Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/nbwsQGzhp16iaOcRqiCONY3Tvx8.roa
File: nbwsQGzhp16iaOcRqiCONY3Tvx8.roa (raw, json)
Hash identifier: Z0S/cjOpdo2b205fzLCxGmaYACaoA1KYoYM/58Sg5uc=
Subject key identifier: 9D:BC:2C:40:6C:E1:A7:5E:A2:68:E7:11:AA:20:8E:35:8D:D3:BF:1F
Certificate issuer: /CN=5753c06290a371994d7577318685f5bc4a538d47
Certificate serial: 018CC6B910EC59D6572C86F51795E844A805
Authority key identifier: 57:53:C0:62:90:A3:71:99:4D:75:77:31:86:85:F5:BC:4A:53:8D:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V1PAYpCjcZlNdXcxhoX1vEpTjUc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/nbwsQGzhp16iaOcRqiCONY3Tvx8.roa
Signing time: Mon 01 Jan 2024 20:31:06 +0000
ROA not before: Mon 01 Jan 2024 20:31:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202766
IP address blocks: 158.172.142.0/24 maxlen: 24
158.172.140.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 01 Feb 2024 14:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:10:ec:59:d6:57:2c:86:f5:17:95:e8:44:a8:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5753c06290a371994d7577318685f5bc4a538d47
Validity
Not Before: Jan 1 20:31:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9dbc2c406ce1a75ea268e711aa208e358dd3bf1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:77:4e:40:43:28:2e:be:28:6f:23:09:36:98:
1c:d9:f4:3b:78:4f:1e:f9:11:57:72:6b:89:3b:9c:
12:53:52:5e:95:73:2c:c9:da:e0:91:ac:a6:93:f4:
0d:e8:4f:da:7d:71:c7:66:b3:dc:fe:60:a5:be:b5:
2b:3a:72:81:ff:96:59:2b:f3:36:e9:8d:49:b6:f3:
9f:97:12:d2:8a:21:99:a0:f1:f5:97:b9:23:e3:82:
13:33:6b:e7:f5:fb:5b:37:9b:d3:41:3e:ba:51:8f:
26:33:20:94:04:3a:d4:09:c4:c1:bc:2f:42:71:a4:
ac:63:43:00:4e:c1:c7:22:9c:91:41:ff:b1:e2:a8:
4b:dd:60:85:40:18:bb:3b:96:5c:0a:00:bd:64:f2:
2a:a5:64:1e:69:4a:8e:ce:5e:3e:2b:e7:0a:1f:f9:
2e:19:b9:8d:f7:38:ba:e8:c9:1f:c8:b3:3d:cc:ce:
e1:26:8f:bf:e1:f6:fc:cd:57:1f:17:31:76:6e:92:
c4:9b:23:1d:31:21:54:33:69:fb:d9:ab:8a:f1:9c:
3c:d7:3e:b5:11:76:f3:32:a1:ce:a3:52:f6:27:54:
7f:ca:a9:b7:0a:17:be:8d:51:95:13:ac:6b:21:78:
fa:9d:74:7f:8c:fe:23:0b:54:15:a0:96:52:4a:a2:
5c:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:BC:2C:40:6C:E1:A7:5E:A2:68:E7:11:AA:20:8E:35:8D:D3:BF:1F
X509v3 Authority Key Identifier:
keyid:57:53:C0:62:90:A3:71:99:4D:75:77:31:86:85:F5:BC:4A:53:8D:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V1PAYpCjcZlNdXcxhoX1vEpTjUc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/nbwsQGzhp16iaOcRqiCONY3Tvx8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/V1PAYpCjcZlNdXcxhoX1vEpTjUc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.172.140.0-158.172.142.255
