Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/19870f-866c-4420-ad08-30c9e202e995/1/aWz1m_5lgwKyuihbXURkJP7X9rM.roa
File: aWz1m_5lgwKyuihbXURkJP7X9rM.roa (raw, json)
Hash identifier: 6n1YwRaeyR4inNzPt5RjJ8mcU8TYM50Wv6IRLPP1/sM=
Subject key identifier: 69:6C:F5:9B:FE:65:83:02:B2:BA:28:5B:5D:44:64:24:FE:D7:F6:B3
Certificate issuer: /CN=ead799026094d60516b527d842b6166805668e9e
Certificate serial: 01856F3015D6E15A2726FEBCD60FEB7D8D30
Authority key identifier: EA:D7:99:02:60:94:D6:05:16:B5:27:D8:42:B6:16:68:05:66:8E:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6teZAmCU1gUWtSfYQrYWaAVmjp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/19870f-866c-4420-ad08-30c9e202e995/1/aWz1m_5lgwKyuihbXURkJP7X9rM.roa
Signing time: Sun 01 Jan 2023 21:15:00 +0000
ROA not before: Sun 01 Jan 2023 21:15:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 22562
IP address blocks: 159.101.240.0/22 maxlen: 22
159.101.128.0/21 maxlen: 21
159.101.236.0/22 maxlen: 22
Validation: Failed, certificate revoked on Sat 08 Jul 2023 15:32:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:30:15:d6:e1:5a:27:26:fe:bc:d6:0f:eb:7d:8d:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ead799026094d60516b527d842b6166805668e9e
Validity
Not Before: Jan 1 21:15:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=696cf59bfe658302b2ba285b5d446424fed7f6b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:6d:c0:30:54:76:76:a8:45:75:8a:f0:44:e8:
12:b7:76:5d:c6:ed:b8:2d:7a:b6:f7:6e:ba:9e:97:
c7:f3:05:be:2f:96:7c:18:b6:7e:e8:48:5e:10:7a:
ee:11:db:b9:bd:43:ed:16:62:42:6d:c3:67:70:05:
ce:ef:fd:1b:d4:26:37:fe:98:cb:10:1f:0d:21:80:
80:17:af:b1:26:16:c7:21:61:ef:3d:e4:5c:46:c4:
c2:bb:da:30:31:b5:a1:75:91:90:fa:79:eb:36:cc:
23:70:dc:50:5b:59:1b:1e:cd:b4:b3:50:94:cf:d1:
17:06:d7:8b:93:12:dd:08:7c:a3:3f:33:9f:35:1e:
87:0f:8a:5e:0b:b1:a1:17:06:92:ed:95:ec:09:49:
a7:cf:7c:fb:e2:de:b7:8d:96:96:df:3f:e7:4a:a5:
52:2d:46:29:63:ec:22:24:3d:58:f7:64:78:d6:7e:
e2:d9:36:c9:4c:64:e7:fc:81:b1:85:33:dc:4c:72:
58:69:4a:00:0a:2d:7a:97:13:42:51:4b:e1:21:7f:
1b:15:32:62:76:c4:fc:dc:45:25:4f:ac:67:69:72:
be:d4:2e:70:8e:c2:dd:f0:7d:b3:a6:58:8f:ef:db:
1f:3a:69:ca:94:20:2b:ef:ea:a8:f1:e2:04:a8:46:
6a:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:6C:F5:9B:FE:65:83:02:B2:BA:28:5B:5D:44:64:24:FE:D7:F6:B3
X509v3 Authority Key Identifier:
keyid:EA:D7:99:02:60:94:D6:05:16:B5:27:D8:42:B6:16:68:05:66:8E:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6teZAmCU1gUWtSfYQrYWaAVmjp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/19870f-866c-4420-ad08-30c9e202e995/1/aWz1m_5lgwKyuihbXURkJP7X9rM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/19870f-866c-4420-ad08-30c9e202e995/1/6teZAmCU1gUWtSfYQrYWaAVmjp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.101.128.0/21
