Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/wZcw0dMdsFLS9bLlq6x1q4R7ksQ.roa
File: wZcw0dMdsFLS9bLlq6x1q4R7ksQ.roa (raw, json)
Hash identifier: 5GCF0hhVOSMxsHHLEw7w6s48brDLFT57nISlBTQV53U=
Subject key identifier: C1:97:30:D1:D3:1D:B0:52:D2:F5:B2:E5:AB:AC:75:AB:84:7B:92:C4
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 018A26C10B3A00E4443E8A594CFF9069E7AE
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/wZcw0dMdsFLS9bLlq6x1q4R7ksQ.roa
Signing time: Thu 24 Aug 2023 08:55:00 +0000
ROA not before: Thu 24 Aug 2023 08:55:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21096
IP address blocks: 159.148.222.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:26:c1:0b:3a:00:e4:44:3e:8a:59:4c:ff:90:69:e7:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Aug 24 08:55:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c19730d1d31db052d2f5b2e5abac75ab847b92c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:ab:cd:1f:72:1f:c0:67:4a:0b:35:a6:24:bf:
73:73:ce:a0:57:dd:f3:86:65:9d:18:89:3f:ee:44:
2e:48:f1:74:78:03:5c:65:31:4a:67:79:b6:68:bc:
b2:92:6d:37:81:52:8e:c9:30:e7:cb:70:1f:2b:a5:
d2:ca:ee:0e:78:ad:6a:74:21:fe:af:2a:e2:76:e4:
95:76:31:8a:0d:70:27:c1:f2:2a:dd:82:25:ad:98:
24:1f:9c:4c:56:05:21:8b:ad:6e:dd:31:47:60:af:
9c:cc:bf:16:ce:61:af:bc:34:a9:11:76:b3:52:1e:
00:5f:91:23:b2:9d:8d:aa:ae:bf:10:7d:57:5e:83:
37:3c:70:9d:19:f4:64:6c:37:0b:0c:29:43:f5:3b:
62:2e:c0:6e:ee:b6:d8:42:78:20:1b:f8:cc:84:91:
cc:82:4b:ac:b2:9a:74:b6:88:0d:85:1d:99:84:af:
86:b0:b5:88:5b:b0:40:67:f1:e0:0f:1d:aa:5e:62:
69:c0:56:b3:6b:1d:31:ca:54:de:c1:89:70:41:0c:
3a:2e:e0:51:25:f8:51:00:17:e9:2b:e9:dc:35:04:
b9:59:73:64:bf:af:f1:ba:61:fd:36:01:41:fd:0a:
6c:f9:ee:0f:6d:54:1c:3b:02:02:0d:6c:fb:b7:e2:
67:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:97:30:D1:D3:1D:B0:52:D2:F5:B2:E5:AB:AC:75:AB:84:7B:92:C4
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/wZcw0dMdsFLS9bLlq6x1q4R7ksQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.148.222.0/24
Signature Algorithm: sha256WithRSAEncryption
05:3f:bc:17:d2:72:27:a3:52:37:b9:ad:20:0b:25:51:8d:f9:
8f:c6:10:23:ba:6f:b9:55:56:bf:f7:04:d5:fe:1f:53:cf:19:
76:12:f7:40:e6:73:df:bf:46:ff:6f:84:0a:a7:30:0e:5c:e6:
47:3d:06:2a:65:22:d3:87:1b:18:6d:00:30:9c:c9:99:57:40:
4c:50:d8:48:4e:22:6f:b7:f4:ee:65:d3:f1:2f:14:46:e1:0a:
98:ae:5b:13:bc:63:3c:4e:18:c1:6d:c0:a1:0b:1e:3d:25:fb:
9c:fe:bf:cc:ce:fa:59:ea:a2:33:f4:ee:e4:e8:d6:5d:bc:cb:
9a:c8:1e:86:12:22:65:cd:b4:12:05:48:28:ba:5c:4c:ca:aa:
74:a0:72:0e:d9:74:70:f6:80:fa:3c:6c:ce:2b:36:de:42:18:
1d:af:f3:2f:ff:04:18:6c:d9:8b:18:5f:db:df:a6:56:e2:3a:
64:ef:c8:b4:c8:48:03:f9:fe:95:f2:80:f8:0e:3d:88:ea:2a:
62:1e:26:dc:e9:1c:6b:67:7e:d5:ce:77:49:f0:bd:c8:3a:c6:
90:a6:d0:2c:f5:24:ad:6b:85:90:92:d0:38:f8:da:ec:63:3b:
26:02:10:5c:df:de:3d:da:49:27:31:55:da:8a:8f:ef:49:0e:
08:5d:2d:31
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYomwQs6AOREPopZTP+QaeeuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjMwODI0MDg1NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTk3MzBkMWQzMWRiMDUyZDJmNWIyZTVhYmFjNzVhYjg0N2I5MmM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlKvNH3IfwGdKCzWmJL9zc86gV93z
hmWdGIk/7kQuSPF0eANcZTFKZ3m2aLyykm03gVKOyTDny3AfK6XSyu4OeK1qdCH+
ryriduSVdjGKDXAnwfIq3YIlrZgkH5xMVgUhi61u3TFHYK+czL8WzmGvvDSpEXaz
Uh4AX5Ejsp2Nqq6/EH1XXoM3PHCdGfRkbDcLDClD9TtiLsBu7rbYQnggG/jMhJHM
gkusspp0togNhR2ZhK+GsLWIW7BAZ/HgDx2qXmJpwFazax0xylTewYlwQQw6LuBR
JfhRABfpK+ncNQS5WXNkv6/xumH9NgFB/Qps+e4PbVQcOwICDWz7t+JnnQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMGXMNHTHbBS0vWy5ausdauEe5LEMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvd1pjdzBkTWRzRkxTOWJMbHE2eDFxNFI3a3NRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAn5TeMA0G
CSqGSIb3DQEBCwUAA4IBAQAFP7wX0nIno1I3ua0gCyVRjfmPxhAjum+5VVa/9wTV
/h9Tzxl2EvdA5nPfv0b/b4QKpzAOXOZHPQYqZSLThxsYbQAwnMmZV0BMUNhITiJv
t/TuZdPxLxRG4QqYrlsTvGM8ThjBbcChCx49Jfuc/r/MzvpZ6qIz9O7k6NZdvMua
yB6GEiJlzbQSBUgoulxMyqp0oHIO2XRw9oD6PGzOKzbeQhgdr/Mv/wQYbNmLGF/b
36ZW4jpk78i0yEgD+f6V8oD4Dj2I6ipiHibc6RxrZ37VzndJ8L3IOsaQptAs9SSt
a4WQktA4+NrsYzsmAhBc39492kknMVXaio/vSQ4IXS0x
-----END CERTIFICATE-----
Generated at Wed Aug 30 09:53:49 2023 by rpki-client on console-fra.rpki-client.org