Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/HiJ7sVY16p6K_W_zHRH-Hd16IC8.roa
File: HiJ7sVY16p6K_W_zHRH-Hd16IC8.roa (raw, json)
Hash identifier: QxrqjlXINghBNZufszJs9hlzKRKhTyW6c84Pz8HHg64=
Subject key identifier: 1E:22:7B:B1:56:35:EA:9E:8A:FD:6F:F3:1D:11:FE:1D:DD:7A:20:2F
Certificate issuer: /CN=0a37d807d4f7cdd3e0afe4abc8ee5a880c6090f1
Certificate serial: 01856B80F80628BAAE40AB43B9060B8C80FB
Authority key identifier: 0A:37:D8:07:D4:F7:CD:D3:E0:AF:E4:AB:C8:EE:5A:88:0C:60:90:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CjfYB9T3zdPgr-SryO5aiAxgkPE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/HiJ7sVY16p6K_W_zHRH-Hd16IC8.roa
Signing time: Sun 01 Jan 2023 04:04:51 +0000
ROA not before: Sun 01 Jan 2023 04:04:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9583
IP address blocks: 159.151.254.0/24 maxlen: 24
192.109.146.0/24 maxlen: 24
2a07:8145::/36 maxlen: 36
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:80:f8:06:28:ba:ae:40:ab:43:b9:06:0b:8c:80:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a37d807d4f7cdd3e0afe4abc8ee5a880c6090f1
Validity
Not Before: Jan 1 04:04:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1e227bb15635ea9e8afd6ff31d11fe1ddd7a202f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:6d:21:35:34:de:e0:6f:27:cf:6c:9e:6c:c4:
dd:33:12:bf:49:26:4e:10:eb:8e:2f:1f:bb:8c:1b:
47:67:53:bb:4b:6b:be:de:5d:dc:4e:87:d3:98:94:
4e:61:0f:00:08:a3:cf:aa:b3:f1:97:a6:ac:51:95:
57:f1:98:c8:72:49:af:53:7c:b8:fa:26:f1:5e:d7:
8e:66:f1:26:98:9c:9b:bb:01:77:b0:9f:f8:ea:b4:
74:38:c0:10:dd:48:e1:19:c5:bd:a2:2f:17:d5:b5:
fe:6c:19:bf:69:3d:15:8c:f7:63:64:2b:30:2b:e1:
bb:d0:07:d8:44:82:b5:bc:13:e4:92:27:b2:b9:2b:
3c:a5:18:fd:c8:60:7a:26:01:f6:3b:59:94:d1:fb:
ca:83:92:37:e8:a4:a3:99:0b:75:c7:d8:a4:ce:bb:
e4:ba:bd:fc:ad:f2:cf:76:15:e3:34:09:01:df:d2:
96:53:ea:4b:6a:8c:e2:ff:0c:f3:86:11:b2:67:d3:
99:65:ba:25:c6:12:57:ec:09:64:0d:79:07:17:ab:
84:e0:39:c7:e5:e2:85:e8:fc:fd:23:8d:f5:08:ad:
4d:c5:ad:82:19:6c:d1:d2:46:f6:c9:69:59:0d:7a:
22:ae:cb:dc:1f:e8:f1:0b:7d:01:d5:12:b4:9c:b1:
00:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:22:7B:B1:56:35:EA:9E:8A:FD:6F:F3:1D:11:FE:1D:DD:7A:20:2F
X509v3 Authority Key Identifier:
keyid:0A:37:D8:07:D4:F7:CD:D3:E0:AF:E4:AB:C8:EE:5A:88:0C:60:90:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CjfYB9T3zdPgr-SryO5aiAxgkPE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/HiJ7sVY16p6K_W_zHRH-Hd16IC8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/CjfYB9T3zdPgr-SryO5aiAxgkPE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.151.254.0/24
192.109.146.0/24
IPv6:
2a07:8145::/36
