Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/b18f32-473c-4d9e-ab85-7bd0cfa239f6/1/kOrwriSNudMlRH2cMEQ2HTn7iPk.roa
File: kOrwriSNudMlRH2cMEQ2HTn7iPk.roa (raw, json)
Hash identifier: bb1BT4ST7zr5wlqgf9z11fJVsTaMcsKFOlrzNRv5u8Q=
Subject key identifier: 90:EA:F0:AE:24:8D:B9:D3:25:44:7D:9C:30:44:36:1D:39:FB:88:F9
Certificate issuer: /CN=e156a785bf7fe4d7c4a5c6b721214f0e96f3aec9
Certificate serial: 01856B37B5DE21549F491FFFBFAC6EA246F2
Authority key identifier: E1:56:A7:85:BF:7F:E4:D7:C4:A5:C6:B7:21:21:4F:0E:96:F3:AE:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4Vanhb9_5NfEpca3ISFPDpbzrsk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/b18f32-473c-4d9e-ab85-7bd0cfa239f6/1/kOrwriSNudMlRH2cMEQ2HTn7iPk.roa
Signing time: Sun 01 Jan 2023 02:44:51 +0000
ROA not before: Sun 01 Jan 2023 02:44:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1213
IP address blocks: 147.252.0.0/16 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:37:b5:de:21:54:9f:49:1f:ff:bf:ac:6e:a2:46:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e156a785bf7fe4d7c4a5c6b721214f0e96f3aec9
Validity
Not Before: Jan 1 02:44:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=90eaf0ae248db9d325447d9c3044361d39fb88f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:1f:a7:ad:15:57:49:80:30:75:41:1f:76:a3:
c4:df:4f:3a:4e:6f:4d:2a:af:46:89:bb:57:8e:69:
35:7e:f7:d3:44:18:2c:84:e2:ac:86:59:86:32:f8:
e4:5e:cf:9c:ee:fe:f2:4b:c0:e0:a6:13:de:21:01:
b8:f0:63:34:61:da:03:ab:c7:19:52:ae:62:d2:2f:
82:2c:d9:61:c1:07:38:8d:3f:ca:0c:64:bc:c4:4a:
05:15:3e:ec:47:0b:5b:b6:5e:e3:65:99:ee:37:c9:
86:4c:8f:4f:64:8e:4f:1a:a4:39:07:de:8d:65:fd:
cd:17:6c:a0:54:e5:2f:04:87:81:07:93:e2:4d:9a:
8a:4f:79:19:f4:25:cb:61:6c:48:2b:29:e1:52:7e:
42:f1:c7:35:68:15:2c:c3:a2:c9:54:28:58:2c:7a:
c5:e6:e4:d1:b9:e5:db:45:5c:2e:d4:fd:0c:f8:79:
e6:f0:76:9e:15:da:bc:16:d6:0e:03:ae:83:cb:60:
55:c1:64:19:ab:e3:cf:77:7a:35:75:ec:a8:fc:83:
56:a5:7c:ba:be:7c:28:6b:01:55:6f:fa:b7:3d:b5:
fd:30:2c:ba:72:5a:ca:de:bc:09:7f:c7:be:8d:2e:
54:fb:4d:00:cb:ee:af:dc:50:43:00:a4:d2:28:35:
38:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:EA:F0:AE:24:8D:B9:D3:25:44:7D:9C:30:44:36:1D:39:FB:88:F9
X509v3 Authority Key Identifier:
keyid:E1:56:A7:85:BF:7F:E4:D7:C4:A5:C6:B7:21:21:4F:0E:96:F3:AE:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4Vanhb9_5NfEpca3ISFPDpbzrsk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/b18f32-473c-4d9e-ab85-7bd0cfa239f6/1/kOrwriSNudMlRH2cMEQ2HTn7iPk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/b18f32-473c-4d9e-ab85-7bd0cfa239f6/1/4Vanhb9_5NfEpca3ISFPDpbzrsk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.252.0.0/16
