Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/59fcf0-1d5c-4ecb-bf87-3bcb8bf8bbfe/1/RBskZXdZIVZcqbYi3QrkZTA_5Do.roa
File: RBskZXdZIVZcqbYi3QrkZTA_5Do.roa (raw, json)
Hash identifier: cAHSmuM5QOFck8fhFGI3Ezkr+b6sSYSRYBWSMPC5Ckg=
Subject key identifier: 44:1B:24:65:77:59:21:56:5C:A9:B6:22:DD:0A:E4:65:30:3F:E4:3A
Certificate issuer: /CN=151453f482cda78ebc99625d80b0ffc3660f95f2
Certificate serial: 018CABA83BA6ECC1A63E79FA4A1AD1672402
Authority key identifier: 15:14:53:F4:82:CD:A7:8E:BC:99:62:5D:80:B0:FF:C3:66:0F:95:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FRRT9ILNp468mWJdgLD_w2YPlfI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/59fcf0-1d5c-4ecb-bf87-3bcb8bf8bbfe/1/RBskZXdZIVZcqbYi3QrkZTA_5Do.roa
Signing time: Wed 27 Dec 2023 14:22:58 +0000
ROA not before: Wed 27 Dec 2023 14:22:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 215992
IP address blocks: 147.78.88.0/22 maxlen: 22
147.78.91.0/24 maxlen: 24
2a09:2040:ffff::/48 maxlen: 48
2a09:2040::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ab:a8:3b:a6:ec:c1:a6:3e:79:fa:4a:1a:d1:67:24:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=151453f482cda78ebc99625d80b0ffc3660f95f2
Validity
Not Before: Dec 27 14:22:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=441b2465775921565ca9b622dd0ae465303fe43a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:55:3a:16:f6:8e:7f:f6:21:ee:c2:5d:e7:43:
5b:22:5d:b2:06:c3:ad:d4:04:fd:c5:89:44:cb:b0:
d7:16:ff:82:0e:70:46:72:15:c6:e6:73:17:41:7f:
b5:e7:63:e3:2a:02:07:cd:7c:e2:4e:d9:e6:11:55:
81:14:0f:24:2a:83:b1:0c:29:66:dd:d2:ef:11:10:
4d:76:dd:2d:fc:23:ef:03:8e:a8:7d:8d:bf:92:6a:
2d:e6:c3:1b:8f:2e:75:f7:95:b2:ce:36:d0:10:eb:
51:01:d8:7a:03:9a:87:54:58:9d:c8:aa:76:5c:5d:
ad:f8:00:40:a7:82:ca:78:db:ce:0b:42:3e:25:5e:
d0:63:42:a3:c6:f6:7c:fa:2b:63:eb:99:5e:1f:99:
dc:4d:64:f7:5d:aa:20:d6:54:0b:e2:99:85:fc:fa:
f2:ad:b3:9d:74:50:eb:f4:7d:38:44:13:e9:3a:23:
ec:d8:2c:41:34:8b:6f:09:f2:cc:76:42:5c:f8:89:
5e:12:c3:70:70:f3:d8:7d:dc:e1:b4:52:70:d1:77:
45:3b:73:17:5d:66:71:77:2f:6f:db:f6:76:98:7e:
8f:e5:4b:e2:f0:b3:03:a2:f9:05:b7:ca:8c:4d:6f:
8e:6f:5f:1c:90:d3:62:92:77:c1:58:b2:53:02:95:
fa:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:1B:24:65:77:59:21:56:5C:A9:B6:22:DD:0A:E4:65:30:3F:E4:3A
X509v3 Authority Key Identifier:
keyid:15:14:53:F4:82:CD:A7:8E:BC:99:62:5D:80:B0:FF:C3:66:0F:95:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FRRT9ILNp468mWJdgLD_w2YPlfI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/59fcf0-1d5c-4ecb-bf87-3bcb8bf8bbfe/1/RBskZXdZIVZcqbYi3QrkZTA_5Do.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/59fcf0-1d5c-4ecb-bf87-3bcb8bf8bbfe/1/FRRT9ILNp468mWJdgLD_w2YPlfI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.88.0/22
