Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/cdeca3-4ef1-45ad-8922-2f7cf8446a31/1/_z3zTA6tK1byKh3B_YgcSc5sSmM.roa
File: _z3zTA6tK1byKh3B_YgcSc5sSmM.roa (raw, json)
Hash identifier: XoPmRjA5ZVZro5LtqCIX/N2AdPjRZwbrkoh+PfVrKSE=
Subject key identifier: FF:3D:F3:4C:0E:AD:2B:56:F2:2A:1D:C1:FD:88:1C:49:CE:6C:4A:63
Certificate issuer: /CN=8636a4e14a71ddd510164b8631ad99bbfc75953a
Certificate serial: 018CC500B411E320D7306B167DA17BECD3DB
Authority key identifier: 86:36:A4:E1:4A:71:DD:D5:10:16:4B:86:31:AD:99:BB:FC:75:95:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hjak4Upx3dUQFkuGMa2Zu_x1lTo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/cdeca3-4ef1-45ad-8922-2f7cf8446a31/1/_z3zTA6tK1byKh3B_YgcSc5sSmM.roa
Signing time: Mon 01 Jan 2024 12:30:06 +0000
ROA not before: Mon 01 Jan 2024 12:30:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59909
IP address blocks: 159.255.147.0/24 maxlen: 24
2a0d:d100::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Apr 2024 12:58:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:b4:11:e3:20:d7:30:6b:16:7d:a1:7b:ec:d3:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8636a4e14a71ddd510164b8631ad99bbfc75953a
Validity
Not Before: Jan 1 12:30:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ff3df34c0ead2b56f22a1dc1fd881c49ce6c4a63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:48:28:10:b9:6c:14:c4:83:8f:bd:27:bd:4e:
ed:9e:12:0c:bd:d4:d0:86:08:b9:e2:c3:72:74:d0:
33:6c:ac:0b:2a:62:ec:24:7b:8e:4c:e3:68:6a:47:
05:32:41:e5:41:84:32:5d:7f:4d:d2:c5:e0:5f:fe:
8b:8f:8f:c8:d9:a7:96:4b:05:ec:b5:73:e8:1f:3f:
33:d1:b5:48:0b:64:72:d9:59:a5:0c:30:9b:ec:ac:
eb:02:e9:a8:99:37:c4:07:ff:30:dc:4c:39:3a:e9:
d9:54:2f:9d:21:18:e6:2e:85:b7:00:3b:bb:38:c5:
df:9a:11:7e:21:13:6c:4e:b4:58:c1:fe:f2:f9:bb:
e3:60:e4:2f:aa:f1:cf:8e:af:48:31:8e:9f:8b:a7:
41:13:e5:bc:bc:07:47:98:71:f3:12:d7:a0:9b:c9:
e5:61:e2:7f:49:68:0c:b3:3c:ad:93:d9:ce:3c:81:
18:1d:6e:f9:db:d3:df:ec:50:72:a1:c1:eb:67:9d:
c9:6b:a9:b5:36:45:3b:02:48:33:21:5e:9e:8b:c2:
1a:2e:be:16:cd:60:91:b3:ba:18:7e:f3:68:4f:26:
02:ac:12:1a:0b:e3:4f:16:00:9a:c7:7d:2a:59:e2:
90:a6:ee:c6:15:04:44:06:86:77:04:51:cb:27:91:
6c:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:3D:F3:4C:0E:AD:2B:56:F2:2A:1D:C1:FD:88:1C:49:CE:6C:4A:63
X509v3 Authority Key Identifier:
keyid:86:36:A4:E1:4A:71:DD:D5:10:16:4B:86:31:AD:99:BB:FC:75:95:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hjak4Upx3dUQFkuGMa2Zu_x1lTo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/cdeca3-4ef1-45ad-8922-2f7cf8446a31/1/_z3zTA6tK1byKh3B_YgcSc5sSmM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/cdeca3-4ef1-45ad-8922-2f7cf8446a31/1/hjak4Upx3dUQFkuGMa2Zu_x1lTo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.255.147.0/24
