Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/9375a2-3e6f-4577-85d1-5f145cfd2070/1/pK5YnkZDEwzI6Knin3c300IByYc.roa
File: pK5YnkZDEwzI6Knin3c300IByYc.roa (raw, json)
Hash identifier: Sv7h0dUajgfS6+B9eRp+wRKHj6SAquBFYWrbtznbr/I=
Subject key identifier: A4:AE:58:9E:46:43:13:0C:C8:E8:A9:E2:9F:77:37:D3:42:01:C9:87
Certificate issuer: /CN=00f4cc412cc30fb2f9f7c37c3e390bec5e6256b0
Certificate serial: 018570F09F408CB618CA0E28C9CD7A26C5AE
Authority key identifier: 00:F4:CC:41:2C:C3:0F:B2:F9:F7:C3:7C:3E:39:0B:EC:5E:62:56:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/APTMQSzDD7L598N8PjkL7F5iVrA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/9375a2-3e6f-4577-85d1-5f145cfd2070/1/pK5YnkZDEwzI6Knin3c300IByYc.roa
Signing time: Mon 02 Jan 2023 05:24:55 +0000
ROA not before: Mon 02 Jan 2023 05:24:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15525
IP address blocks: 158.162.120.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:30:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:f0:9f:40:8c:b6:18:ca:0e:28:c9:cd:7a:26:c5:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00f4cc412cc30fb2f9f7c37c3e390bec5e6256b0
Validity
Not Before: Jan 2 05:24:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a4ae589e4643130cc8e8a9e29f7737d34201c987
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:d3:c9:63:fc:2e:96:e5:c8:93:81:2c:d3:2c:
a4:89:b0:38:22:ce:c2:88:94:39:63:73:a4:76:fa:
46:90:06:38:1b:e0:30:b7:90:3d:00:ce:b4:76:7d:
64:4a:f0:61:c5:d6:11:79:bf:ed:dd:3a:8a:65:ac:
d7:cf:c1:05:84:5a:11:68:c1:53:9e:61:66:b3:91:
ce:ce:7f:ca:b5:b6:1c:02:5f:e1:9e:31:4e:fc:bc:
c3:16:dd:2b:d1:2a:0b:3d:87:33:70:08:dc:7c:96:
e8:ad:c3:79:78:4d:50:c3:dd:8c:f1:a0:19:90:34:
51:81:59:cb:5c:54:f8:b4:83:10:ac:01:ed:01:72:
78:d7:e4:f0:be:b7:07:b8:5c:b6:94:cb:18:62:24:
e6:d7:e4:e6:74:af:7d:dc:fa:1e:47:df:69:9b:2a:
bb:ba:7b:60:e2:8b:4e:43:70:5b:25:c4:67:f5:34:
5f:e9:d5:cb:a7:87:e2:c0:f5:0d:e0:f7:4f:e2:c2:
40:41:46:40:ce:99:66:bf:84:a3:48:f0:c8:47:a9:
6a:7e:7f:b6:ab:1c:a3:b6:d4:c7:0d:e2:58:42:98:
f7:06:5b:88:bf:34:e1:06:e8:bd:18:8f:8f:ac:0c:
a1:ea:05:f7:a9:6e:17:26:ca:fb:b3:1b:4a:d3:96:
05:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:AE:58:9E:46:43:13:0C:C8:E8:A9:E2:9F:77:37:D3:42:01:C9:87
X509v3 Authority Key Identifier:
keyid:00:F4:CC:41:2C:C3:0F:B2:F9:F7:C3:7C:3E:39:0B:EC:5E:62:56:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/APTMQSzDD7L598N8PjkL7F5iVrA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/9375a2-3e6f-4577-85d1-5f145cfd2070/1/pK5YnkZDEwzI6Knin3c300IByYc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/9375a2-3e6f-4577-85d1-5f145cfd2070/1/APTMQSzDD7L598N8PjkL7F5iVrA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.162.120.0/22
