Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/kDGx-ibQARWT7R9I6vUgAFvarO4.roa
File: kDGx-ibQARWT7R9I6vUgAFvarO4.roa (raw, json)
Hash identifier: zLOwkRqaJdfCFIm/MzZFVD/nTICPO1uVZYlVqFSbR4w=
Subject key identifier: 90:31:B1:FA:26:D0:01:15:93:ED:1F:48:EA:F5:20:00:5B:DA:AC:EE
Certificate issuer: /CN=ebec9030c70a3d4192d59c28dcc8d547694340b3
Certificate serial: 01856FCB8AD3E6107E975000595F1DAB7E85
Authority key identifier: EB:EC:90:30:C7:0A:3D:41:92:D5:9C:28:DC:C8:D5:47:69:43:40:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/kDGx-ibQARWT7R9I6vUgAFvarO4.roa
Signing time: Mon 02 Jan 2023 00:04:48 +0000
ROA not before: Mon 02 Jan 2023 00:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59709
IP address blocks: 151.252.198.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:cb:8a:d3:e6:10:7e:97:50:00:59:5f:1d:ab:7e:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebec9030c70a3d4192d59c28dcc8d547694340b3
Validity
Not Before: Jan 2 00:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9031b1fa26d0011593ed1f48eaf520005bdaacee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:b2:80:4d:1f:ff:65:a4:c8:53:a5:ff:f5:ff:
2b:1a:6c:5f:e8:e4:dd:c9:d9:99:f3:7f:08:ae:f2:
88:1d:f1:e6:72:0e:35:c6:91:55:f5:91:38:62:75:
75:ce:fb:be:ae:b2:3d:1a:77:56:95:13:98:74:08:
c8:db:06:50:d6:c1:a0:3c:86:dd:73:5e:a0:28:77:
19:c6:7b:1e:09:0e:fd:5d:74:a0:83:de:ca:19:2e:
61:c0:65:c3:d0:9c:21:c8:cc:8d:38:ca:00:98:e5:
e1:be:be:1f:70:84:f3:4e:8d:b5:ab:2d:bb:cb:98:
13:55:1e:bc:63:56:5e:42:33:cf:7a:99:52:e1:4c:
2e:26:51:66:51:d8:80:ad:8d:3a:9e:bd:7d:db:15:
51:1d:68:83:78:4f:11:27:27:0b:d7:fc:7d:bc:e8:
66:0e:ca:02:50:08:06:97:59:bc:97:f1:f5:1e:e0:
fb:58:8f:42:8a:76:b4:4f:02:09:4f:4a:5c:b8:58:
af:2f:b0:f9:34:78:e5:37:f6:77:00:8e:42:f2:85:
6e:03:4f:80:87:2c:c5:67:9e:0c:cf:55:18:7e:86:
b0:96:09:47:e0:e3:4a:a1:96:67:52:29:dd:d4:46:
3b:24:82:08:4b:e1:e4:6f:0e:44:bd:4b:0a:c5:8f:
7e:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:31:B1:FA:26:D0:01:15:93:ED:1F:48:EA:F5:20:00:5B:DA:AC:EE
X509v3 Authority Key Identifier:
keyid:EB:EC:90:30:C7:0A:3D:41:92:D5:9C:28:DC:C8:D5:47:69:43:40:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/kDGx-ibQARWT7R9I6vUgAFvarO4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.252.198.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:de:64:6e:af:41:52:0f:8b:32:22:66:56:80:11:1b:3f:65:
98:19:d4:ce:aa:ab:3d:e5:51:bc:13:cb:a4:13:38:9a:48:e0:
