Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/Cj5ZRKtByA1oSvzgNdbXx2kuZQ4.roa
File: Cj5ZRKtByA1oSvzgNdbXx2kuZQ4.roa (raw, json)
Hash identifier: ZEVMpj1l9RZGSL43WiWgUXRXufJh/xIXULJdQaQWNJ0=
Subject key identifier: 0A:3E:59:44:AB:41:C8:0D:68:4A:FC:E0:35:D6:D7:C7:69:2E:65:0E
Certificate issuer: /CN=6d6fbfa9753db8d846433db5351d9a9ec07c96bd
Certificate serial: 010C71
Authority key identifier: 6D:6F:BF:A9:75:3D:B8:D8:46:43:3D:B5:35:1D:9A:9E:C0:7C:96:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bW-_qXU9uNhGQz21NR2ansB8lr0.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/Cj5ZRKtByA1oSvzgNdbXx2kuZQ4.roa
Signing time: Mon 03 Apr 2023 20:09:53 +0000
ROA not before: Mon 03 Apr 2023 20:09:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3970
IP address blocks: 45.132.188.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 17 Jun 2024 00:14:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 68721 (0x10c71)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d6fbfa9753db8d846433db5351d9a9ec07c96bd
Validity
Not Before: Apr 3 20:09:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0A3E5944AB41C80D684AFCE035D6D7C7692E650E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:7a:a6:f5:46:46:3c:4a:c6:22:71:9f:28:d3:
48:84:fc:0e:38:4d:d0:d3:b5:e5:6c:ba:5e:9b:c2:
ef:00:39:37:49:f7:79:74:1a:39:4d:f7:a1:b4:a3:
96:2a:56:f7:ec:46:f4:9f:f6:48:f2:16:8d:ce:bb:
7d:ac:34:70:ea:27:97:dc:46:c7:36:9f:9f:1b:01:
51:d6:05:e9:68:74:2a:dc:d7:df:44:b7:7a:d6:1d:
b0:f2:31:31:cb:52:94:4f:0a:05:22:1f:63:98:11:
ba:26:11:57:ca:e2:10:d1:98:ca:44:14:1b:44:ae:
76:92:48:1c:cb:62:8b:0c:f3:8f:58:36:f3:04:7e:
bb:4c:d0:a6:61:89:8b:f7:d9:c0:41:a3:dc:a2:e9:
0a:2e:a3:80:27:0a:39:b4:1e:ae:f3:7f:19:17:1c:
9d:d8:b2:3e:99:0e:fc:6c:b8:6b:87:67:b8:93:58:
20:1a:ad:74:78:a7:5a:51:18:47:dc:70:ef:e4:e6:
ec:06:cb:9e:ae:67:4d:5a:4d:ff:06:e9:25:44:ee:
05:19:65:4b:ed:14:48:fd:fd:37:af:cb:2c:c1:32:
9d:c8:76:7d:9c:32:0e:a3:1e:b6:bc:9b:13:7b:8f:
4c:ae:b6:c1:ca:7b:55:4a:34:68:20:76:58:92:f6:
5f:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:3E:59:44:AB:41:C8:0D:68:4A:FC:E0:35:D6:D7:C7:69:2E:65:0E
X509v3 Authority Key Identifier:
keyid:6D:6F:BF:A9:75:3D:B8:D8:46:43:3D:B5:35:1D:9A:9E:C0:7C:96:BD
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/bW-_qXU9uNhGQz21NR2ansB8lr0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bW-_qXU9uNhGQz21NR2ansB8lr0.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/Cj5ZRKtByA1oSvzgNdbXx2kuZQ4.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.132.188.0/22
Signature Algorithm: sha256WithRSAEncryption
2b:af:4f:1f:44:53:16:d5:47:32:b1:a1:0e:82:56:3e:f3:78:
