Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/cdeca3-4ef1-45ad-8922-2f7cf8446a31/1/m72QdQFdtXY5FLBRHOmsQ5Z9VEg.roa
File: m72QdQFdtXY5FLBRHOmsQ5Z9VEg.roa (raw, json)
Hash identifier: 02P4ek50mQzd8V6/8NhO2r9pBxiRxExEwmaZ1RfMl/k=
Subject key identifier: 9B:BD:90:75:01:5D:B5:76:39:14:B0:51:1C:E9:AC:43:96:7D:54:48
Certificate issuer: /CN=8636a4e14a71ddd510164b8631ad99bbfc75953a
Certificate serial: 018B3C9DF3B12F9DECBF9208A4D02FF5FA18
Authority key identifier: 86:36:A4:E1:4A:71:DD:D5:10:16:4B:86:31:AD:99:BB:FC:75:95:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hjak4Upx3dUQFkuGMa2Zu_x1lTo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/cdeca3-4ef1-45ad-8922-2f7cf8446a31/1/m72QdQFdtXY5FLBRHOmsQ5Z9VEg.roa
Signing time: Tue 17 Oct 2023 07:51:06 +0000
ROA not before: Tue 17 Oct 2023 07:51:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59909
IP address blocks: 159.255.147.0/24 maxlen: 24
2a0d:d100::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:3c:9d:f3:b1:2f:9d:ec:bf:92:08:a4:d0:2f:f5:fa:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8636a4e14a71ddd510164b8631ad99bbfc75953a
Validity
Not Before: Oct 17 07:51:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9bbd9075015db5763914b0511ce9ac43967d5448
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:94:77:55:6c:cb:a7:f2:4c:46:83:1d:25:89:
7b:69:2c:f7:1a:c3:6c:95:fc:f7:f5:1b:1e:bb:29:
c8:b3:35:36:7a:f9:de:11:46:f1:4b:c5:2d:78:10:
1f:35:50:a2:ee:c6:26:4c:87:a3:b5:6f:4a:13:a2:
52:0e:2a:0b:4a:24:15:0e:3e:e7:4b:67:2c:a7:01:
dc:88:c0:a0:65:0b:47:30:c8:a9:21:d7:da:76:56:
2f:73:7f:cc:16:65:03:9f:d2:24:da:d6:02:86:d6:
70:71:65:db:b9:21:40:1a:f0:02:68:64:86:bf:48:
d1:6c:d5:42:32:47:40:d7:e1:c2:fe:8b:6f:a7:08:
06:91:1c:01:bf:36:cf:0e:ce:c1:e5:fd:27:00:2d:
43:50:b1:86:84:28:97:37:a8:a7:58:b9:c4:45:7e:
aa:8b:31:27:df:48:d8:cd:6a:bd:4e:3e:b0:9d:6d:
fc:33:59:50:de:1c:16:c1:c1:dc:e2:88:1f:05:3d:
2d:bb:02:e5:38:a7:cc:9c:5b:5f:90:64:2e:28:56:
64:11:c2:c6:12:15:1a:ad:97:81:e6:a3:66:15:52:
19:61:2e:5d:f5:95:cf:92:db:b9:be:10:82:2d:1d:
9a:30:eb:48:01:a2:b9:f8:d4:32:fe:56:41:e8:67:
3e:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:BD:90:75:01:5D:B5:76:39:14:B0:51:1C:E9:AC:43:96:7D:54:48
X509v3 Authority Key Identifier:
keyid:86:36:A4:E1:4A:71:DD:D5:10:16:4B:86:31:AD:99:BB:FC:75:95:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hjak4Upx3dUQFkuGMa2Zu_x1lTo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/cdeca3-4ef1-45ad-8922-2f7cf8446a31/1/m72QdQFdtXY5FLBRHOmsQ5Z9VEg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/cdeca3-4ef1-45ad-8922-2f7cf8446a31/1/hjak4Upx3dUQFkuGMa2Zu_x1lTo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.255.147.0/24
