Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/8c5808-3165-41dc-90a0-3ef5eb7c8598/1/158QsIqWHM3WV6VObUHdCaL1Js0.roa
File: 158QsIqWHM3WV6VObUHdCaL1Js0.roa (raw, json)
Hash identifier: WQBWAYZ5ofDd+zW31JTgAQxCTFOs2TbaeJtIOTxQrnA=
Subject key identifier: D7:9F:10:B0:8A:96:1C:CD:D6:57:A5:4E:6D:41:DD:09:A2:F5:26:CD
Certificate issuer: /CN=f3b90781dbbebdb8ec42baf66488059ea5866aac
Certificate serial: 018AB6A983A71C5B31CE3D3BDC85AD0A61E5
Authority key identifier: F3:B9:07:81:DB:BE:BD:B8:EC:42:BA:F6:64:88:05:9E:A5:86:6A:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/87kHgdu-vbjsQrr2ZIgFnqWGaqw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/8c5808-3165-41dc-90a0-3ef5eb7c8598/1/158QsIqWHM3WV6VObUHdCaL1Js0.roa
Signing time: Thu 21 Sep 2023 07:34:37 +0000
ROA not before: Thu 21 Sep 2023 07:34:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12400
IP address blocks: 2a03:6947:c00::/40 maxlen: 40
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b6:a9:83:a7:1c:5b:31:ce:3d:3b:dc:85:ad:0a:61:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f3b90781dbbebdb8ec42baf66488059ea5866aac
Validity
Not Before: Sep 21 07:34:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d79f10b08a961ccdd657a54e6d41dd09a2f526cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:6c:46:91:cc:47:ac:70:3a:1d:46:11:3b:be:
57:5b:2f:96:48:f0:c5:d2:16:78:17:93:2f:7c:ea:
54:58:d3:4e:ac:67:4f:5f:ef:20:9f:a0:d7:e1:5e:
55:98:f5:1c:a5:98:fb:a7:d6:b6:30:28:f0:02:7f:
f2:de:01:b3:3f:bd:bb:f4:5a:a2:98:e5:71:1e:45:
d2:7c:67:5e:10:56:fd:12:e7:4a:03:25:36:10:46:
c5:8b:dc:3b:43:44:3b:29:5e:67:6b:7b:db:99:a7:
48:a7:19:9a:36:24:0c:2b:97:6e:aa:b2:b0:86:32:
b7:47:aa:67:71:8f:46:69:01:73:09:fc:0a:b2:7c:
a9:26:e5:ae:b1:86:6a:23:9b:1e:bb:8d:b2:82:15:
56:13:dc:9a:f2:ca:5a:39:43:1f:76:31:07:7e:8c:
8f:56:04:94:b6:68:7b:42:3d:fc:be:06:df:d4:fc:
2e:55:81:ef:64:38:92:a4:40:7a:ca:04:47:f7:c4:
21:90:86:58:5b:35:02:52:68:a2:d2:06:0f:7d:37:
c1:e2:e7:ec:fe:76:6c:9a:2c:38:3d:8f:de:28:59:
69:15:c4:9a:94:6b:eb:b3:df:37:dd:c9:d1:c0:85:
80:dd:6d:6a:45:43:4e:2d:73:66:f4:7e:4c:3d:fb:
3b:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:9F:10:B0:8A:96:1C:CD:D6:57:A5:4E:6D:41:DD:09:A2:F5:26:CD
X509v3 Authority Key Identifier:
keyid:F3:B9:07:81:DB:BE:BD:B8:EC:42:BA:F6:64:88:05:9E:A5:86:6A:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/87kHgdu-vbjsQrr2ZIgFnqWGaqw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/8c5808-3165-41dc-90a0-3ef5eb7c8598/1/158QsIqWHM3WV6VObUHdCaL1Js0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/8c5808-3165-41dc-90a0-3ef5eb7c8598/1/87kHgdu-vbjsQrr2ZIgFnqWGaqw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:6947:c00::/40