b4:37:69:da:04:09:6e:10:cf:2d:05:40:15:ef:b1:64:60:2b:
56:ae:42:14:68:09:fd:c7:7c:04:06:17:67:85:6c:13:9f:35:
9b:0f:e3:da:c6:27:8e:76:ee:a8:dc:4d:de:24:c2:bf:94:16:
e3:29:3f:9f:f9:18:c6:66:3f:08:32:6d:6d:73:59:f5:af:9f:
22:9e:96:f2:99:c8:f5:7e:19:51:16:68:87:99:94:cb:f1:d0:
6b:07:e5:73:02:2e:d1:f9:28:04:8a:a6:1e:2e:4c:af:5b:4a:
c8:65:6a:22:e0:60:6e:dd:6f:34:98:e1:c7:6f:5b:d3:e0:08:
e1:dd:e2:30:d2:45:e8:89:64:1b:34:52:2a:08:98:ef:d2:f9:
58:36:5a:a8:ff:4b:cb:3e:fd:09:aa:9f:58:ee:c6:d2:b9:28:
e6:7b:c4:14:c4:f1:13:9c:23:cf:fb:14:c4:a4:56:8a:50:15:
ea:b9:63:b7:6c:92:25:be:ee:14:36:63:95:51:c8:a8:00:f4:
e3:46:b8:b6:9b:26:37:2d:0b:ec:63:f1:29:eb:9c:af:f8:58:
88:18:26:b2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvy4rT5hB+l1AAWV8dq36FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViZWM5MDMwYzcwYTNkNDE5MmQ1OWMyOGRjYzhkNTQ3Njk0
MzQwYjMwHhcNMjMwMTAyMDAwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDMxYjFmYTI2ZDAwMTE1OTNlZDFmNDhlYWY1MjAwMDViZGFhY2VlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlLKATR//ZaTIU6X/9f8rGmxf6OTd
ydmZ838IrvKIHfHmcg41xpFV9ZE4YnV1zvu+rrI9GndWlROYdAjI2wZQ1sGgPIbd
c16gKHcZxnseCQ79XXSgg97KGS5hwGXD0JwhyMyNOMoAmOXhvr4fcITzTo21qy27
y5gTVR68Y1ZeQjPPeplS4UwuJlFmUdiArY06nr192xVRHWiDeE8RJycL1/x9vOhm
DsoCUAgGl1m8l/H1HuD7WI9Cina0TwIJT0pcuFivL7D5NHjlN/Z3AI5C8oVuA0+A
hyzFZ54Mz1UYfoawlglH4ONKoZZnUind1EY7JIIIS+Hkbw5EvUsKxY9+2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJAxsfom0AEVk+0fSOr1IABb2qzuMB8GA1UdIwQY
MBaAFOvskDDHCj1BktWcKNzI1UdpQ0CzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNi15UU1NY0tQVUdTMVp3bzNNalZSMmxEUUxNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS8zNzJiODctOTVmNC00Yzk4LWE2ZjQt
NGE2Zjg2ODMyNjVjLzEva0RHeC1pYlFBUldUN1I5STZ2VWdBRnZhck80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS8zNzJiODctOTVmNC00Yzk4LWE2ZjQtNGE2Zjg2ODMyNjVj
LzEvNi15UU1NY0tQVUdTMVp3bzNNalZSMmxEUUxNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAl/zGMA0G
CSqGSIb3DQEBCwUAA4IBAQBa3mRur0FSD4syImZWgBEbP2WYGdTOqqs95VG8E8uk
EziaSOC0N2naBAluEM8tBUAV77FkYCtWrkIUaAn9x3wEBhdnhWwTnzWbD+PaxieO
du6o3E3eJMK/lBbjKT+f+RjGZj8IMm1tc1n1r58inpbymcj1fhlRFmiHmZTL8dBr
B+VzAi7R+SgEiqYeLkyvW0rIZWoi4GBu3W80mOHHb1vT4Ajh3eIw0kXoiWQbNFIq
CJjv0vlYNlqo/0vLPv0Jqp9Y7sbSuSjme8QUxPETnCPP+xTEpFaKUBXquWO3bJIl
vu4UNmOVUcioAPTjRri2myY3LQvsY/Ep65yv+FiIGCay
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:24:30 2024 by rpki-client on console-fra.rpki-client.org