Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/a166a7-7d07-409a-aed0-639315dca580/1/2afSjcUQJofmsOBjphxvK6-qpKs.roa
File: 2afSjcUQJofmsOBjphxvK6-qpKs.roa (raw, json)
Hash identifier: gih7MZHHWcmdvf2uMCV5IYVjWkQMOWkNQMbJHay7HbQ=
Subject key identifier: D9:A7:D2:8D:C5:10:26:87:E6:B0:E0:63:A6:1C:6F:2B:AF:AA:A4:AB
Certificate issuer: /CN=26bab8c6915851f4efd40274f742509b7ac7e22e
Certificate serial: 01856DC1E0BF9B93E23D103B439DDC74CDFD
Authority key identifier: 26:BA:B8:C6:91:58:51:F4:EF:D4:02:74:F7:42:50:9B:7A:C7:E2:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Jrq4xpFYUfTv1AJ090JQm3rH4i4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/a166a7-7d07-409a-aed0-639315dca580/1/2afSjcUQJofmsOBjphxvK6-qpKs.roa
Signing time: Sun 01 Jan 2023 14:35:00 +0000
ROA not before: Sun 01 Jan 2023 14:35:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1213
IP address blocks: 157.190.0.0/16 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:c1:e0:bf:9b:93:e2:3d:10:3b:43:9d:dc:74:cd:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=26bab8c6915851f4efd40274f742509b7ac7e22e
Validity
Not Before: Jan 1 14:35:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d9a7d28dc5102687e6b0e063a61c6f2bafaaa4ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:6e:c1:7a:a3:bd:bd:03:97:f7:93:32:9e:6e:
8c:28:b8:21:3f:4a:fc:99:2d:0c:c3:86:b2:38:9e:
8a:7f:d8:1c:6e:af:6d:86:5f:61:c8:98:95:92:7c:
ab:cb:ef:85:f5:41:56:fc:89:f0:81:79:c2:05:86:
11:38:7d:4b:2d:32:29:16:85:d3:70:f2:68:36:f4:
a9:71:b3:35:d7:5c:ea:27:42:fd:d0:86:f8:78:06:
01:3d:6b:50:24:b7:44:74:0d:48:6d:6f:ba:da:3d:
12:4b:49:84:f8:fa:97:36:06:ff:f6:89:42:2b:ae:
ab:dc:c2:3a:d9:70:3f:65:ff:19:d6:95:fc:9a:17:
7c:bd:5b:04:8f:7a:9f:4a:5c:db:56:c6:88:b4:f0:
f0:05:8c:26:88:76:a7:fe:fc:ef:e1:b0:4a:20:db:
22:a0:bf:5d:52:79:8f:20:aa:36:cd:17:3d:58:97:
d7:ae:2a:a3:62:e4:90:26:20:8e:d6:4b:b3:38:1e:
5f:0f:2c:21:df:d9:9b:dd:db:e1:25:51:3b:cf:df:
f7:09:f9:26:0b:e9:4f:a1:04:be:61:7c:9c:6b:fa:
06:22:41:e5:e6:20:3f:f7:c6:12:e8:37:73:3c:9c:
b9:2f:7f:7d:b1:ab:f2:8b:1a:a0:90:e3:12:87:5b:
57:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:A7:D2:8D:C5:10:26:87:E6:B0:E0:63:A6:1C:6F:2B:AF:AA:A4:AB
X509v3 Authority Key Identifier:
keyid:26:BA:B8:C6:91:58:51:F4:EF:D4:02:74:F7:42:50:9B:7A:C7:E2:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Jrq4xpFYUfTv1AJ090JQm3rH4i4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/a166a7-7d07-409a-aed0-639315dca580/1/2afSjcUQJofmsOBjphxvK6-qpKs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/a166a7-7d07-409a-aed0-639315dca580/1/Jrq4xpFYUfTv1AJ090JQm3rH4i4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.190.0.0/16
