Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/7a2a99-146c-4781-a302-eb7aaa6828be/1/1-O9ZmZiBhV7OAu3ZhRR555SFNKQ.roa
File: 1-O9ZmZiBhV7OAu3ZhRR555SFNKQ.roa (raw, json)
Hash identifier: moPQpyFP16uxF6qwI4EFrHW4kcyazkzjwjBsdsWEexI=
Subject key identifier: F8:EF:59:99:98:81:85:5E:CE:02:ED:D9:85:14:79:E7:94:85:34:A4
Certificate issuer: /CN=4dd954d3c77c9c4e37eebf753d86f3dcf091d4a9
Certificate serial: 01856CE60EB8AEF0DA1C72B48FF16167658B
Authority key identifier: 4D:D9:54:D3:C7:7C:9C:4E:37:EE:BF:75:3D:86:F3:DC:F0:91:D4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TdlU08d8nE437r91PYbz3PCR1Kk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/7a2a99-146c-4781-a302-eb7aaa6828be/1/1-O9ZmZiBhV7OAu3ZhRR555SFNKQ.roa
Signing time: Sun 01 Jan 2023 10:34:54 +0000
ROA not before: Sun 01 Jan 2023 10:34:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58507
IP address blocks: 159.197.192.0/19 maxlen: 24
161.8.192.0/18 maxlen: 24
161.8.0.0/18 maxlen: 24
159.197.128.0/18 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:30:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:e6:0e:b8:ae:f0:da:1c:72:b4:8f:f1:61:67:65:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4dd954d3c77c9c4e37eebf753d86f3dcf091d4a9
Validity
Not Before: Jan 1 10:34:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f8ef59999881855ece02edd9851479e7948534a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:4e:84:f3:a6:e7:c3:fe:86:25:42:48:6e:4d:
f4:e7:75:3d:b6:b1:f0:2b:35:49:96:82:34:26:7c:
3c:ee:b2:79:f6:83:3c:07:5d:13:19:36:1c:be:96:
37:3b:8c:8c:fc:6a:93:c6:f1:48:33:95:5e:9e:47:
ce:74:c5:9a:00:cc:21:e3:d9:91:30:5a:ce:e2:f4:
de:3c:4d:c4:80:4a:35:67:65:e0:db:8c:8c:58:14:
32:1c:f7:e8:0b:a3:64:c1:6b:16:33:fe:75:b9:50:
22:df:0f:87:75:44:e6:1c:52:1d:da:1a:a0:f8:ad:
80:b4:54:84:95:60:dd:1f:9c:64:b5:11:5d:e3:5b:
b4:e3:9b:6c:ea:0a:31:9d:89:9e:88:39:6d:45:1a:
82:73:79:68:98:9f:e8:f7:60:92:e1:e1:b1:3e:a9:
fb:1e:ea:fa:10:15:a0:1c:a5:b6:b7:a4:b6:49:51:
02:2b:5f:63:c2:3d:a8:fd:be:23:a5:80:5e:83:84:
d5:e8:de:62:5e:af:79:64:f7:92:7d:8c:47:df:b0:
11:b6:b9:55:73:41:ea:2b:c6:d8:b3:75:c6:6a:a3:
92:e7:2e:44:1f:23:3e:28:14:9b:fc:96:ad:87:9c:
cd:6c:ea:3e:0e:f5:75:43:79:70:67:d5:96:b8:10:
78:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:EF:59:99:98:81:85:5E:CE:02:ED:D9:85:14:79:E7:94:85:34:A4
X509v3 Authority Key Identifier:
keyid:4D:D9:54:D3:C7:7C:9C:4E:37:EE:BF:75:3D:86:F3:DC:F0:91:D4:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TdlU08d8nE437r91PYbz3PCR1Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/7a2a99-146c-4781-a302-eb7aaa6828be/1/1-O9ZmZiBhV7OAu3ZhRR555SFNKQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/7a2a99-146c-4781-a302-eb7aaa6828be/1/TdlU08d8nE437r91PYbz3PCR1Kk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.197.128.0-159.197.223.255