Signature Algorithm: sha256WithRSAEncryption
2d:9f:6f:38:bb:6a:28:98:0f:e8:82:1f:e4:92:2f:af:3e:d3:
00:32:ca:b9:60:3d:ea:32:5d:b1:2e:60:65:e3:f9:3e:a8:72:
d8:5d:e7:9a:44:a7:b9:86:fd:2c:1d:02:2c:dc:1e:a1:36:b7:
62:0b:2a:3c:4a:4e:8a:37:51:a8:18:ff:cd:9f:a5:a6:f4:e6:
7d:e8:8a:c7:c9:8f:a8:45:59:48:54:d4:38:d6:ff:c7:d2:ee:
e2:01:69:d3:78:02:f3:33:7b:82:aa:36:46:93:87:0f:e3:16:
81:6e:0f:19:d2:9f:eb:de:fe:ab:3d:70:7b:aa:cd:c8:39:6f:
00:6d:34:8a:ee:e4:19:3a:26:b7:dd:e2:db:ee:35:40:15:ae:
4a:5a:b8:7f:25:3e:55:eb:d0:a1:6d:d6:67:ad:a7:b8:34:d4:
32:f2:3d:13:12:34:77:fe:bf:05:6a:9b:b3:6d:3a:40:44:46:
b1:8d:08:82:06:49:75:82:11:91:9c:dc:8f:8c:03:fa:17:d0:
5d:ee:73:1a:9a:4c:ec:d6:70:41:9f:88:bb:eb:9a:d7:b9:c6:
fb:96:5d:b7:8b:b5:be:cd:e4:20:aa:c2:07:c3:e9:25:26:05:
07:e9:b1:38:f4:41:c7:2a:76:32:82:2e:4e:04:d7:22:01:0e:
d3:e3:b5:e4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw8J9AjLYYyg4oyc16JsWuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwZjRjYzQxMmNjMzBmYjJmOWY3YzM3YzNlMzkwYmVjNWU2
MjU2YjAwHhcNMjMwMTAyMDUyNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGFlNTg5ZTQ2NDMxMzBjYzhlOGE5ZTI5Zjc3MzdkMzQyMDFjOTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAltPJY/wuluXIk4Es0yykibA4Is7C
iJQ5Y3OkdvpGkAY4G+Awt5A9AM60dn1kSvBhxdYReb/t3TqKZazXz8EFhFoRaMFT
nmFms5HOzn/KtbYcAl/hnjFO/LzDFt0r0SoLPYczcAjcfJborcN5eE1Qw92M8aAZ
kDRRgVnLXFT4tIMQrAHtAXJ41+TwvrcHuFy2lMsYYiTm1+TmdK993PoeR99pmyq7
untg4otOQ3BbJcRn9TRf6dXLp4fiwPUN4PdP4sJAQUZAzplmv4SjSPDIR6lqfn+2
qxyjttTHDeJYQpj3BluIvzThBui9GI+PrAyh6gX3qW4XJsr7sxtK05YF6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKSuWJ5GQxMMyOip4p93N9NCAcmHMB8GA1UdIwQY
MBaAFAD0zEEsww+y+ffDfD45C+xeYlawMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVBUTVFTekREN0w1OThOOFBqa0w3RjVpVnJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy85Mzc1YTItM2U2Zi00NTc3LTg1ZDEt
NWYxNDVjZmQyMDcwLzEvcEs1WW5rWkRFd3pJNktuaW4zYzMwMElCeVljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy85Mzc1YTItM2U2Zi00NTc3LTg1ZDEtNWYxNDVjZmQyMDcw
LzEvQVBUTVFTekREN0w1OThOOFBqa0w3RjVpVnJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnqJ4MA0G
CSqGSIb3DQEBCwUAA4IBAQAtn284u2oomA/ogh/kki+vPtMAMsq5YD3qMl2xLmBl
4/k+qHLYXeeaRKe5hv0sHQIs3B6hNrdiCyo8Sk6KN1GoGP/Nn6Wm9OZ96IrHyY+o
RVlIVNQ41v/H0u7iAWnTeALzM3uCqjZGk4cP4xaBbg8Z0p/r3v6rPXB7qs3IOW8A
bTSK7uQZOia33eLb7jVAFa5KWrh/JT5V69ChbdZnrae4NNQy8j0TEjR3/r8Fapuz
bTpAREaxjQiCBkl1ghGRnNyPjAP6F9Bd7nMamkzs1nBBn4i765rXucb7ll23i7W+
zeQgqsIHw+klJgUH6bE49EHHKnYygi5OBNciAQ7T47Xk
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:06 2024 by rpki-client on console-ams.rpki-client.org