Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/n9Cn8WMUGYUBgBFq5QzhyPd2s24.roa
File: n9Cn8WMUGYUBgBFq5QzhyPd2s24.roa (raw, json)
Hash identifier: fvm6q0KYnv0yY/+C9wUKKrKRFJidv1rX/M9wk3xUafY=
Subject key identifier: 9F:D0:A7:F1:63:14:19:85:01:80:11:6A:E5:0C:E1:C8:F7:76:B3:6E
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 018CC8012903B19F2669C849E56D71C4F7FF
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/n9Cn8WMUGYUBgBFq5QzhyPd2s24.roa
Signing time: Tue 02 Jan 2024 02:29:28 +0000
ROA not before: Tue 02 Jan 2024 02:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35685
IP address blocks: 159.148.131.0/24 maxlen: 24
159.148.82.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 09 Mar 2024 12:37:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:29:03:b1:9f:26:69:c8:49:e5:6d:71:c4:f7:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 2 02:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9fd0a7f1631419850180116ae50ce1c8f776b36e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:45:b6:e3:3e:38:1a:17:41:ba:48:be:6e:d4:
47:bb:9d:40:7b:74:41:e5:ef:6b:20:fc:27:44:49:
ce:85:81:45:b2:01:87:ca:79:ec:e0:cd:60:91:4b:
35:53:ef:d2:96:aa:ac:ea:16:4d:db:4a:68:f4:e1:
a9:64:bc:9d:c8:ba:30:31:4a:c2:ea:0c:74:30:a7:
39:02:49:de:d0:f3:29:5d:e5:41:13:41:b0:f1:88:
dd:75:b2:31:b7:22:58:49:d8:0b:2b:ff:87:50:f5:
b3:c1:20:a9:b5:0c:e2:12:93:14:00:8d:d2:64:b2:
4a:68:e5:73:9e:67:c0:85:c4:7d:84:72:33:6b:50:
ee:be:5d:df:65:54:96:b3:53:a1:17:8a:36:28:1f:
e1:c9:c3:51:07:0b:aa:1d:8b:cd:a0:c7:4c:ac:60:
47:a0:5b:09:ec:e6:d8:2a:72:e7:4e:e8:ab:1e:6b:
ce:25:80:d4:fd:bc:23:e6:77:ff:1c:27:5b:5c:f1:
73:11:82:33:f8:01:02:02:47:1c:b8:f6:06:ec:62:
ed:f3:e9:43:5c:ce:aa:e6:a3:eb:b0:03:f3:d4:05:
b2:8c:7c:83:e7:83:1e:7c:f2:6f:c6:b6:40:6f:9c:
d4:63:b0:37:fe:fb:2c:be:db:99:4b:2a:8e:96:19:
14:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:D0:A7:F1:63:14:19:85:01:80:11:6A:E5:0C:E1:C8:F7:76:B3:6E
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/n9Cn8WMUGYUBgBFq5QzhyPd2s24.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.148.82.0/24
159.148.131.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:15:3b:12:e5:4f:a4:a0:b6:0d:36:e4:7d:e1:60:1a:a5:2c:
ad:67:af:a6:81:b9:e5:8f:04:64:50:73:ae:19:50:90:71:0d:
3f:80:da:07:63:03:2b:01:4f:b2:c8:94:db:7c:bd:0f:b2:a4:
51:8c:7f:7a:a1:c1:4b:c0:bd:07:49:68:ae:dd:8e:44:dc:c2:
82:23:3e:ca:e4:77:ec:c2:a8:d3:8a:30:d9:26:6c:10:3c:a7:
9a:a0:9a:51:2d:eb:9e:03:0a:b9:08:6f:07:ee:75:31:ff:24:
6c:4a:ac:fd:e1:1c:d6:9c:c1:b4:d3:84:14:f3:de:ce:ba:71:
54:15:34:9d:89:c9:f4:e5:2e:7b:85:c7:f4:bf:d0:37:e5:89:
77:77:5a:38:d2:0e:15:4d:71:2a:23:d7:65:b7:b0:d5:e8:39:
84:8f:4c:97:de:c7:01:5b:8d:9b:13:82:2a:aa:ec:b4:fd:72:
9e:f3:f2:91:11:c1:9c:95:53:9d:98:82:be:4c:ac:54:bd:8b:
da:49:dd:0a:d7:db:a5:50:8c:0b:19:76:85:64:4b:d1:ed:64:
13:73:85:ae:f5:f0:69:12:42:e9:7e:7c:df:f1:45:6f:e7:c5:
c4:0e:9c:e9:0c:7c:ce:6d:3e:c9:05:c7:f1:07:4b:1a:01:b6:
23:9d:76:a6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzIASkDsZ8machJ5W1xxPf/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjQwMTAyMDIyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmQwYTdmMTYzMTQxOTg1MDE4MDExNmFlNTBjZTFjOGY3NzZiMzZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkEW24z44GhdBuki+btRHu51Ae3RB
5e9rIPwnREnOhYFFsgGHynns4M1gkUs1U+/Slqqs6hZN20po9OGpZLydyLowMUrC
6gx0MKc5Akne0PMpXeVBE0Gw8YjddbIxtyJYSdgLK/+HUPWzwSCptQziEpMUAI3S
ZLJKaOVznmfAhcR9hHIza1Duvl3fZVSWs1OhF4o2KB/hycNRBwuqHYvNoMdMrGBH
oFsJ7ObYKnLnTuirHmvOJYDU/bwj5nf/HCdbXPFzEYIz+AECAkccuPYG7GLt8+lD
XM6q5qPrsAPz1AWyjHyD54MefPJvxrZAb5zUY7A3/vssvtuZSyqOlhkUxwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJ/Qp/FjFBmFAYARauUM4cj3drNuMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvbjlDbjhXTVVHWVVCZ0JGcTVRemh5UGQyczI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAn5RSAwQA
n5SDMA0GCSqGSIb3DQEBCwUAA4IBAQANFTsS5U+koLYNNuR94WAapSytZ6+mgbnl
jwRkUHOuGVCQcQ0/gNoHYwMrAU+yyJTbfL0PsqRRjH96ocFLwL0HSWiu3Y5E3MKC
Iz7K5HfswqjTijDZJmwQPKeaoJpRLeueAwq5CG8H7nUx/yRsSqz94RzWnMG004QU
897OunFUFTSdicn05S57hcf0v9A35Yl3d1o40g4VTXEqI9dlt7DV6DmEj0yX3scB
W42bE4Iqquy0/XKe8/KREcGclVOdmIK+TKxUvYvaSd0K19ulUIwLGXaFZEvR7WQT
c4Wu9fBpEkLpfnzf8UVv58XEDpzpDHzObT7JBcfxB0saAbYjnXam
-----END CERTIFICATE-----
Generated at Sat Mar 9 17:14:15 2024 by rpki-client on console-ams.rpki-client.org