Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/d19c2d-38c3-4526-a7cf-1d666c422c6a/1/aWj0s4WzScQM5NV9yrjhK3mPv44.roa
File: aWj0s4WzScQM5NV9yrjhK3mPv44.roa (raw, json)
Hash identifier: swxE7npznOjmJZMosTPd0oyhVAfX5lR/vOFESSMSp/E=
Subject key identifier: 69:68:F4:B3:85:B3:49:C4:0C:E4:D5:7D:CA:B8:E1:2B:79:8F:BF:8E
Certificate issuer: /CN=e41a8c42ece89b5fbfc210dc7b554c72ea4f3544
Certificate serial: 01856E2F8848D932695F2E3AE5223FD5ABFF
Authority key identifier: E4:1A:8C:42:EC:E8:9B:5F:BF:C2:10:DC:7B:55:4C:72:EA:4F:35:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5BqMQuzom1-_whDce1VMcupPNUQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/d19c2d-38c3-4526-a7cf-1d666c422c6a/1/aWj0s4WzScQM5NV9yrjhK3mPv44.roa
Signing time: Sun 01 Jan 2023 16:34:46 +0000
ROA not before: Sun 01 Jan 2023 16:34:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57119
IP address blocks: 149.62.152.0/21 maxlen: 21
149.62.154.0/24 maxlen: 24
185.64.148.0/22 maxlen: 22
185.64.148.0/23 maxlen: 23
185.64.151.0/24 maxlen: 24
185.64.150.0/24 maxlen: 24
2a02:7680::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:2f:88:48:d9:32:69:5f:2e:3a:e5:22:3f:d5:ab:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e41a8c42ece89b5fbfc210dc7b554c72ea4f3544
Validity
Not Before: Jan 1 16:34:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6968f4b385b349c40ce4d57dcab8e12b798fbf8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:13:da:44:6d:5e:fc:aa:8c:dd:8c:cc:2e:5f:
8d:12:4e:20:d5:5f:f6:25:30:7b:43:0a:64:54:40:
1d:60:75:98:c6:f3:e2:6e:51:cc:7e:e3:55:35:1f:
3f:40:2d:90:14:d9:54:ae:5a:cb:3e:2a:78:a7:39:
f0:c9:06:dc:db:43:c7:9b:64:70:4f:e2:76:78:b8:
fb:6f:76:0c:53:b8:bd:71:ee:bc:57:a7:e4:4c:12:
81:77:05:d8:e5:09:58:9e:6e:92:9b:a5:7d:2b:77:
15:31:37:51:c3:f8:cb:4f:d4:52:31:fb:c6:d3:f6:
b2:58:b3:93:b3:07:fc:c0:b3:12:84:f6:f3:be:c1:
66:e7:8e:af:e7:9d:0c:5e:5a:53:97:cb:86:50:b0:
48:51:41:4c:28:45:4d:15:4d:42:b4:ee:63:ef:01:
75:d6:78:1c:a4:7d:2b:fc:73:df:94:46:8d:c9:e1:
88:73:bd:ac:de:b0:2e:15:19:c4:01:97:ed:c1:d9:
6e:b7:20:76:41:96:70:7d:e7:8f:1b:22:cd:1e:47:
9c:d1:c0:b7:60:ed:27:02:0f:78:7a:13:cb:8b:bd:
c8:90:b5:8a:33:34:37:e2:33:02:b4:2d:27:dd:0f:
f5:d5:90:48:84:f5:4f:9f:d6:ae:98:44:3f:07:74:
69:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:68:F4:B3:85:B3:49:C4:0C:E4:D5:7D:CA:B8:E1:2B:79:8F:BF:8E
X509v3 Authority Key Identifier:
keyid:E4:1A:8C:42:EC:E8:9B:5F:BF:C2:10:DC:7B:55:4C:72:EA:4F:35:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5BqMQuzom1-_whDce1VMcupPNUQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/d19c2d-38c3-4526-a7cf-1d666c422c6a/1/aWj0s4WzScQM5NV9yrjhK3mPv44.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/d19c2d-38c3-4526-a7cf-1d666c422c6a/1/5BqMQuzom1-_whDce1VMcupPNUQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.62.152.0/21
