Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/4ea481-ba97-4b94-b000-35bd65f1f2a4/1/SnPNDQLOCh_tGcCdYhjgKPCnCJE.roa
File: SnPNDQLOCh_tGcCdYhjgKPCnCJE.roa (raw, json)
Hash identifier: osFyP4gjPUvUcwaFeHdwbb7S/VizY0TsAMeV1oGX7ho=
Subject key identifier: 4A:73:CD:0D:02:CE:0A:1F:ED:19:C0:9D:62:18:E0:28:F0:A7:08:91
Certificate issuer: /CN=59fad388bea71da2f43f39a45e10141d6f29c428
Certificate serial: 01857315DA95F1CD6137F4AF43DF792E3631
Authority key identifier: 59:FA:D3:88:BE:A7:1D:A2:F4:3F:39:A4:5E:10:14:1D:6F:29:C4:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WfrTiL6nHaL0PzmkXhAUHW8pxCg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/4ea481-ba97-4b94-b000-35bd65f1f2a4/1/SnPNDQLOCh_tGcCdYhjgKPCnCJE.roa
Signing time: Mon 02 Jan 2023 15:24:50 +0000
ROA not before: Mon 02 Jan 2023 15:24:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21171
IP address blocks: 152.90.0.0/16 maxlen: 16
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:15:da:95:f1:cd:61:37:f4:af:43:df:79:2e:36:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=59fad388bea71da2f43f39a45e10141d6f29c428
Validity
Not Before: Jan 2 15:24:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4a73cd0d02ce0a1fed19c09d6218e028f0a70891
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:25:49:5c:07:3c:6c:73:1f:f0:1a:c8:79:f4:
b7:b4:26:10:c4:36:86:c1:b0:f5:48:8a:bb:be:18:
70:bf:f2:a5:34:6c:ff:31:61:5e:eb:08:20:12:46:
d1:dd:77:d7:8d:3e:3c:66:60:5c:13:20:e6:c5:a6:
74:96:86:ad:b4:0e:b5:4e:9d:49:89:ca:54:bb:9c:
8e:b4:8d:79:ec:21:0b:90:79:a4:d2:0a:fb:9a:54:
d7:d8:d8:c4:d9:0d:b9:4c:62:57:63:7f:c0:ac:dd:
30:8b:d8:d3:3d:6d:59:49:0e:8c:65:ad:18:d3:18:
09:3e:77:80:30:12:6d:69:12:ba:49:90:59:3b:54:
ea:59:07:b5:8e:8c:dc:9b:b9:c1:8d:52:4a:a8:e6:
5b:34:30:68:db:b5:c6:2d:43:84:7c:91:2a:ab:66:
cd:1e:bf:71:16:df:88:a4:41:fd:10:45:12:60:22:
01:bc:73:45:da:2a:68:45:85:8d:af:d8:58:c8:13:
15:6e:40:00:7b:6e:0c:48:a8:2e:8b:99:99:11:60:
b1:4b:f9:51:be:e5:c1:68:35:17:7e:54:6b:20:62:
9c:e7:79:57:b7:9b:95:cc:8c:2b:1a:c5:d3:06:ae:
79:1d:4c:7b:ed:7d:3f:f1:16:e3:54:ef:c2:8e:27:
be:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:73:CD:0D:02:CE:0A:1F:ED:19:C0:9D:62:18:E0:28:F0:A7:08:91
X509v3 Authority Key Identifier:
keyid:59:FA:D3:88:BE:A7:1D:A2:F4:3F:39:A4:5E:10:14:1D:6F:29:C4:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WfrTiL6nHaL0PzmkXhAUHW8pxCg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/4ea481-ba97-4b94-b000-35bd65f1f2a4/1/SnPNDQLOCh_tGcCdYhjgKPCnCJE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/4ea481-ba97-4b94-b000-35bd65f1f2a4/1/WfrTiL6nHaL0PzmkXhAUHW8pxCg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.90.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ba:3f:fc:23:1d:03:0c:36:45:49:c9:d3:4a:36:8f:e5:8a:2d:
