Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/hf04wjsmEGqiu16OUs4igzofAzo.roa
File: hf04wjsmEGqiu16OUs4igzofAzo.roa (raw, json)
Hash identifier: DC4BFiED5PHeuxDjhTMcvKy2YQsca5xEl4yYAOQqVXE=
Subject key identifier: 85:FD:38:C2:3B:26:10:6A:A2:BB:5E:8E:52:CE:22:83:3A:1F:03:3A
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 01884CA1639CB5B5606FD1723B4A08ADC140
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/hf04wjsmEGqiu16OUs4igzofAzo.roa
Signing time: Wed 24 May 2023 07:20:25 +0000
ROA not before: Wed 24 May 2023 07:20:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199034
IP address blocks: 159.148.50.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:4c:a1:63:9c:b5:b5:60:6f:d1:72:3b:4a:08:ad:c1:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: May 24 07:20:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=85fd38c23b26106aa2bb5e8e52ce22833a1f033a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:70:e4:03:5b:4a:18:ef:ba:c3:67:24:26:c6:
12:54:22:0b:8c:a7:50:ad:31:75:92:af:41:20:39:
7c:b5:21:c1:2b:13:20:e8:09:b9:cd:4d:40:f7:49:
e2:93:e7:69:c1:2c:2c:7d:05:ee:76:7c:a9:a0:80:
ef:ec:d2:cb:67:7f:56:a8:f5:5b:08:e6:de:62:a3:
0c:00:79:0c:70:bb:4d:d9:5f:a8:15:76:a5:5f:48:
c6:c4:2b:ad:de:b3:50:c9:39:6c:7d:bf:ad:b3:30:
ea:f1:57:c3:fa:de:a2:59:05:27:b6:94:85:e2:b4:
57:ae:c4:9b:ae:ed:9b:a7:4d:36:68:25:02:db:92:
78:74:b9:c9:77:aa:cc:1c:59:8f:41:0f:49:85:6c:
61:a3:2c:31:71:a1:51:d6:00:56:9f:58:68:9f:a2:
0a:66:bc:03:fc:c0:f1:01:46:e6:88:c0:6f:db:bd:
ff:48:97:9b:6d:26:ca:56:35:58:b6:2f:a7:32:67:
95:c3:7e:77:23:f8:8a:48:30:de:da:25:16:ad:b2:
f1:af:23:ac:c8:e8:ec:8e:f2:d6:03:e8:3d:40:5a:
75:45:2c:29:a1:29:4b:18:48:c2:d5:a0:62:aa:36:
b8:20:d4:71:f8:48:17:f4:9e:7d:0b:72:f6:12:42:
02:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:FD:38:C2:3B:26:10:6A:A2:BB:5E:8E:52:CE:22:83:3A:1F:03:3A
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/hf04wjsmEGqiu16OUs4igzofAzo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.148.50.0/24
Signature Algorithm: sha256WithRSAEncryption
95:22:85:2a:29:3f:3f:e3:a4:35:81:d8:19:8c:98:dc:9c:55:
05:68:02:d5:4d:fe:2a:41:02:93:98:6d:81:ca:31:29:36:df:
9f:53:cd:e9:d2:8f:08:b6:8a:ce:34:64:22:a9:e9:50:b4:4a:
45:de:58:db:f4:77:33:4f:48:6b:e7:aa:ac:d1:45:be:54:5b:
c3:fd:c5:51:47:c4:f3:37:d5:9f:38:3a:c4:ba:da:a9:87:48:
4b:0d:7d:43:d0:19:dc:8a:53:85:e8:5a:96:b5:c5:c4:0a:f6:
af:25:8f:e4:ed:dd:54:fa:9d:55:73:03:52:c3:25:57:40:37:
2c:ad:06:43:57:03:63:fd:3e:23:a2:ce:39:8a:a5:d8:6c:19:
d0:5a:74:fe:50:ae:ad:f1:66:98:f3:0c:72:e3:0e:c2:51:5c:
fa:89:74:5a:fc:a5:f7:dc:75:7c:98:40:23:33:d9:26:ac:d2:
56:ca:98:92:e5:b8:dd:cf:fd:b6:fc:4a:b3:90:0b:82:b5:4b:
67:1b:4c:ec:a8:5a:c8:4c:f8:ef:3d:57:50:0b:73:8c:bc:bd:
ff:8d:f8:9b:12:0f:c7:50:fb:f5:ca:fa:0d:54:19:d3:d1:90:
ac:9d:e2:8d:ed:a2:23:9d:7c:6e:84:75:b4:54:19:00:73:e6:
08:db:c5:aa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYhMoWOctbVgb9FyO0oIrcFAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjMwNTI0MDcyMDI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWZkMzhjMjNiMjYxMDZhYTJiYjVlOGU1MmNlMjI4MzNhMWYwMzNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApnDkA1tKGO+6w2ckJsYSVCILjKdQ
rTF1kq9BIDl8tSHBKxMg6Am5zU1A90nik+dpwSwsfQXudnypoIDv7NLLZ39WqPVb
CObeYqMMAHkMcLtN2V+oFXalX0jGxCut3rNQyTlsfb+tszDq8VfD+t6iWQUntpSF
4rRXrsSbru2bp002aCUC25J4dLnJd6rMHFmPQQ9JhWxhoywxcaFR1gBWn1hon6IK
ZrwD/MDxAUbmiMBv273/SJebbSbKVjVYti+nMmeVw353I/iKSDDe2iUWrbLxryOs
yOjsjvLWA+g9QFp1RSwpoSlLGEjC1aBiqja4INRx+EgX9J59C3L2EkICzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIX9OMI7JhBqortejlLOIoM6HwM6MB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvaGYwNHdqc21FR3FpdTE2T1VzNGlnem9mQXpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAn5QyMA0G
CSqGSIb3DQEBCwUAA4IBAQCVIoUqKT8/46Q1gdgZjJjcnFUFaALVTf4qQQKTmG2B
yjEpNt+fU83p0o8ItorONGQiqelQtEpF3ljb9HczT0hr56qs0UW+VFvD/cVRR8Tz
N9WfODrEutqph0hLDX1D0BncilOF6FqWtcXECvavJY/k7d1U+p1VcwNSwyVXQDcs
rQZDVwNj/T4jos45iqXYbBnQWnT+UK6t8WaY8wxy4w7CUVz6iXRa/KX33HV8mEAj
M9kmrNJWypiS5bjdz/22/EqzkAuCtUtnG0zsqFrITPjvPVdQC3OMvL3/jfibEg/H
UPv1yvoNVBnT0ZCsneKN7aIjnXxuhHW0VBkAc+YI28Wq
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:49:38 2024 by rpki-client on console-fra.rpki-client.org