Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/4VDp4PRp1-q8L2IaTSVo9G7yvIQ.roa
File: 4VDp4PRp1-q8L2IaTSVo9G7yvIQ.roa (raw, json)
Hash identifier: OOoQ9K8k80qT1qmHs0DuoHZK1Qor7lia4c2mw3PB/9Y=
Subject key identifier: E1:50:E9:E0:F4:69:D7:EA:BC:2F:62:1A:4D:25:68:F4:6E:F2:BC:84
Certificate issuer: /CN=6d6fbfa9753db8d846433db5351d9a9ec07c96bd
Certificate serial: 012043
Authority key identifier: 6D:6F:BF:A9:75:3D:B8:D8:46:43:3D:B5:35:1D:9A:9E:C0:7C:96:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bW-_qXU9uNhGQz21NR2ansB8lr0.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/4VDp4PRp1-q8L2IaTSVo9G7yvIQ.roa
Signing time: Tue 18 Jul 2023 01:06:46 +0000
ROA not before: Tue 18 Jul 2023 01:06:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58367
IP address blocks: 147.28.8.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 22 Feb 2024 01:56:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73795 (0x12043)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d6fbfa9753db8d846433db5351d9a9ec07c96bd
Validity
Not Before: Jul 18 01:06:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=E150E9E0F469D7EABC2F621A4D2568F46EF2BC84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:f3:6b:ef:00:81:73:21:c9:ad:6a:3c:ae:04:
ef:f1:50:78:d2:17:8b:97:72:cc:6c:8f:c8:19:5a:
75:bf:b5:80:bc:e9:eb:20:3b:d0:9e:e5:72:5a:d7:
13:a8:94:87:6d:2b:5f:b0:cd:cf:a9:71:ae:1a:87:
ac:28:f0:99:2f:1b:46:ab:cb:6f:bc:1f:7d:99:56:
aa:a1:1e:89:92:86:1d:fa:1d:eb:61:0a:44:bf:71:
fc:db:a8:34:66:03:1f:db:c9:73:0c:54:f8:eb:2a:
67:db:d2:e6:00:4a:86:ca:d4:80:c4:e6:bd:e3:8b:
b9:e4:3b:f0:67:ca:0d:82:9b:66:b8:22:4c:65:58:
6e:9f:93:11:48:c6:03:3c:bf:81:83:8a:38:c7:51:
51:07:58:6d:63:75:ba:b4:08:a5:ff:de:17:34:7f:
03:10:bc:5e:89:e8:c1:3a:c5:b9:a1:a8:24:fb:07:
59:7d:08:8c:69:3b:0d:87:f7:c5:4c:e9:8c:33:92:
e4:1c:10:85:35:31:51:e7:51:9b:33:fb:53:6a:e5:
73:b7:a2:77:ac:34:25:ab:b7:cc:d6:15:95:b9:4b:
d7:e3:0d:23:ea:47:a5:2d:6a:74:28:43:97:96:31:
e5:15:44:fb:37:1d:1e:1b:7b:ef:6b:03:47:78:3f:
f1:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:50:E9:E0:F4:69:D7:EA:BC:2F:62:1A:4D:25:68:F4:6E:F2:BC:84
X509v3 Authority Key Identifier:
keyid:6D:6F:BF:A9:75:3D:B8:D8:46:43:3D:B5:35:1D:9A:9E:C0:7C:96:BD
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/bW-_qXU9uNhGQz21NR2ansB8lr0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bW-_qXU9uNhGQz21NR2ansB8lr0.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/4VDp4PRp1-q8L2IaTSVo9G7yvIQ.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.8.0/23
Signature Algorithm: sha256WithRSAEncryption
bb:be:2d:01:f3:2c:68:db:59:1a:92:35:33:0c:98:e6:79:62:
12:63:aa:d8:69:31:f6:a3:ac:ce:6a:4f:f9:b6:c2:af:a0:fa:
e8:64:50:52:f6:95:0e:bc:8a:8a:df:d4:ef:ee:d2:73:d4:ea:
e7:1d:83:e5:f1:d4:18:38:f5:b1:47:44:24:0f:6e:b9:f0:6a:
60:7b:43:4e:02:aa:1c:fa:fc:00:c1:93:ca:d3:c8:8f:00:d1:
af:2e:7f:72:9d:22:60:19:7e:90:e0:1a:ac:f5:50:3d:cd:e3:
c7:f6:f8:b7:d4:fe:19:d9:db:fd:94:49:7e:31:2d:df:47:67:
33:22:6d:c5:02:49:e3:b9:87:66:dd:03:91:81:6f:83:26:bd:
c3:a9:6b:12:92:5d:a0:59:92:d2:f2:19:bd:ff:12:b0:51:63:
36:fd:9d:c1:a2:0b:f3:a4:61:cc:dc:28:a2:a4:f5:7f:7c:27:
b1:30:1e:51:4e:46:31:93:a8:8d:c4:7e:49:92:f8:0a:31:b5:
5c:df:e6:54:66:65:30:3b:13:ac:74:6d:9c:2e:54:dd:f9:8a:
40:c1:9e:78:2b:dc:b4:e6:6e:1f:e9:25:3a:d7:82:e1:05:de:
93:af:c6:c3:d2:3d:5d:0b:1d:e8:79:75:1f:65:76:d3:54:46:
d3:3e:cf:8d
-----BEGIN CERTIFICATE-----
MIIEuTCCA6GgAwIBAgIDASBDMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDZk
NmZiZmE5NzUzZGI4ZDg0NjQzM2RiNTM1MWQ5YTllYzA3Yzk2YmQwHhcNMjMwNzE4
MDEwNjQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhFMTUwRTlFMEY0NjlE
N0VBQkMyRjYyMUE0RDI1NjhGNDZFRjJCQzg0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAxPNr7wCBcyHJrWo8rgTv8VB40heLl3LMbI/IGVp1v7WAvOnr
IDvQnuVyWtcTqJSHbStfsM3PqXGuGoesKPCZLxtGq8tvvB99mVaqoR6JkoYd+h3r
YQpEv3H826g0ZgMf28lzDFT46ypn29LmAEqGytSAxOa944u55DvwZ8oNgptmuCJM
ZVhun5MRSMYDPL+Bg4o4x1FRB1htY3W6tAil/94XNH8DELxeiejBOsW5oagk+wdZ
fQiMaTsNh/fFTOmMM5LkHBCFNTFR51GbM/tTauVzt6J3rDQlq7fM1hWVuUvX4w0j
6kelLWp0KEOXljHlFUT7Nx0eG3vvawNHeD/xjwIDAQABo4IB1DCCAdAwHQYDVR0O
BBYEFOFQ6eD0adfqvC9iGk0laPRu8ryEMB8GA1UdIwQYMBaAFG1vv6l1PbjYRkM9
tTUdmp7AfJa9MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwUAYDVR0fBEkwRzBF
oEOgQYY/cnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9SR25ldC1PVS9iVy1fcVhVOXVO
aEdRejIxTlIyYW5zQjhscjAuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggrBgEFBQcw
AoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iVy1f
cVhVOXVOaEdRejIxTlIyYW5zQjhscjAuY2VyMA4GA1UdDwEB/wQEAwIHgDCBigYI
KwYBBQUHAQsEfjB8MEsGCCsGAQUFBzALhj9yc3luYzovL2NhLnJnLm5ldC9ycGtp
L1JHbmV0LU9VLzRWRHA0UFJwMS1xOEwySWFUU1ZvOUc3eXZJUS5yb2EwLQYIKwYB
BQUHMA2GIWh0dHBzOi8vY2EucmcubmV0L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEF
BQcBBwEB/wQQMA4wDAQCAAEwBgMEAZMcCDANBgkqhkiG9w0BAQsFAAOCAQEAu74t
AfMsaNtZGpI1MwyY5nliEmOq2Gkx9qOszmpP+bbCr6D66GRQUvaVDryKit/U7+7S
c9Tq5x2D5fHUGDj1sUdEJA9uufBqYHtDTgKqHPr8AMGTytPIjwDRry5/cp0iYBl+
kOAarPVQPc3jx/b4t9T+Gdnb/ZRJfjEt30dnMyJtxQJJ47mHZt0DkYFvgya9w6lr
EpJdoFmS0vIZvf8SsFFjNv2dwaIL86RhzNwooqT1f3wnsTAeUU5GMZOojcR+SZL4
CjG1XN/mVGZlMDsTrHRtnC5U3fmKQMGeeCvctOZuH+klOteC4QXek6/Gw9I9XQsd
6Hl1H2V201RG0z7PjQ==
-----END CERTIFICATE-----
Generated at Thu Feb 22 04:41:48 2024 by rpki-client on console-ams.rpki-client.org