Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/9375a2-3e6f-4577-85d1-5f145cfd2070/1/RuzF0GrVR692TUNsVFAzmnpwq-A.roa
File: RuzF0GrVR692TUNsVFAzmnpwq-A.roa (raw, json)
Hash identifier: ecfg8XIkymGmyqWsLf/r8eGEuno5rZF468vRxyreebE=
Subject key identifier: 46:EC:C5:D0:6A:D5:47:AF:76:4D:43:6C:54:50:33:9A:7A:70:AB:E0
Certificate issuer: /CN=00f4cc412cc30fb2f9f7c37c3e390bec5e6256b0
Certificate serial: 018570F09CC0FA493088B4F5B7BFBEB8B030
Authority key identifier: 00:F4:CC:41:2C:C3:0F:B2:F9:F7:C3:7C:3E:39:0B:EC:5E:62:56:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/APTMQSzDD7L598N8PjkL7F5iVrA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/9375a2-3e6f-4577-85d1-5f145cfd2070/1/RuzF0GrVR692TUNsVFAzmnpwq-A.roa
Signing time: Mon 02 Jan 2023 05:24:54 +0000
ROA not before: Mon 02 Jan 2023 05:24:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1930
IP address blocks: 158.162.96.0/20 maxlen: 20
158.162.0.0/18 maxlen: 19
158.162.112.0/21 maxlen: 21
158.162.128.0/18 maxlen: 18
158.162.64.0/19 maxlen: 19
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:30:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:f0:9c:c0:fa:49:30:88:b4:f5:b7:bf:be:b8:b0:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00f4cc412cc30fb2f9f7c37c3e390bec5e6256b0
Validity
Not Before: Jan 2 05:24:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=46ecc5d06ad547af764d436c5450339a7a70abe0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:ef:11:12:69:85:42:03:d3:28:ab:1a:66:58:
14:13:8b:ea:04:82:a5:69:85:53:5e:d3:5a:97:16:
c0:00:99:c1:42:8d:8d:ce:f3:78:14:5e:11:0a:a2:
fe:eb:8d:f9:d3:f8:ad:36:18:03:ac:6d:ba:f9:57:
94:5c:9a:f3:f1:38:d8:75:e2:bf:cb:84:da:a5:eb:
12:b1:f3:d8:1c:15:2a:f0:34:9c:7f:f3:0c:db:53:
58:84:33:1f:80:b9:ec:4a:4a:89:68:ce:16:f5:7e:
10:f6:06:73:66:88:3f:5c:2e:59:0c:aa:cd:dc:e8:
40:1d:b2:96:38:eb:4e:b6:90:2b:f9:7d:4f:c8:84:
3c:eb:4d:22:57:f2:00:a5:77:a7:2d:3c:b5:1b:da:
b4:2d:e8:a1:c8:9b:66:e3:b0:0e:92:50:e6:4a:af:
6a:4a:55:2f:a5:60:59:cb:0d:7f:bc:c8:56:f0:69:
08:94:b0:2a:c9:09:c3:31:29:c2:16:9b:37:09:fe:
ec:f9:1a:99:db:71:f5:5f:94:c7:46:e4:bb:2e:63:
ce:66:43:16:67:c3:06:11:be:91:ee:cf:4e:8a:c1:
0a:55:2f:48:73:b4:7b:83:ce:e9:74:d1:59:28:f8:
9c:dc:94:77:82:c7:0f:95:82:40:7b:e7:5d:c6:39:
bc:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:EC:C5:D0:6A:D5:47:AF:76:4D:43:6C:54:50:33:9A:7A:70:AB:E0
X509v3 Authority Key Identifier:
keyid:00:F4:CC:41:2C:C3:0F:B2:F9:F7:C3:7C:3E:39:0B:EC:5E:62:56:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/APTMQSzDD7L598N8PjkL7F5iVrA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/9375a2-3e6f-4577-85d1-5f145cfd2070/1/RuzF0GrVR692TUNsVFAzmnpwq-A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/9375a2-3e6f-4577-85d1-5f145cfd2070/1/APTMQSzDD7L598N8PjkL7F5iVrA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.162.0.0-158.162.119.255
