Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/0o3lW7ligqFcAVxxliEpwMxw76s.roa
File: 0o3lW7ligqFcAVxxliEpwMxw76s.roa (raw, json)
Hash identifier: hbvdguwuhjhtM9/X2xKt6uIBC0I4QNyyaw5mWBQrF5Q=
Subject key identifier: D2:8D:E5:5B:B9:62:82:A1:5C:01:5C:71:96:21:29:C0:CC:70:EF:AB
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 018CC72757C53BDAFAEF04F3B4C2C142C0C1
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/0o3lW7ligqFcAVxxliEpwMxw76s.roa
Signing time: Mon 01 Jan 2024 22:31:33 +0000
ROA not before: Mon 01 Jan 2024 22:31:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21859
IP address blocks: 146.19.93.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 08 Jan 2024 17:57:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:57:c5:3b:da:fa:ef:04:f3:b4:c2:c1:42:c0:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Jan 1 22:31:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d28de55bb96282a15c015c71962129c0cc70efab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:55:b9:fb:99:d8:ab:98:fb:2b:84:00:01:95:
b0:2b:f9:6e:25:56:79:04:69:1c:27:cf:74:41:33:
de:8a:ea:95:a4:b0:3e:0d:d0:44:09:9e:d6:d0:c2:
99:b3:1c:f5:8c:05:c1:5b:d1:d6:7d:ac:34:bd:65:
88:d7:a5:4d:64:f8:16:6f:96:fd:fa:14:76:9f:67:
5c:3a:97:1b:7b:94:04:65:1a:ba:65:88:6e:8c:8b:
e0:b6:de:be:94:f0:f8:b5:b2:61:cd:f3:6e:4b:b8:
0f:1b:51:4e:e6:97:29:98:88:fc:6f:e8:c7:74:52:
fc:f4:7b:db:6a:0f:7e:ee:12:27:bf:ab:0c:03:00:
a8:c0:bd:63:52:bc:23:f6:4a:de:2a:d6:3a:68:ff:
9d:d3:24:94:3d:be:f6:d5:8c:34:b1:dc:d4:e6:be:
54:ca:29:a6:12:0e:6d:eb:89:c3:9e:3b:ec:09:cb:
85:a5:8b:c2:f8:76:62:2a:17:d3:ed:b3:6b:eb:02:
a7:b7:3c:aa:07:97:04:fe:fe:68:ea:70:63:7c:8b:
19:00:80:f7:aa:84:bd:a7:6f:51:d0:a6:05:51:fc:
68:77:cf:97:5c:05:27:5b:65:31:6d:d5:7b:89:37:
63:cc:ca:42:00:b5:b9:13:ba:ff:3e:14:60:98:a6:
c9:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:8D:E5:5B:B9:62:82:A1:5C:01:5C:71:96:21:29:C0:CC:70:EF:AB
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/0o3lW7ligqFcAVxxliEpwMxw76s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.93.0/24
Signature Algorithm: sha256WithRSAEncryption
37:37:c5:08:6a:6c:62:40:aa:8d:68:43:ae:a2:93:48:7e:2e:
12:8c:a4:f7:39:69:4a:90:fd:22:ef:44:b0:06:30:95:56:15:
79:d7:66:c8:dc:e2:cd:fd:39:c1:99:ab:21:bf:12:07:c5:9c:
e6:fa:56:f8:5a:f5:86:18:fb:d8:4b:75:bc:54:3b:73:3c:14:
bc:72:d8:e5:27:56:b1:a0:10:77:0f:f7:bb:3a:d5:98:7a:d7:
ae:4b:8d:87:d3:fe:28:df:9b:e4:60:8a:c4:d8:7c:25:2c:4e:
c6:14:b9:3e:bc:23:67:49:50:d5:80:d3:6c:10:12:d4:bb:a7:
af:4d:02:64:26:51:91:03:41:1d:e7:c7:bc:31:48:2c:57:80:
4f:fc:af:d3:84:f0:3c:21:79:b1:b5:d1:01:11:ca:17:da:dc:
53:c3:b6:f6:4d:8c:f9:04:05:47:d5:22:99:96:21:48:68:43:
00:74:69:a5:6b:06:46:ab:a0:96:d4:0f:5f:e7:25:41:e8:c9:
78:04:84:20:ae:26:fd:de:da:5e:06:31:89:c4:5d:a5:7a:a9:
fe:da:a8:22:e0:eb:1a:85:62:de:a2:9d:8b:29:ee:d2:5f:3f:
00:06:57:60:c7:21:56:ec:02:40:95:07:00:dc:5c:10:fa:e4:
2d:e5:a2:43
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHJ1fFO9r67wTztMLBQsDBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjQwMTAxMjIzMTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjhkZTU1YmI5NjI4MmExNWMwMTVjNzE5NjIxMjljMGNjNzBlZmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAglW5+5nYq5j7K4QAAZWwK/luJVZ5
BGkcJ890QTPeiuqVpLA+DdBECZ7W0MKZsxz1jAXBW9HWfaw0vWWI16VNZPgWb5b9
+hR2n2dcOpcbe5QEZRq6ZYhujIvgtt6+lPD4tbJhzfNuS7gPG1FO5pcpmIj8b+jH
dFL89Hvbag9+7hInv6sMAwCowL1jUrwj9kreKtY6aP+d0ySUPb721Yw0sdzU5r5U
yimmEg5t64nDnjvsCcuFpYvC+HZiKhfT7bNr6wKntzyqB5cE/v5o6nBjfIsZAID3
qoS9p29R0KYFUfxod8+XXAUnW2UxbdV7iTdjzMpCALW5E7r/PhRgmKbJjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNKN5Vu5YoKhXAFccZYhKcDMcO+rMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvMG8zbFc3bGlncUZjQVZ4eGxpRXB3TXh3NzZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkhNdMA0G
CSqGSIb3DQEBCwUAA4IBAQA3N8UIamxiQKqNaEOuopNIfi4SjKT3OWlKkP0i70Sw
BjCVVhV512bI3OLN/TnBmashvxIHxZzm+lb4WvWGGPvYS3W8VDtzPBS8ctjlJ1ax
oBB3D/e7OtWYeteuS42H0/4o35vkYIrE2HwlLE7GFLk+vCNnSVDVgNNsEBLUu6ev
TQJkJlGRA0Ed58e8MUgsV4BP/K/ThPA8IXmxtdEBEcoX2txTw7b2TYz5BAVH1SKZ
liFIaEMAdGmlawZGq6CW1A9f5yVB6Ml4BIQgrib93tpeBjGJxF2leqn+2qgi4Osa
hWLeop2LKe7SXz8ABldgxyFW7AJAlQcA3FwQ+uQt5aJD
-----END CERTIFICATE-----
Generated at Mon Jan 8 20:35:25 2024 by rpki-client on console-ams.rpki-client.org