Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/s1mjWqBZcnh7LY3WjaN_rKOKvN8.roa
File: s1mjWqBZcnh7LY3WjaN_rKOKvN8.roa (raw, json)
Hash identifier: o0BJJrBA8nNxXRKzyl9eOgfh1Ka1AclUYqHbauIYMjI=
Subject key identifier: B3:59:A3:5A:A0:59:72:78:7B:2D:8D:D6:8D:A3:7F:AC:A3:8A:BC:DF
Certificate issuer: /CN=9f0743496c7ff3effb870601139cad9d2f271e10
Certificate serial: 0185707975B76F609BC5B62D3BD34D9631EA
Authority key identifier: 9F:07:43:49:6C:7F:F3:EF:FB:87:06:01:13:9C:AD:9D:2F:27:1E:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nwdDSWx_8-_7hwYBE5ytnS8nHhA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/s1mjWqBZcnh7LY3WjaN_rKOKvN8.roa
Signing time: Mon 02 Jan 2023 03:14:46 +0000
ROA not before: Mon 02 Jan 2023 03:14:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 396356
IP address blocks: 157.97.121.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:79:75:b7:6f:60:9b:c5:b6:2d:3b:d3:4d:96:31:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f0743496c7ff3effb870601139cad9d2f271e10
Validity
Not Before: Jan 2 03:14:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b359a35aa05972787b2d8dd68da37faca38abcdf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:00:78:86:3a:66:51:38:7e:77:9f:1b:b2:83:
04:6a:f1:97:80:4b:85:aa:5f:64:c3:8b:ee:db:a5:
46:98:3e:86:87:01:ba:ad:81:0c:dc:62:8c:fb:0d:
fb:0e:01:f6:cc:2f:8f:e1:cb:82:18:c8:67:69:91:
39:de:0a:64:c8:a9:72:10:a9:77:53:0f:51:19:b5:
31:01:17:6f:44:af:d3:8f:00:df:c8:70:9c:11:db:
84:95:10:e1:51:1a:cc:e0:a5:e9:9c:c7:63:03:52:
01:0a:29:35:d7:a8:3a:1c:ab:22:17:58:b1:79:a4:
57:46:d8:96:83:8c:65:5c:cc:e9:26:cb:89:38:2f:
1d:35:28:a2:f3:10:e5:21:cf:2b:65:8c:93:9a:42:
a4:f6:1a:1d:81:0f:d7:d7:64:48:58:92:ac:e9:03:
12:c2:18:d6:5a:ab:08:aa:55:1c:ba:bc:8f:c4:aa:
04:aa:24:c4:71:f8:1c:0f:74:78:57:89:be:83:19:
3a:d1:ad:67:5a:c8:5f:af:ab:93:95:f8:60:e6:37:
93:0b:a4:b5:44:7d:70:1d:23:5d:75:a0:f0:87:fb:
fe:81:bf:25:b7:b3:62:51:9f:16:81:e4:0f:36:99:
36:95:39:6a:b6:72:18:37:ff:24:c6:c8:cb:e3:62:
ba:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:59:A3:5A:A0:59:72:78:7B:2D:8D:D6:8D:A3:7F:AC:A3:8A:BC:DF
X509v3 Authority Key Identifier:
keyid:9F:07:43:49:6C:7F:F3:EF:FB:87:06:01:13:9C:AD:9D:2F:27:1E:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nwdDSWx_8-_7hwYBE5ytnS8nHhA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/s1mjWqBZcnh7LY3WjaN_rKOKvN8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/nwdDSWx_8-_7hwYBE5ytnS8nHhA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.97.121.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:23:ef:4f:bd:c8:c6:26:e0:bf:ae:52:8e:34:79:7b:8f:f8:
63:28:6b:be:f9:66:8e:cd:72:79:0a:0c:af:9d:e0:3b:36:e7:
95:69:14:46:32:07:0a:f6:b8:3d:19:9d:07:a5:a4:b3:72:96:
59:b3:ff:07:0c:f9:cb:27:90:d2:45:06:5b:9c:49:66:c8:7d:
76:d6:8d:91:f6:d5:f7:03:c6:81:69:ef:1a:73:86:10:ee:1c:
4c:a7:f9:87:b5:70:a3:89:a1:06:cb:76:18:48:a9:4e:e9:40:
dc:2d:50:34:31:18:3f:6f:17:76:5b:a5:2d:f7:8a:96:54:92:
3b:31:83:e7:af:40:d7:1d:c7:c8:f7:7b:db:bf:35:ec:8b:5f:
10:a8:e2:e1:ef:2e:76:57:d7:72:43:4b:f3:1b:2d:0f:52:37:
5e:dc:14:42:ba:94:be:60:c6:86:a4:ef:aa:ff:72:bc:0b:49:
8a:60:84:4e:ce:2e:34:ad:1a:b4:41:de:91:9c:e6:c1:24:16:
ad:44:e3:a4:2c:df:6e:de:4c:5d:23:8f:7d:9b:c9:8c:e4:d2:
19:58:2b:96:5e:05:2b:bd:25:91:bd:cd:bc:ef:b0:2a:c9:ba:
82:d7:f4:e7:21:54:f6:74:e0:6f:fc:40:05:7c:ce:d9:ac:42:
a7:1f:3d:de
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVweXW3b2CbxbYtO9NNljHqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMDc0MzQ5NmM3ZmYzZWZmYjg3MDYwMTEzOWNhZDlkMmYy
NzFlMTAwHhcNMjMwMTAyMDMxNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzU5YTM1YWEwNTk3Mjc4N2IyZDhkZDY4ZGEzN2ZhY2EzOGFiY2RmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApQB4hjpmUTh+d58bsoMEavGXgEuF
ql9kw4vu26VGmD6GhwG6rYEM3GKM+w37DgH2zC+P4cuCGMhnaZE53gpkyKlyEKl3
Uw9RGbUxARdvRK/TjwDfyHCcEduElRDhURrM4KXpnMdjA1IBCik116g6HKsiF1ix
eaRXRtiWg4xlXMzpJsuJOC8dNSii8xDlIc8rZYyTmkKk9hodgQ/X12RIWJKs6QMS
whjWWqsIqlUcuryPxKoEqiTEcfgcD3R4V4m+gxk60a1nWshfr6uTlfhg5jeTC6S1
RH1wHSNddaDwh/v+gb8lt7NiUZ8WgeQPNpk2lTlqtnIYN/8kxsjL42K64wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLNZo1qgWXJ4ey2N1o2jf6yjirzfMB8GA1UdIwQY
MBaAFJ8HQ0lsf/Pv+4cGAROcrZ0vJx4QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbndkRFNXeF84LV83aHdZQkU1eXRuUzhuSGhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS8yMmI3YWItZmMxMS00MDdhLWJkM2Mt
NjM0MTEzNjdkOTBhLzEvczFtaldxQlpjbmg3TFkzV2phTl9yS09Ldk44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS8yMmI3YWItZmMxMS00MDdhLWJkM2MtNjM0MTEzNjdkOTBh
LzEvbndkRFNXeF84LV83aHdZQkU1eXRuUzhuSGhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnWF5MA0G
CSqGSIb3DQEBCwUAA4IBAQBeI+9PvcjGJuC/rlKONHl7j/hjKGu++WaOzXJ5Cgyv
neA7NueVaRRGMgcK9rg9GZ0HpaSzcpZZs/8HDPnLJ5DSRQZbnElmyH121o2R9tX3
A8aBae8ac4YQ7hxMp/mHtXCjiaEGy3YYSKlO6UDcLVA0MRg/bxd2W6Ut94qWVJI7
MYPnr0DXHcfI93vbvzXsi18QqOLh7y52V9dyQ0vzGy0PUjde3BRCupS+YMaGpO+q
/3K8C0mKYIROzi40rRq0Qd6RnObBJBatROOkLN9u3kxdI499m8mM5NIZWCuWXgUr
vSWRvc2877AqybqC1/TnIVT2dOBv/EAFfM7ZrEKnHz3e
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:02:24 2024 by rpki-client on console-ams.rpki-client.org