Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/5b2d6e-8247-448f-a358-5473ee1daa9b/1/H_77UgMJOy3jWDxYDLgKDOKkScA.roa
File: H_77UgMJOy3jWDxYDLgKDOKkScA.roa (raw, json)
Hash identifier: P+kN3PowjnsTtmBASNB/MW0T/XjbTz8TA+bHG7jOig0=
Subject key identifier: 1F:FE:FB:52:03:09:3B:2D:E3:58:3C:58:0C:B8:0A:0C:E2:A4:49:C0
Certificate issuer: /CN=d82b2846f093bc9416041be68a2c783161eb04df
Certificate serial: 01899782ED671D3B203E7D9215CB9E19280D
Authority key identifier: D8:2B:28:46:F0:93:BC:94:16:04:1B:E6:8A:2C:78:31:61:EB:04:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2CsoRvCTvJQWBBvmiix4MWHrBN8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/5b2d6e-8247-448f-a358-5473ee1daa9b/1/H_77UgMJOy3jWDxYDLgKDOKkScA.roa
Signing time: Thu 27 Jul 2023 13:21:27 +0000
ROA not before: Thu 27 Jul 2023 13:21:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21111
IP address blocks: 158.66.4.0/24 maxlen: 24
158.66.2.0/24 maxlen: 24
158.66.1.0/24 maxlen: 24
158.66.5.0/24 maxlen: 24
158.66.0.0/16 maxlen: 16
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:97:82:ed:67:1d:3b:20:3e:7d:92:15:cb:9e:19:28:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d82b2846f093bc9416041be68a2c783161eb04df
Validity
Not Before: Jul 27 13:21:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1ffefb5203093b2de3583c580cb80a0ce2a449c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:a0:e8:9e:0a:94:00:f7:74:45:79:d8:01:40:
06:fc:20:c1:80:60:e9:f2:b6:de:3a:0d:5f:8e:56:
f3:51:b8:bb:50:26:09:2b:a9:76:97:9c:2d:de:0f:
be:36:d4:8a:0b:72:eb:f1:b5:3d:35:c8:c3:e3:38:
58:60:bc:82:1c:fa:ac:ae:42:75:cd:17:66:bf:0f:
36:3b:78:6b:39:44:ef:4b:62:95:aa:63:4e:86:5e:
64:7b:a6:ed:1d:d3:d9:bb:0d:4a:50:22:2c:c7:5d:
f4:57:6a:ff:39:d6:22:e5:40:1a:53:ca:c6:0c:6f:
1f:ed:89:6b:b6:ae:27:23:92:bc:24:e5:f9:4c:6f:
08:da:80:ac:1c:c4:7a:ed:c3:cf:d6:92:41:57:5d:
9b:fb:f4:4f:6c:c2:77:fc:14:7d:aa:70:15:93:dc:
2f:14:23:1b:02:ee:0f:97:27:21:8e:23:51:75:b9:
58:7e:c9:5a:da:83:6f:c9:8b:a3:cf:0a:2a:76:c2:
a4:7d:5e:cd:a6:9a:6b:e9:ad:14:0f:b2:1e:c0:41:
33:90:7d:10:70:38:c2:86:4b:bd:69:e1:61:28:6a:
09:9e:e2:05:87:83:18:f1:f5:d2:1a:5f:59:df:8b:
f1:0f:73:19:ba:e9:99:95:b3:07:08:fc:7e:94:26:
0b:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:FE:FB:52:03:09:3B:2D:E3:58:3C:58:0C:B8:0A:0C:E2:A4:49:C0
X509v3 Authority Key Identifier:
keyid:D8:2B:28:46:F0:93:BC:94:16:04:1B:E6:8A:2C:78:31:61:EB:04:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2CsoRvCTvJQWBBvmiix4MWHrBN8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/5b2d6e-8247-448f-a358-5473ee1daa9b/1/H_77UgMJOy3jWDxYDLgKDOKkScA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/5b2d6e-8247-448f-a358-5473ee1daa9b/1/2CsoRvCTvJQWBBvmiix4MWHrBN8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.66.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0a:11:c0:a5:2d:61:00:ca:b8:f3:bd:0c:9d:c4:9a:82:c1:5f:
