Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/vQ6UHbi1nKmHwxJxlOEMa-9onGQ.roa
File: vQ6UHbi1nKmHwxJxlOEMa-9onGQ.roa (raw, json)
Hash identifier: hgnZRZIFTt62ZO5ce0lUsb+iDwCsiLW4lkXHnqAXdvo=
Subject key identifier: BD:0E:94:1D:B8:B5:9C:A9:87:C3:12:71:94:E1:0C:6B:EF:68:9C:64
Certificate issuer: /CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Certificate serial: 01857115523411D37B05FCE2BC58B60738C5
Authority key identifier: 1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/vQ6UHbi1nKmHwxJxlOEMa-9onGQ.roa
Signing time: Mon 02 Jan 2023 06:05:00 +0000
ROA not before: Mon 02 Jan 2023 06:05:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60869
IP address blocks: 217.153.163.128/25 maxlen: 25
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:15:52:34:11:d3:7b:05:fc:e2:bc:58:b6:07:38:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Validity
Not Before: Jan 2 06:05:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bd0e941db8b59ca987c3127194e10c6bef689c64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:6b:82:87:5d:d8:b3:27:2a:28:4b:c7:82:79:
e6:e2:5f:2f:0b:c6:70:28:5b:ff:25:1e:5f:fc:dc:
f3:a3:69:d2:04:53:b3:bc:d3:75:9d:b8:dc:82:31:
6a:05:f6:b8:05:8d:ca:83:7e:4b:4d:f0:a4:a5:d3:
94:c4:c1:51:75:68:c4:4f:53:69:4c:83:52:56:84:
b1:16:74:d4:3a:ca:cc:e8:eb:4f:da:83:4f:f0:ef:
4a:ae:fe:ae:95:c5:a6:dd:c8:50:13:b0:aa:ec:eb:
35:d9:c2:6e:6d:5b:1c:04:df:bf:e9:e8:c9:db:fb:
e7:31:54:d3:34:75:6c:bd:f5:0b:50:49:22:1b:2a:
17:75:4b:e5:bc:e2:b5:b7:85:9d:fa:07:4e:04:b5:
26:2a:c2:20:cd:67:5d:84:cb:e5:79:25:29:11:06:
83:c7:53:95:fd:1f:e5:13:aa:0b:71:82:6a:61:87:
a5:44:df:e5:76:b2:9c:8e:5e:fa:c6:a6:01:10:15:
be:3e:a6:63:94:f9:47:15:f8:08:68:ee:97:93:3d:
47:3a:97:04:a4:cd:00:47:e4:56:c3:93:3c:aa:66:
fe:31:57:8e:e1:dd:8f:7f:c0:38:94:04:7b:96:10:
01:ac:bc:f0:f7:c6:0d:98:d9:4c:32:9f:cb:cf:df:
11:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:0E:94:1D:B8:B5:9C:A9:87:C3:12:71:94:E1:0C:6B:EF:68:9C:64
X509v3 Authority Key Identifier:
keyid:1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/vQ6UHbi1nKmHwxJxlOEMa-9onGQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.153.163.128/25
Signature Algorithm: sha256WithRSAEncryption
65:19:c0:ae:1a:59:29:06:07:bf:3e:4c:43:fe:ce:c2:df:be:
d4:10:40:fa:6d:2d:2d:fe:1d:da:fb:1e:78:db:37:13:fe:52:
5d:46:a7:ed:8d:e2:c8:ed:1e:dd:8b:85:65:bc:ac:ac:06:67:
5d:69:60:7e:1b:e5:68:14:3f:d3:12:9f:5c:41:d2:27:af:f9:
1e:e9:e8:96:1a:c3:97:ef:76:97:4c:24:c2:7d:bd:11:fa:5a:
ba:cf:4e:43:53:aa:b1:9a:d6:54:5a:3b:82:74:90:50:81:3a:
ce:9a:af:42:6b:00:9d:45:de:d0:fb:3a:49:ce:d9:b7:49:4e:
53:a3:54:83:d2:1c:ed:2b:6b:88:87:96:af:e1:6e:fb:2c:0d:
a5:f5:f4:03:52:86:c0:a3:93:63:9f:08:06:a1:ae:19:c5:1e:
e5:a6:fb:2b:2f:c7:16:c1:f2:1f:63:40:4f:bd:35:fc:6f:d4:
19:ce:29:e6:d6:d1:5e:52:6f:e9:40:19:00:3f:b3:f3:8d:23:
e6:44:81:e0:ad:54:a8:40:a3:ee:90:ed:d6:32:b4:0a:41:d6:
6a:fe:c7:7f:07:de:01:1f:af:82:6b:28:e9:07:77:e4:89:cc:
f0:e9:36:02:df:a4:21:42:0f:80:0b:2b:a3:23:70:cb:52:9f:
f5:ae:af:4b
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVxFVI0EdN7BfzivFi2BzjFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhY2E2M2RmMjQ4YjdhZGYzZGRkMDdlOGMyZDNlZWRkMDJj
ZWY5MzMwHhcNMjMwMTAyMDYwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDBlOTQxZGI4YjU5Y2E5ODdjMzEyNzE5NGUxMGM2YmVmNjg5YzY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAumuCh13YsycqKEvHgnnm4l8vC8Zw
KFv/JR5f/Nzzo2nSBFOzvNN1nbjcgjFqBfa4BY3Kg35LTfCkpdOUxMFRdWjET1Np
TINSVoSxFnTUOsrM6OtP2oNP8O9Krv6ulcWm3chQE7Cq7Os12cJubVscBN+/6ejJ
2/vnMVTTNHVsvfULUEkiGyoXdUvlvOK1t4Wd+gdOBLUmKsIgzWddhMvleSUpEQaD
x1OV/R/lE6oLcYJqYYelRN/ldrKcjl76xqYBEBW+PqZjlPlHFfgIaO6Xkz1HOpcE
pM0AR+RWw5M8qmb+MVeO4d2Pf8A4lAR7lhABrLzw98YNmNlMMp/Lz98RowIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFL0OlB24tZyph8MScZThDGvvaJxkMB8GA1UdIwQY
MBaAFBrKY98ki3rfPd0H6MLT7t0CzvkzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzIt
OTFlMzE4NGJiMGFiLzEvdlE2VUhiaTFuS21Id3hKeGxPRU1hLTlvbkdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzItOTFlMzE4NGJiMGFi
LzEvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAATAHAwUH2ZmjgDAN
BgkqhkiG9w0BAQsFAAOCAQEAZRnArhpZKQYHvz5MQ/7Owt++1BBA+m0tLf4d2vse
eNs3E/5SXUan7Y3iyO0e3YuFZbysrAZnXWlgfhvlaBQ/0xKfXEHSJ6/5HunolhrD
l+92l0wkwn29Efpaus9OQ1OqsZrWVFo7gnSQUIE6zpqvQmsAnUXe0Ps6Sc7Zt0lO
U6NUg9Ic7StriIeWr+Fu+ywNpfX0A1KGwKOTY58IBqGuGcUe5ab7Ky/HFsHyH2NA
T701/G/UGc4p5tbRXlJv6UAZAD+z840j5kSB4K1UqECj7pDt1jK0CkHWav7Hfwfe
AR+vgmso6Qd35InM8Ok2At+kIUIPgAsroyNwy1Kf9a6vSw==
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:41:22 2024 by rpki-client on console-ams.rpki-client.org