158.162.128.0/18
Signature Algorithm: sha256WithRSAEncryption
8e:9e:40:a3:6b:cb:7e:c7:34:16:80:67:d4:9d:6f:f6:82:02:
38:66:8e:65:20:85:a1:ca:e2:ce:37:fe:66:5c:92:a5:ac:99:
e3:06:e1:9d:88:4d:ca:87:2a:59:44:5a:9e:68:69:a2:78:d2:
12:d5:96:ee:f1:3d:ea:24:b4:41:be:83:97:dd:50:0c:9c:90:
5e:58:0a:6d:3d:75:8e:d5:75:fc:cf:5b:78:64:de:5d:a8:46:
5e:4b:b4:9e:9e:4c:b8:bd:52:9a:94:d2:05:68:b0:fe:a8:bb:
7c:ce:d1:44:82:b1:ee:2e:ce:62:07:0a:31:cb:a2:b7:00:7e:
79:ed:e1:9c:79:90:d7:56:c4:01:75:64:8b:10:f8:fd:63:66:
ee:a3:81:02:fb:b0:6c:73:f8:c6:05:76:a4:b0:03:04:be:12:
5e:09:01:9f:b1:01:fa:bb:98:d3:aa:47:01:98:bc:a5:79:15:
19:c9:24:9b:c1:5b:b9:1b:71:49:32:05:81:db:4a:f7:f3:26:
a4:0e:33:95:87:d3:84:61:4b:f0:d3:45:be:6c:e6:a7:42:26:
f0:7d:3e:6f:94:44:39:2c:2d:26:1b:a4:de:bc:29:92:e6:f9:
aa:92:bf:8e:9b:0f:1b:6d:b2:9a:12:cc:66:a1:cb:3c:0b:eb:
2e:a7:6f:4c
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAYVw8JzA+kkwiLT1t7++uLAwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwZjRjYzQxMmNjMzBmYjJmOWY3YzM3YzNlMzkwYmVjNWU2
MjU2YjAwHhcNMjMwMTAyMDUyNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmVjYzVkMDZhZDU0N2FmNzY0ZDQzNmM1NDUwMzM5YTdhNzBhYmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqe8REmmFQgPTKKsaZlgUE4vqBIKl
aYVTXtNalxbAAJnBQo2NzvN4FF4RCqL+64350/itNhgDrG26+VeUXJrz8TjYdeK/
y4TapesSsfPYHBUq8DScf/MM21NYhDMfgLnsSkqJaM4W9X4Q9gZzZog/XC5ZDKrN
3OhAHbKWOOtOtpAr+X1PyIQ8600iV/IApXenLTy1G9q0LeihyJtm47AOklDmSq9q
SlUvpWBZyw1/vMhW8GkIlLAqyQnDMSnCFps3Cf7s+RqZ23H1X5THRuS7LmPOZkMW
Z8MGEb6R7s9OisEKVS9Ic7R7g87pdNFZKPic3JR3gscPlYJAe+ddxjm8lQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFEbsxdBq1Uevdk1DbFRQM5p6cKvgMB8GA1UdIwQY
MBaAFAD0zEEsww+y+ffDfD45C+xeYlawMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVBUTVFTekREN0w1OThOOFBqa0w3RjVpVnJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy85Mzc1YTItM2U2Zi00NTc3LTg1ZDEt
NWYxNDVjZmQyMDcwLzEvUnV6RjBHclZSNjkyVFVOc1ZGQXptbnB3cS1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy85Mzc1YTItM2U2Zi00NTc3LTg1ZDEtNWYxNDVjZmQyMDcw
LzEvQVBUTVFTekREN0w1OThOOFBqa0w3RjVpVnJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAATATMAsDAwGeogME
A56icAMEBp6igDANBgkqhkiG9w0BAQsFAAOCAQEAjp5Ao2vLfsc0FoBn1J1v9oIC
OGaOZSCFocrizjf+ZlySpayZ4wbhnYhNyocqWURanmhponjSEtWW7vE96iS0Qb6D
l91QDJyQXlgKbT11jtV1/M9beGTeXahGXku0np5MuL1SmpTSBWiw/qi7fM7RRIKx
7i7OYgcKMcuitwB+ee3hnHmQ11bEAXVkixD4/WNm7qOBAvuwbHP4xgV2pLADBL4S
XgkBn7EB+ruY06pHAZi8pXkVGckkm8FbuRtxSTIFgdtK9/MmpA4zlYfThGFL8NNF
vmzmp0Im8H0+b5REOSwtJhuk3rwpkub5qpK/jpsPG22ymhLMZqHLPAvrLqdvTA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:50 2024 by rpki-client on console-fra.rpki-client.org