Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/9def86-b1ac-40e6-83bd-947cc54ebe02/1/dtEi6EYARAsB28gHX3g_rrUA-nA.roa
File: dtEi6EYARAsB28gHX3g_rrUA-nA.roa (raw, json)
Hash identifier: FQdfHqs3xsvWD4ntk2afygSdUJ2qTfwGQbVvsyyeD94=
Subject key identifier: 76:D1:22:E8:46:00:44:0B:01:DB:C8:07:5F:78:3F:AE:B5:00:FA:70
Certificate issuer: /CN=61b3e1cab8cbf5b3c6e0fbbe1491f48da60cae6c
Certificate serial: 018572CCBFC44AE9E86991037F9F7DB7744C
Authority key identifier: 61:B3:E1:CA:B8:CB:F5:B3:C6:E0:FB:BE:14:91:F4:8D:A6:0C:AE:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbPhyrjL9bPG4Pu-FJH0jaYMrmw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/9def86-b1ac-40e6-83bd-947cc54ebe02/1/dtEi6EYARAsB28gHX3g_rrUA-nA.roa
Signing time: Mon 02 Jan 2023 14:04:58 +0000
ROA not before: Mon 02 Jan 2023 14:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35280
IP address blocks: 159.60.128.0/18 maxlen: 24
159.60.32.0/19 maxlen: 24
159.60.64.0/19 maxlen: 24
159.60.96.0/19 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:cc:bf:c4:4a:e9:e8:69:91:03:7f:9f:7d:b7:74:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b3e1cab8cbf5b3c6e0fbbe1491f48da60cae6c
Validity
Not Before: Jan 2 14:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=76d122e84600440b01dbc8075f783faeb500fa70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:08:76:f0:fc:d8:a0:46:b5:54:6f:c3:19:03:
ab:03:41:1b:ba:a6:fa:67:0b:6c:2c:37:f3:20:39:
07:9a:ec:00:7e:60:7d:76:1d:5d:7b:20:9e:57:d0:
e4:fb:88:b2:95:2d:9d:d1:f4:17:95:71:f3:ca:d5:
17:fc:dc:e8:02:4b:3a:42:5e:00:1e:0b:af:59:4f:
03:97:29:7d:b9:25:71:45:6a:b3:dc:78:0e:0a:f8:
c1:b4:75:06:22:fa:6b:79:62:71:bb:cf:65:b2:80:
89:8c:ce:67:e5:e6:7c:4e:be:fb:73:fc:81:ae:94:
ba:cb:b4:4e:aa:2b:5d:49:94:91:1f:97:50:52:0b:
56:bb:a1:e4:f0:33:a8:0a:a8:8e:ac:d4:88:1a:57:
c8:c5:75:d9:d5:77:18:7f:fb:ac:83:0e:1b:6f:78:
63:c6:61:26:80:27:23:d8:33:32:5a:19:e2:87:fb:
38:01:38:16:60:92:60:7c:b1:b5:6d:bf:4a:1e:fc:
9e:29:77:3f:c9:e4:39:9e:57:04:92:3a:30:dd:27:
38:72:e9:3b:f1:18:5a:03:b9:8c:99:63:da:fd:62:
cf:43:c8:20:cd:43:b2:0d:0b:42:fa:07:8e:16:a2:
66:0c:e3:9c:ee:16:2d:b2:a9:1d:a5:0c:00:ca:c9:
ec:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:D1:22:E8:46:00:44:0B:01:DB:C8:07:5F:78:3F:AE:B5:00:FA:70
X509v3 Authority Key Identifier:
keyid:61:B3:E1:CA:B8:CB:F5:B3:C6:E0:FB:BE:14:91:F4:8D:A6:0C:AE:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbPhyrjL9bPG4Pu-FJH0jaYMrmw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/9def86-b1ac-40e6-83bd-947cc54ebe02/1/dtEi6EYARAsB28gHX3g_rrUA-nA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/9def86-b1ac-40e6-83bd-947cc54ebe02/1/YbPhyrjL9bPG4Pu-FJH0jaYMrmw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.60.32.0-159.60.191.255