49:1d:6c:2f:9b:77:3e:b6:af:3c:ac:8b:89:f1:9b:95:bc:c6:
e4:7b:c7:6a:18:c4:8c:c2:03:72:78:64:8f:46:ce:4b:38:55:
70:4e:d4:c0:88:c2:e3:6f:bf:36:18:45:8b:d5:79:29:86:ca:
8d:ad:6b:df:9b:b5:3b:c3:9a:c1:67:47:05:99:77:cc:f8:85:
8f:6b:c8:f7:61:de:5e:30:44:4a:0c:51:dc:dd:48:fc:67:88:
40:fd:04:3a:ea:be:00:cc:43:9b:24:4f:61:32:8e:2d:27:1e:
58:0b:6e:91:0a:53:7e:c3:bf:f8:7e:53:56:55:6e:50:92:8c:
7b:1e:95:8a:36:c3:a7:38:40:29:e3:fa:8d:34:57:32:58:ca:
9d:60:43:f3:e7:04:07:e1:ad:d9:df:3b:d8:79:b7:d9:d5:ec:
66:64:7a:00:51:44:da:27:8a:11:6f:e8:73:fe:7a:c5:d7:1e:
c5:a2:49:96:bc:e8:08:49:42:d6:1c:15:46:82:6e:4d:cb:3a:
eb:ca:6c:84:4b:a4:97:d0:dd:5d:9e:9e:a0:a7:38:41:73:e6:
8d:62:bf:2b:a4:9c:15:3d:d6:e5:cf:5c:b6:00:61:e6:d3:c3:
23:86:d8:9f
-----BEGIN CERTIFICATE-----
MIIEuTCCA6GgAwIBAgIDAQxxMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDZk
NmZiZmE5NzUzZGI4ZDg0NjQzM2RiNTM1MWQ5YTllYzA3Yzk2YmQwHhcNMjMwNDAz
MjAwOTUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygwQTNFNTk0NEFCNDFD
ODBENjg0QUZDRTAzNUQ2RDdDNzY5MkU2NTBFMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAm3qm9UZGPErGInGfKNNIhPwOOE3Q07XlbLpem8LvADk3Sfd5
dBo5TfehtKOWKlb37Eb0n/ZI8haNzrt9rDRw6ieX3EbHNp+fGwFR1gXpaHQq3Nff
RLd61h2w8jExy1KUTwoFIh9jmBG6JhFXyuIQ0ZjKRBQbRK52kkgcy2KLDPOPWDbz
BH67TNCmYYmL99nAQaPcoukKLqOAJwo5tB6u838ZFxyd2LI+mQ78bLhrh2e4k1gg
Gq10eKdaURhH3HDv5ObsBsuermdNWk3/BuklRO4FGWVL7RRI/f03r8sswTKdyHZ9
nDIOox62vJsTe49MrrbByntVSjRoIHZYkvZfBQIDAQABo4IB1DCCAdAwHQYDVR0O
BBYEFAo+WUSrQcgNaEr84DXW18dpLmUOMB8GA1UdIwQYMBaAFG1vv6l1PbjYRkM9
tTUdmp7AfJa9MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwUAYDVR0fBEkwRzBF
oEOgQYY/cnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9SR25ldC1PVS9iVy1fcVhVOXVO
aEdRejIxTlIyYW5zQjhscjAuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggrBgEFBQcw
AoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iVy1f
cVhVOXVOaEdRejIxTlIyYW5zQjhscjAuY2VyMA4GA1UdDwEB/wQEAwIHgDCBigYI
KwYBBQUHAQsEfjB8MEsGCCsGAQUFBzALhj9yc3luYzovL2NhLnJnLm5ldC9ycGtp
L1JHbmV0LU9VL0NqNVpSS3RCeUExb1N2emdOZGJYeDJrdVpRNC5yb2EwLQYIKwYB
BQUHMA2GIWh0dHBzOi8vY2EucmcubmV0L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEF
BQcBBwEB/wQQMA4wDAQCAAEwBgMEAi2EvDANBgkqhkiG9w0BAQsFAAOCAQEAK69P
H0RTFtVHMrGhDoJWPvN4SR1sL5t3PravPKyLifGblbzG5HvHahjEjMIDcnhkj0bO
SzhVcE7UwIjC42+/NhhFi9V5KYbKja1r35u1O8OawWdHBZl3zPiFj2vI92HeXjBE
SgxR3N1I/GeIQP0EOuq+AMxDmyRPYTKOLSceWAtukQpTfsO/+H5TVlVuUJKMex6V
ijbDpzhAKeP6jTRXMljKnWBD8+cEB+Gt2d872Hm32dXsZmR6AFFE2ieKEW/oc/56
xdcexaJJlrzoCElC1hwVRoJuTcs668pshEukl9DdXZ6eoKc4QXPmjWK/K6ScFT3W
5c9ctgBh5tPDI4bYnw==
-----END CERTIFICATE-----
Generated at Mon Jun 17 01:05:56 2024 by rpki-client on console-fra.rpki-client.org