Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/vGWWW46pb0LaNLQPagSLpnRu7qc.roa
File: vGWWW46pb0LaNLQPagSLpnRu7qc.roa (raw, json)
Hash identifier: Zu0gbbAWKXUPnWvap/0S8S3hGTuKiGAaQik2E063XqA=
Subject key identifier: BC:65:96:5B:8E:A9:6F:42:DA:34:B4:0F:6A:04:8B:A6:74:6E:EE:A7
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 018E22EB9E2372D7863AD45BEDE5FDF53C31
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/vGWWW46pb0LaNLQPagSLpnRu7qc.roa
Signing time: Sat 09 Mar 2024 11:14:10 +0000
ROA not before: Sat 09 Mar 2024 11:14:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 159.148.131.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Apr 2024 12:51:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:22:eb:9e:23:72:d7:86:3a:d4:5b:ed:e5:fd:f5:3c:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Mar 9 11:14:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bc65965b8ea96f42da34b40f6a048ba6746eeea7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:76:1e:71:f7:d8:98:34:cd:f8:44:21:7d:81:
aa:a1:63:4e:f5:bc:14:f7:da:7b:d3:50:b6:b0:08:
cb:0a:62:f0:73:c7:a5:fe:cd:72:e1:33:62:29:b9:
73:8f:21:58:f7:e7:fe:dd:fa:c8:51:a5:33:4d:71:
e9:f2:4b:3e:a1:16:96:34:19:22:d2:80:f2:fc:88:
fe:d6:e0:d0:06:90:e4:af:5b:8b:fa:09:0f:6e:25:
37:b2:bd:51:1a:02:14:d6:28:66:27:51:85:59:17:
73:17:37:15:6f:fd:f4:67:8d:6e:f5:cf:02:2b:8a:
0d:0c:9b:e5:9d:74:9f:60:d6:55:98:b6:70:3c:34:
86:5c:32:7f:59:16:51:73:4a:6a:c7:24:2c:d8:59:
db:8d:35:e8:0d:4b:b9:b0:3e:27:59:e7:83:73:e9:
7c:23:66:6c:78:15:d5:a2:4d:e2:7e:64:5f:c8:de:
f4:23:a5:49:f4:eb:8c:8b:03:db:06:c2:32:5b:66:
81:bf:0b:10:a1:0c:b9:42:8a:79:92:7b:f4:49:63:
12:2a:cd:fb:14:57:47:e0:03:54:1c:c7:7b:9c:df:
29:03:15:15:a7:6b:2c:db:d0:c1:b0:6a:29:dd:fe:
0f:64:fb:89:f8:66:25:9b:d2:97:02:62:c2:5a:8a:
5a:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:65:96:5B:8E:A9:6F:42:DA:34:B4:0F:6A:04:8B:A6:74:6E:EE:A7
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/vGWWW46pb0LaNLQPagSLpnRu7qc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.148.131.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:f7:38:3a:a6:cd:b8:3b:93:48:29:0e:b5:49:df:5e:34:3e:
db:5b:da:4f:98:bd:cb:f6:1e:45:9f:dd:c4:3e:1d:51:20:b5:
67:9b:9b:17:e8:42:96:16:6f:4b:c1:d0:87:d0:f5:71:f6:53:
83:82:51:e9:d1:80:6a:11:0d:de:d7:73:0f:b1:b5:63:c4:7f:
36:cd:d8:4f:67:18:7c:41:23:5f:e8:4d:4b:ef:67:c3:cf:09:
05:73:f0:f8:04:aa:de:8e:dc:db:1f:98:1d:24:2d:a4:ff:54:
a5:33:7e:01:f5:6d:5c:ef:5f:94:1d:de:ca:a6:8f:8e:40:68:
13:9c:ff:e4:71:83:2d:2c:b5:46:de:16:61:fb:bd:7c:5a:97:
7c:a3:97:5e:03:11:a7:34:4e:3a:b0:9f:60:32:c3:67:60:ca:
8e:b7:e2:a3:84:d7:5d:86:52:6d:5e:c6:01:46:17:a1:f1:45:
77:56:00:41:c6:cb:07:4c:03:6b:17:c9:f1:9e:3f:3d:26:a1:
4c:a5:1d:b9:5b:d4:bc:76:33:ef:44:3b:4c:bc:57:25:9a:98:
a2:e5:4f:03:f0:e7:2e:85:56:92:fe:e3:ea:82:91:f6:7e:46:
b5:94:e9:da:2e:63:45:c3:86:f9:60:c1:dc:42:c4:46:16:08:
10:af:d7:fb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY4i654jcteGOtRb7eX99TwxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjQwMzA5MTExNDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzY1OTY1YjhlYTk2ZjQyZGEzNGI0MGY2YTA0OGJhNjc0NmVlZWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAynYecffYmDTN+EQhfYGqoWNO9bwU
99p701C2sAjLCmLwc8el/s1y4TNiKblzjyFY9+f+3frIUaUzTXHp8ks+oRaWNBki
0oDy/Ij+1uDQBpDkr1uL+gkPbiU3sr1RGgIU1ihmJ1GFWRdzFzcVb/30Z41u9c8C
K4oNDJvlnXSfYNZVmLZwPDSGXDJ/WRZRc0pqxyQs2FnbjTXoDUu5sD4nWeeDc+l8
I2ZseBXVok3ifmRfyN70I6VJ9OuMiwPbBsIyW2aBvwsQoQy5Qop5knv0SWMSKs37
FFdH4ANUHMd7nN8pAxUVp2ss29DBsGop3f4PZPuJ+GYlm9KXAmLCWopamwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLxllluOqW9C2jS0D2oEi6Z0bu6nMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvdkdXV1c0NnBiMExhTkxRUGFnU0xwblJ1N3FjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAn5SDMA0G
CSqGSIb3DQEBCwUAA4IBAQB/9zg6ps24O5NIKQ61Sd9eND7bW9pPmL3L9h5Fn93E
Ph1RILVnm5sX6EKWFm9LwdCH0PVx9lODglHp0YBqEQ3e13MPsbVjxH82zdhPZxh8
QSNf6E1L72fDzwkFc/D4BKrejtzbH5gdJC2k/1SlM34B9W1c71+UHd7Kpo+OQGgT
nP/kcYMtLLVG3hZh+718Wpd8o5deAxGnNE46sJ9gMsNnYMqOt+KjhNddhlJtXsYB
Rheh8UV3VgBBxssHTANrF8nxnj89JqFMpR25W9S8djPvRDtMvFclmpii5U8D8Ocu
hVaS/uPqgpH2fka1lOnaLmNFw4b5YMHcQsRGFggQr9f7
-----END CERTIFICATE-----
Generated at Tue Apr 2 17:16:03 2024 by rpki-client on console-fra.rpki-client.org