161.8.0.0/18
161.8.192.0/18
Signature Algorithm: sha256WithRSAEncryption
39:2a:c3:32:bd:04:f9:ec:e0:83:85:df:71:ef:3b:50:75:45:
f4:7b:eb:53:f1:fa:9d:18:d4:ae:03:17:67:41:c8:46:19:d4:
da:ce:5d:1a:19:72:86:97:8f:66:e3:5c:4f:f7:f2:8a:7c:9d:
54:76:1b:26:b4:2a:91:51:6e:1b:07:58:b4:2f:07:72:ed:6b:
d0:67:69:8f:8f:c5:8e:52:e7:c0:10:ed:8a:07:5b:d6:33:09:
8e:0e:35:d3:0c:72:8c:06:de:91:cb:63:f8:2a:30:6a:ad:f7:
b7:d0:60:6e:10:34:21:08:01:c0:65:76:7a:ac:28:89:e0:c5:
ec:b2:5a:ac:fc:bc:f7:b2:88:da:9d:91:7e:90:f9:d1:38:42:
bd:23:c1:76:9d:ad:f7:86:29:11:bf:d5:00:b2:52:5b:ee:88:
16:fb:37:91:98:12:27:7c:c4:e9:b7:9d:3a:48:37:a0:a6:84:
b5:d0:24:de:ce:0d:95:34:2f:9a:99:27:d6:b4:3e:aa:68:21:
d1:f8:5c:8b:71:75:17:7f:ca:47:b7:b1:21:12:3e:79:2b:30:
88:75:16:fc:6e:a7:1a:2e:b1:ca:28:db:2a:e0:85:27:02:29:
9c:c3:4d:5e:4c:2c:11:32:74:bd:66:e2:74:c4:eb:3c:9b:66:
7c:d3:98:14
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVs5g64rvDaHHK0j/FhZ2WLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkZDk1NGQzYzc3YzljNGUzN2VlYmY3NTNkODZmM2RjZjA5
MWQ0YTkwHhcNMjMwMTAxMTAzNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGVmNTk5OTk4ODE4NTVlY2UwMmVkZDk4NTE0NzllNzk0ODUzNGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy06E86bnw/6GJUJIbk3053U9trHw
KzVJloI0Jnw87rJ59oM8B10TGTYcvpY3O4yM/GqTxvFIM5VenkfOdMWaAMwh49mR
MFrO4vTePE3EgEo1Z2Xg24yMWBQyHPfoC6NkwWsWM/51uVAi3w+HdUTmHFId2hqg
+K2AtFSElWDdH5xktRFd41u045ts6goxnYmeiDltRRqCc3lomJ/o92CS4eGxPqn7
Hur6EBWgHKW2t6S2SVECK19jwj2o/b4jpYBeg4TV6N5iXq95ZPeSfYxH37ARtrlV
c0HqK8bYs3XGaqOS5y5EHyM+KBSb/Jath5zNbOo+DvV1Q3lwZ9WWuBB4HwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFPjvWZmYgYVezgLt2YUUeeeUhTSkMB8GA1UdIwQY
MBaAFE3ZVNPHfJxON+6/dT2G89zwkdSpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGRsVTA4ZDhuRTQzN3I5MVBZYnozUENSMUtrLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC83YTJhOTktMTQ2Yy00NzgxLWEzMDIt
ZWI3YWFhNjgyOGJlLzEvMS1POVptWmlCaFY3T0F1M1poUlI1NTVTRk5LUS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNWQvN2EyYTk5LTE0NmMtNDc4MS1hMzAyLWViN2FhYTY4Mjhi
ZS8xL1RkbFUwOGQ4bkU0MzdyOTFQWWJ6M1BDUjFLay5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAzBggrBgEFBQcBBwEB/wQkMCIwIAQCAAEwGjAMAwQHn8WA
AwQFn8XAAwQGoQgAAwQGoQjAMA0GCSqGSIb3DQEBCwUAA4IBAQA5KsMyvQT57OCD
hd9x7ztQdUX0e+tT8fqdGNSuAxdnQchGGdTazl0aGXKGl49m41xP9/KKfJ1Udhsm
tCqRUW4bB1i0Lwdy7WvQZ2mPj8WOUufAEO2KB1vWMwmODjXTDHKMBt6Ry2P4KjBq
rfe30GBuEDQhCAHAZXZ6rCiJ4MXsslqs/Lz3sojanZF+kPnROEK9I8F2na33hikR
v9UAslJb7ogW+zeRmBInfMTpt506SDegpoS10CTezg2VNC+amSfWtD6qaCHR+FyL
cXUXf8pHt7EhEj55KzCIdRb8bqcaLrHKKNsq4IUnAimcw01eTCwRMnS9ZuJ0xOs8
m2Z805gU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:23 2024 by rpki-client on console-fra.rpki-client.org