Signature Algorithm: sha256WithRSAEncryption
42:97:58:cf:8b:50:34:ba:51:4f:a1:4f:fd:31:4e:49:ec:f5:
9e:72:b6:f2:da:7d:cf:25:8d:f3:e0:c8:db:60:27:15:a1:f8:
bb:3e:51:9c:56:5a:e5:97:95:f7:5b:78:ee:79:fb:cf:db:17:
b6:11:78:55:6c:64:1e:cd:cd:f2:e7:24:ee:23:13:03:d6:ec:
66:1c:0d:e0:53:1b:42:ee:0e:e2:e2:1a:18:86:b3:a9:c5:f5:
b0:6e:9d:f7:ce:e7:ea:67:9f:5d:c3:6e:a4:ec:59:fa:78:cd:
dd:9c:9c:9d:66:f3:97:7c:0b:0b:f4:91:1d:62:cd:12:f3:f9:
f0:b0:19:bd:3c:fb:b8:3c:b5:d0:27:40:27:b3:5a:d9:8f:93:
70:cd:19:df:75:ff:47:d0:43:40:41:57:32:b8:00:e4:f1:0f:
3d:dc:d3:f5:e9:9f:e5:b2:62:6f:3e:db:b8:53:e7:bb:f3:54:
93:48:ba:4c:2d:ac:b7:8b:60:b1:95:5c:c5:d8:06:c6:7b:87:
47:36:30:d7:c8:5d:2e:ab:46:43:79:ad:8b:55:29:b5:43:f2:
98:66:f7:9d:b9:b5:e4:79:93:79:65:e2:58:99:be:33:1c:74:
46:57:09:76:f3:2d:5b:ba:98:39:1a:97:0d:61:f7:cf:c6:24:
37:4e:94:c7
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYq2qYOnHFsxzj073IWtCmHlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzYjkwNzgxZGJiZWJkYjhlYzQyYmFmNjY0ODgwNTllYTU4
NjZhYWMwHhcNMjMwOTIxMDczNDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzlmMTBiMDhhOTYxY2NkZDY1N2E1NGU2ZDQxZGQwOWEyZjUyNmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg2xGkcxHrHA6HUYRO75XWy+WSPDF
0hZ4F5MvfOpUWNNOrGdPX+8gn6DX4V5VmPUcpZj7p9a2MCjwAn/y3gGzP7279Fqi
mOVxHkXSfGdeEFb9EudKAyU2EEbFi9w7Q0Q7KV5na3vbmadIpxmaNiQMK5duqrKw
hjK3R6pncY9GaQFzCfwKsnypJuWusYZqI5seu42yghVWE9ya8spaOUMfdjEHfoyP
VgSUtmh7Qj38vgbf1PwuVYHvZDiSpEB6ygRH98QhkIZYWzUCUmii0gYPfTfB4ufs
/nZsmiw4PY/eKFlpFcSalGvrs9833cnRwIWA3W1qRUNOLXNm9H5MPfs7NQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFNefELCKlhzN1lelTm1B3Qmi9SbNMB8GA1UdIwQY
MBaAFPO5B4Hbvr247EK69mSIBZ6lhmqsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODdrSGdkdS12YmpzUXJyMlpJZ0ZucVdHYXF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi84YzU4MDgtMzE2NS00MWRjLTkwYTAt
M2VmNWViN2M4NTk4LzEvMTU4UXNJcVdITTNXVjZWT2JVSGRDYUwxSnMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi84YzU4MDgtMzE2NS00MWRjLTkwYTAtM2VmNWViN2M4NTk4
LzEvODdrSGdkdS12YmpzUXJyMlpJZ0ZucVdHYXF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgNpRwww
DQYJKoZIhvcNAQELBQADggEBAEKXWM+LUDS6UU+hT/0xTkns9Z5ytvLafc8ljfPg
yNtgJxWh+Ls+UZxWWuWXlfdbeO55+8/bF7YReFVsZB7NzfLnJO4jEwPW7GYcDeBT
G0LuDuLiGhiGs6nF9bBunffO5+pnn13DbqTsWfp4zd2cnJ1m85d8Cwv0kR1izRLz
+fCwGb08+7g8tdAnQCezWtmPk3DNGd91/0fQQ0BBVzK4AOTxDz3c0/Xpn+WyYm8+
27hT57vzVJNIukwtrLeLYLGVXMXYBsZ7h0c2MNfIXS6rRkN5rYtVKbVD8phm9525
teR5k3ll4liZvjMcdEZXCXbzLVu6mDkalw1h98/GJDdOlMc=
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:15:31 2024 by rpki-client on console-ams.rpki-client.org