Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/hqMzEHs07tbxFgYmKFvch9XwmSI.roa
File: hqMzEHs07tbxFgYmKFvch9XwmSI.roa (raw, json)
Hash identifier: HzJTxVkFv74XUVYOJVGak81AbJS+KfdqIIFii+88qVs=
Subject key identifier: 86:A3:33:10:7B:34:EE:D6:F1:16:06:26:28:5B:DC:87:D5:F0:99:22
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 0189F8E2EC6919149A547FB7C4C6ED9E9F87
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/hqMzEHs07tbxFgYmKFvch9XwmSI.roa
Signing time: Tue 15 Aug 2023 11:09:28 +0000
ROA not before: Tue 15 Aug 2023 11:09:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216464
IP address blocks: 159.148.182.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f8:e2:ec:69:19:14:9a:54:7f:b7:c4:c6:ed:9e:9f:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Aug 15 11:09:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=86a333107b34eed6f1160626285bdc87d5f09922
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:ef:9e:65:a1:13:a9:c3:86:f3:34:4e:c9:fe:
ef:4b:c4:e8:b6:a1:d5:c7:d6:7f:a7:c1:53:9f:f7:
3d:d3:d8:42:92:c3:70:c9:26:20:a7:dc:74:90:52:
03:c0:dc:7a:5b:ee:0f:62:6a:da:d3:b6:51:2d:eb:
67:51:d0:05:7b:f8:9f:72:51:33:c7:12:64:c0:83:
c2:a1:f6:56:51:89:d7:a9:b2:d4:e5:a8:17:21:82:
cb:17:34:20:fd:ec:5f:20:84:4b:7d:f3:34:54:16:
5f:9a:5f:53:31:d2:8c:1c:ec:dd:20:5b:63:fd:86:
b9:8f:49:aa:95:c2:3c:e2:9e:58:5f:b0:78:49:a1:
79:7a:33:a2:fd:51:b3:fb:25:9b:b8:68:7a:22:bb:
89:4b:8e:e4:34:31:a1:1a:f2:26:03:40:88:80:59:
f2:6d:6e:8a:a6:7d:ad:4c:25:a0:22:09:a9:64:f0:
a2:89:15:94:b4:1e:6c:a1:d3:a8:cb:36:4b:e2:44:
48:80:e9:60:64:bc:e1:66:06:39:da:7c:a9:3c:a1:
1e:67:16:97:f5:b2:b1:4d:b9:72:5f:c7:03:25:31:
5d:d9:d0:f2:5f:63:13:12:ae:cf:ea:52:23:04:d3:
07:16:38:9a:8f:8b:33:6c:22:d6:99:09:91:2c:22:
1a:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:A3:33:10:7B:34:EE:D6:F1:16:06:26:28:5B:DC:87:D5:F0:99:22
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/hqMzEHs07tbxFgYmKFvch9XwmSI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.148.182.0/23
Signature Algorithm: sha256WithRSAEncryption
4b:ef:88:2c:b7:93:87:12:48:9b:97:91:63:9d:44:62:ad:e2:
09:32:87:41:0e:be:d1:88:c9:91:e4:04:e7:f2:3f:ef:1f:ec:
3f:93:98:33:52:3a:ea:27:10:82:06:80:37:b6:c7:19:2b:be:
79:bb:4a:7f:51:f8:c0:79:ad:63:17:10:fe:4b:dc:0a:fa:ed:
a4:97:6e:0d:82:ce:11:38:5e:95:82:56:99:ff:1a:a5:34:e2:
5b:16:9d:ef:e3:9d:06:d8:f6:80:ab:a5:2c:56:05:59:d0:a7:
c7:76:12:eb:f1:41:73:cb:78:38:f3:cc:07:62:9f:82:0e:72:
e1:63:14:88:d7:36:0a:6b:56:ec:a8:5a:37:eb:4b:0a:9d:f4:
0f:c6:31:23:9d:f6:20:4d:2d:7f:5d:ac:16:5b:ce:85:a0:ab:
c0:9a:1a:ab:50:40:27:b5:7f:9c:db:3f:54:e5:38:eb:65:81:
15:2b:fd:82:ee:59:86:31:7e:04:75:c2:40:0c:e1:f2:7b:66:
a7:3c:10:1d:22:00:1f:47:87:98:32:42:b6:24:5d:59:7d:90:
ec:57:f0:d8:8c:63:6e:26:ed:df:fa:d4:d0:3e:b9:d9:a5:d1:
5f:53:ff:9f:90:52:2b:65:0f:01:63:4e:9b:dd:e7:1b:a3:b7:
9e:12:50:47
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYn44uxpGRSaVH+3xMbtnp+HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjMwODE1MTEwOTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmEzMzMxMDdiMzRlZWQ2ZjExNjA2MjYyODViZGM4N2Q1ZjA5OTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApe+eZaETqcOG8zROyf7vS8TotqHV
x9Z/p8FTn/c909hCksNwySYgp9x0kFIDwNx6W+4PYmra07ZRLetnUdAFe/ifclEz
xxJkwIPCofZWUYnXqbLU5agXIYLLFzQg/exfIIRLffM0VBZfml9TMdKMHOzdIFtj
/Ya5j0mqlcI84p5YX7B4SaF5ejOi/VGz+yWbuGh6IruJS47kNDGhGvImA0CIgFny
bW6Kpn2tTCWgIgmpZPCiiRWUtB5sodOoyzZL4kRIgOlgZLzhZgY52nypPKEeZxaX
9bKxTblyX8cDJTFd2dDyX2MTEq7P6lIjBNMHFjiaj4szbCLWmQmRLCIaSQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIajMxB7NO7W8RYGJihb3IfV8JkiMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvaHFNekVIczA3dGJ4RmdZbUtGdmNoOVh3bVNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBn5S2MA0G
CSqGSIb3DQEBCwUAA4IBAQBL74gst5OHEkibl5FjnURireIJModBDr7RiMmR5ATn
8j/vH+w/k5gzUjrqJxCCBoA3tscZK755u0p/UfjAea1jFxD+S9wK+u2kl24Ngs4R
OF6VglaZ/xqlNOJbFp3v450G2PaAq6UsVgVZ0KfHdhLr8UFzy3g488wHYp+CDnLh
YxSI1zYKa1bsqFo360sKnfQPxjEjnfYgTS1/XawWW86FoKvAmhqrUEAntX+c2z9U
5TjrZYEVK/2C7lmGMX4EdcJADOHye2anPBAdIgAfR4eYMkK2JF1ZfZDsV/DYjGNu
Ju3f+tTQPrnZpdFfU/+fkFIrZQ8BY06b3ecbo7eeElBH
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:49:38 2024 by rpki-client on console-fra.rpki-client.org