Signature Algorithm: sha256WithRSAEncryption
22:ee:99:40:2f:7e:7f:77:13:1d:a2:41:64:71:c5:65:12:80:
b9:75:7e:68:ad:2d:d8:7c:43:39:39:23:29:c0:97:a1:9f:90:
de:f9:f5:48:e4:0c:83:6a:be:0a:c5:f3:7a:d2:b6:e5:81:a8:
8b:40:e0:b1:df:5b:51:15:de:bb:6d:80:15:81:14:6a:1b:ec:
7b:e4:b9:36:41:7a:6e:4b:34:d7:8e:02:9c:c8:7a:e3:ad:46:
bc:0a:c9:e9:88:9e:c3:47:43:d2:9e:d9:c2:b7:e6:11:7b:67:
8e:84:dd:0e:ef:39:5b:64:de:0e:3c:6b:b9:50:b1:10:09:1f:
d2:ec:50:cb:2c:d3:fc:45:ff:56:e9:a7:9c:92:6e:24:11:1d:
16:6b:40:b2:b9:27:ff:d2:72:89:d9:ec:6a:e1:32:bb:97:1e:
be:e6:09:b7:b8:4b:d6:60:0e:99:28:59:11:98:50:9c:f2:d3:
0a:15:2f:d1:be:9a:46:a3:ed:92:6d:50:e0:8b:30:85:0b:42:
e8:fd:14:07:e0:bc:0f:30:b9:e7:9f:c3:3f:62:d0:98:0e:72:
87:56:d2:50:ee:10:90:11:d9:45:bd:e3:8d:e4:c9:2f:f5:be:
df:73:b8:ab:8e:4d:7b:58:80:41:e7:c5:93:43:55:77:8b:2f:
b5:57:50:b7
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYVtweC/m5PiPRA7Q53cdM39MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2YmFiOGM2OTE1ODUxZjRlZmQ0MDI3NGY3NDI1MDliN2Fj
N2UyMmUwHhcNMjMwMTAxMTQzNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWE3ZDI4ZGM1MTAyNjg3ZTZiMGUwNjNhNjFjNmYyYmFmYWFhNGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhm7BeqO9vQOX95Mynm6MKLghP0r8
mS0Mw4ayOJ6Kf9gcbq9thl9hyJiVknyry++F9UFW/InwgXnCBYYROH1LLTIpFoXT
cPJoNvSpcbM111zqJ0L90Ib4eAYBPWtQJLdEdA1IbW+62j0SS0mE+PqXNgb/9olC
K66r3MI62XA/Zf8Z1pX8mhd8vVsEj3qfSlzbVsaItPDwBYwmiHan/vzv4bBKINsi
oL9dUnmPIKo2zRc9WJfXriqjYuSQJiCO1kuzOB5fDywh39mb3dvhJVE7z9/3Cfkm
C+lPoQS+YXyca/oGIkHl5iA/98YS6DdzPJy5L399savyixqgkOMSh1tXsQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFNmn0o3FECaH5rDgY6YcbyuvqqSrMB8GA1UdIwQY
MBaAFCa6uMaRWFH079QCdPdCUJt6x+IuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnJxNHhwRllVZlR2MUFKMDkwSlFtM3JINGk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9hMTY2YTctN2QwNy00MDlhLWFlZDAt
NjM5MzE1ZGNhNTgwLzEvMmFmU2pjVVFKb2Ztc09CanBoeHZLNi1xcEtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9hMTY2YTctN2QwNy00MDlhLWFlZDAtNjM5MzE1ZGNhNTgw
LzEvSnJxNHhwRllVZlR2MUFKMDkwSlFtM3JINGk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAnb4wDQYJ
KoZIhvcNAQELBQADggEBACLumUAvfn93Ex2iQWRxxWUSgLl1fmitLdh8Qzk5IynA
l6GfkN759UjkDINqvgrF83rStuWBqItA4LHfW1EV3rttgBWBFGob7HvkuTZBem5L
NNeOApzIeuOtRrwKyemInsNHQ9Ke2cK35hF7Z46E3Q7vOVtk3g48a7lQsRAJH9Ls
UMss0/xF/1bpp5ySbiQRHRZrQLK5J//SconZ7GrhMruXHr7mCbe4S9ZgDpkoWRGY
UJzy0woVL9G+mkaj7ZJtUOCLMIULQuj9FAfgvA8wueefwz9i0JgOcodW0lDuEJAR
2UW9443kyS/1vt9zuKuOTXtYgEHnxZNDVXeLL7VXULc=
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:34:51 2024 by rpki-client on console-ams.rpki-client.org