IPv6:
2a0d:d100::/32
Signature Algorithm: sha256WithRSAEncryption
4c:32:38:83:90:28:10:c1:7e:03:c2:ae:80:83:f0:63:86:8b:
82:2b:7a:9d:69:f5:e0:b8:63:22:6a:15:dd:ae:dd:57:43:1b:
e2:fa:1c:8a:a9:cb:60:f1:70:3f:2a:42:86:2c:e6:7e:fb:d0:
01:df:8c:cd:37:b1:aa:00:ea:83:9c:97:7a:5a:76:8a:7e:f6:
be:ef:89:60:85:93:26:70:44:22:ad:b5:69:37:e2:98:1a:e2:
02:e8:ed:3c:44:3e:2e:1b:d6:36:12:29:65:47:d2:da:a8:10:
c1:43:c9:83:9e:ad:b7:d2:93:08:34:30:e2:66:7d:dd:36:ab:
e9:4b:5a:d1:5e:6d:0f:e7:cc:83:bb:c9:b0:df:8a:58:5c:c4:
6b:d0:59:32:88:02:19:13:95:75:ed:5b:cc:10:bf:5c:72:47:
6b:ce:79:05:2f:c8:c3:8c:e2:6e:f3:7e:62:3d:f7:a2:cb:f9:
54:f2:84:d3:3f:cf:c9:55:a6:d0:ae:66:71:c0:58:81:f3:42:
9f:a1:99:58:85:35:32:0d:16:aa:c8:9f:26:8a:55:1b:4e:24:
88:96:93:d7:d3:9f:0a:73:dd:d0:88:da:87:91:1d:b6:b1:05:
fc:0c:9c:43:da:3b:d7:02:0f:26:76:6a:b1:64:51:9e:d2:fa:
90:7c:47:a0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYs8nfOxL53sv5IIpNAv9foYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2MzZhNGUxNGE3MWRkZDUxMDE2NGI4NjMxYWQ5OWJiZmM3
NTk1M2EwHhcNMjMxMDE3MDc1MTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YmJkOTA3NTAxNWRiNTc2MzkxNGIwNTExY2U5YWM0Mzk2N2Q1NDQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0JR3VWzLp/JMRoMdJYl7aSz3GsNs
lfz39RseuynIszU2evneEUbxS8UteBAfNVCi7sYmTIejtW9KE6JSDioLSiQVDj7n
S2cspwHciMCgZQtHMMipIdfadlYvc3/MFmUDn9Ik2tYChtZwcWXbuSFAGvACaGSG
v0jRbNVCMkdA1+HC/otvpwgGkRwBvzbPDs7B5f0nAC1DULGGhCiXN6inWLnERX6q
izEn30jYzWq9Tj6wnW38M1lQ3hwWwcHc4ogfBT0tuwLlOKfMnFtfkGQuKFZkEcLG
EhUarZeB5qNmFVIZYS5d9ZXPktu5vhCCLR2aMOtIAaK5+NQy/lZB6Gc+SwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJu9kHUBXbV2ORSwURzprEOWfVRIMB8GA1UdIwQY
MBaAFIY2pOFKcd3VEBZLhjGtmbv8dZU6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGphazRVcHgzZFVRRmt1R01hMlp1X3gxbFRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9jZGVjYTMtNGVmMS00NWFkLTg5MjIt
MmY3Y2Y4NDQ2YTMxLzEvbTcyUWRRRmR0WFk1RkxCUkhPbXNRNVo5VkVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC9jZGVjYTMtNGVmMS00NWFkLTg5MjItMmY3Y2Y4NDQ2YTMx
LzEvaGphazRVcHgzZFVRRmt1R01hMlp1X3gxbFRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAn/+TMA0E
AgACMAcDBQAqDdEAMA0GCSqGSIb3DQEBCwUAA4IBAQBMMjiDkCgQwX4Dwq6Ag/Bj
houCK3qdafXguGMiahXdrt1XQxvi+hyKqctg8XA/KkKGLOZ++9AB34zNN7GqAOqD
nJd6WnaKfva+74lghZMmcEQirbVpN+KYGuIC6O08RD4uG9Y2EillR9LaqBDBQ8mD
nq230pMINDDiZn3dNqvpS1rRXm0P58yDu8mw34pYXMRr0FkyiAIZE5V17VvMEL9c
ckdrznkFL8jDjOJu835iPfeiy/lU8oTTP8/JVabQrmZxwFiB80KfoZlYhTUyDRaq
yJ8milUbTiSIlpPX058Kc93QiNqHkR22sQX8DJxD2jvXAg8mdmqxZFGe0vqQfEeg
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:51 2024 by rpki-client on console-ams.rpki-client.org