159.101.236.0-159.101.243.255
Signature Algorithm: sha256WithRSAEncryption
d7:be:de:38:d7:dd:10:66:16:1f:e2:00:87:f5:77:a5:23:55:
19:45:52:01:73:84:ea:cd:d7:9c:bb:4b:07:e2:cc:41:02:c2:
ad:50:45:f9:b0:71:73:12:16:04:79:dd:97:da:21:04:0d:b1:
f9:05:d0:d5:5c:28:1d:a5:e8:dc:77:e8:50:fd:b1:29:af:54:
14:86:82:1e:d2:b9:de:1a:96:cf:7b:96:6f:91:9a:b2:7e:3c:
ac:19:76:21:6d:87:17:bb:7b:47:9a:21:d1:73:27:a1:10:14:
44:2d:64:99:ed:ed:ff:b5:b6:5d:0e:24:fa:9f:ea:1e:30:bf:
d8:3e:57:43:51:c8:f5:41:0c:0b:2a:60:c1:42:12:32:1e:34:
05:e3:f4:f7:9a:65:e1:50:d2:29:d5:6c:09:1c:3a:99:42:dd:
26:e3:0b:f0:51:87:96:37:2e:81:72:5e:98:f9:ae:55:c7:17:
c9:74:5c:d7:22:e8:3d:36:b5:5f:c5:4e:d4:10:14:cf:35:79:
47:9f:e4:ce:e5:1a:77:a7:c2:52:d1:ac:22:5c:7d:17:15:f0:
5c:f9:f8:1d:67:13:cc:34:27:f6:16:53:84:b1:23:64:3c:16:
fc:51:8c:ef:67:69:63:8f:63:c1:bf:16:1c:ca:a7:1f:45:b9:
40:88:33:71
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVvMBXW4VonJv681g/rfY0wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhZDc5OTAyNjA5NGQ2MDUxNmI1MjdkODQyYjYxNjY4MDU2
NjhlOWUwHhcNMjMwMTAxMjExNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTZjZjU5YmZlNjU4MzAyYjJiYTI4NWI1ZDQ0NjQyNGZlZDdmNmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlm3AMFR2dqhFdYrwROgSt3Zdxu24
LXq29266npfH8wW+L5Z8GLZ+6EheEHruEdu5vUPtFmJCbcNncAXO7/0b1CY3/pjL
EB8NIYCAF6+xJhbHIWHvPeRcRsTCu9owMbWhdZGQ+nnrNswjcNxQW1kbHs20s1CU
z9EXBteLkxLdCHyjPzOfNR6HD4peC7GhFwaS7ZXsCUmnz3z74t63jZaW3z/nSqVS
LUYpY+wiJD1Y92R41n7i2TbJTGTn/IGxhTPcTHJYaUoACi16lxNCUUvhIX8bFTJi
dsT83EUlT6xnaXK+1C5wjsLd8H2zpliP79sfOmnKlCAr7+qo8eIEqEZqZwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFGls9Zv+ZYMCsrooW11EZCT+1/azMB8GA1UdIwQY
MBaAFOrXmQJglNYFFrUn2EK2FmgFZo6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnRlWkFtQ1UxZ1VXdFNmWVFyWVdhQVZtanA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy8xOTg3MGYtODY2Yy00NDIwLWFkMDgt
MzBjOWUyMDJlOTk1LzEvYVd6MW1fNWxnd0t5dWloYlhVUmtKUDdYOXJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy8xOTg3MGYtODY2Yy00NDIwLWFkMDgtMzBjOWUyMDJlOTk1
LzEvNnRlWkFtQ1UxZ1VXdFNmWVFyWVdhQVZtanA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQDn2WAMAwD
BAKfZewDBAKfZfAwDQYJKoZIhvcNAQELBQADggEBANe+3jjX3RBmFh/iAIf1d6Uj
VRlFUgFzhOrN15y7SwfizEECwq1QRfmwcXMSFgR53ZfaIQQNsfkF0NVcKB2l6Nx3
6FD9sSmvVBSGgh7Sud4als97lm+RmrJ+PKwZdiFthxe7e0eaIdFzJ6EQFEQtZJnt
7f+1tl0OJPqf6h4wv9g+V0NRyPVBDAsqYMFCEjIeNAXj9PeaZeFQ0inVbAkcOplC
3SbjC/BRh5Y3LoFyXpj5rlXHF8l0XNci6D02tV/FTtQQFM81eUef5M7lGnenwlLR
rCJcfRcV8Fz5+B1nE8w0J/YWU4SxI2Q8FvxRjO9naWOPY8G/FhzKpx9FuUCIM3E=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:47 2024 by rpki-client on console-fra.rpki-client.org