Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/TXTrrx1nkKFGj-s-0PMgm1bNgNI.roa
File: TXTrrx1nkKFGj-s-0PMgm1bNgNI.roa (raw, json)
Hash identifier: T5L14RpP6MetPQl/hxa5XQoDfnu37FTs8PB9agfzaOQ=
Subject key identifier: 4D:74:EB:AF:1D:67:90:A1:46:8F:EB:3E:D0:F3:20:9B:56:CD:80:D2
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 018CC801215ACD490FDF92EE017D11A1B5BA
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/TXTrrx1nkKFGj-s-0PMgm1bNgNI.roa
Signing time: Tue 02 Jan 2024 02:29:26 +0000
ROA not before: Tue 02 Jan 2024 02:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6830
IP address blocks: 159.148.148.0/24 maxlen: 24
159.148.58.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 19 Mar 2024 08:02:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:21:5a:cd:49:0f:df:92:ee:01:7d:11:a1:b5:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 2 02:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4d74ebaf1d6790a1468feb3ed0f3209b56cd80d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:9b:97:1b:2b:b5:6d:aa:0c:4e:e2:01:3c:f7:
8d:b7:82:60:09:dd:78:9f:db:5b:a9:af:ad:ad:6f:
a1:3f:4e:2a:37:3c:1a:c2:67:1d:93:88:9d:a0:2a:
2f:95:47:9a:2c:bc:69:c8:25:18:38:72:a4:11:57:
85:88:66:4d:c0:88:f7:97:ee:f5:d7:07:06:50:47:
ed:eb:d5:61:c0:31:0c:4a:60:42:8c:9a:06:f3:eb:
29:e8:d2:3d:69:c5:79:f8:3b:9e:f7:4b:4a:60:df:
d1:13:f0:a9:54:56:96:79:52:15:5d:88:08:c4:ef:
c9:62:c1:78:7b:23:a0:7d:ea:64:e2:08:b2:0d:02:
6e:59:8c:f2:f3:8a:1f:b7:5c:02:94:c0:cb:00:5c:
c1:ac:d2:ba:a9:d8:8a:b1:d0:d2:5b:bd:f0:18:50:
c1:1f:f3:f3:3a:9c:bb:18:9e:14:96:a3:40:61:8b:
78:61:2e:02:5d:8a:da:87:19:bd:11:36:4e:18:85:
52:8a:16:31:76:f1:42:3e:f1:6e:ec:fb:3a:06:6e:
a6:de:72:e0:b8:74:9d:f8:08:b9:62:99:ac:8b:77:
eb:1c:56:ee:24:8b:e9:f3:92:64:3b:c6:f6:ac:c2:
11:53:4a:45:66:37:72:c2:ed:ef:f0:de:2d:7d:f3:
d2:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:74:EB:AF:1D:67:90:A1:46:8F:EB:3E:D0:F3:20:9B:56:CD:80:D2
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/TXTrrx1nkKFGj-s-0PMgm1bNgNI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.148.58.0/24
159.148.148.0/24
Signature Algorithm: sha256WithRSAEncryption
83:0f:fd:f4:cd:ef:9f:80:45:0c:5e:7c:34:cf:c1:25:2f:7f:
40:c1:e3:d4:b6:51:7c:37:59:cb:43:8b:0f:e0:cf:52:bf:80:
54:40:cb:03:5b:f9:fc:86:79:04:16:18:30:67:d6:fa:dc:90:
22:00:57:a4:40:c3:b7:38:c2:2c:65:31:ba:ca:8f:c5:a5:c0:
b0:67:b2:7d:e7:7c:41:6b:5f:6d:ef:57:ab:1c:63:26:77:a4:
c8:1d:0b:ca:61:2e:d9:fb:41:d9:c1:22:16:d3:81:ef:d7:3e:
83:e3:e9:9b:d1:2a:48:c6:69:ab:02:1c:bd:0b:82:b5:84:24:
36:40:9a:92:02:f7:2a:0c:56:5c:3d:90:1f:58:7d:04:6e:38:
2d:93:fc:5b:23:5b:cd:ca:9c:d6:14:2f:a4:dc:5e:47:3b:56:
5f:a0:4c:7a:d9:60:44:af:b6:96:33:8d:0a:e0:19:dd:e3:38:
bf:0d:49:8b:75:88:4e:fb:82:d6:a1:3e:26:31:a2:71:db:7c:
e0:d3:0f:69:3a:3c:7d:69:09:88:be:52:5e:f2:90:d1:f0:7f:
8b:1d:59:18:22:01:08:f5:6e:ae:6b:da:b4:fe:73:d0:f7:20:
5c:46:b2:51:dc:f1:c6:2f:63:81:f4:40:ea:c6:cb:c9:76:99:
2f:6c:ff:11
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzIASFazUkP35LuAX0RobW6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjQwMTAyMDIyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDc0ZWJhZjFkNjc5MGExNDY4ZmViM2VkMGYzMjA5YjU2Y2Q4MGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiJuXGyu1baoMTuIBPPeNt4JgCd14
n9tbqa+trW+hP04qNzwawmcdk4idoCovlUeaLLxpyCUYOHKkEVeFiGZNwIj3l+71
1wcGUEft69VhwDEMSmBCjJoG8+sp6NI9acV5+Due90tKYN/RE/CpVFaWeVIVXYgI
xO/JYsF4eyOgfepk4giyDQJuWYzy84oft1wClMDLAFzBrNK6qdiKsdDSW73wGFDB
H/PzOpy7GJ4UlqNAYYt4YS4CXYrahxm9ETZOGIVSihYxdvFCPvFu7Ps6Bm6m3nLg
uHSd+Ai5Ypmsi3frHFbuJIvp85JkO8b2rMIRU0pFZjdywu3v8N4tffPSWwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFE10668dZ5ChRo/rPtDzIJtWzYDSMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvVFhUcnJ4MW5rS0ZHai1zLTBQTWdtMWJOZ05JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAn5Q6AwQA
n5SUMA0GCSqGSIb3DQEBCwUAA4IBAQCDD/30ze+fgEUMXnw0z8ElL39AwePUtlF8
N1nLQ4sP4M9Sv4BUQMsDW/n8hnkEFhgwZ9b63JAiAFekQMO3OMIsZTG6yo/FpcCw
Z7J953xBa19t71erHGMmd6TIHQvKYS7Z+0HZwSIW04Hv1z6D4+mb0SpIxmmrAhy9
C4K1hCQ2QJqSAvcqDFZcPZAfWH0Ebjgtk/xbI1vNypzWFC+k3F5HO1ZfoEx62WBE
r7aWM40K4Bnd4zi/DUmLdYhO+4LWoT4mMaJx23zg0w9pOjx9aQmIvlJe8pDR8H+L
HVkYIgEI9W6ua9q0/nPQ9yBcRrJR3PHGL2OB9EDqxsvJdpkvbP8R
-----END CERTIFICATE-----
Generated at Tue Mar 19 12:34:48 2024 by rpki-client on console-fra.rpki-client.org