Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/D-rgxRxYfo_QelhH509MKZCerF8.roa
File: D-rgxRxYfo_QelhH509MKZCerF8.roa (raw, json)
Hash identifier: a70E9xtLuK755G2fiI/S2tEaqu95rVv9rqF5NB6mFis=
Subject key identifier: 0F:EA:E0:C5:1C:58:7E:8F:D0:7A:58:47:E7:4F:4C:29:90:9E:AC:5F
Certificate issuer: /CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Certificate serial: 0185711550362F9A165C29705957EC4D2AA4
Authority key identifier: 1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/D-rgxRxYfo_QelhH509MKZCerF8.roa
Signing time: Mon 02 Jan 2023 06:05:00 +0000
ROA not before: Mon 02 Jan 2023 06:05:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57321
IP address blocks: 157.25.134.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:15:50:36:2f:9a:16:5c:29:70:59:57:ec:4d:2a:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Validity
Not Before: Jan 2 06:05:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0feae0c51c587e8fd07a5847e74f4c29909eac5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:fa:47:9a:14:f2:bb:a8:c6:c1:85:ae:2f:c1:
6c:f6:5d:28:f7:35:69:ae:83:18:26:b5:7e:32:bc:
67:0e:4c:39:81:66:eb:7b:99:6a:fa:27:bb:33:47:
2d:5d:c2:ff:22:21:bc:89:e7:c9:a5:65:4d:48:39:
ee:8d:4d:a0:ee:5a:01:a0:c3:b6:6e:bd:fb:94:64:
25:73:f0:21:28:73:49:f8:5f:16:db:36:fb:c9:77:
26:b3:a3:c8:02:2a:ce:4a:48:40:c2:30:73:9c:fa:
13:2d:46:bb:dc:05:39:64:00:6d:d0:7f:e9:fd:e7:
cf:2f:d9:a6:cb:e8:d8:da:e0:75:d7:ff:ac:a1:3d:
f3:e5:90:66:b5:c2:f0:22:30:5a:d0:06:18:6a:23:
da:8e:94:53:7a:31:bb:0c:7f:c7:58:07:5e:59:09:
1a:54:01:80:23:cc:5d:b8:2f:9f:2e:51:0a:b2:a4:
ac:9a:4d:cd:5e:2c:dd:2a:3d:58:5a:32:c8:ad:28:
c9:e8:aa:11:85:90:24:d0:47:04:ee:76:88:2e:94:
4c:38:eb:b8:d1:1a:44:c2:5c:40:6a:47:61:06:28:
d1:59:c8:ed:a7:bb:63:bf:ca:8d:09:9c:1a:df:69:
18:0a:38:25:4e:88:13:b6:64:e0:4b:9c:bc:09:bf:
27:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:EA:E0:C5:1C:58:7E:8F:D0:7A:58:47:E7:4F:4C:29:90:9E:AC:5F
X509v3 Authority Key Identifier:
keyid:1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/D-rgxRxYfo_QelhH509MKZCerF8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.25.134.0/23
Signature Algorithm: sha256WithRSAEncryption
94:57:8e:a4:45:4d:c9:6f:74:a2:18:a3:21:66:ab:0e:63:53:
8e:f9:c9:51:8f:ac:ef:2e:9a:5a:83:eb:67:28:8d:3b:f3:69:
04:e1:0d:47:dc:8f:3f:a9:bb:33:35:f6:81:92:a5:a8:17:fd:
1c:3c:20:d5:c4:62:e4:ba:bd:65:0c:0d:2d:d0:85:60:2a:7c:
d5:d8:bf:1f:b7:3d:5e:c8:49:fe:9e:18:94:2f:4e:53:1d:ea:
e3:63:aa:a5:dc:bd:33:fe:b7:44:90:2f:a3:e8:83:d9:f8:0c:
62:d1:06:fe:cd:99:ab:f7:73:a4:05:44:11:89:35:c0:61:ff:
c4:62:ba:01:c4:bc:73:c2:4d:c5:a8:f1:a2:a9:d4:83:d7:30:
f2:37:e0:7a:06:d2:f7:1c:cd:25:65:2a:e7:2a:3c:24:6b:6e:
46:7f:ef:5f:8a:f0:d7:3a:f7:d9:69:71:90:c5:4b:ae:53:90:
70:d4:8d:8e:40:00:18:7a:db:80:05:61:7a:2a:f8:98:22:8b:
81:c2:d1:d3:a4:f9:f8:ff:d2:03:05:50:15:85:6d:e6:b4:38:
d7:05:04:56:a6:09:d3:52:92:04:8a:19:6f:a8:f5:56:2c:06:
e1:28:ba:05:51:40:6b:cb:fc:2a:75:43:81:e8:78:6a:d4:87:
75:53:61:df
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxFVA2L5oWXClwWVfsTSqkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhY2E2M2RmMjQ4YjdhZGYzZGRkMDdlOGMyZDNlZWRkMDJj
ZWY5MzMwHhcNMjMwMTAyMDYwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmVhZTBjNTFjNTg3ZThmZDA3YTU4NDdlNzRmNGMyOTkwOWVhYzVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAivpHmhTyu6jGwYWuL8Fs9l0o9zVp
roMYJrV+MrxnDkw5gWbre5lq+ie7M0ctXcL/IiG8iefJpWVNSDnujU2g7loBoMO2
br37lGQlc/AhKHNJ+F8W2zb7yXcms6PIAirOSkhAwjBznPoTLUa73AU5ZABt0H/p
/efPL9mmy+jY2uB11/+soT3z5ZBmtcLwIjBa0AYYaiPajpRTejG7DH/HWAdeWQka
VAGAI8xduC+fLlEKsqSsmk3NXizdKj1YWjLIrSjJ6KoRhZAk0EcE7naILpRMOOu4
0RpEwlxAakdhBijRWcjtp7tjv8qNCZwa32kYCjglTogTtmTgS5y8Cb8nTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA/q4MUcWH6P0HpYR+dPTCmQnqxfMB8GA1UdIwQY
MBaAFBrKY98ki3rfPd0H6MLT7t0CzvkzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzIt
OTFlMzE4NGJiMGFiLzEvRC1yZ3hSeFlmb19RZWxoSDUwOU1LWkNlckY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzItOTFlMzE4NGJiMGFi
LzEvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnRmGMA0G
CSqGSIb3DQEBCwUAA4IBAQCUV46kRU3Jb3SiGKMhZqsOY1OO+clRj6zvLppag+tn
KI0782kE4Q1H3I8/qbszNfaBkqWoF/0cPCDVxGLkur1lDA0t0IVgKnzV2L8ftz1e
yEn+nhiUL05THerjY6ql3L0z/rdEkC+j6IPZ+Axi0Qb+zZmr93OkBUQRiTXAYf/E
YroBxLxzwk3FqPGiqdSD1zDyN+B6BtL3HM0lZSrnKjwka25Gf+9fivDXOvfZaXGQ
xUuuU5Bw1I2OQAAYetuABWF6KviYIouBwtHTpPn4/9IDBVAVhW3mtDjXBQRWpgnT
UpIEihlvqPVWLAbhKLoFUUBry/wqdUOB6Hhq1Id1U2Hf
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:41:22 2024 by rpki-client on console-ams.rpki-client.org