Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/7a2a99-146c-4781-a302-eb7aaa6828be/1/_hxwwDtlHryUowtYVxe2W3yPKXs.roa
File: _hxwwDtlHryUowtYVxe2W3yPKXs.roa (raw, json)
Hash identifier: JyfeW9HLcyAiqtWzEMgeSw+Hw0hUrLJ6HDg7RbrglnI=
Subject key identifier: FE:1C:70:C0:3B:65:1E:BC:94:A3:0B:58:57:17:B6:5B:7C:8F:29:7B
Certificate issuer: /CN=4dd954d3c77c9c4e37eebf753d86f3dcf091d4a9
Certificate serial: 018B96C3CD51350AFA2D54049DC1B1EF2519
Authority key identifier: 4D:D9:54:D3:C7:7C:9C:4E:37:EE:BF:75:3D:86:F3:DC:F0:91:D4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TdlU08d8nE437r91PYbz3PCR1Kk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/7a2a99-146c-4781-a302-eb7aaa6828be/1/_hxwwDtlHryUowtYVxe2W3yPKXs.roa
Signing time: Fri 03 Nov 2023 19:58:16 +0000
ROA not before: Fri 03 Nov 2023 19:58:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 161.8.149.0/24 maxlen: 24
161.8.148.0/23 maxlen: 23
161.8.148.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 03 Nov 2023 21:22:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:96:c3:cd:51:35:0a:fa:2d:54:04:9d:c1:b1:ef:25:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4dd954d3c77c9c4e37eebf753d86f3dcf091d4a9
Validity
Not Before: Nov 3 19:58:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fe1c70c03b651ebc94a30b585717b65b7c8f297b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:9a:ee:6e:3f:b2:a8:7b:33:8b:b4:16:8e:38:
8c:18:cb:b2:4f:02:fd:39:be:f0:90:e0:65:2e:ac:
9e:db:a1:06:fb:34:af:bb:0f:39:16:29:98:26:08:
fb:57:a4:79:db:c5:b4:4d:41:98:b6:40:d2:73:55:
4e:d7:69:b7:59:db:1d:c6:fb:47:12:9b:78:5f:ed:
a4:5c:27:9d:b0:30:9f:8e:db:b2:7e:20:00:a2:8d:
79:62:10:03:b9:fe:28:13:fa:b4:e2:b5:00:ec:5b:
1a:ad:46:68:d6:78:12:2a:5c:30:4e:72:14:b9:58:
6d:dc:1c:1a:b0:27:51:1a:9a:b9:cb:24:96:42:2f:
76:f6:7b:56:ae:1b:fb:b2:3f:80:f3:b1:47:43:94:
ea:d1:b6:6f:3e:dd:f3:6e:3f:d2:82:4f:d5:b0:0c:
09:49:6d:36:94:46:d3:70:36:aa:ee:c0:d8:e7:52:
f9:ac:30:c9:16:04:04:27:35:f1:a5:c0:26:67:3f:
73:3b:e7:8d:5f:ac:83:e4:f2:57:c4:ff:48:c4:ed:
17:ed:ed:bb:25:96:77:d2:a1:97:12:dd:b2:03:8d:
17:21:f1:98:61:94:9d:8f:fe:d4:95:da:a2:dc:05:
e8:db:02:9b:15:2d:c3:21:6a:98:b3:b7:f4:f0:28:
1f:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:1C:70:C0:3B:65:1E:BC:94:A3:0B:58:57:17:B6:5B:7C:8F:29:7B
X509v3 Authority Key Identifier:
keyid:4D:D9:54:D3:C7:7C:9C:4E:37:EE:BF:75:3D:86:F3:DC:F0:91:D4:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TdlU08d8nE437r91PYbz3PCR1Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/7a2a99-146c-4781-a302-eb7aaa6828be/1/_hxwwDtlHryUowtYVxe2W3yPKXs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/7a2a99-146c-4781-a302-eb7aaa6828be/1/TdlU08d8nE437r91PYbz3PCR1Kk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