Signature Algorithm: sha256WithRSAEncryption
81:e2:ba:c4:99:1a:e9:4b:b5:3d:6d:34:4f:83:45:36:6e:f8:
b8:b1:93:fe:4b:27:f5:d3:fd:97:cd:b6:1c:a2:a4:55:51:4e:
9a:8c:6b:82:1e:7c:9d:2c:d9:4d:c0:6f:32:cf:38:3d:2e:de:
9f:3b:94:6d:70:e1:53:b3:4d:dd:e8:b3:d4:8a:7a:2e:0c:c3:
11:01:8d:bf:3a:51:1c:bc:26:02:2d:ac:67:3f:84:2a:cb:e0:
8c:91:0a:08:fe:76:b4:bb:c9:c1:ea:3f:15:ba:b0:e1:77:75:
e9:39:65:65:c6:dc:2d:ce:b0:1f:48:d0:ef:dc:ed:1c:5a:47:
4d:29:63:25:38:a3:9a:07:48:60:a4:ed:8c:c7:13:7f:10:b2:
00:bb:59:84:c8:cc:c2:5a:77:c0:61:a4:85:f3:94:fd:06:3f:
c8:db:72:aa:18:ac:9d:03:85:44:74:99:0e:fe:14:98:07:e9:
78:4c:fb:b3:7e:0b:63:8f:10:f8:cb:19:29:79:bb:a0:92:6a:
15:46:e5:89:da:72:40:bd:1e:5a:f7:02:ea:5c:2c:9b:93:c2:
b8:cc:6e:5f:0e:53:bc:f6:69:b5:51:83:c6:29:14:01:f0:90:
24:07:79:52:09:8f:bf:df:b7:fa:c3:93:88:d9:a3:49:02:70:
8d:f4:01:dd
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYVrN7XeIVSfSR//v6xuokbyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxNTZhNzg1YmY3ZmU0ZDdjNGE1YzZiNzIxMjE0ZjBlOTZm
M2FlYzkwHhcNMjMwMTAxMDI0NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGVhZjBhZTI0OGRiOWQzMjU0NDdkOWMzMDQ0MzYxZDM5ZmI4OGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoB+nrRVXSYAwdUEfdqPE3086Tm9N
Kq9GibtXjmk1fvfTRBgshOKshlmGMvjkXs+c7v7yS8DgphPeIQG48GM0YdoDq8cZ
Uq5i0i+CLNlhwQc4jT/KDGS8xEoFFT7sRwtbtl7jZZnuN8mGTI9PZI5PGqQ5B96N
Zf3NF2ygVOUvBIeBB5PiTZqKT3kZ9CXLYWxIKynhUn5C8cc1aBUsw6LJVChYLHrF
5uTRueXbRVwu1P0M+Hnm8HaeFdq8FtYOA66Dy2BVwWQZq+PPd3o1deyo/INWpXy6
vnwoawFVb/q3PbX9MCy6clrK3rwJf8e+jS5U+00Ay+6v3FBDAKTSKDU4IQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFJDq8K4kjbnTJUR9nDBENh05+4j5MB8GA1UdIwQY
MBaAFOFWp4W/f+TXxKXGtyEhTw6W867JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFZhbmhiOV81TmZFcGNhM0lTRlBEcGJ6cnNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9iMThmMzItNDczYy00ZDllLWFiODUt
N2JkMGNmYTIzOWY2LzEva09yd3JpU051ZE1sUkgyY01FUTJIVG43aVBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9iMThmMzItNDczYy00ZDllLWFiODUtN2JkMGNmYTIzOWY2
LzEvNFZhbmhiOV81TmZFcGNhM0lTRlBEcGJ6cnNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAk/wwDQYJ
KoZIhvcNAQELBQADggEBAIHiusSZGulLtT1tNE+DRTZu+Lixk/5LJ/XT/ZfNthyi
pFVRTpqMa4IefJ0s2U3AbzLPOD0u3p87lG1w4VOzTd3os9SKei4MwxEBjb86URy8
JgItrGc/hCrL4IyRCgj+drS7ycHqPxW6sOF3dek5ZWXG3C3OsB9I0O/c7RxaR00p
YyU4o5oHSGCk7YzHE38QsgC7WYTIzMJad8BhpIXzlP0GP8jbcqoYrJ0DhUR0mQ7+
FJgH6XhM+7N+C2OPEPjLGSl5u6CSahVG5YnackC9Hlr3AupcLJuTwrjMbl8OU7z2
abVRg8YpFAHwkCQHeVIJj7/ft/rDk4jZo0kCcI30Ad0=
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:31:01 2024 by rpki-client on console-ams.rpki-client.org