Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/59fcf0-1d5c-4ecb-bf87-3bcb8bf8bbfe/1/SpZ_0BfTAw9gf1pl1Nu0cF08VBY.roa
File: SpZ_0BfTAw9gf1pl1Nu0cF08VBY.roa (raw, json)
Hash identifier: /pzyyeiUV9OeKwzI9y7nJ8OWqiW+RMZ9QEdVozvHOAs=
Subject key identifier: 4A:96:7F:D0:17:D3:03:0F:60:7F:5A:65:D4:DB:B4:70:5D:3C:54:16
Certificate issuer: /CN=151453f482cda78ebc99625d80b0ffc3660f95f2
Certificate serial: 018CABB39E7C2EC8E24E4F5E3EB5F1502051
Authority key identifier: 15:14:53:F4:82:CD:A7:8E:BC:99:62:5D:80:B0:FF:C3:66:0F:95:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FRRT9ILNp468mWJdgLD_w2YPlfI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/59fcf0-1d5c-4ecb-bf87-3bcb8bf8bbfe/1/SpZ_0BfTAw9gf1pl1Nu0cF08VBY.roa
Signing time: Wed 27 Dec 2023 14:35:24 +0000
ROA not before: Wed 27 Dec 2023 14:35:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61157
IP address blocks: 147.78.88.0/22 maxlen: 22
147.78.91.0/24 maxlen: 24
2a09:2040:ffff::/48 maxlen: 48
2a09:2040::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ab:b3:9e:7c:2e:c8:e2:4e:4f:5e:3e:b5:f1:50:20:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=151453f482cda78ebc99625d80b0ffc3660f95f2
Validity
Not Before: Dec 27 14:35:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4a967fd017d3030f607f5a65d4dbb4705d3c5416
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:07:a4:b1:dd:8c:c6:5f:7a:05:bf:ee:53:28:
90:5f:dd:e5:2a:75:1c:a8:1f:17:b1:71:ad:32:8f:
50:30:98:17:09:b1:fa:29:41:2c:02:16:cb:a5:1b:
29:61:04:49:61:ad:b0:8d:c4:0e:1b:47:e0:88:59:
81:70:55:06:e1:d1:18:0f:ad:b2:63:96:d5:3a:5c:
09:85:fc:fa:35:8d:6f:a8:27:21:b4:55:2b:db:88:
f2:c5:91:04:d1:8e:ae:8a:45:87:c9:6c:5a:ee:6d:
57:8e:ed:45:aa:db:59:ba:f5:39:32:9f:ad:30:a2:
c4:d8:7f:5d:cc:ac:64:18:e1:75:58:60:0a:e4:9e:
84:7e:ab:62:64:5b:4d:11:e6:f9:35:08:da:e8:85:
42:d1:91:d5:75:61:a8:5b:8c:7a:a5:dc:34:6e:6b:
3c:58:49:91:4b:fa:56:4f:eb:7f:ba:89:05:3f:b6:
58:05:49:c3:0b:b6:46:d8:77:fb:b0:bf:38:57:0f:
be:54:a5:3a:bb:da:93:9d:6e:cf:f7:aa:d8:98:83:
91:e7:9a:17:83:ee:bf:56:5b:3d:99:6e:63:19:e4:
73:11:5b:f8:57:af:49:00:ce:91:23:b8:7d:f1:72:
ec:74:1f:80:29:e7:7d:55:f3:50:1e:1f:38:82:ff:
aa:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:96:7F:D0:17:D3:03:0F:60:7F:5A:65:D4:DB:B4:70:5D:3C:54:16
X509v3 Authority Key Identifier:
keyid:15:14:53:F4:82:CD:A7:8E:BC:99:62:5D:80:B0:FF:C3:66:0F:95:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FRRT9ILNp468mWJdgLD_w2YPlfI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/59fcf0-1d5c-4ecb-bf87-3bcb8bf8bbfe/1/SpZ_0BfTAw9gf1pl1Nu0cF08VBY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/59fcf0-1d5c-4ecb-bf87-3bcb8bf8bbfe/1/FRRT9ILNp468mWJdgLD_w2YPlfI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.88.0/22
