e7:02:bb:f1:70:0b:
91:6d:b7:4a:f7:90:74:0c:3f:b2:06:ba:d0:07:48:
e7:58:8b:fc:e9:5d:d0:c5:6e:51:62:5c:cf:01:3b:
5d:a5:22:4a:99:39:98:2b:a5:c5:d3:97:ab:7a:4a:
97:b2:ed:c9:2d:b4:cc:61:84:d3:2d:28:d0:7e:6c:
da:86:3d:21:3e:88:66:bd:9b:58:6e:b1:53:43:49:
d1:a1:39:fb:cc:f8:44:88:46:e2:16:9e:e3:b4:c1:
03:52:d4:13:95:4c:2b:0e:21:68:68:65:f0:a6:48:
67:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:4D:EF:31:7E:0A:70:6A:19:7E:E0:E0:E5:78:31:46:23:21:C9:5D
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/TU3vMX4KcGoZfuDg5XgxRiMhyV0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.148.231.0/24
Signature Algorithm: sha256WithRSAEncryption
49:60:47:06:e8:98:33:2c:24:72:0e:60:3a:60:d5:cb:4f:77:
d7:df:e3:06:3b:f5:77:c0:8c:f5:b2:cd:f0:86:43:ed:21:11:
1a:d6:6e:a5:a7:39:e7:55:8d:01:d6:9f:2a:8a:c9:23:79:32:
53:38:d5:80:8d:90:57:b0:c5:7a:e4:13:ea:f3:c4:0a:a9:cc:
af:82:5b:ff:8f:0a:52:ec:ea:34:e1:b0:68:0d:c3:c0:e2:c7:
42:8a:7f:08:3b:dd:8a:84:3f:ed:ec:96:0d:13:b3:9e:74:1f:
e4:49:62:ff:5f:f6:b9:b5:d5:fe:c5:dc:f6:fa:5c:35:43:8c:
03:ef:57:0d:bd:3b:e9:fa:e3:b4:37:76:04:70:8d:cc:b8:2a:
a8:a3:5b:96:53:80:4e:80:0f:45:c9:e0:81:e9:79:94:58:b0:
c1:d4:41:b1:4f:f5:06:39:e2:ad:dc:35:75:7b:56:f8:81:52:
2c:ce:de:5c:17:08:d3:92:85:af:61:37:61:67:fb:5e:cb:7c:
cd:bb:1e:16:a8:b0:3a:3e:7b:85:be:bc:aa:30:33:37:c4:84:
51:c4:33:85:20:c5:68:d8:2d:a8:0d:db:9b:fc:11:64:6d:7e:
a5:0a:f4:6d:97:10:82:c6:07:39:30:fc:66:04:d8:79:f8:5e:
53:4b:07:50
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvAkS/3m3GB43178KZhFD5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjMwMTAxMjAyNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDRkZWYzMTdlMGE3MDZhMTk3ZWUwZTBlNTc4MzE0NjIzMjFjOTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgqy+MgsKh9ACHjT0TsLPo94E8jJy
es8OGQTgBjiaQaC7my7Sir9aPv0g0nLKUt43O1Z7CbR2x5B3GGpYYhvipOCXih/A
iJ/lLoJMhKxX5uj0sX7KIx9TGv8KPQpNHbCq7ejEQfb+rkxEc2+Xqz5Nb77bhBwH
mDffWHRx5L/JRKJU/rY7cfg1P6DQwUg0Y+znArvxcAuRbbdK95B0DD+yBrrQB0jn
WIv86V3QxW5RYlzPATtdpSJKmTmYK6XF05erekqXsu3JLbTMYYTTLSjQfmzahj0h
PohmvZtYbrFTQ0nRoTn7zPhEiEbiFp7jtMEDUtQTlUwrDiFoaGXwpkhnxwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE1N7zF+CnBqGX7g4OV4MUYjIcldMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvVFUzdk1YNEtjR29aZnVEZzVYZ3hSaU1oeVYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAn5TnMA0G
CSqGSIb3DQEBCwUAA4IBAQBJYEcG6JgzLCRyDmA6YNXLT3fX3+MGO/V3wIz1ss3w
hkPtIREa1m6lpznnVY0B1p8qiskjeTJTONWAjZBXsMV65BPq88QKqcyvglv/jwpS
7Oo04bBoDcPA4sdCin8IO92KhD/t7JYNE7OedB/kSWL/X/a5tdX+xdz2+lw1Q4wD
71cNvTvp+uO0N3YEcI3MuCqoo1uWU4BOgA9FyeCB6XmUWLDB1EGxT/UGOeKt3DV1
e1b4gVIszt5cFwjTkoWvYTdhZ/tey3zNux4WqLA6PnuFvryqMDM3xIRRxDOFIMVo
2C2oDdub/BFkbX6lCvRtlxCCxgc5MPxmBNh5+F5TSwdQ
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:31:48 2024 by rpki-client on console-ams.rpki-client.org