IPv6:
2a09:2040::/29
Signature Algorithm: sha256WithRSAEncryption
4a:a0:e9:f1:65:dc:9e:57:1a:9e:a5:53:d4:8f:d7:b7:d3:ab:
fa:d6:9a:71:77:bf:2e:90:35:a4:3b:fc:61:4e:da:bd:a9:d5:
85:b9:b8:12:76:71:49:7b:21:7a:e2:82:98:c4:ab:14:9d:11:
ce:bc:b7:9f:19:c8:8d:f3:2f:66:15:b4:64:3d:f6:7d:b2:e1:
10:97:56:a1:45:23:32:9d:2d:59:01:e9:e3:37:d4:24:87:88:
83:41:89:80:23:07:30:00:38:d2:bc:53:cc:ab:89:fb:47:de:
08:f8:0e:ec:a9:0a:a4:7e:1c:14:1e:94:6d:85:2e:28:10:f4:
af:1e:ee:5b:6e:1a:3b:b7:b3:40:82:25:dc:c7:fc:6a:a5:73:
2f:e0:36:15:a9:b2:dc:12:4f:d9:49:d4:97:f5:46:8d:04:a3:
a2:36:55:77:c3:a3:fa:08:f7:84:04:79:f3:2a:9b:64:c5:0f:
d1:a9:8b:13:af:91:5a:19:ae:15:70:4f:b1:2e:5b:95:5a:e3:
93:aa:0e:de:61:06:3e:2c:0c:e0:56:cf:43:84:30:df:6d:c2:
b8:0b:3a:a0:f8:1e:0c:e3:95:aa:c1:aa:f9:b7:c1:2e:8a:73:
99:90:5d:3f:31:08:23:68:d9:ae:99:a0:76:87:38:b8:9f:df:
93:38:f8:6c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYyrqDum7MGmPnn6ShrRZyQCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1MTQ1M2Y0ODJjZGE3OGViYzk5NjI1ZDgwYjBmZmMzNjYw
Zjk1ZjIwHhcNMjMxMjI3MTQyMjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDFiMjQ2NTc3NTkyMTU2NWNhOWI2MjJkZDBhZTQ2NTMwM2ZlNDNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkVU6FvaOf/Yh7sJd50NbIl2yBsOt
1AT9xYlEy7DXFv+CDnBGchXG5nMXQX+152PjKgIHzXziTtnmEVWBFA8kKoOxDClm
3dLvERBNdt0t/CPvA46ofY2/kmot5sMbjy5195WyzjbQEOtRAdh6A5qHVFidyKp2
XF2t+ABAp4LKeNvOC0I+JV7QY0KjxvZ8+itj65leH5ncTWT3Xaog1lQL4pmF/Pry
rbOddFDr9H04RBPpOiPs2CxBNItvCfLMdkJc+IleEsNwcPPYfdzhtFJw0XdFO3MX
XWZxdy9v2/Z2mH6P5Uvi8LMDovkFt8qMTW+Ob18ckNNiknfBWLJTApX6iwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEQbJGV3WSFWXKm2It0K5GUwP+Q6MB8GA1UdIwQY
MBaAFBUUU/SCzaeOvJliXYCw/8NmD5XyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRlJSVDlJTE5wNDY4bVdKZGdMRF93MllQbGZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC81OWZjZjAtMWQ1Yy00ZWNiLWJmODct
M2JjYjhiZjhiYmZlLzEvUkJza1pYZFpJVlpjcWJZaTNRcmtaVEFfNURvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC81OWZjZjAtMWQ1Yy00ZWNiLWJmODctM2JjYjhiZjhiYmZl
LzEvRlJSVDlJTE5wNDY4bVdKZGdMRF93MllQbGZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCk05YMA0E
AgACMAcDBQMqCSBAMA0GCSqGSIb3DQEBCwUAA4IBAQBKoOnxZdyeVxqepVPUj9e3
06v61ppxd78ukDWkO/xhTtq9qdWFubgSdnFJeyF64oKYxKsUnRHOvLefGciN8y9m
FbRkPfZ9suEQl1ahRSMynS1ZAenjN9Qkh4iDQYmAIwcwADjSvFPMq4n7R94I+A7s
qQqkfhwUHpRthS4oEPSvHu5bbho7t7NAgiXcx/xqpXMv4DYVqbLcEk/ZSdSX9UaN
BKOiNlV3w6P6CPeEBHnzKptkxQ/RqYsTr5FaGa4VcE+xLluVWuOTqg7eYQY+LAzg
Vs9DhDDfbcK4Czqg+B4M45Wqwar5t8EuinOZkF0/MQgjaNmumaB2hzi4n9+TOPhs
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:26:36 2024 by rpki-client on console-fra.rpki-client.org