Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/ybMwzMBATIyF4apWZK7jmCSr8lI.roa
File: ybMwzMBATIyF4apWZK7jmCSr8lI.roa (raw, json)
Hash identifier: /Rsk7xZ3jyorygU5837bdalVAXiUlhOLMq86RO/8nAs=
Subject key identifier: C9:B3:30:CC:C0:40:4C:8C:85:E1:AA:56:64:AE:E3:98:24:AB:F2:52
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 01856F02316A8524464BA4E7090B75FA2138
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/ybMwzMBATIyF4apWZK7jmCSr8lI.roa
Signing time: Sun 01 Jan 2023 20:24:52 +0000
ROA not before: Sun 01 Jan 2023 20:24:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6832
IP address blocks: 159.148.144.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:02:31:6a:85:24:46:4b:a4:e7:09:0b:75:fa:21:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 1 20:24:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c9b330ccc0404c8c85e1aa5664aee39824abf252
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:a6:ea:6a:ed:8d:e6:eb:75:d3:02:6b:77:ac:
c2:1a:30:aa:0e:cb:e7:ab:11:4f:51:f7:b5:1f:2a:
da:f2:42:fd:ea:01:00:26:be:78:fb:75:05:92:29:
7f:b7:7b:2e:12:85:23:6a:d5:13:97:7d:be:1b:ba:
34:7c:66:39:a4:58:59:63:1c:53:8e:ca:18:fe:b9:
93:53:1f:80:e3:44:21:0b:88:00:c4:49:a8:6e:32:
85:d4:97:da:02:d1:91:cc:7a:b6:88:88:fd:05:07:
2c:a5:ac:54:e6:80:5b:b0:72:5d:1b:86:02:2e:e7:
6a:5d:9f:9a:4e:2b:52:ae:57:b7:ac:fa:8e:09:71:
1d:92:1f:b8:da:70:8f:cf:3f:7a:b3:7b:72:4b:86:
18:7a:74:7d:c1:6c:49:06:bf:14:a2:0d:a0:96:2c:
5b:78:25:28:4d:49:cf:5d:9f:53:d4:74:0a:49:cc:
0a:2a:da:ce:7a:b7:3a:09:1c:7b:0a:56:8c:48:7f:
7a:3b:32:47:ef:35:e5:40:9e:91:61:36:6a:71:87:
07:c0:45:f2:5c:3d:55:1e:ad:ae:66:f3:5e:b9:6f:
69:99:f4:dd:0c:17:1b:f8:d7:46:4b:fc:e6:39:8a:
9d:44:f4:41:d1:50:48:e3:d8:b4:7c:04:9e:a4:39:
1d:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:B3:30:CC:C0:40:4C:8C:85:E1:AA:56:64:AE:E3:98:24:AB:F2:52
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/ybMwzMBATIyF4apWZK7jmCSr8lI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.148.144.0/24
Signature Algorithm: sha256WithRSAEncryption
31:49:a9:69:cc:0f:19:60:0a:64:43:40:38:8c:b9:ec:8c:5d:
65:ee:ab:7c:2b:a8:11:a0:b9:23:66:11:47:05:ca:35:84:72:
80:54:a9:2e:94:d0:0f:91:92:7a:68:5e:7c:58:b0:bf:fe:d6:
76:09:14:24:3a:2a:55:26:b3:ea:42:84:e5:bd:f0:92:31:8f:
fc:e5:74:c1:28:bb:5e:00:0b:ae:ff:1d:30:1a:92:de:35:12:
68:b7:c9:fa:33:d0:58:40:f2:19:75:34:c0:f0:a5:5e:7d:9c:
73:67:15:a3:e2:b6:c2:4d:5f:12:1c:17:04:0e:d8:c5:9f:05:
f8:60:8a:0d:0d:c5:6f:13:e0:12:00:5d:8e:27:e8:56:b9:5a:
58:7e:80:c5:ba:d7:50:01:10:ea:f8:9a:88:5e:67:4b:8b:f9:
97:b1:46:18:50:36:49:39:7f:e6:fd:f9:46:93:84:32:18:d0:
2b:fe:b4:f5:35:31:aa:94:6d:1b:7f:65:af:8c:a1:a5:17:21:
7a:07:61:50:b1:89:40:c2:0e:0b:ac:f2:f3:6d:17:70:3a:50:
2e:b8:85:1a:80:08:4c:e3:06:9b:87:74:ac:fb:a8:d3:37:fc:
10:ce:cc:5e:19:cc:53:d3:fb:3b:02:cd:02:15:c9:9b:fd:73:
06:de:01:91
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvAjFqhSRGS6TnCQt1+iE4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjMwMTAxMjAyNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWIzMzBjY2MwNDA0YzhjODVlMWFhNTY2NGFlZTM5ODI0YWJmMjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKbqau2N5ut10wJrd6zCGjCqDsvn
qxFPUfe1Hyra8kL96gEAJr54+3UFkil/t3suEoUjatUTl32+G7o0fGY5pFhZYxxT
jsoY/rmTUx+A40QhC4gAxEmobjKF1JfaAtGRzHq2iIj9BQcspaxU5oBbsHJdG4YC
LudqXZ+aTitSrle3rPqOCXEdkh+42nCPzz96s3tyS4YYenR9wWxJBr8Uog2glixb
eCUoTUnPXZ9T1HQKScwKKtrOerc6CRx7ClaMSH96OzJH7zXlQJ6RYTZqcYcHwEXy
XD1VHq2uZvNeuW9pmfTdDBcb+NdGS/zmOYqdRPRB0VBI49i0fASepDkdhQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMmzMMzAQEyMheGqVmSu45gkq/JSMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEveWJNd3pNQkFUSXlGNGFwV1pLN2ptQ1NyOGxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAn5SQMA0G
CSqGSIb3DQEBCwUAA4IBAQAxSalpzA8ZYApkQ0A4jLnsjF1l7qt8K6gRoLkjZhFH
Bco1hHKAVKkulNAPkZJ6aF58WLC//tZ2CRQkOipVJrPqQoTlvfCSMY/85XTBKLte
AAuu/x0wGpLeNRJot8n6M9BYQPIZdTTA8KVefZxzZxWj4rbCTV8SHBcEDtjFnwX4
YIoNDcVvE+ASAF2OJ+hWuVpYfoDFutdQARDq+JqIXmdLi/mXsUYYUDZJOX/m/flG
k4QyGNAr/rT1NTGqlG0bf2WvjKGlFyF6B2FQsYlAwg4LrPLzbRdwOlAuuIUagAhM
4wabh3Ss+6jTN/wQzsxeGcxT0/s7As0CFcmb/XMG3gGR
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:31:48 2024 by rpki-client on console-ams.rpki-client.org