Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/C116wQNkTefqVGTe2AFm3uLaYu0.roa
File: C116wQNkTefqVGTe2AFm3uLaYu0.roa (raw, json)
Hash identifier: m8ZiDIm085SVb965zSc9nWAXnZc5mxGFKiTuDn3qMBM=
Subject key identifier: 0B:5D:7A:C1:03:64:4D:E7:EA:54:64:DE:D8:01:66:DE:E2:DA:62:ED
Certificate issuer: /CN=5753c06290a371994d7577318685f5bc4a538d47
Certificate serial: 018BAFDCAE55969E00E9D6D0F315F322EABC
Authority key identifier: 57:53:C0:62:90:A3:71:99:4D:75:77:31:86:85:F5:BC:4A:53:8D:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V1PAYpCjcZlNdXcxhoX1vEpTjUc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/C116wQNkTefqVGTe2AFm3uLaYu0.roa
Signing time: Wed 08 Nov 2023 16:55:57 +0000
ROA not before: Wed 08 Nov 2023 16:55:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200845
IP address blocks: 158.172.131.0/24 maxlen: 24
158.172.130.0/24 maxlen: 24
158.172.128.0/22 maxlen: 22
158.172.129.0/24 maxlen: 24
158.172.128.0/23 maxlen: 23
158.172.128.0/21 maxlen: 21
158.172.128.0/24 maxlen: 24
158.172.132.0/24 maxlen: 24
158.172.132.0/22 maxlen: 22
158.172.136.0/22 maxlen: 22
158.172.135.0/24 maxlen: 24
158.172.134.0/24 maxlen: 24
158.172.133.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:af:dc:ae:55:96:9e:00:e9:d6:d0:f3:15:f3:22:ea:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5753c06290a371994d7577318685f5bc4a538d47
Validity
Not Before: Nov 8 16:55:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0b5d7ac103644de7ea5464ded80166dee2da62ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:88:a6:fe:0c:aa:0f:4a:04:6d:cf:71:d7:cb:
16:4c:94:12:2c:5c:e2:75:22:5c:de:4c:8a:50:11:
e4:ef:16:b4:c4:28:f5:4b:b9:2d:fe:8e:81:86:46:
3d:52:90:b4:f0:d0:c3:17:6b:f4:7b:75:c0:44:4d:
0c:23:02:88:7f:f2:3c:24:94:71:ec:3c:7b:2d:bc:
ec:85:f2:39:09:d2:99:0d:1b:cd:39:a1:54:05:cf:
8a:0b:5e:89:49:b8:dd:7f:12:13:e9:10:26:50:a1:
57:88:c1:91:82:6d:de:20:f4:23:c4:6d:3f:29:8a:
4a:b0:1f:14:0d:f2:20:05:16:62:1b:1e:81:85:0e:
66:72:ae:58:ca:16:e2:8d:03:8c:9d:ea:f9:f2:d3:
39:70:08:27:f9:2c:a8:e0:bd:ef:88:8f:97:e3:54:
d0:92:40:f3:77:49:00:bd:d6:a0:75:50:25:9d:cc:
b1:b8:31:05:42:c6:d2:32:f0:36:8c:a6:48:16:37:
e9:d2:1f:a3:b8:aa:18:3b:1f:c7:7f:6d:c0:1f:c8:
91:0c:4a:d9:7b:26:52:c4:03:40:58:51:5e:1e:03:
12:f4:6b:75:ff:1c:50:b3:e7:e4:93:0f:ac:ca:22:
54:c0:58:a8:21:cf:d2:eb:8e:9b:82:a0:b0:3c:cb:
71:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:5D:7A:C1:03:64:4D:E7:EA:54:64:DE:D8:01:66:DE:E2:DA:62:ED
X509v3 Authority Key Identifier:
keyid:57:53:C0:62:90:A3:71:99:4D:75:77:31:86:85:F5:BC:4A:53:8D:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V1PAYpCjcZlNdXcxhoX1vEpTjUc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/C116wQNkTefqVGTe2AFm3uLaYu0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/V1PAYpCjcZlNdXcxhoX1vEpTjUc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.172.128.0-158.172.139.255