IPv6:
2a0d:d100::/32
Signature Algorithm: sha256WithRSAEncryption
89:c2:8b:af:a2:7a:76:10:2e:d7:bb:52:af:ee:62:ac:a5:fb:
46:35:9a:48:47:08:84:92:06:91:66:c2:58:54:52:7b:a2:04:
bf:6f:2c:db:ee:d3:d6:fb:d7:19:93:22:25:49:90:7d:6b:f0:
20:b2:5f:00:6f:99:8d:4e:fb:6f:81:02:d4:2a:2c:29:55:bd:
a9:bc:1a:c1:b2:a6:67:57:e9:10:df:ce:99:9d:f9:42:6c:5a:
76:4a:6f:3d:fd:39:8c:9c:33:7c:b4:91:c7:5d:8a:31:26:e7:
ff:12:3c:5f:ea:67:b3:c7:b3:b2:5d:03:81:bc:0a:50:d8:e2:
49:7c:cf:7d:29:62:69:93:04:30:c2:36:52:f0:19:93:5a:b3:
32:25:a5:ff:a7:fd:92:08:6f:d4:3c:15:01:da:fb:e9:d4:78:
de:9a:ef:e5:4a:68:34:2a:d0:63:d1:9e:68:83:07:5b:a7:01:
54:c1:f1:47:ba:8d:c7:3d:f7:7e:8a:72:e9:ab:88:cc:5d:c3:
2e:43:77:0e:90:bc:50:be:ba:53:a3:f5:7d:b8:90:eb:1a:64:
bd:10:47:72:7f:45:d1:22:ae:5f:5b:fa:da:3b:14:c6:17:9a:
a7:42:ca:f8:89:52:cb:59:b3:28:0c:32:9b:6e:a6:c9:6f:ee:
41:a9:9f:4c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzFALQR4yDXMGsWfaF77NPbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2MzZhNGUxNGE3MWRkZDUxMDE2NGI4NjMxYWQ5OWJiZmM3
NTk1M2EwHhcNMjQwMTAxMTIzMDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjNkZjM0YzBlYWQyYjU2ZjIyYTFkYzFmZDg4MWM0OWNlNmM0YTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjkgoELlsFMSDj70nvU7tnhIMvdTQ
hgi54sNydNAzbKwLKmLsJHuOTONoakcFMkHlQYQyXX9N0sXgX/6Lj4/I2aeWSwXs
tXPoHz8z0bVIC2Ry2VmlDDCb7KzrAumomTfEB/8w3Ew5OunZVC+dIRjmLoW3ADu7
OMXfmhF+IRNsTrRYwf7y+bvjYOQvqvHPjq9IMY6fi6dBE+W8vAdHmHHzEtegm8nl
YeJ/SWgMszytk9nOPIEYHW7529Pf7FByocHrZ53Ja6m1NkU7AkgzIV6ei8IaLr4W
zWCRs7oYfvNoTyYCrBIaC+NPFgCax30qWeKQpu7GFQREBoZ3BFHLJ5FsuQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFP8980wOrStW8iodwf2IHEnObEpjMB8GA1UdIwQY
MBaAFIY2pOFKcd3VEBZLhjGtmbv8dZU6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGphazRVcHgzZFVRRmt1R01hMlp1X3gxbFRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9jZGVjYTMtNGVmMS00NWFkLTg5MjIt
MmY3Y2Y4NDQ2YTMxLzEvX3ozelRBNnRLMWJ5S2gzQl9ZZ2NTYzVzU21NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC9jZGVjYTMtNGVmMS00NWFkLTg5MjItMmY3Y2Y4NDQ2YTMx
LzEvaGphazRVcHgzZFVRRmt1R01hMlp1X3gxbFRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAn/+TMA0E
AgACMAcDBQAqDdEAMA0GCSqGSIb3DQEBCwUAA4IBAQCJwouvonp2EC7Xu1Kv7mKs
pftGNZpIRwiEkgaRZsJYVFJ7ogS/byzb7tPW+9cZkyIlSZB9a/Agsl8Ab5mNTvtv
gQLUKiwpVb2pvBrBsqZnV+kQ386ZnflCbFp2Sm89/TmMnDN8tJHHXYoxJuf/Ejxf
6mezx7OyXQOBvApQ2OJJfM99KWJpkwQwwjZS8BmTWrMyJaX/p/2SCG/UPBUB2vvp
1Hjemu/lSmg0KtBj0Z5ogwdbpwFUwfFHuo3HPfd+inLpq4jMXcMuQ3cOkLxQvrpT
o/V9uJDrGmS9EEdyf0XRIq5fW/raOxTGF5qnQsr4iVLLWbMoDDKbbqbJb+5BqZ9M
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:51 2024 by rpki-client on console-ams.rpki-client.org