IPv6:
2a09:2040::/29
Signature Algorithm: sha256WithRSAEncryption
05:36:ed:b3:3a:f1:56:b8:a3:56:11:e4:93:56:6f:69:75:a9:
68:76:e7:02:c2:29:0c:95:74:04:ef:1f:b0:6e:b5:9e:8d:de:
71:ae:8d:3a:15:86:59:63:bd:58:93:3b:49:5a:3c:ac:b6:4b:
c6:ea:d2:66:82:15:49:12:ba:54:05:4b:99:e0:a2:9c:3f:13:
df:99:f3:9a:56:19:e3:ce:83:33:b4:0c:c9:8d:cf:e9:81:25:
b7:33:e4:f8:f2:e6:a4:d4:04:94:3c:f5:c5:a4:c8:64:3c:43:
a1:66:b5:00:51:ec:4b:01:0b:50:d3:e9:26:00:7c:3d:ec:d3:
6d:a1:c7:eb:b6:27:d1:5c:77:f9:a3:f2:70:b3:c0:ac:ea:d1:
23:81:ca:4d:bd:d4:3c:b2:ce:de:8a:17:b5:6d:2f:bb:00:f6:
b8:0a:19:46:3f:d3:f3:b8:50:a8:c0:ca:77:2f:b7:e0:f2:8d:
3f:9f:bd:ff:e6:8b:24:b5:d0:50:85:e0:25:01:c9:2c:c0:fc:
2a:00:a5:7c:e0:ac:33:23:a6:6e:dc:ac:da:db:2c:e1:c0:d9:
0a:ee:6a:45:aa:20:1c:88:a5:4f:1f:be:cb:fc:31:73:bf:3d:
65:76:db:4d:9c:31:9e:7a:d2:de:bc:5f:6f:66:d8:6e:a0:18:
ec:dd:97:ac
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYyrs558LsjiTk9ePrXxUCBRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1MTQ1M2Y0ODJjZGE3OGViYzk5NjI1ZDgwYjBmZmMzNjYw
Zjk1ZjIwHhcNMjMxMjI3MTQzNTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTk2N2ZkMDE3ZDMwMzBmNjA3ZjVhNjVkNGRiYjQ3MDVkM2M1NDE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Aeksd2Mxl96Bb/uUyiQX93lKnUc
qB8XsXGtMo9QMJgXCbH6KUEsAhbLpRspYQRJYa2wjcQOG0fgiFmBcFUG4dEYD62y
Y5bVOlwJhfz6NY1vqCchtFUr24jyxZEE0Y6uikWHyWxa7m1Xju1FqttZuvU5Mp+t
MKLE2H9dzKxkGOF1WGAK5J6EfqtiZFtNEeb5NQja6IVC0ZHVdWGoW4x6pdw0bms8
WEmRS/pWT+t/uokFP7ZYBUnDC7ZG2Hf7sL84Vw++VKU6u9qTnW7P96rYmIOR55oX
g+6/Vls9mW5jGeRzEVv4V69JAM6RI7h98XLsdB+AKed9VfNQHh84gv+qLwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEqWf9AX0wMPYH9aZdTbtHBdPFQWMB8GA1UdIwQY
MBaAFBUUU/SCzaeOvJliXYCw/8NmD5XyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRlJSVDlJTE5wNDY4bVdKZGdMRF93MllQbGZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC81OWZjZjAtMWQ1Yy00ZWNiLWJmODct
M2JjYjhiZjhiYmZlLzEvU3BaXzBCZlRBdzlnZjFwbDFOdTBjRjA4VkJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC81OWZjZjAtMWQ1Yy00ZWNiLWJmODctM2JjYjhiZjhiYmZl
LzEvRlJSVDlJTE5wNDY4bVdKZGdMRF93MllQbGZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCk05YMA0E
AgACMAcDBQMqCSBAMA0GCSqGSIb3DQEBCwUAA4IBAQAFNu2zOvFWuKNWEeSTVm9p
daloducCwikMlXQE7x+wbrWejd5xro06FYZZY71YkztJWjystkvG6tJmghVJErpU
BUuZ4KKcPxPfmfOaVhnjzoMztAzJjc/pgSW3M+T48uak1ASUPPXFpMhkPEOhZrUA
UexLAQtQ0+kmAHw97NNtocfrtifRXHf5o/Jws8Cs6tEjgcpNvdQ8ss7eihe1bS+7
APa4ChlGP9PzuFCowMp3L7fg8o0/n73/5osktdBQheAlAckswPwqAKV84KwzI6Zu
3Kza2yzhwNkK7mpFqiAciKVPH77L/DFzvz1ldttNnDGeetLevF9vZthuoBjs3Zes
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:26:36 2024 by rpki-client on console-fra.rpki-client.org