Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/u5GMBTq4pX-ISvtu4UFcWA8faRo.roa
File: u5GMBTq4pX-ISvtu4UFcWA8faRo.roa (raw, json)
Hash identifier: Mdj9l+mG44wnK1MDeAYDLKPPuRovBJzkbYXJpGD2/TM=
Subject key identifier: BB:91:8C:05:3A:B8:A5:7F:88:4A:FB:6E:E1:41:5C:58:0F:1F:69:1A
Certificate issuer: /CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Certificate serial: 018571155C255D887B1C2300E00A436EDE7B
Authority key identifier: 1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/u5GMBTq4pX-ISvtu4UFcWA8faRo.roa
Signing time: Mon 02 Jan 2023 06:05:03 +0000
ROA not before: Mon 02 Jan 2023 06:05:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203920
IP address blocks: 157.25.140.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:15:5c:25:5d:88:7b:1c:23:00:e0:0a:43:6e:de:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Validity
Not Before: Jan 2 06:05:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bb918c053ab8a57f884afb6ee1415c580f1f691a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:87:7d:55:2c:e9:0e:6a:13:93:a5:2d:ff:60:
8a:46:ed:cb:4a:a5:e5:9e:30:e9:c4:c5:ef:4c:25:
96:7c:b7:7b:c5:54:bf:ed:0d:48:15:22:d7:07:0d:
0c:34:75:4f:f6:17:da:fd:b2:f6:47:d1:87:1d:09:
07:c6:37:f5:41:1f:57:96:b1:f7:d5:ee:b6:d2:d4:
a7:dc:9d:a7:43:ff:86:eb:40:f6:e3:9a:27:86:92:
cb:18:75:9f:3f:e4:2b:05:80:72:4b:b3:a8:93:fd:
55:a0:1a:8d:49:1a:a3:3b:a7:90:16:40:f5:d7:37:
3b:af:3d:5c:c5:f0:7c:be:66:04:99:b9:41:d8:29:
f0:7d:80:6c:f4:97:75:f3:23:6b:5a:a9:ff:60:87:
82:22:44:94:1d:41:3a:61:19:e0:07:68:75:67:05:
20:b9:b6:b8:70:50:cf:65:01:1d:01:09:e3:dc:23:
41:4a:cf:5d:bb:4f:b7:54:40:a0:d6:40:fc:c4:ed:
42:86:c5:f4:9b:f3:bc:cb:19:83:9c:c9:f3:46:a0:
73:c6:7f:50:a7:39:97:a7:ee:ee:1b:24:5c:ee:89:
f3:b1:2a:e5:9a:f1:2c:cc:3b:05:20:7f:d3:02:81:
b9:87:78:9e:3d:a1:91:13:27:fb:d6:6a:34:ee:6c:
00:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:91:8C:05:3A:B8:A5:7F:88:4A:FB:6E:E1:41:5C:58:0F:1F:69:1A
X509v3 Authority Key Identifier:
keyid:1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/u5GMBTq4pX-ISvtu4UFcWA8faRo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.25.140.0/24
Signature Algorithm: sha256WithRSAEncryption
08:e4:9d:a1:ef:30:5f:6d:11:c7:9b:1c:cf:3e:49:01:8b:22:
ae:50:17:d6:f5:ab:de:e7:4f:15:5e:35:0f:ea:c6:f9:03:70:
25:8d:a2:09:11:4a:10:a8:11:4a:ba:e3:df:e1:2b:34:df:44:
a3:07:98:95:59:c3:d5:2c:c8:90:76:c4:49:62:84:a9:d4:c3:
f0:e7:72:da:c2:ff:25:d6:1e:95:f1:09:41:0f:36:98:11:ae:
ee:a5:37:29:d9:73:66:60:c7:ad:68:37:19:68:f8:c2:60:28:
ee:d6:1f:33:d4:ca:06:01:cf:2c:c9:4a:40:2b:07:ce:a4:c4:
fb:9a:ac:59:d9:b1:29:92:a6:76:e8:a4:eb:85:dd:34:8e:9c:
f3:bd:a9:61:80:c1:9b:87:90:d5:60:7f:c2:d2:2e:d9:ce:dc:
40:70:06:fe:d0:6f:3b:f6:ba:55:0a:2d:71:54:80:3f:19:59:
92:1a:07:93:fd:dd:e7:fa:e6:e5:74:72:5e:c1:a6:8c:85:a5:
9a:c9:72:9c:e5:00:b6:15:5f:d9:2d:bf:eb:29:37:e8:47:5a:
87:db:b0:38:05:38:56:64:a6:3d:42:b9:4a:75:5c:9d:4e:3b:
e5:d7:c0:c3:2a:7d:ca:3b:58:79:a3:3a:fb:45:31:97:4d:de:
63:62:ac:e5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxFVwlXYh7HCMA4ApDbt57MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhY2E2M2RmMjQ4YjdhZGYzZGRkMDdlOGMyZDNlZWRkMDJj
ZWY5MzMwHhcNMjMwMTAyMDYwNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjkxOGMwNTNhYjhhNTdmODg0YWZiNmVlMTQxNWM1ODBmMWY2OTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp4d9VSzpDmoTk6Ut/2CKRu3LSqXl
njDpxMXvTCWWfLd7xVS/7Q1IFSLXBw0MNHVP9hfa/bL2R9GHHQkHxjf1QR9XlrH3
1e620tSn3J2nQ/+G60D245onhpLLGHWfP+QrBYByS7Ook/1VoBqNSRqjO6eQFkD1
1zc7rz1cxfB8vmYEmblB2CnwfYBs9Jd18yNrWqn/YIeCIkSUHUE6YRngB2h1ZwUg
uba4cFDPZQEdAQnj3CNBSs9du0+3VECg1kD8xO1ChsX0m/O8yxmDnMnzRqBzxn9Q
pzmXp+7uGyRc7onzsSrlmvEszDsFIH/TAoG5h3iePaGREyf71mo07mwA+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLuRjAU6uKV/iEr7buFBXFgPH2kaMB8GA1UdIwQY
MBaAFBrKY98ki3rfPd0H6MLT7t0CzvkzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzIt
OTFlMzE4NGJiMGFiLzEvdTVHTUJUcTRwWC1JU3Z0dTRVRmNXQThmYVJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzItOTFlMzE4NGJiMGFi
LzEvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnRmMMA0G
CSqGSIb3DQEBCwUAA4IBAQAI5J2h7zBfbRHHmxzPPkkBiyKuUBfW9ave508VXjUP
6sb5A3AljaIJEUoQqBFKuuPf4Ss030SjB5iVWcPVLMiQdsRJYoSp1MPw53Lawv8l
1h6V8QlBDzaYEa7upTcp2XNmYMetaDcZaPjCYCju1h8z1MoGAc8syUpAKwfOpMT7
mqxZ2bEpkqZ26KTrhd00jpzzvalhgMGbh5DVYH/C0i7ZztxAcAb+0G879rpVCi1x
VIA/GVmSGgeT/d3n+ubldHJewaaMhaWayXKc5QC2FV/ZLb/rKTfoR1qH27A4BThW
ZKY9QrlKdVydTjvl18DDKn3KO1h5ozr7RTGXTd5jYqzl
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:50:29 2024 by rpki-client on console-fra.rpki-client.org