Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/19870f-866c-4420-ad08-30c9e202e995/1/uJGiIldVJe3dkwxxEDC99WT_T_s.roa
File: uJGiIldVJe3dkwxxEDC99WT_T_s.roa (raw, json)
Hash identifier: 9RRUKcyDqct6dqXvkMMvQjprardZ2RSTmGZYIsiJNOc=
Subject key identifier: B8:91:A2:22:57:55:25:ED:DD:93:0C:71:10:30:BD:F5:64:FF:4F:FB
Certificate issuer: /CN=ead799026094d60516b527d842b6166805668e9e
Certificate serial: 018936226259066DABECDF94D0266C5CE2FE
Authority key identifier: EA:D7:99:02:60:94:D6:05:16:B5:27:D8:42:B6:16:68:05:66:8E:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6teZAmCU1gUWtSfYQrYWaAVmjp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/19870f-866c-4420-ad08-30c9e202e995/1/uJGiIldVJe3dkwxxEDC99WT_T_s.roa
Signing time: Sat 08 Jul 2023 15:32:50 +0000
ROA not before: Sat 08 Jul 2023 15:32:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 22562
IP address blocks: 159.101.240.0/22 maxlen: 22
159.101.128.0/21 maxlen: 21
159.101.236.0/22 maxlen: 22
159.101.252.0/23 maxlen: 23
159.101.254.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:36:22:62:59:06:6d:ab:ec:df:94:d0:26:6c:5c:e2:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ead799026094d60516b527d842b6166805668e9e
Validity
Not Before: Jul 8 15:32:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b891a222575525eddd930c711030bdf564ff4ffb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:6c:99:e7:d2:31:6d:3d:67:29:80:9c:7e:be:
78:58:c4:93:ce:f7:68:a9:f7:cd:c2:e6:f1:ab:37:
e2:d6:1c:c3:80:08:1b:bd:1b:15:ff:a5:0e:0a:16:
10:30:70:6d:9c:73:73:8a:5f:ce:08:a6:50:39:d7:
83:44:07:11:a4:c7:75:0c:31:de:7a:1a:6c:6f:0e:
e7:d0:52:ea:de:21:72:65:40:aa:1c:ab:cb:f7:e3:
dd:9c:b4:b6:03:02:d4:4b:31:d2:c9:6b:87:1b:28:
35:ad:28:1a:c4:24:7d:78:a1:cd:6c:b8:b4:9a:2a:
e9:fd:c2:33:69:cc:d2:13:7f:6a:2f:06:81:f7:5c:
aa:85:09:b5:16:49:66:71:71:73:e8:7b:5a:a0:ca:
b5:8a:87:26:57:33:a1:4c:46:b3:eb:d1:8a:2d:e8:
00:90:4e:ff:77:27:e9:b7:27:b5:a1:a7:7e:8e:d1:
be:f2:e8:0a:75:d4:ad:73:6f:bb:2d:a2:d3:b3:94:
0b:c2:1a:6c:77:92:60:81:5a:34:1d:a0:8a:a8:f6:
c6:7c:55:49:4a:41:c3:5e:ce:6d:f2:56:0f:ef:d3:
5a:d0:8e:76:ee:37:5e:19:85:9d:ba:89:d7:ab:d8:
86:55:22:3d:22:2d:a5:20:07:f7:18:6d:97:43:a2:
e2:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:91:A2:22:57:55:25:ED:DD:93:0C:71:10:30:BD:F5:64:FF:4F:FB
X509v3 Authority Key Identifier:
keyid:EA:D7:99:02:60:94:D6:05:16:B5:27:D8:42:B6:16:68:05:66:8E:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6teZAmCU1gUWtSfYQrYWaAVmjp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/19870f-866c-4420-ad08-30c9e202e995/1/uJGiIldVJe3dkwxxEDC99WT_T_s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/19870f-866c-4420-ad08-30c9e202e995/1/6teZAmCU1gUWtSfYQrYWaAVmjp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.101.128.0/21