e5:86:1d:29:e2:b5:e7:2f:b2:d8:9c:34:7b:a3:4c:1d:c4:31:
4e:84:f8:3b:be:f6:c6:c1:e6:24:c7:73:61:5d:00:40:3d:02:
f8:65:b2:e5:1d:03:b0:89:3f:95:65:84:46:97:59:6c:87:25:
6d:e7:87:ec:0c:7f:64:3a:6a:fa:4d:79:a1:98:b3:1a:e7:f8:
e6:c3:82:1e:7a:9e:12:63:a5:a3:c8:c0:ba:27:6b:41:28:2e:
8a:d5:4c:d5:be:2f:95:02:f1:c7:8e:fd:8f:02:1b:3c:82:d7:
f2:4e:01:6e:ba:d5:cf:6a:01:71:6b:18:c8:55:6f:a5:38:9d:
be:8a:3e:bc:e2:74:51:57:20:08:00:c0:f2:d8:58:70:5a:9f:
49:48:9b:28:49:13:09:5b:0f:48:69:b8:da:9a:13:34:9d:43:
f2:d3:48:0f:47:a2:1a:fc:cf:bc:7b:f4:03:cc:1e:a1:1a:00:
9b:48:24:0f:c0:0a:63:ba:35:e5:1d:1e:eb:09:7f:f0:f9:fe:
8f:61:ee:53:69:8d:d8:8b:f3:fd:52:2d:bd:1c:59:1d:a1:64:
0e:51:73:ae:73:23:9b:f2:fd:51:7f:63:55:ed:0a:f3:94:7c:
e4:1b:54:8b
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYmXgu1nHTsgPn2SFcueGSgNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MmIyODQ2ZjA5M2JjOTQxNjA0MWJlNjhhMmM3ODMxNjFl
YjA0ZGYwHhcNMjMwNzI3MTMyMTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmZlZmI1MjAzMDkzYjJkZTM1ODNjNTgwY2I4MGEwY2UyYTQ0OWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApqDongqUAPd0RXnYAUAG/CDBgGDp
8rbeOg1fjlbzUbi7UCYJK6l2l5wt3g++NtSKC3Lr8bU9NcjD4zhYYLyCHPqsrkJ1
zRdmvw82O3hrOUTvS2KVqmNOhl5ke6btHdPZuw1KUCIsx130V2r/OdYi5UAaU8rG
DG8f7Ylrtq4nI5K8JOX5TG8I2oCsHMR67cPP1pJBV12b+/RPbMJ3/BR9qnAVk9wv
FCMbAu4PlychjiNRdblYfsla2oNvyYujzwoqdsKkfV7Npppr6a0UD7IewEEzkH0Q
cDjChku9aeFhKGoJnuIFh4MY8fXSGl9Z34vxD3MZuumZlbMHCPx+lCYLnQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFB/++1IDCTst41g8WAy4CgzipEnAMB8GA1UdIwQY
MBaAFNgrKEbwk7yUFgQb5ooseDFh6wTfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkNzb1J2Q1R2SlFXQkJ2bWlpeDRNV0hyQk44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy81YjJkNmUtODI0Ny00NDhmLWEzNTgt
NTQ3M2VlMWRhYTliLzEvSF83N1VnTUpPeTNqV0R4WURMZ0tET0trU2NBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy81YjJkNmUtODI0Ny00NDhmLWEzNTgtNTQ3M2VlMWRhYTli
LzEvMkNzb1J2Q1R2SlFXQkJ2bWlpeDRNV0hyQk44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAnkIwDQYJ
KoZIhvcNAQELBQADggEBAAoRwKUtYQDKuPO9DJ3EmoLBX+WGHSnitecvsticNHuj
TB3EMU6E+Du+9sbB5iTHc2FdAEA9AvhlsuUdA7CJP5VlhEaXWWyHJW3nh+wMf2Q6
avpNeaGYsxrn+ObDgh56nhJjpaPIwLona0EoLorVTNW+L5UC8ceO/Y8CGzyC1/JO
AW661c9qAXFrGMhVb6U4nb6KPrzidFFXIAgAwPLYWHBan0lImyhJEwlbD0hpuNqa
EzSdQ/LTSA9Hohr8z7x79APMHqEaAJtIJA/ACmO6NeUdHusJf/D5/o9h7lNpjdiL
8/1SLb0cWR2hZA5Rc65zI5vy/VF/Y1XtCvOUfOQbVIs=
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:16:52 2024 by rpki-client on console-ams.rpki-client.org