Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/pKZTg4TcwTYxSSpNVyMowT54y6U.roa
File: pKZTg4TcwTYxSSpNVyMowT54y6U.roa (raw, json)
Hash identifier: KBdWsMJhPU3iet9bKUO/4w9M3NqiJEgdOiEhiL4K5iY=
Subject key identifier: A4:A6:53:83:84:DC:C1:36:31:49:2A:4D:57:23:28:C1:3E:78:CB:A5
Certificate issuer: /CN=5753c06290a371994d7577318685f5bc4a538d47
Certificate serial: 01905EAA033F313CFE0162BF8CB99D9F9D56
Authority key identifier: 57:53:C0:62:90:A3:71:99:4D:75:77:31:86:85:F5:BC:4A:53:8D:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V1PAYpCjcZlNdXcxhoX1vEpTjUc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/pKZTg4TcwTYxSSpNVyMowT54y6U.roa
Signing time: Fri 28 Jun 2024 11:45:18 +0000
ROA not before: Fri 28 Jun 2024 11:45:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202766
IP address blocks: 158.172.140.0/23 maxlen: 23
158.172.142.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:49:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:5e:aa:03:3f:31:3c:fe:01:62:bf:8c:b9:9d:9f:9d:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5753c06290a371994d7577318685f5bc4a538d47
Validity
Not Before: Jun 28 11:45:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a4a6538384dcc13631492a4d572328c13e78cba5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:84:c8:a3:52:dd:c0:f5:c4:ab:1b:7f:64:f7:
65:83:cb:97:f9:b3:44:27:56:6d:b1:e4:0e:ee:26:
30:85:1d:35:d0:14:d4:42:67:80:7c:8f:0c:7b:0a:
b2:ab:6a:bc:52:74:94:79:6b:b8:55:a9:df:27:e7:
7f:f7:84:3c:18:46:f8:06:9b:09:7f:e2:b8:0d:df:
41:76:b2:d0:21:7f:35:ab:0b:d2:74:64:fd:ed:36:
0c:62:51:79:04:52:ea:83:35:68:bf:0b:b3:e2:be:
b7:69:47:7f:63:56:aa:aa:67:98:ea:77:2d:ab:b5:
99:bf:eb:9d:ca:8f:ba:92:0e:c7:93:7a:a0:d5:01:
ba:7a:72:b9:0e:4d:9e:4d:90:c4:43:dc:77:42:7e:
61:b3:42:bf:29:fd:81:e9:54:0f:5f:10:92:5e:26:
9a:77:8e:bb:c7:d3:69:97:36:0a:19:60:f2:10:66:
83:cf:39:16:d2:fb:37:6d:09:b6:5b:89:9d:43:ca:
ab:96:cf:8b:c2:c7:be:3c:b1:c8:17:44:3f:ab:39:
4d:4e:06:47:0b:44:5e:9d:12:bd:57:ed:d8:80:6d:
1a:4e:74:58:16:f5:ea:f7:50:23:54:51:1b:12:b6:
e5:40:6d:32:cb:d4:4c:b8:14:6b:d2:6e:fc:27:99:
6c:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:A6:53:83:84:DC:C1:36:31:49:2A:4D:57:23:28:C1:3E:78:CB:A5
X509v3 Authority Key Identifier:
keyid:57:53:C0:62:90:A3:71:99:4D:75:77:31:86:85:F5:BC:4A:53:8D:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V1PAYpCjcZlNdXcxhoX1vEpTjUc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/pKZTg4TcwTYxSSpNVyMowT54y6U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/V1PAYpCjcZlNdXcxhoX1vEpTjUc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.172.140.0-158.172.142.255
