Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/i7KHfQVD6o0smpkCsHJQewVBwwA.roa
File: i7KHfQVD6o0smpkCsHJQewVBwwA.roa (raw, json)
Hash identifier: BjHz22Qhqd4qkh0cKbAghRwyy8qdCSsMmxMXLgRbU+g=
Subject key identifier: 8B:B2:87:7D:05:43:EA:8D:2C:9A:99:02:B0:72:50:7B:05:41:C3:00
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 01856F0248FA2EE8A3CD2D47DA1161F9B562
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/i7KHfQVD6o0smpkCsHJQewVBwwA.roa
Signing time: Sun 01 Jan 2023 20:24:58 +0000
ROA not before: Sun 01 Jan 2023 20:24:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59993
IP address blocks: 159.148.121.0/24 maxlen: 24
159.148.129.0/24 maxlen: 24
159.148.134.0/24 maxlen: 24
159.148.140.0/24 maxlen: 24
159.148.143.0/24 maxlen: 24
159.148.149.0/24 maxlen: 24
159.148.159.0/24 maxlen: 24
159.148.77.0/24 maxlen: 24
159.148.73.0/24 maxlen: 24
159.148.74.0/24 maxlen: 24
159.148.98.0/24 maxlen: 24
159.148.226.0/24 maxlen: 24
159.148.243.0/24 maxlen: 24
159.148.242.0/24 maxlen: 24
159.148.182.0/24 maxlen: 24
159.148.183.0/24 maxlen: 24
159.148.185.0/24 maxlen: 24
159.148.204.0/24 maxlen: 24
159.148.201.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:02:48:fa:2e:e8:a3:cd:2d:47:da:11:61:f9:b5:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 1 20:24:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8bb2877d0543ea8d2c9a9902b072507b0541c300
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:23:69:e9:84:f9:6e:6c:d3:38:c1:c1:8b:32:
8c:fa:0b:43:27:45:ac:f6:06:0c:84:80:3e:a1:80:
20:c7:f2:0d:fa:06:eb:7e:9b:32:78:5f:14:1c:28:
7a:ba:7b:a6:ba:87:fd:68:98:83:ec:fb:62:71:ef:
f4:aa:20:3e:63:f0:e7:93:48:76:3b:ec:80:ba:75:
72:08:cb:c3:de:aa:f3:9f:64:f2:a6:f9:ed:89:e9:
62:18:d3:90:ca:c1:f9:54:eb:07:4b:8b:1e:b4:42:
fd:a1:1e:9d:f5:b5:d9:ea:e2:76:3d:88:b3:db:7a:
a2:98:a7:62:17:be:c7:1f:86:a8:aa:58:ac:30:22:
79:93:df:49:a8:48:de:f0:0a:31:81:34:3e:d6:a8:
3b:96:01:2a:61:b1:f2:0a:c4:2c:72:21:af:44:f5:
99:31:09:e0:16:63:7f:6d:9f:21:0e:e2:53:04:d4:
06:3f:81:bc:fc:2e:1f:7d:0b:0c:d7:7e:26:ce:84:
39:24:d7:da:c2:96:4a:01:26:1c:4d:05:c5:84:b9:
30:68:16:f9:9a:25:22:7f:f2:cc:14:aa:8d:b6:5f:
73:89:3d:9f:66:5a:b1:ce:af:3b:0b:9c:e3:a1:b7:
a0:59:e6:fb:48:1f:80:6a:51:02:87:a9:82:3e:db:
11:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:B2:87:7D:05:43:EA:8D:2C:9A:99:02:B0:72:50:7B:05:41:C3:00
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/i7KHfQVD6o0smpkCsHJQewVBwwA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.148.73.0-159.148.74.255
159.148.77.0/24
159.148.98.0/24
159.148.121.0/24