161.8.148.0/23
Signature Algorithm: sha256WithRSAEncryption
b5:0c:11:78:cd:6d:55:bc:81:5b:48:65:fb:c5:45:f9:f3:73:
14:23:8c:ed:84:70:6d:ea:82:61:2a:8e:35:48:0e:4e:89:f9:
97:1c:48:63:3d:85:29:86:b3:e8:77:c8:c0:e3:10:3f:1c:4d:
d7:d6:37:cc:ab:6a:c1:75:a7:bf:3d:e2:8f:f8:83:0e:16:24:
00:3e:79:2b:ab:c0:dc:50:36:c4:b2:88:d4:35:5c:65:9d:c8:
5d:d1:60:71:12:c9:01:24:89:17:90:a3:fd:9b:a6:b9:96:14:
56:44:1e:fb:95:90:5c:60:bc:0f:f2:8e:9b:39:88:2b:7c:16:
9a:11:54:32:95:e9:ea:c5:60:49:4f:2b:96:7d:b6:01:64:c1:
99:9e:c4:8e:f8:7a:54:cd:30:be:f9:34:d3:d0:10:3d:11:c2:
5f:d1:29:30:50:6c:f4:0a:70:38:91:0a:91:e9:e1:7e:d6:d7:
be:40:8b:06:61:eb:fe:79:ca:08:6a:ff:86:0c:44:98:76:8a:
2e:fd:89:1b:65:27:08:d1:3c:66:17:77:c1:b0:58:ee:47:96:
02:b8:47:f1:97:a8:a7:5a:ce:c3:71:9d:61:51:68:f8:6f:13:
2f:12:e2:85:41:99:bf:82:e3:bc:a9:4c:ca:f9:06:3f:7b:be:
11:36:26:2d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYuWw81RNQr6LVQEncGx7yUZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkZDk1NGQzYzc3YzljNGUzN2VlYmY3NTNkODZmM2RjZjA5
MWQ0YTkwHhcNMjMxMTAzMTk1ODE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTFjNzBjMDNiNjUxZWJjOTRhMzBiNTg1NzE3YjY1YjdjOGYyOTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Zrubj+yqHszi7QWjjiMGMuyTwL9
Ob7wkOBlLqye26EG+zSvuw85FimYJgj7V6R528W0TUGYtkDSc1VO12m3WdsdxvtH
Ept4X+2kXCedsDCfjtuyfiAAoo15YhADuf4oE/q04rUA7FsarUZo1ngSKlwwTnIU
uVht3BwasCdRGpq5yySWQi929ntWrhv7sj+A87FHQ5Tq0bZvPt3zbj/Sgk/VsAwJ
SW02lEbTcDaq7sDY51L5rDDJFgQEJzXxpcAmZz9zO+eNX6yD5PJXxP9IxO0X7e27
JZZ30qGXEt2yA40XIfGYYZSdj/7Uldqi3AXo2wKbFS3DIWqYs7f08CgfCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP4ccMA7ZR68lKMLWFcXtlt8jyl7MB8GA1UdIwQY
MBaAFE3ZVNPHfJxON+6/dT2G89zwkdSpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGRsVTA4ZDhuRTQzN3I5MVBZYnozUENSMUtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC83YTJhOTktMTQ2Yy00NzgxLWEzMDIt
ZWI3YWFhNjgyOGJlLzEvX2h4d3dEdGxIcnlVb3d0WVZ4ZTJXM3lQS1hzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC83YTJhOTktMTQ2Yy00NzgxLWEzMDItZWI3YWFhNjgyOGJl
LzEvVGRsVTA4ZDhuRTQzN3I5MVBZYnozUENSMUtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBoQiUMA0G
CSqGSIb3DQEBCwUAA4IBAQC1DBF4zW1VvIFbSGX7xUX583MUI4zthHBt6oJhKo41
SA5OifmXHEhjPYUphrPod8jA4xA/HE3X1jfMq2rBdae/PeKP+IMOFiQAPnkrq8Dc
UDbEsojUNVxlnchd0WBxEskBJIkXkKP9m6a5lhRWRB77lZBcYLwP8o6bOYgrfBaa
EVQylenqxWBJTyuWfbYBZMGZnsSO+HpUzTC++TTT0BA9EcJf0SkwUGz0CnA4kQqR
6eF+1te+QIsGYev+ecoIav+GDESYdoou/YkbZScI0TxmF3fBsFjuR5YCuEfxl6in
Ws7DcZ1hUWj4bxMvEuKFQZm/guO8qUzK+QY/e74RNiYt
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:12:14 2024 by rpki-client on console-ams.rpki-client.org