159.101.236.0-159.101.243.255
159.101.252.0/22
Signature Algorithm: sha256WithRSAEncryption
20:ed:e8:1c:e0:84:5d:d4:8e:95:6f:ec:4d:17:b8:a6:a6:06:
6b:27:14:4e:36:83:1d:92:cb:5d:37:16:21:45:3c:a0:ad:7c:
6e:b7:4e:1f:51:0c:3a:40:fd:ae:f7:78:c7:c8:9f:11:76:58:
2b:bb:6c:d8:a7:7f:74:da:23:53:6f:de:da:f5:7c:e3:04:ab:
8e:93:bd:92:71:bd:f2:1b:bc:52:03:9e:19:65:67:e9:8a:f7:
57:22:b9:cd:00:58:ad:2e:7b:9f:63:bf:72:03:36:a8:9c:83:
f0:95:91:b3:5d:52:de:08:95:ef:56:08:73:4c:fe:82:5a:9a:
af:cc:1f:e8:1b:71:02:af:1b:f9:14:bb:32:6f:76:6b:02:8a:
e1:7b:2d:26:de:16:f3:1e:8f:53:02:b2:3c:54:99:a2:28:f0:
c9:51:5d:d8:4a:67:b6:ba:0f:33:00:8c:d3:18:e8:f1:78:d1:
6c:03:b5:a9:08:a3:dd:fb:7d:11:69:3f:ff:7a:ea:82:7b:5b:
a4:ed:ba:8a:c3:95:f2:d3:6d:29:33:fe:3d:be:2e:4c:f4:ce:
92:c9:96:fc:e2:f8:f4:c3:73:f5:73:3c:98:37:68:c4:61:44:
f4:c4:6f:68:6e:8f:b7:0d:0e:fd:cb:05:35:6f:f1:53:10:5b:
ee:12:89:30
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYk2ImJZBm2r7N+U0CZsXOL+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhZDc5OTAyNjA5NGQ2MDUxNmI1MjdkODQyYjYxNjY4MDU2
NjhlOWUwHhcNMjMwNzA4MTUzMjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODkxYTIyMjU3NTUyNWVkZGQ5MzBjNzExMDMwYmRmNTY0ZmY0ZmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlGyZ59IxbT1nKYCcfr54WMSTzvdo
qffNwubxqzfi1hzDgAgbvRsV/6UOChYQMHBtnHNzil/OCKZQOdeDRAcRpMd1DDHe
ehpsbw7n0FLq3iFyZUCqHKvL9+PdnLS2AwLUSzHSyWuHGyg1rSgaxCR9eKHNbLi0
mirp/cIzaczSE39qLwaB91yqhQm1FklmcXFz6HtaoMq1iocmVzOhTEaz69GKLegA
kE7/dyfptye1oad+jtG+8ugKddStc2+7LaLTs5QLwhpsd5JggVo0HaCKqPbGfFVJ
SkHDXs5t8lYP79Na0I527jdeGYWduonXq9iGVSI9Ii2lIAf3GG2XQ6LivQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFLiRoiJXVSXt3ZMMcRAwvfVk/0/7MB8GA1UdIwQY
MBaAFOrXmQJglNYFFrUn2EK2FmgFZo6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnRlWkFtQ1UxZ1VXdFNmWVFyWVdhQVZtanA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy8xOTg3MGYtODY2Yy00NDIwLWFkMDgt
MzBjOWUyMDJlOTk1LzEvdUpHaUlsZFZKZTNka3d4eEVEQzk5V1RfVF9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy8xOTg3MGYtODY2Yy00NDIwLWFkMDgtMzBjOWUyMDJlOTk1
LzEvNnRlWkFtQ1UxZ1VXdFNmWVFyWVdhQVZtanA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQDn2WAMAwD
BAKfZewDBAKfZfADBAKfZfwwDQYJKoZIhvcNAQELBQADggEBACDt6BzghF3UjpVv
7E0XuKamBmsnFE42gx2Sy103FiFFPKCtfG63Th9RDDpA/a73eMfInxF2WCu7bNin
f3TaI1Nv3tr1fOMEq46TvZJxvfIbvFIDnhllZ+mK91ciuc0AWK0ue59jv3IDNqic
g/CVkbNdUt4Ile9WCHNM/oJamq/MH+gbcQKvG/kUuzJvdmsCiuF7LSbeFvMej1MC
sjxUmaIo8MlRXdhKZ7a6DzMAjNMY6PF40WwDtakIo937fRFpP/966oJ7W6TtuorD
lfLTbSkz/j2+Lkz0zpLJlvzi+PTDc/VzPJg3aMRhRPTEb2huj7cNDv3LBTVv8VMQ
W+4SiTA=
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:22:06 2024 by rpki-client on console-ams.rpki-client.org