185.64.148.0/22
IPv6:
2a02:7680::/32
Signature Algorithm: sha256WithRSAEncryption
42:de:aa:76:3c:bd:7f:2a:26:82:0b:dc:47:eb:c1:86:9e:ae:
3c:53:43:87:01:cb:bc:91:21:93:d3:53:09:90:8d:10:5b:74:
46:6a:3c:73:c1:5e:a4:a6:7f:6a:1c:cb:2f:59:3d:c5:ee:31:
21:a9:3f:d7:10:ab:91:87:7c:33:cc:43:c8:8c:63:54:6b:b6:
c8:78:e3:f4:17:92:0d:5f:86:cd:cd:ff:79:8b:48:9b:bd:62:
c8:b6:b6:d1:a2:fb:7c:e0:65:b9:a6:28:9a:d5:3e:47:40:b2:
1c:6a:2e:69:ae:4c:62:74:ea:f3:5a:c4:44:7c:ef:04:93:4c:
c2:1f:fe:cd:1c:dd:a9:a1:b0:30:2a:b5:c0:31:1c:46:d7:35:
36:18:d1:b5:db:e5:67:5e:fd:c2:19:76:ec:10:5f:f3:af:25:
9b:d7:e7:95:07:64:85:9f:8b:e8:17:0d:d1:25:c1:c1:7c:3e:
65:7e:9a:5e:e1:4f:af:a7:00:0b:57:7d:dd:96:50:c9:9c:af:
5c:a8:64:ff:49:d1:e2:86:ab:62:f9:6c:89:75:d6:1f:51:8b:
e0:d5:1b:13:99:4e:74:fa:3c:70:0a:42:39:eb:89:11:44:f6:
fa:ed:76:04:20:b6:d6:5e:6e:2d:5c:20:29:5c:b8:38:7f:2a:
0e:e6:4e:56
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVuL4hI2TJpXy465SI/1av/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0MWE4YzQyZWNlODliNWZiZmMyMTBkYzdiNTU0YzcyZWE0
ZjM1NDQwHhcNMjMwMTAxMTYzNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTY4ZjRiMzg1YjM0OWM0MGNlNGQ1N2RjYWI4ZTEyYjc5OGZiZjhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiBPaRG1e/KqM3YzMLl+NEk4g1V/2
JTB7QwpkVEAdYHWYxvPiblHMfuNVNR8/QC2QFNlUrlrLPip4pznwyQbc20PHm2Rw
T+J2eLj7b3YMU7i9ce68V6fkTBKBdwXY5QlYnm6Sm6V9K3cVMTdRw/jLT9RSMfvG
0/ayWLOTswf8wLMShPbzvsFm546v550MXlpTl8uGULBIUUFMKEVNFU1CtO5j7wF1
1ngcpH0r/HPflEaNyeGIc72s3rAuFRnEAZftwdlutyB2QZZwfeePGyLNHkec0cC3
YO0nAg94ehPLi73IkLWKMzQ34jMCtC0n3Q/11ZBIhPVPn9aumEQ/B3Rp3QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGlo9LOFs0nEDOTVfcq44St5j7+OMB8GA1UdIwQY
MBaAFOQajELs6Jtfv8IQ3HtVTHLqTzVEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUJxTVF1em9tMS1fd2hEY2UxVk1jdXBQTlVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9kMTljMmQtMzhjMy00NTI2LWE3Y2Yt
MWQ2NjZjNDIyYzZhLzEvYVdqMHM0V3pTY1FNNU5WOXlyamhLM21QdjQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9kMTljMmQtMzhjMy00NTI2LWE3Y2YtMWQ2NjZjNDIyYzZh
LzEvNUJxTVF1em9tMS1fd2hEY2UxVk1jdXBQTlVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDlT6YAwQC
uUCUMA0EAgACMAcDBQAqAnaAMA0GCSqGSIb3DQEBCwUAA4IBAQBC3qp2PL1/KiaC
C9xH68GGnq48U0OHAcu8kSGT01MJkI0QW3RGajxzwV6kpn9qHMsvWT3F7jEhqT/X
EKuRh3wzzEPIjGNUa7bIeOP0F5INX4bNzf95i0ibvWLItrbRovt84GW5piia1T5H
QLIcai5prkxidOrzWsREfO8Ek0zCH/7NHN2pobAwKrXAMRxG1zU2GNG12+VnXv3C
GXbsEF/zryWb1+eVB2SFn4voFw3RJcHBfD5lfppe4U+vpwALV33dllDJnK9cqGT/
SdHihqti+WyJddYfUYvg1RsTmU50+jxwCkI564kRRPb67XYEILbWXm4tXCApXLg4
fyoO5k5W
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:06 2024 by rpki-client on console-ams.rpki-client.org