Signature Algorithm: sha256WithRSAEncryption
0b:65:29:7f:3c:19:14:48:8b:21:78:6f:ac:67:98:16:a6:b5:
b4:28:a6:a6:ce:ce:59:f0:46:92:91:46:a4:59:1f:f8:7f:8c:
5b:95:f4:e9:aa:ae:ce:7b:50:aa:64:96:a4:c9:44:55:81:67:
6a:7b:3f:32:8f:27:24:ce:09:34:a2:6b:50:bd:e5:1c:49:e2:
33:df:24:71:da:24:87:37:57:3b:89:cd:5b:85:51:2d:c0:c6:
d0:29:51:7e:3f:c3:19:86:d7:35:85:d7:b8:9f:4e:cd:09:fb:
4a:7e:38:b4:e9:e5:2d:1a:22:ca:b2:e9:78:a9:32:66:b6:e8:
5f:56:d6:22:52:f7:b3:0e:ad:70:41:39:08:8e:97:fa:3f:a5:
98:55:81:c6:13:d0:f1:49:b3:fd:06:ec:fa:91:5d:5b:8b:d9:
49:d4:56:03:b7:ec:e9:d7:06:aa:2f:a3:5c:7f:0f:40:5b:42:
f2:95:1f:9c:42:58:01:29:25:c8:dd:32:c9:1e:9f:a8:8c:6b:
ab:2c:c7:d8:b9:a5:99:ab:5c:a9:e1:d2:65:44:7e:80:cb:aa:
b4:66:b1:41:45:34:9e:f6:94:87:f1:ce:38:25:e2:b6:2b:5f:
77:45:b1:a3:8f:5d:65:a9:78:40:14:fc:70:9a:d9:b7:f4:bf:
95:c3:5e:bd
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzGuRDsWdZXLIb1F5XoRKgFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3NTNjMDYyOTBhMzcxOTk0ZDc1NzczMTg2ODVmNWJjNGE1
MzhkNDcwHhcNMjQwMTAxMjAzMTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGJjMmM0MDZjZTFhNzVlYTI2OGU3MTFhYTIwOGUzNThkZDNiZjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjXdOQEMoLr4obyMJNpgc2fQ7eE8e
+RFXcmuJO5wSU1JelXMsydrgkaymk/QN6E/afXHHZrPc/mClvrUrOnKB/5ZZK/M2
6Y1JtvOflxLSiiGZoPH1l7kj44ITM2vn9ftbN5vTQT66UY8mMyCUBDrUCcTBvC9C
caSsY0MATsHHIpyRQf+x4qhL3WCFQBi7O5ZcCgC9ZPIqpWQeaUqOzl4+K+cKH/ku
GbmN9zi66MkfyLM9zM7hJo+/4fb8zVcfFzF2bpLEmyMdMSFUM2n72auK8Zw81z61
EXbzMqHOo1L2J1R/yqm3Che+jVGVE6xrIXj6nXR/jP4jC1QVoJZSSqJciwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJ28LEBs4adeomjnEaogjjWN078fMB8GA1UdIwQY
MBaAFFdTwGKQo3GZTXV3MYaF9bxKU41HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjFQQVlwQ2pjWmxOZFhjeGhvWDF2RXBUalVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9iNDFhYjYtYjlmMy00YjRhLTliN2It
MWVkMTA5NTRiZDk2LzEvbmJ3c1FHemhwMTZpYU9jUnFpQ09OWTNUdng4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9iNDFhYjYtYjlmMy00YjRhLTliN2ItMWVkMTA5NTRiZDk2
LzEvVjFQQVlwQ2pjWmxOZFhjeGhvWDF2RXBUalVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAKerIwD
BACerI4wDQYJKoZIhvcNAQELBQADggEBAAtlKX88GRRIiyF4b6xnmBamtbQopqbO
zlnwRpKRRqRZH/h/jFuV9Omqrs57UKpklqTJRFWBZ2p7PzKPJyTOCTSia1C95RxJ
4jPfJHHaJIc3VzuJzVuFUS3AxtApUX4/wxmG1zWF17ifTs0J+0p+OLTp5S0aIsqy
6XipMma26F9W1iJS97MOrXBBOQiOl/o/pZhVgcYT0PFJs/0G7PqRXVuL2UnUVgO3
7OnXBqovo1x/D0BbQvKVH5xCWAEpJcjdMsken6iMa6ssx9i5pZmrXKnh0mVEfoDL
qrRmsUFFNJ72lIfxzjgl4rYrX3dFsaOPXWWpeEAU/HCa2bf0v5XDXr0=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:08:58 2025 by rpki-client