159.148.129.0/24
159.148.134.0/24
159.148.140.0/24
159.148.143.0/24
159.148.149.0/24
159.148.159.0/24
159.148.182.0/23
159.148.185.0/24
159.148.201.0/24
159.148.204.0/24
159.148.226.0/24
159.148.242.0/23
Signature Algorithm: sha256WithRSAEncryption
13:98:e4:52:44:5d:b0:17:4d:f4:2d:75:f9:ff:c8:f5:67:2f:
8f:b5:9a:90:c4:66:15:4b:c7:1e:37:16:05:6f:72:88:15:43:
42:d6:62:6c:b4:a5:eb:41:04:c8:0c:86:dd:be:ea:e2:a1:46:
35:b7:48:9d:d6:28:e8:b2:01:2b:7e:b9:41:0a:56:d2:1b:b3:
88:33:5c:0c:10:03:11:5d:b3:97:a7:21:c3:24:02:b8:1a:0d:
8b:eb:d7:83:d7:c6:62:9b:be:dc:dd:f8:b2:c4:0b:30:1e:71:
df:7e:43:d6:a5:77:5a:c1:82:27:43:fb:74:ba:5b:ac:38:a0:
89:68:e4:b6:f8:04:1c:42:81:3c:25:e9:0c:b5:23:6f:a2:ad:
74:9f:c3:a6:b9:55:61:73:df:63:a0:69:ae:e9:76:78:cc:97:
b0:a8:82:cb:a5:b2:ae:59:0e:dc:66:16:4e:84:54:f6:57:9d:
44:47:55:c6:c9:ca:d9:fa:e2:2b:3c:e8:d1:43:e8:af:9a:8d:
05:95:8f:9f:ac:a0:b2:b2:9a:51:80:96:82:53:cb:13:8c:22:
8b:a3:33:0d:3b:87:1b:57:67:1b:c0:0e:a5:07:1b:03:c6:d0:
8d:d4:4c:e2:6f:5e:03:6b:a6:c9:bc:89:78:f4:d1:2e:71:fb:
f4:f6:82:e2
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgISAYVvAkj6LuijzS1H2hFh+bViMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjMwMTAxMjAyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmIyODc3ZDA1NDNlYThkMmM5YTk5MDJiMDcyNTA3YjA1NDFjMzAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgyNp6YT5bmzTOMHBizKM+gtDJ0Ws
9gYMhIA+oYAgx/IN+gbrfpsyeF8UHCh6unumuof9aJiD7Ptice/0qiA+Y/Dnk0h2
O+yAunVyCMvD3qrzn2TypvntieliGNOQysH5VOsHS4setEL9oR6d9bXZ6uJ2PYiz
23qimKdiF77HH4aoqlisMCJ5k99JqEje8AoxgTQ+1qg7lgEqYbHyCsQsciGvRPWZ
MQngFmN/bZ8hDuJTBNQGP4G8/C4ffQsM134mzoQ5JNfawpZKASYcTQXFhLkwaBb5
miUif/LMFKqNtl9ziT2fZlqxzq87C5zjobegWeb7SB+AalECh6mCPtsRTwIDAQAB
o4ICbDCCAmgwHQYDVR0OBBYEFIuyh30FQ+qNLJqZArByUHsFQcMAMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvaTdLSGZRVkQ2bzBzbXBrQ3NISlFld1ZCd3dBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGBBggrBgEFBQcBBwEB/wRyMHAwbgQCAAEwaDAMAwQAn5RJ
AwQAn5RKAwQAn5RNAwQAn5RiAwQAn5R5AwQAn5SBAwQAn5SGAwQAn5SMAwQAn5SP
AwQAn5SVAwQAn5SfAwQBn5S2AwQAn5S5AwQAn5TJAwQAn5TMAwQAn5TiAwQBn5Ty
MA0GCSqGSIb3DQEBCwUAA4IBAQATmORSRF2wF030LXX5/8j1Zy+PtZqQxGYVS8ce
NxYFb3KIFUNC1mJstKXrQQTIDIbdvurioUY1t0id1ijosgErfrlBClbSG7OIM1wM
EAMRXbOXpyHDJAK4Gg2L69eD18Zim77c3fiyxAswHnHffkPWpXdawYInQ/t0ulus
OKCJaOS2+AQcQoE8JekMtSNvoq10n8OmuVVhc99joGmu6XZ4zJewqILLpbKuWQ7c
ZhZOhFT2V51ER1XGycrZ+uIrPOjRQ+ivmo0FlY+frKCysppRgJaCU8sTjCKLozMN
O4cbV2cbwA6lBxsDxtCN1Ezib14Da6bJvIl49NEucfv09oLi
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:43:46 2023 by rpki-client on console-fra.rpki-client.org