Signature Algorithm: sha256WithRSAEncryption
75:d7:e2:a8:ab:89:9e:9e:71:1c:5b:5f:c6:04:20:81:33:56:
07:87:b0:8e:dc:03:7c:13:62:e9:b0:10:01:9a:ea:11:b5:b0:
25:e2:39:af:8f:1e:9c:fa:ec:a9:89:b9:ec:bd:76:cb:6b:5d:
4a:aa:b1:cf:71:b4:30:88:6e:6e:fd:c2:de:bc:1e:5d:8a:96:
f4:fd:b2:77:8e:6c:7d:2c:5f:61:8b:b8:6f:55:db:69:56:3c:
b9:65:83:63:ba:c8:f4:a3:b4:ed:17:d0:f3:0f:1f:10:17:64:
93:66:2c:62:cd:de:41:d0:48:2b:0e:38:ba:e9:56:c9:69:f8:
d3:52:44:57:bf:78:2e:76:31:89:0c:d1:cf:67:a3:22:b6:af:
57:45:d2:8f:52:9b:20:d2:cc:86:0e:51:d2:55:2b:ea:8e:ed:
5b:94:f8:97:f2:aa:89:7c:aa:ad:2c:b8:0b:35:09:c8:9b:f7:
9f:9e:0c:52:d6:1e:0d:a9:2f:7d:6b:5d:95:0b:ee:08:81:a6:
22:e7:da:d9:16:98:c3:d4:9a:dc:75:9c:0a:05:d2:d3:8d:a5:
b0:3e:cd:f6:d7:d6:b4:98:b4:8b:42:66:66:5d:5b:45:a4:19:
b4:9f:6d:29:33:74:1b:2c:52:74:66:67:2d:d1:63:18:09:2f:
c4:c1:58:10
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVyzL/ESunoaZEDf599t3RMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxYjNlMWNhYjhjYmY1YjNjNmUwZmJiZTE0OTFmNDhkYTYw
Y2FlNmMwHhcNMjMwMTAyMTQwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmQxMjJlODQ2MDA0NDBiMDFkYmM4MDc1Zjc4M2ZhZWI1MDBmYTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkwh28PzYoEa1VG/DGQOrA0Ebuqb6
ZwtsLDfzIDkHmuwAfmB9dh1deyCeV9Dk+4iylS2d0fQXlXHzytUX/NzoAks6Ql4A
HguvWU8Dlyl9uSVxRWqz3HgOCvjBtHUGIvpreWJxu89lsoCJjM5n5eZ8Tr77c/yB
rpS6y7ROqitdSZSRH5dQUgtWu6Hk8DOoCqiOrNSIGlfIxXXZ1XcYf/usgw4bb3hj
xmEmgCcj2DMyWhnih/s4ATgWYJJgfLG1bb9KHvyeKXc/yeQ5nlcEkjow3Sc4cuk7
8RhaA7mMmWPa/WLPQ8ggzUOyDQtC+geOFqJmDOOc7hYtsqkdpQwAysns+QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFHbRIuhGAEQLAdvIB194P661APpwMB8GA1UdIwQY
MBaAFGGz4cq4y/WzxuD7vhSR9I2mDK5sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWJQaHlyakw5YlBHNFB1LUZKSDBqYVlNcm13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi85ZGVmODYtYjFhYy00MGU2LTgzYmQt
OTQ3Y2M1NGViZTAyLzEvZHRFaTZFWUFSQXNCMjhnSFgzZ19yclVBLW5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi85ZGVmODYtYjFhYy00MGU2LTgzYmQtOTQ3Y2M1NGViZTAy
LzEvWWJQaHlyakw5YlBHNFB1LUZKSDBqYVlNcm13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAWfPCAD
BAafPIAwDQYJKoZIhvcNAQELBQADggEBAHXX4qiriZ6ecRxbX8YEIIEzVgeHsI7c
A3wTYumwEAGa6hG1sCXiOa+PHpz67KmJuey9dstrXUqqsc9xtDCIbm79wt68Hl2K
lvT9sneObH0sX2GLuG9V22lWPLllg2O6yPSjtO0X0PMPHxAXZJNmLGLN3kHQSCsO
OLrpVslp+NNSRFe/eC52MYkM0c9noyK2r1dF0o9SmyDSzIYOUdJVK+qO7VuU+Jfy
qol8qq0suAs1Ccib95+eDFLWHg2pL31rXZUL7giBpiLn2tkWmMPUmtx1nAoF0tON
pbA+zfbX1rSYtItCZmZdW0WkGbSfbSkzdBssUnRmZy3RYxgJL8TBWBA=
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:24:03 2024 by rpki-client on console-fra.rpki-client.org