Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/wbK8WDOz0B4sJhfgKSq5i-uYaZQ.roa
File: wbK8WDOz0B4sJhfgKSq5i-uYaZQ.roa (raw, json)
Hash identifier: /cUjdM4pMXRJXDZiz6GDjXLY/PNp+g9eJrnZaHosKak=
Subject key identifier: C1:B2:BC:58:33:B3:D0:1E:2C:26:17:E0:29:2A:B9:8B:EB:98:69:94
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 018CC8012DF225D026AB7BCBA85BC0F18AEB
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/wbK8WDOz0B4sJhfgKSq5i-uYaZQ.roa
Signing time: Tue 02 Jan 2024 02:29:29 +0000
ROA not before: Tue 02 Jan 2024 02:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57844
IP address blocks: 159.148.109.0/24 maxlen: 24
159.148.234.0/24 maxlen: 24
159.148.66.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 29 Apr 2024 07:17:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:2d:f2:25:d0:26:ab:7b:cb:a8:5b:c0:f1:8a:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 2 02:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c1b2bc5833b3d01e2c2617e0292ab98beb986994
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:e1:f3:83:5f:7c:b6:cc:9f:03:e5:08:10:d4:
97:62:14:e4:2f:eb:c8:00:f4:49:14:d9:4a:d1:56:
07:b5:68:f0:78:cb:62:0f:68:44:f8:1d:2a:66:4a:
c2:ea:27:77:85:1d:6a:13:8f:20:d7:73:6d:a2:de:
01:bc:d3:aa:c1:4f:f8:e9:4d:b5:7e:e6:56:e5:b5:
3c:28:1d:be:1a:77:5a:44:4b:27:fa:c7:42:3a:ee:
2a:3c:9c:44:fc:7a:61:55:f2:ca:52:ee:e4:2b:00:
85:c0:c6:5e:ae:81:5b:ac:c0:fc:79:29:1b:83:76:
64:53:b8:5d:a5:66:a4:66:35:53:2a:ef:16:e2:de:
47:96:cb:92:38:c4:ba:f9:ff:9b:ab:5a:62:53:0d:
c4:75:21:46:85:55:fe:59:88:03:bd:e9:46:4a:40:
ef:14:83:91:7e:6a:ca:7c:ed:38:7c:63:3b:0b:31:
bd:26:03:be:d8:93:9d:b7:64:ce:d1:0c:9c:b1:86:
6d:61:f4:ed:d3:a2:54:0b:86:5e:7f:9c:e9:f0:00:
2f:b4:55:5d:a0:7e:03:8f:2b:d8:bb:59:aa:63:e3:
58:19:d9:7f:ee:3d:1e:f1:63:e1:1d:1f:26:52:df:
2d:e2:6a:17:46:62:c0:c7:ca:64:8b:e2:aa:c7:66:
a4:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:B2:BC:58:33:B3:D0:1E:2C:26:17:E0:29:2A:B9:8B:EB:98:69:94
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/wbK8WDOz0B4sJhfgKSq5i-uYaZQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.148.66.0/24
159.148.109.0/24
159.148.234.0/24
Signature Algorithm: sha256WithRSAEncryption
c1:dc:b1:43:86:c5:3b:fd:18:fe:06:c7:5d:53:09:05:86:0d:
59:0b:08:23:25:9b:d2:75:39:e1:62:e5:93:cb:14:40:1d:9c:
f0:55:76:40:d0:15:1d:1b:25:a0:1d:83:c4:a9:50:9f:9d:8d:
a3:78:67:9a:cd:54:b8:e3:73:2f:3a:cd:6f:2c:85:27:a6:9e:
9f:fd:2e:5c:e2:a4:69:1e:f7:73:18:b4:95:22:a5:a5:ac:ba:
3b:51:ab:f0:82:33:5b:0f:ab:a8:6e:43:55:2d:43:ca:56:05:
04:be:20:ac:00:9d:83:b9:dd:91:2b:99:fe:30:a6:ed:e9:6e:
8a:f2:fe:d3:8d:f2:9a:89:42:35:eb:0f:9e:a3:e1:c3:2f:05:
89:7b:ca:b6:66:64:9e:0d:4f:c4:27:c9:2e:8b:37:95:a5:cd:
3b:54:ee:37:df:32:25:ae:89:15:5b:fc:5e:97:36:04:47:89:
73:57:d3:fb:f4:39:7e:38:97:2a:d8:63:21:96:6b:31:04:e7:
17:75:9b:fe:48:3c:31:7f:36:e9:0c:0b:a3:0e:d2:0e:f3:37:
4c:e8:18:7a:23:dd:31:8d:3f:ae:05:05:2c:11:47:ea:0f:d8:
e5:bb:c4:fb:a1:31:2f:ed:91:70:1b:3d:05:4d:a2:1b:9b:66:
3a:40:df:fd
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzIAS3yJdAmq3vLqFvA8YrrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjQwMTAyMDIyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWIyYmM1ODMzYjNkMDFlMmMyNjE3ZTAyOTJhYjk4YmViOTg2OTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAguHzg198tsyfA+UIENSXYhTkL+vI
APRJFNlK0VYHtWjweMtiD2hE+B0qZkrC6id3hR1qE48g13Ntot4BvNOqwU/46U21
fuZW5bU8KB2+GndaREsn+sdCOu4qPJxE/HphVfLKUu7kKwCFwMZeroFbrMD8eSkb
g3ZkU7hdpWakZjVTKu8W4t5HlsuSOMS6+f+bq1piUw3EdSFGhVX+WYgDvelGSkDv
FIORfmrKfO04fGM7CzG9JgO+2JOdt2TO0QycsYZtYfTt06JUC4Zef5zp8AAvtFVd
oH4DjyvYu1mqY+NYGdl/7j0e8WPhHR8mUt8t4moXRmLAx8pki+Kqx2akAQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMGyvFgzs9AeLCYX4CkquYvrmGmUMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvd2JLOFdET3owQjRzSmhmZ0tTcTVpLXVZYVpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAn5RCAwQA
n5RtAwQAn5TqMA0GCSqGSIb3DQEBCwUAA4IBAQDB3LFDhsU7/Rj+BsddUwkFhg1Z
CwgjJZvSdTnhYuWTyxRAHZzwVXZA0BUdGyWgHYPEqVCfnY2jeGeazVS443MvOs1v
LIUnpp6f/S5c4qRpHvdzGLSVIqWlrLo7UavwgjNbD6uobkNVLUPKVgUEviCsAJ2D
ud2RK5n+MKbt6W6K8v7TjfKaiUI16w+eo+HDLwWJe8q2ZmSeDU/EJ8kuizeVpc07
VO433zIlrokVW/xelzYER4lzV9P79Dl+OJcq2GMhlmsxBOcXdZv+SDwxfzbpDAuj
DtIO8zdM6Bh6I90xjT+uBQUsEUfqD9jlu8T7oTEv7ZFwGz0FTaIbm2Y6QN/9
-----END CERTIFICATE-----
Generated at Mon Apr 29 11:06:50 2024 by rpki-client on console-fra.rpki-client.org