Signature Algorithm: sha256WithRSAEncryption
75:c0:83:b1:27:3d:32:81:e4:41:95:92:ae:dc:62:22:79:b7:
7b:50:b9:10:f2:7a:98:47:13:8e:e1:40:8c:6f:01:93:01:20:
be:7e:4c:c2:a6:72:25:97:b6:31:e6:ca:6d:a7:b6:8c:d6:08:
65:55:c9:d8:c5:e6:6a:0f:c0:5e:1a:fb:71:31:e4:e6:ed:b7:
7e:57:c4:0a:ef:af:e8:a0:5a:ed:d6:a5:78:ca:27:39:db:1b:
a2:0f:8d:02:47:40:6a:68:e4:3f:4c:51:d3:3a:49:36:28:d6:
c5:a8:01:b2:52:1b:6f:ff:ae:c0:1b:31:2d:a7:8f:0c:76:cf:
13:1d:9e:4e:1b:74:d3:32:10:6f:a1:36:54:c9:19:23:bc:62:
01:34:0a:dd:23:3b:15:c2:fb:b9:2a:57:6d:3c:d7:f3:19:52:
95:7a:7b:e6:15:92:0e:0c:6a:41:54:ae:73:b2:0b:08:96:3d:
f0:dd:2a:5b:1b:e9:f0:d9:16:f5:14:e3:97:bb:f0:6b:5d:62:
92:28:98:61:a3:c3:61:eb:8a:9a:32:24:a4:00:d1:17:f2:cd:
16:6b:18:8b:8f:c9:7b:6d:b5:a2:af:4c:92:8f:d3:22:6f:fd:
20:c6:24:8e:fb:e8:e4:86:a2:d2:61:ca:57:4d:be:e3:61:89:
20:b4:e2:83
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYVrgPgGKLquQKtDuQYLjID7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhMzdkODA3ZDRmN2NkZDNlMGFmZTRhYmM4ZWU1YTg4MGM2
MDkwZjEwHhcNMjMwMTAxMDQwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTIyN2JiMTU2MzVlYTllOGFmZDZmZjMxZDExZmUxZGRkN2EyMDJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhW0hNTTe4G8nz2yebMTdMxK/SSZO
EOuOLx+7jBtHZ1O7S2u+3l3cTofTmJROYQ8ACKPPqrPxl6asUZVX8ZjIckmvU3y4
+ibxXteOZvEmmJybuwF3sJ/46rR0OMAQ3UjhGcW9oi8X1bX+bBm/aT0VjPdjZCsw
K+G70AfYRIK1vBPkkieyuSs8pRj9yGB6JgH2O1mU0fvKg5I36KSjmQt1x9ikzrvk
ur38rfLPdhXjNAkB39KWU+pLaozi/wzzhhGyZ9OZZbolxhJX7AlkDXkHF6uE4DnH
5eKF6Pz9I431CK1Nxa2CGWzR0kb2yWlZDXoirsvcH+jxC30B1RK0nLEAnQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFB4ie7FWNeqeiv1v8x0R/h3deiAvMB8GA1UdIwQY
MBaAFAo32AfU983T4K/kq8juWogMYJDxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2pmWUI5VDN6ZFBnci1TcnlPNWFpQXhna1BFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9iYzI2OGQtNjFmMC00NzFmLWFhYjkt
ODAwZWRhMmNmYjM2LzEvSGlKN3NWWTE2cDZLX1dfekhSSC1IZDE2SUM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9iYzI2OGQtNjFmMC00NzFmLWFhYjktODAwZWRhMmNmYjM2
LzEvQ2pmWUI5VDN6ZFBnci1TcnlPNWFpQXhna1BFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQAn5f+AwQA
wG2SMA4EAgACMAgDBgQqB4FFADANBgkqhkiG9w0BAQsFAAOCAQEAdcCDsSc9MoHk
QZWSrtxiInm3e1C5EPJ6mEcTjuFAjG8BkwEgvn5MwqZyJZe2MebKbae2jNYIZVXJ
2MXmag/AXhr7cTHk5u23flfECu+v6KBa7daleMonOdsbog+NAkdAamjkP0xR0zpJ
NijWxagBslIbb/+uwBsxLaePDHbPEx2eTht00zIQb6E2VMkZI7xiATQK3SM7FcL7
uSpXbTzX8xlSlXp75hWSDgxqQVSuc7ILCJY98N0qWxvp8NkW9RTjl7vwa11ikiiY
YaPDYeuKmjIkpADRF/LNFmsYi4/Je221oq9Mko/TIm/9IMYkjvvo5Iai0mHKV02+
42GJILTigw==
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:41:03 2024 by rpki-client on console-ams.rpki-client.org