9a:d0:3a:ad:aa:25:6f:ed:b0:14:85:48:63:78:3e:9d:79:fe:
4d:c7:d9:b3:bb:62:4a:99:fe:43:c1:68:49:0a:7f:40:18:d3:
cd:71:6c:1a:89:9d:77:4c:95:c4:4b:39:de:ad:30:be:74:00:
ce:0d:78:7c:49:ce:75:5b:0b:19:ad:c3:6f:80:16:35:3a:2c:
3e:da:7a:92:9c:fe:78:09:77:2d:60:60:e0:96:a5:4d:d2:53:
55:05:16:70:ad:3e:a3:78:bc:04:c5:e4:18:7f:ef:d4:cf:61:
c8:f5:7f:6f:95:5e:47:8c:16:53:f1:15:10:69:bb:08:3e:98:
3f:f7:79:e2:bd:3b:5c:1b:f8:28:66:67:b1:c9:c5:ac:7b:7d:
af:31:d2:fa:93:1c:66:eb:c7:83:da:99:b1:78:10:52:06:1b:
b4:44:65:2c:41:c7:3c:7b:46:bc:a2:72:88:c4:28:9c:ac:5f:
8b:7b:08:2b:b8:a1:9a:46:3d:f3:60:ee:99:35:de:1f:b8:3c:
d1:b3:19:bf:4e:88:1a:53:43:e0:21:c4:c0:c5:c8:2b:00:46:
13:1f:19:c6:4d:6a:90:b5:b5:e1:8a:5c:c2:d7:c2:37:17:c5:
61:91:25:af
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYVzFdqV8c1hN/SvQ995LjYxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5ZmFkMzg4YmVhNzFkYTJmNDNmMzlhNDVlMTAxNDFkNmYy
OWM0MjgwHhcNMjMwMTAyMTUyNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTczY2QwZDAyY2UwYTFmZWQxOWMwOWQ2MjE4ZTAyOGYwYTcwODkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2CVJXAc8bHMf8BrIefS3tCYQxDaG
wbD1SIq7vhhwv/KlNGz/MWFe6wggEkbR3XfXjT48ZmBcEyDmxaZ0loattA61Tp1J
icpUu5yOtI157CELkHmk0gr7mlTX2NjE2Q25TGJXY3/ArN0wi9jTPW1ZSQ6MZa0Y
0xgJPneAMBJtaRK6SZBZO1TqWQe1jozcm7nBjVJKqOZbNDBo27XGLUOEfJEqq2bN
Hr9xFt+IpEH9EEUSYCIBvHNF2ipoRYWNr9hYyBMVbkAAe24MSKgui5mZEWCxS/lR
vuXBaDUXflRrIGKc53lXt5uVzIwrGsXTBq55HUx77X0/8RbjVO/Cjie+fQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFEpzzQ0Czgof7RnAnWIY4CjwpwiRMB8GA1UdIwQY
MBaAFFn604i+px2i9D85pF4QFB1vKcQoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2ZyVGlMNm5IYUwwUHpta1hoQVVIVzhweENnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi80ZWE0ODEtYmE5Ny00Yjk0LWIwMDAt
MzViZDY1ZjFmMmE0LzEvU25QTkRRTE9DaF90R2NDZFloamdLUENuQ0pFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi80ZWE0ODEtYmE5Ny00Yjk0LWIwMDAtMzViZDY1ZjFmMmE0
LzEvV2ZyVGlMNm5IYUwwUHpta1hoQVVIVzhweENnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAmFowDQYJ
KoZIhvcNAQELBQADggEBALo//CMdAww2RUnJ00o2j+WKLZrQOq2qJW/tsBSFSGN4
Pp15/k3H2bO7YkqZ/kPBaEkKf0AY081xbBqJnXdMlcRLOd6tML50AM4NeHxJznVb
Cxmtw2+AFjU6LD7aepKc/ngJdy1gYOCWpU3SU1UFFnCtPqN4vATF5Bh/79TPYcj1
f2+VXkeMFlPxFRBpuwg+mD/3eeK9O1wb+ChmZ7HJxax7fa8x0vqTHGbrx4PambF4
EFIGG7REZSxBxzx7RryicojEKJysX4t7CCu4oZpGPfNg7pk13h+4PNGzGb9OiBpT
Q+AhxMDFyCsARhMfGcZNapC1teGKXMLXwjcXxWGRJa8=
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:28:26 2024 by rpki-client on console-fra.rpki-client.org