Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/kMBY3HHVQsv19oLmBu_TxhoYhiE.roa
File: kMBY3HHVQsv19oLmBu_TxhoYhiE.roa (raw, json)
Hash identifier: htOOaBtPDQjFNAuvnoOkGcZ8329ncPjag4o5u3s4dkY=
Subject key identifier: 90:C0:58:DC:71:D5:42:CB:F5:F6:82:E6:06:EF:D3:C6:1A:18:86:21
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 018876C4D8D1C4344BD52EB64DC5AA87AE06
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/kMBY3HHVQsv19oLmBu_TxhoYhiE.roa
Signing time: Thu 01 Jun 2023 11:43:12 +0000
ROA not before: Thu 01 Jun 2023 11:43:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 159.148.134.0/24 maxlen: 24
159.148.137.0/24 maxlen: 24
159.148.136.0/24 maxlen: 24
159.148.140.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:76:c4:d8:d1:c4:34:4b:d5:2e:b6:4d:c5:aa:87:ae:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jun 1 11:43:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=90c058dc71d542cbf5f682e606efd3c61a188621
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:04:87:88:54:3c:47:f2:05:31:d3:8c:08:52:
f9:be:bb:dc:3d:87:3f:0c:29:d1:fa:84:f1:22:8f:
71:b9:dc:04:33:e7:24:51:9c:74:6c:ea:41:36:7f:
c9:69:a7:a6:53:34:f3:ab:75:cb:d6:33:d1:a4:bb:
31:07:69:76:41:01:48:11:00:b4:38:39:23:0e:53:
ee:7f:e9:f7:8b:c1:05:b0:16:dc:12:78:f9:73:12:
36:41:31:50:0b:4d:f4:08:30:93:45:b2:af:75:3f:
2b:5a:98:50:26:de:13:e1:9c:90:6d:9a:a0:36:34:
a4:c7:8a:1f:dc:11:be:d0:4e:49:da:0a:1b:de:0a:
c1:a2:0f:59:b1:05:68:5b:b4:03:ae:c2:14:a3:0b:
28:00:36:3c:9d:be:c1:a2:5e:84:58:dd:f0:96:24:
f1:23:8f:db:d3:23:0c:36:f3:11:91:39:fd:de:f2:
71:87:55:6d:a4:c8:92:74:ff:16:98:74:08:d4:ea:
29:6c:d9:1c:ca:01:be:f6:5b:79:fb:30:db:68:2f:
8a:69:df:c5:01:ac:cf:21:fe:33:86:09:7f:81:c9:
dc:b3:11:19:14:19:54:77:0e:36:9a:37:53:f3:17:
27:17:67:ba:a3:27:dc:fc:f7:f6:40:cb:e0:90:12:
0e:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:C0:58:DC:71:D5:42:CB:F5:F6:82:E6:06:EF:D3:C6:1A:18:86:21
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/kMBY3HHVQsv19oLmBu_TxhoYhiE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.148.134.0/24
159.148.136.0/23
159.148.140.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:aa:b5:aa:8e:e1:ce:44:78:0f:6e:72:13:f0:99:2b:9f:7d:
5e:43:0f:d0:57:7f:65:f9:90:23:0f:13:5b:04:7e:81:f4:d0:
ff:81:e9:f9:b5:82:e4:c4:81:63:7c:57:d3:eb:e6:9b:62:f8:
b5:cf:92:44:cd:24:20:4e:ad:71:05:12:98:d1:91:66:a9:4c:
c6:4c:e1:c4:ba:90:ab:47:4e:6a:bb:ce:14:a8:29:d1:48:45:
57:b8:da:ef:dc:a5:79:8e:58:0c:52:f9:dc:b6:d5:0e:bb:c9:
50:82:7a:39:da:20:d3:e9:e0:d5:55:f3:b8:8a:e2:49:01:d8:
b2:be:c2:6a:dd:90:b8:be:8f:bf:03:28:2f:e6:9e:5a:4e:ec:
40:75:de:3f:85:9c:9f:2c:f7:5f:70:72:10:75:ce:7a:5a:e9:
27:67:91:25:92:70:31:f1:13:37:75:60:7c:3f:be:96:b6:60:
71:74:d3:61:e4:41:af:3d:c3:f1:6a:67:0b:91:da:04:0f:cc:
c2:b0:61:cc:08:d9:f7:a9:a1:a5:c2:fa:2a:eb:55:4d:fe:11:
e1:6f:06:f4:da:52:3d:53:e5:f7:25:eb:c6:59:95:a3:a9:0e:
01:c6:b9:55:0e:18:56:8e:d5:79:d7:4e:aa:66:1b:4a:16:7e:
f3:78:2a:fc
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYh2xNjRxDRL1S62TcWqh64GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjMwNjAxMTE0MzEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGMwNThkYzcxZDU0MmNiZjVmNjgyZTYwNmVmZDNjNjFhMTg4NjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnASHiFQ8R/IFMdOMCFL5vrvcPYc/
DCnR+oTxIo9xudwEM+ckUZx0bOpBNn/JaaemUzTzq3XL1jPRpLsxB2l2QQFIEQC0
ODkjDlPuf+n3i8EFsBbcEnj5cxI2QTFQC030CDCTRbKvdT8rWphQJt4T4ZyQbZqg
NjSkx4of3BG+0E5J2gob3grBog9ZsQVoW7QDrsIUowsoADY8nb7Bol6EWN3wliTx
I4/b0yMMNvMRkTn93vJxh1VtpMiSdP8WmHQI1OopbNkcygG+9lt5+zDbaC+Kad/F
AazPIf4zhgl/gcncsxEZFBlUdw42mjdT8xcnF2e6oyfc/Pf2QMvgkBIOtwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJDAWNxx1ULL9faC5gbv08YaGIYhMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEva01CWTNISFZRc3YxOW9MbUJ1X1R4aG9ZaGlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAn5SGAwQB
n5SIAwQAn5SMMA0GCSqGSIb3DQEBCwUAA4IBAQBsqrWqjuHORHgPbnIT8Jkrn31e
Qw/QV39l+ZAjDxNbBH6B9ND/gen5tYLkxIFjfFfT6+abYvi1z5JEzSQgTq1xBRKY
0ZFmqUzGTOHEupCrR05qu84UqCnRSEVXuNrv3KV5jlgMUvncttUOu8lQgno52iDT
6eDVVfO4iuJJAdiyvsJq3ZC4vo+/Aygv5p5aTuxAdd4/hZyfLPdfcHIQdc56Wukn
Z5ElknAx8RM3dWB8P76WtmBxdNNh5EGvPcPxamcLkdoED8zCsGHMCNn3qaGlwvoq
61VN/hHhbwb02lI9U+X3JevGWZWjqQ4BxrlVDhhWjtV5106qZhtKFn7zeCr8
-----END CERTIFICATE-----
Generated at Mon Jul 31 09:56:00 2023 by rpki-client on console-fra.rpki-client.org