Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/9KcDiXqQqpAtWSdcBCY_PdYPzK4.roa
File: 9KcDiXqQqpAtWSdcBCY_PdYPzK4.roa (raw, json)
Hash identifier: 43eK45LaSKKrd7GC7GZiKIqzZpFCkchq+929FMshnpk=
Subject key identifier: F4:A7:03:89:7A:90:AA:90:2D:59:27:5C:04:26:3F:3D:D6:0F:CC:AE
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 01856CAEFF199352C1B17AFD7BA0BF242423
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/9KcDiXqQqpAtWSdcBCY_PdYPzK4.roa
Signing time: Sun 01 Jan 2023 09:34:45 +0000
ROA not before: Sun 01 Jan 2023 09:34:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47447
IP address blocks: 149.154.159.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:31:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ae:ff:19:93:52:c1:b1:7a:fd:7b:a0:bf:24:24:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Jan 1 09:34:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f4a703897a90aa902d59275c04263f3dd60fccae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:3e:94:b3:97:a1:28:25:b3:52:fe:df:59:7b:
97:bc:55:38:01:75:fa:84:bc:b2:c1:43:66:bf:41:
0a:9a:01:d3:38:c1:df:ec:f0:ec:dd:2f:ff:19:07:
7c:7d:2d:07:de:80:63:e8:28:db:68:bd:66:e6:84:
b4:22:5f:69:6d:37:88:92:47:e2:97:03:c4:8e:21:
e1:90:7c:e3:c4:ba:87:24:ef:58:f4:fd:1c:f4:c4:
21:0e:5c:eb:f3:57:76:6f:82:cd:a3:ea:c9:70:3e:
5f:45:ad:72:95:82:ea:d9:ed:c3:2b:89:bc:9f:ea:
3b:56:3c:61:36:0e:69:ec:14:d1:e3:fa:3c:9c:62:
20:dc:c7:0c:d0:93:06:2b:57:d5:78:5d:21:7e:97:
a9:99:fa:96:15:ce:f0:14:34:7a:dc:bf:da:ab:15:
fe:66:ee:54:7c:e7:be:08:d9:03:56:4a:2e:47:d0:
a6:ee:ab:1d:8d:d4:f9:43:08:53:07:1c:61:4a:fb:
8c:ca:95:d5:83:76:0d:48:f7:56:19:73:6d:43:18:
8f:64:6b:cb:4c:71:4c:25:fa:e3:f1:83:70:61:74:
76:30:ae:27:5d:41:d8:8e:1e:cb:d0:32:98:6a:55:
75:71:95:a0:bc:fb:4b:a2:24:39:25:e8:33:78:b5:
35:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:A7:03:89:7A:90:AA:90:2D:59:27:5C:04:26:3F:3D:D6:0F:CC:AE
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/9KcDiXqQqpAtWSdcBCY_PdYPzK4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.154.159.0/24
Signature Algorithm: sha256WithRSAEncryption
10:38:55:17:bb:4c:55:60:bb:37:b4:d4:a6:7c:f6:fc:3a:d3:
16:31:39:31:88:61:3a:35:a3:b0:02:c8:59:45:41:27:5e:d2:
9f:59:a9:c2:71:1a:3b:2f:c3:89:40:9d:87:75:ed:58:8b:f6:
77:29:32:b1:1e:7c:01:47:09:d6:94:85:97:cc:e5:dd:03:1c:
ef:8a:fe:f6:d0:e6:21:72:6c:2d:19:cb:57:bb:d6:68:48:51:
b1:9d:bd:a5:7c:09:25:1e:91:88:2f:9b:45:00:f1:c0:ff:5c:
0d:f5:ff:30:94:34:f6:3a:8c:27:46:55:1f:c9:d6:ae:10:ab:
dc:23:94:ea:33:65:6f:64:2c:82:19:8b:4f:33:84:1a:86:2c:
1f:8e:24:b6:bb:ae:e7:bc:e2:4c:68:c8:14:29:f2:3b:d2:88:
71:87:4c:8f:09:15:03:ae:ff:3b:16:42:e6:d9:87:fa:f1:b9:
e1:39:16:7b:f9:4d:f7:fa:1a:70:dd:59:f7:80:16:cf:68:e0:
64:f3:80:45:04:02:14:fa:f8:05:80:3a:54:15:46:63:22:77:
4d:98:b1:eb:a7:11:b3:90:7e:f2:6e:2b:a1:37:92:f6:bf:de:
81:b0:41:8b:9d:bb:2c:2f:34:34:36:04:c1:2b:0c:91:9c:9d:
b3:1f:1c:d9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsrv8Zk1LBsXr9e6C/JCQjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjMwMTAxMDkzNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGE3MDM4OTdhOTBhYTkwMmQ1OTI3NWMwNDI2M2YzZGQ2MGZjY2FlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0T6Us5ehKCWzUv7fWXuXvFU4AXX6
hLyywUNmv0EKmgHTOMHf7PDs3S//GQd8fS0H3oBj6CjbaL1m5oS0Il9pbTeIkkfi
lwPEjiHhkHzjxLqHJO9Y9P0c9MQhDlzr81d2b4LNo+rJcD5fRa1ylYLq2e3DK4m8
n+o7VjxhNg5p7BTR4/o8nGIg3McM0JMGK1fVeF0hfpepmfqWFc7wFDR63L/aqxX+
Zu5UfOe+CNkDVkouR9Cm7qsdjdT5QwhTBxxhSvuMypXVg3YNSPdWGXNtQxiPZGvL
THFMJfrj8YNwYXR2MK4nXUHYjh7L0DKYalV1cZWgvPtLoiQ5JegzeLU1MQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPSnA4l6kKqQLVknXAQmPz3WD8yuMB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvOUtjRGlYcVFxcEF0V1NkY0JDWV9QZFlQeks0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAlZqfMA0G
CSqGSIb3DQEBCwUAA4IBAQAQOFUXu0xVYLs3tNSmfPb8OtMWMTkxiGE6NaOwAshZ
RUEnXtKfWanCcRo7L8OJQJ2Hde1Yi/Z3KTKxHnwBRwnWlIWXzOXdAxzviv720OYh
cmwtGctXu9ZoSFGxnb2lfAklHpGIL5tFAPHA/1wN9f8wlDT2OownRlUfydauEKvc
I5TqM2VvZCyCGYtPM4QahiwfjiS2u67nvOJMaMgUKfI70ohxh0yPCRUDrv87FkLm
2Yf68bnhORZ7+U33+hpw3Vn3gBbPaOBk84BFBAIU+vgFgDpUFUZjIndNmLHrpxGz
kH7ybiuhN5L2v96BsEGLnbssLzQ0NgTBKwyRnJ2zHxzZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:51 2024 by rpki-client on console-ams.rpki-client.org