Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/S6XTiUPaGDP0gunLK-UnaJmkqoc.roa
File: S6XTiUPaGDP0gunLK-UnaJmkqoc.roa (raw, json)
Hash identifier: bzGLob1R6ZEfQGf2/8LeMWOWyJTlonPp1pkN/ILX5FY=
Subject key identifier: 4B:A5:D3:89:43:DA:18:33:F4:82:E9:CB:2B:E5:27:68:99:A4:AA:87
Certificate issuer: /CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Certificate serial: 01857115622869F1BB77E0DA667853CE5299
Authority key identifier: 1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/S6XTiUPaGDP0gunLK-UnaJmkqoc.roa
Signing time: Mon 02 Jan 2023 06:05:04 +0000
ROA not before: Mon 02 Jan 2023 06:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211985
IP address blocks: 157.25.143.0/24 maxlen: 24
157.25.172.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:15:62:28:69:f1:bb:77:e0:da:66:78:53:ce:52:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Validity
Not Before: Jan 2 06:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4ba5d38943da1833f482e9cb2be5276899a4aa87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:f0:c0:72:cc:f7:d3:79:74:57:e4:5a:a5:09:
2a:b9:45:c3:b9:b6:9f:be:d4:bc:4a:18:38:88:8d:
46:14:1f:6b:db:f5:da:97:9c:04:cd:f3:86:e7:82:
e8:3b:97:d2:bb:a1:90:23:79:af:4c:f0:91:cf:42:
4c:cb:92:28:2f:df:5d:62:f4:9e:c9:30:fe:07:35:
f8:b1:9e:07:c6:a0:1b:a0:b0:28:7d:b5:f0:41:ca:
ec:b7:a7:36:ea:a8:4a:4e:34:1f:59:42:a4:47:db:
50:89:1b:a2:ed:b2:85:81:a7:56:88:56:da:78:a2:
9d:7e:ac:e1:bc:33:4b:f9:fd:b6:48:98:41:57:d7:
41:f3:64:6a:35:38:2b:ce:8a:4e:83:93:7e:05:46:
c9:31:0d:ff:80:16:89:ac:9c:2a:eb:58:e9:1d:48:
98:80:36:5c:a4:af:7f:60:21:64:b0:df:90:1f:4b:
8c:ef:20:a6:b8:7a:42:4a:bd:64:bc:c2:3c:75:e6:
fe:a7:67:a7:74:22:f8:7c:e5:2a:b1:50:62:30:51:
cd:22:28:86:c4:16:d4:36:10:ed:f5:4d:1f:1d:df:
a4:55:89:e1:0e:d5:5b:17:f2:4c:29:49:7b:c3:0c:
0a:42:a8:cd:3f:c7:05:3d:7a:8b:b8:c2:9a:f5:f6:
d5:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:A5:D3:89:43:DA:18:33:F4:82:E9:CB:2B:E5:27:68:99:A4:AA:87
X509v3 Authority Key Identifier:
keyid:1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/S6XTiUPaGDP0gunLK-UnaJmkqoc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.25.143.0/24
157.25.172.0/24
Signature Algorithm: sha256WithRSAEncryption
81:f9:15:4f:0e:a2:2e:98:93:17:86:d3:ad:00:9a:08:c8:6b:
39:eb:be:a9:59:29:60:a4:cc:9a:ee:2d:14:36:9c:e8:e6:48:
f8:c8:8b:57:03:2c:13:9f:bd:33:93:ee:af:f1:4e:17:64:d9:
ed:67:bd:2e:b0:08:64:b0:25:1d:01:25:39:a2:43:4f:f5:d5:
a9:9c:3c:81:cc:1f:c8:58:e8:21:54:50:40:65:bc:e2:b8:15:
7b:c7:d0:8d:dc:ba:d2:82:30:6e:f3:db:f9:94:f9:32:4a:5b:
12:22:b6:2e:63:a6:d1:8f:73:d0:8b:77:90:ed:05:1b:62:8d:
25:77:4d:f0:f0:55:13:bc:f8:b0:26:24:e4:b1:fe:8e:44:2f:
37:60:53:52:11:27:fd:42:29:b5:3f:8c:cf:6c:a4:6f:2a:2a:
d3:4c:e4:c1:db:ec:c8:96:92:30:98:80:40:b9:30:5c:d4:e6:
6d:ae:0c:fe:22:2c:63:ac:0e:8f:e5:6f:1d:46:1b:b0:c2:4a:
32:48:dd:62:d9:62:bc:1b:5e:da:70:21:ef:b7:14:a5:09:7f:
f7:24:f3:4f:5e:96:ce:d2:dc:1b:f4:51:4d:52:de:4a:d9:5f:
b2:0c:3b:ca:27:69:93:82:87:48:67:24:88:c3:c0:80:c9:be:
dd:68:4d:60
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxFWIoafG7d+DaZnhTzlKZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhY2E2M2RmMjQ4YjdhZGYzZGRkMDdlOGMyZDNlZWRkMDJj
ZWY5MzMwHhcNMjMwMTAyMDYwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmE1ZDM4OTQzZGExODMzZjQ4MmU5Y2IyYmU1Mjc2ODk5YTRhYTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxvDAcsz303l0V+RapQkquUXDubaf
vtS8Shg4iI1GFB9r2/Xal5wEzfOG54LoO5fSu6GQI3mvTPCRz0JMy5IoL99dYvSe
yTD+BzX4sZ4HxqAboLAofbXwQcrst6c26qhKTjQfWUKkR9tQiRui7bKFgadWiFba
eKKdfqzhvDNL+f22SJhBV9dB82RqNTgrzopOg5N+BUbJMQ3/gBaJrJwq61jpHUiY
gDZcpK9/YCFksN+QH0uM7yCmuHpCSr1kvMI8deb+p2endCL4fOUqsVBiMFHNIiiG
xBbUNhDt9U0fHd+kVYnhDtVbF/JMKUl7wwwKQqjNP8cFPXqLuMKa9fbV7wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEul04lD2hgz9ILpyyvlJ2iZpKqHMB8GA1UdIwQY
MBaAFBrKY98ki3rfPd0H6MLT7t0CzvkzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzIt
OTFlMzE4NGJiMGFiLzEvUzZYVGlVUGFHRFAwZ3VuTEstVW5hSm1rcW9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzItOTFlMzE4NGJiMGFi
LzEvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAnRmPAwQA
nRmsMA0GCSqGSIb3DQEBCwUAA4IBAQCB+RVPDqIumJMXhtOtAJoIyGs5676pWSlg
pMya7i0UNpzo5kj4yItXAywTn70zk+6v8U4XZNntZ70usAhksCUdASU5okNP9dWp
nDyBzB/IWOghVFBAZbziuBV7x9CN3LrSgjBu89v5lPkySlsSIrYuY6bRj3PQi3eQ
7QUbYo0ld03w8FUTvPiwJiTksf6ORC83YFNSESf9Qim1P4zPbKRvKirTTOTB2+zI
lpIwmIBAuTBc1OZtrgz+IixjrA6P5W8dRhuwwkoySN1i2WK8G17acCHvtxSlCX/3
JPNPXpbO0twb9FFNUt5K2V+yDDvKJ2mTgodIZySIw8CAyb7daE1g
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:50:29 2024 by rpki-client on console-fra.rpki-client.org