Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/vDecoqKfbxqxaEfX1RbTA_RJDtE.roa
File: vDecoqKfbxqxaEfX1RbTA_RJDtE.roa (raw, json)
Hash identifier: LXnGpuK7S38R2vcuiHyk+9Z4HrDBhcOZ2UawlroFLiY=
Subject key identifier: BC:37:9C:A2:A2:9F:6F:1A:B1:68:47:D7:D5:16:D3:03:F4:49:0E:D1
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 01856F0235E21EA3D17FA9A646994A50D3FB
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/vDecoqKfbxqxaEfX1RbTA_RJDtE.roa
Signing time: Sun 01 Jan 2023 20:24:53 +0000
ROA not before: Sun 01 Jan 2023 20:24:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15818
IP address blocks: 159.148.90.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:02:35:e2:1e:a3:d1:7f:a9:a6:46:99:4a:50:d3:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 1 20:24:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bc379ca2a29f6f1ab16847d7d516d303f4490ed1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:fb:0d:b8:8e:e0:ce:ab:09:ca:f9:81:3b:19:
0c:5a:91:fc:f3:5d:05:a9:9c:1b:9d:71:ab:f9:58:
93:ef:b9:9d:86:de:4a:63:4c:46:b5:a7:5a:aa:c4:
1c:b3:86:bb:2b:58:4b:4a:5f:d8:d6:a8:97:22:d2:
4f:38:25:da:32:87:3c:4e:3f:9d:75:0c:90:de:de:
43:d3:6e:ce:a4:3c:54:96:27:81:25:40:1b:db:da:
80:b0:47:94:db:f9:87:41:08:63:b2:f0:64:a6:74:
fb:a6:bb:81:b1:cd:6e:4b:a1:44:e1:f3:5a:2b:28:
bd:f7:10:07:39:24:76:77:b3:64:7d:04:6c:26:41:
00:a9:7d:77:8a:3a:4e:35:55:9d:55:1f:5f:a6:82:
e3:ed:e8:ca:5b:8f:a9:08:18:e9:66:6f:c7:b7:b8:
a2:ac:8b:51:09:48:74:41:83:d6:f6:b9:46:be:93:
ca:d1:13:2c:81:a4:98:3a:6a:fa:9e:f5:ea:88:00:
f1:5b:fa:c6:f6:61:27:ee:a3:cc:7c:39:40:db:bc:
4f:b0:fb:0d:78:66:1d:40:91:be:c4:a8:bb:a4:9a:
21:67:8b:73:f0:03:de:e2:60:ca:05:b2:48:9f:c1:
27:bc:29:0e:26:d3:95:80:ab:c8:d9:97:d3:5e:07:
be:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:37:9C:A2:A2:9F:6F:1A:B1:68:47:D7:D5:16:D3:03:F4:49:0E:D1
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/vDecoqKfbxqxaEfX1RbTA_RJDtE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.148.90.0/24
Signature Algorithm: sha256WithRSAEncryption
83:f5:d6:ed:b5:10:3a:2d:fd:c4:ad:56:c8:ef:92:68:7b:8a:
db:af:9f:5d:40:2d:24:3e:a9:d6:6b:f8:dc:4c:a5:ef:ae:b7:
e5:d8:c5:f6:50:70:9b:18:2e:65:92:39:9b:dd:e3:dd:f0:fb:
f4:da:39:da:9c:3d:ac:30:7a:28:68:9a:59:97:58:72:60:a7:
da:59:a7:b0:8f:0a:00:a9:cc:bc:29:8d:04:74:67:30:cb:5d:
a1:1f:a7:9f:03:64:e5:75:5a:ab:ca:9b:60:e5:c2:5e:4c:0e:
47:ad:d7:d4:f1:d1:b1:6f:76:85:b3:13:3f:8c:f8:04:2b:0f:
b2:c2:d7:88:e9:3e:bd:33:05:20:0c:9c:73:48:cf:9b:e1:54:
25:f2:e6:79:6f:05:f6:1d:61:63:20:32:1e:cd:ec:8c:41:9f:
f6:fc:ad:6b:ca:4b:bb:a4:61:38:d8:88:34:55:c6:d2:1e:aa:
11:7b:54:63:3f:38:7f:44:e0:ec:10:f7:2f:f1:20:f0:b0:21:
fe:ce:11:b9:8e:c6:5f:a4:78:97:27:16:0d:cf:91:35:1e:5a:
1b:7b:52:15:5e:84:00:1d:b6:1c:be:98:ce:9a:b4:a8:2b:3e:
00:0d:cb:2d:51:c5:73:1c:bf:b3:2f:b5:4e:4d:43:11:5c:71:
bc:11:5d:ac
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvAjXiHqPRf6mmRplKUNP7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjMwMTAxMjAyNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzM3OWNhMmEyOWY2ZjFhYjE2ODQ3ZDdkNTE2ZDMwM2Y0NDkwZWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkPsNuI7gzqsJyvmBOxkMWpH8810F
qZwbnXGr+ViT77mdht5KY0xGtadaqsQcs4a7K1hLSl/Y1qiXItJPOCXaMoc8Tj+d
dQyQ3t5D027OpDxUlieBJUAb29qAsEeU2/mHQQhjsvBkpnT7pruBsc1uS6FE4fNa
Kyi99xAHOSR2d7NkfQRsJkEAqX13ijpONVWdVR9fpoLj7ejKW4+pCBjpZm/Ht7ii
rItRCUh0QYPW9rlGvpPK0RMsgaSYOmr6nvXqiADxW/rG9mEn7qPMfDlA27xPsPsN
eGYdQJG+xKi7pJohZ4tz8APe4mDKBbJIn8EnvCkOJtOVgKvI2ZfTXge+jwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLw3nKKin28asWhH19UW0wP0SQ7RMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvdkRlY29xS2ZieHF4YUVmWDFSYlRBX1JKRHRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAn5RaMA0G
CSqGSIb3DQEBCwUAA4IBAQCD9dbttRA6Lf3ErVbI75Joe4rbr59dQC0kPqnWa/jc
TKXvrrfl2MX2UHCbGC5lkjmb3ePd8Pv02jnanD2sMHooaJpZl1hyYKfaWaewjwoA
qcy8KY0EdGcwy12hH6efA2TldVqryptg5cJeTA5HrdfU8dGxb3aFsxM/jPgEKw+y
wteI6T69MwUgDJxzSM+b4VQl8uZ5bwX2HWFjIDIezeyMQZ/2/K1ryku7pGE42Ig0
VcbSHqoRe1RjPzh/RODsEPcv8SDwsCH+zhG5jsZfpHiXJxYNz5E1Hlobe1IVXoQA
HbYcvpjOmrSoKz4ADcstUcVzHL+zL7VOTUMRXHG8EV2s
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:49:38 2024 by rpki-client on console-fra.rpki-client.org