Signature Algorithm: sha256WithRSAEncryption
7a:be:43:74:a2:d3:38:3c:c6:c2:b2:8e:61:3b:21:af:e8:b3:
b3:2f:e8:b2:1f:d4:7f:cb:71:e4:0e:35:f8:03:37:98:fb:a0:
ea:22:f8:e4:e9:99:16:38:e0:da:96:04:de:43:6e:ba:b7:de:
2f:b2:9d:67:39:aa:4a:57:ef:0d:fa:75:c9:3e:96:84:ca:39:
f1:f7:ef:cc:fd:a0:35:d5:3b:d6:83:0e:ad:4c:96:16:b9:b3:
63:3a:e3:e9:39:a9:a6:df:85:da:fb:62:a9:77:78:5b:66:4c:
78:f6:32:bc:63:25:32:e3:56:ae:eb:8b:aa:a7:01:57:f9:12:
b0:9e:60:a4:51:b5:87:3f:ea:5a:ea:72:a6:13:0d:f4:9f:ed:
ad:41:69:33:fe:aa:de:3d:5d:6b:c2:48:54:1e:36:52:2c:e0:
84:7c:e1:10:45:17:0d:bb:f2:89:d0:31:48:13:de:04:fc:ad:
7e:f6:00:2c:dd:4f:a2:11:6e:4a:43:c6:94:e6:ab:b7:9d:8c:
7a:ec:03:b8:fc:da:fc:59:f3:d0:60:1f:1c:af:26:ff:2b:52:
d4:f8:df:68:4f:57:55:7d:ab:75:fd:f8:0b:19:8d:1a:a6:38:
18:ce:2a:9e:ce:82:89:03:6b:88:74:4c:72:2b:e8:74:99:35:
a4:9b:75:29
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZBeqgM/MTz+AWK/jLmdn51WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3NTNjMDYyOTBhMzcxOTk0ZDc1NzczMTg2ODVmNWJjNGE1
MzhkNDcwHhcNMjQwNjI4MTE0NTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGE2NTM4Mzg0ZGNjMTM2MzE0OTJhNGQ1NzIzMjhjMTNlNzhjYmE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqITIo1LdwPXEqxt/ZPdlg8uX+bNE
J1ZtseQO7iYwhR010BTUQmeAfI8Mewqyq2q8UnSUeWu4VanfJ+d/94Q8GEb4BpsJ
f+K4Dd9BdrLQIX81qwvSdGT97TYMYlF5BFLqgzVovwuz4r63aUd/Y1aqqmeY6nct
q7WZv+udyo+6kg7Hk3qg1QG6enK5Dk2eTZDEQ9x3Qn5hs0K/Kf2B6VQPXxCSXiaa
d467x9NplzYKGWDyEGaDzzkW0vs3bQm2W4mdQ8qrls+Lwse+PLHIF0Q/qzlNTgZH
C0RenRK9V+3YgG0aTnRYFvXq91AjVFEbErblQG0yy9RMuBRr0m78J5lsGQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFKSmU4OE3ME2MUkqTVcjKME+eMulMB8GA1UdIwQY
MBaAFFdTwGKQo3GZTXV3MYaF9bxKU41HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjFQQVlwQ2pjWmxOZFhjeGhvWDF2RXBUalVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9iNDFhYjYtYjlmMy00YjRhLTliN2It
MWVkMTA5NTRiZDk2LzEvcEtaVGc0VGN3VFl4U1NwTlZ5TW93VDU0eTZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9iNDFhYjYtYjlmMy00YjRhLTliN2ItMWVkMTA5NTRiZDk2
LzEvVjFQQVlwQ2pjWmxOZFhjeGhvWDF2RXBUalVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAKerIwD
BACerI4wDQYJKoZIhvcNAQELBQADggEBAHq+Q3Si0zg8xsKyjmE7Ia/os7Mv6LIf
1H/LceQONfgDN5j7oOoi+OTpmRY44NqWBN5Dbrq33i+ynWc5qkpX7w36dck+loTK
OfH378z9oDXVO9aDDq1Mlha5s2M64+k5qabfhdr7Yql3eFtmTHj2MrxjJTLjVq7r
i6qnAVf5ErCeYKRRtYc/6lrqcqYTDfSf7a1BaTP+qt49XWvCSFQeNlIs4IR84RBF
Fw278onQMUgT3gT8rX72ACzdT6IRbkpDxpTmq7edjHrsA7j82vxZ89BgHxyvJv8r
UtT432hPV1V9q3X9+AsZjRqmOBjOKp7OgokDa4h0THIr6HSZNaSbdSk=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:16:59 2025 by rpki-client