Signature Algorithm: sha256WithRSAEncryption
70:3e:6a:c5:95:7a:83:58:63:ac:82:4c:2f:a2:9d:f1:07:10:
3f:e4:bd:d6:1f:f8:cd:fc:18:10:6a:89:ea:41:25:27:ee:c0:
3a:f1:af:79:6b:7e:7e:df:f8:d0:7e:69:a0:3d:8c:26:c0:d3:
bd:08:b8:ec:c4:aa:52:81:19:74:cd:ce:01:0f:50:c9:32:63:
f4:30:98:96:5a:1a:ae:b5:98:3a:cb:e9:b3:e5:dc:16:00:15:
9f:0e:ed:48:97:5d:28:34:91:1b:bd:e1:60:6f:5e:4d:01:d6:
32:8a:1b:32:cb:e9:c3:2d:d0:fc:89:3c:d4:65:4e:c6:24:1a:
c1:72:51:f5:1d:97:15:6a:e4:42:9b:18:6c:22:3f:db:ad:9e:
75:9e:16:c0:28:22:0e:a5:d0:0e:51:de:90:4c:65:6f:a3:a7:
12:11:f9:43:fc:0e:3b:a0:1c:e3:c4:88:3f:2c:28:22:27:b9:
f9:72:11:0b:0a:13:20:08:86:a5:2c:a8:82:76:22:ef:f6:d7:
95:9e:50:56:8d:ce:f8:55:aa:2b:ff:f3:88:a0:8f:9b:07:25:
a0:cd:30:ca:d9:b5:83:48:ba:d9:b8:7b:07:bf:09:69:66:15:
3f:26:74:86:72:bf:e2:4a:ce:6e:1a:a0:32:a6:8c:78:f2:63:
9d:68:88:09
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYuv3K5Vlp4A6dbQ8xXzIuq8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3NTNjMDYyOTBhMzcxOTk0ZDc1NzczMTg2ODVmNWJjNGE1
MzhkNDcwHhcNMjMxMTA4MTY1NTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjVkN2FjMTAzNjQ0ZGU3ZWE1NDY0ZGVkODAxNjZkZWUyZGE2MmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAioim/gyqD0oEbc9x18sWTJQSLFzi
dSJc3kyKUBHk7xa0xCj1S7kt/o6BhkY9UpC08NDDF2v0e3XARE0MIwKIf/I8JJRx
7Dx7LbzshfI5CdKZDRvNOaFUBc+KC16JSbjdfxIT6RAmUKFXiMGRgm3eIPQjxG0/
KYpKsB8UDfIgBRZiGx6BhQ5mcq5YyhbijQOMner58tM5cAgn+Syo4L3viI+X41TQ
kkDzd0kAvdagdVAlncyxuDEFQsbSMvA2jKZIFjfp0h+juKoYOx/Hf23AH8iRDErZ
eyZSxANAWFFeHgMS9Gt1/xxQs+fkkw+syiJUwFioIc/S646bgqCwPMtx1QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFAtdesEDZE3n6lRk3tgBZt7i2mLtMB8GA1UdIwQY
MBaAFFdTwGKQo3GZTXV3MYaF9bxKU41HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjFQQVlwQ2pjWmxOZFhjeGhvWDF2RXBUalVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9iNDFhYjYtYjlmMy00YjRhLTliN2It
MWVkMTA5NTRiZDk2LzEvQzExNndRTmtUZWZxVkdUZTJBRm0zdUxhWXUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9iNDFhYjYtYjlmMy00YjRhLTliN2ItMWVkMTA5NTRiZDk2
LzEvVjFQQVlwQ2pjWmxOZFhjeGhvWDF2RXBUalVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAeerIAD
BAKerIgwDQYJKoZIhvcNAQELBQADggEBAHA+asWVeoNYY6yCTC+infEHED/kvdYf
+M38GBBqiepBJSfuwDrxr3lrfn7f+NB+aaA9jCbA070IuOzEqlKBGXTNzgEPUMky
Y/QwmJZaGq61mDrL6bPl3BYAFZ8O7UiXXSg0kRu94WBvXk0B1jKKGzLL6cMt0PyJ
PNRlTsYkGsFyUfUdlxVq5EKbGGwiP9utnnWeFsAoIg6l0A5R3pBMZW+jpxIR+UP8
DjugHOPEiD8sKCInuflyEQsKEyAIhqUsqIJ2Iu/215WeUFaNzvhVqiv/84igj5sH
JaDNMMrZtYNIutm4ewe/CWlmFT8mdIZyv+JKzm4aoDKmjHjyY51oiAk=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:27 2023 by rpki-client on console.sobornost.net