Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/ia5pMh9os8VOqJ5qgtMLThD_LLw.roa
File: ia5pMh9os8VOqJ5qgtMLThD_LLw.roa (raw, json)
Hash identifier: mButsonfybz0xJRL6isXrNjlktbQAY3uvpUPG0lQ8vc=
Subject key identifier: 89:AE:69:32:1F:68:B3:C5:4E:A8:9E:6A:82:D3:0B:4E:10:FF:2C:BC
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 01856F024D6C6C2A0F9C4540D7A7D9F1B7A5
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/ia5pMh9os8VOqJ5qgtMLThD_LLw.roa
Signing time: Sun 01 Jan 2023 20:24:59 +0000
ROA not before: Sun 01 Jan 2023 20:24:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201574
IP address blocks: 159.148.197.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:02:4d:6c:6c:2a:0f:9c:45:40:d7:a7:d9:f1:b7:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 1 20:24:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=89ae69321f68b3c54ea89e6a82d30b4e10ff2cbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:c6:52:c9:aa:00:b6:49:5f:eb:f0:56:04:bc:
e8:6d:9f:37:87:62:3b:70:9f:29:2b:dc:69:07:08:
65:b5:bd:04:5d:a6:48:96:fe:8b:3d:b9:d1:ea:91:
e5:b4:16:2b:30:e1:28:11:dc:9a:d8:c1:d3:de:68:
f4:a6:e5:f5:59:3f:02:6d:c4:e8:c4:a5:f9:f5:31:
aa:59:8c:26:44:fd:0a:cb:3e:3b:c6:17:70:dd:74:
6a:b9:86:0f:21:a6:ad:2b:53:1b:a8:23:5f:06:81:
5b:92:8a:d7:f9:ec:9e:74:34:8e:a4:b2:7a:e5:7d:
97:08:1e:3d:d3:25:98:fc:09:c8:56:f8:da:de:59:
cf:94:ca:12:53:32:07:a3:cf:4e:1c:58:8b:a3:d8:
64:4a:87:45:29:23:c5:09:58:ca:c4:2c:a1:7e:d6:
32:64:10:aa:89:2b:e4:ee:ea:ee:0c:90:62:b3:bc:
43:7c:95:a6:aa:f1:47:d7:cb:bb:e9:e1:5a:a4:d2:
cb:aa:2a:5e:36:af:14:48:6c:ea:bc:5b:47:bd:b8:
14:5f:39:7c:e9:93:5a:ca:bb:98:1e:51:71:6e:e2:
45:1d:13:11:72:00:b5:dd:1b:59:f1:a4:5d:d9:1a:
d5:5f:b8:68:57:5f:c5:db:5f:2d:30:e0:98:15:1c:
2d:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:AE:69:32:1F:68:B3:C5:4E:A8:9E:6A:82:D3:0B:4E:10:FF:2C:BC
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/ia5pMh9os8VOqJ5qgtMLThD_LLw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.148.197.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:95:e6:6f:1d:1b:04:37:50:f8:ac:7c:d4:ef:f5:4d:ba:ae:
0d:c1:51:99:9c:47:62:f2:f8:f4:02:9c:23:92:45:23:80:ab:
8c:06:c2:19:1a:96:29:42:c0:22:51:a3:a5:6b:ca:84:91:5e:
6b:36:52:4e:55:8a:8b:05:3c:29:7f:c0:9d:56:14:66:0a:80:
82:98:36:59:85:fc:7e:33:e8:e5:0b:96:e7:13:1c:58:b7:25:
54:2f:a4:36:be:31:2a:1c:d3:ba:41:09:ec:8e:f0:82:34:d7:
46:17:22:26:1c:be:b7:cc:49:e5:f1:99:85:29:05:df:be:d9:
03:ea:b1:02:0a:7e:8f:fb:1a:a2:d6:b8:66:74:c5:b9:8c:83:
4f:ec:f7:58:a3:ab:43:11:e4:55:4a:7c:c5:71:48:c4:fb:55:
f3:ec:23:74:22:82:ec:09:70:a9:8e:29:9a:20:b3:83:1a:23:
d2:b5:4d:3d:a2:96:e0:f9:7f:34:7a:b9:0c:28:67:55:96:aa:
e4:e8:ad:3b:ae:20:25:53:83:5a:cb:88:b8:52:64:ac:06:3e:
bc:f7:6b:8b:d3:2b:77:5a:4f:1c:a9:3f:bf:94:04:a9:c6:f3:
06:8d:b9:dd:9d:7e:04:85:5f:e3:66:e6:95:27:8d:7e:27:e0:
a9:37:28:15
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvAk1sbCoPnEVA16fZ8belMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjMwMTAxMjAyNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWFlNjkzMjFmNjhiM2M1NGVhODllNmE4MmQzMGI0ZTEwZmYyY2JjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiMZSyaoAtklf6/BWBLzobZ83h2I7
cJ8pK9xpBwhltb0EXaZIlv6LPbnR6pHltBYrMOEoEdya2MHT3mj0puX1WT8CbcTo
xKX59TGqWYwmRP0Kyz47xhdw3XRquYYPIaatK1MbqCNfBoFbkorX+eyedDSOpLJ6
5X2XCB490yWY/AnIVvja3lnPlMoSUzIHo89OHFiLo9hkSodFKSPFCVjKxCyhftYy
ZBCqiSvk7uruDJBis7xDfJWmqvFH18u76eFapNLLqipeNq8USGzqvFtHvbgUXzl8
6ZNayruYHlFxbuJFHRMRcgC13RtZ8aRd2RrVX7hoV1/F218tMOCYFRwtLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFImuaTIfaLPFTqieaoLTC04Q/yy8MB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvaWE1cE1oOW9zOFZPcUo1cWd0TUxUaERfTEx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAn5TFMA0G
CSqGSIb3DQEBCwUAA4IBAQAeleZvHRsEN1D4rHzU7/VNuq4NwVGZnEdi8vj0Apwj
kkUjgKuMBsIZGpYpQsAiUaOla8qEkV5rNlJOVYqLBTwpf8CdVhRmCoCCmDZZhfx+
M+jlC5bnExxYtyVUL6Q2vjEqHNO6QQnsjvCCNNdGFyImHL63zEnl8ZmFKQXfvtkD
6rECCn6P+xqi1rhmdMW5jINP7PdYo6tDEeRVSnzFcUjE+1Xz7CN0IoLsCXCpjima
ILODGiPStU09opbg+X80erkMKGdVlqrk6K07riAlU4Nay4i4UmSsBj6892uL0yt3
Wk8cqT+/lASpxvMGjbndnX4EhV/jZuaVJ41+J+CpNygV
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:49:38 2024 by rpki-client on console-fra.rpki-client.org