Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/NAFGGswEPpSaMAgIuPtINwHcfuk.roa
File: NAFGGswEPpSaMAgIuPtINwHcfuk.roa (raw, json)
Hash identifier: /phuqdQkdlQJuVW8z4MjLqzPUKfah38ZCVp2ZGfq18Y=
Subject key identifier: 34:01:46:1A:CC:04:3E:94:9A:30:08:08:B8:FB:48:37:01:DC:7E:E9
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 018F0647547D4280AF8B23A1DC8463687555
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/NAFGGswEPpSaMAgIuPtINwHcfuk.roa
Signing time: Mon 22 Apr 2024 14:48:08 +0000
ROA not before: Mon 22 Apr 2024 14:48:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 146.19.20.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 25 Apr 2024 12:30:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:06:47:54:7d:42:80:af:8b:23:a1:dc:84:63:68:75:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Apr 22 14:48:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3401461acc043e949a300808b8fb483701dc7ee9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:67:b9:07:00:b1:30:06:ba:3b:4b:c2:5a:8a:
e5:a7:5e:6e:64:69:25:da:5d:8c:e1:54:d2:08:53:
15:ec:ef:3e:47:47:68:f2:2b:19:f4:64:73:79:8a:
61:cd:72:95:d4:81:a5:5b:02:b5:c8:3a:83:ba:a8:
04:16:41:fb:fb:85:6b:96:5d:25:7e:87:cb:60:b4:
f8:35:d2:cf:40:22:4b:31:2c:e1:a9:19:9c:02:ad:
e1:02:48:09:d0:33:7c:35:80:47:03:0d:a3:b9:bc:
cc:6d:db:15:99:c7:47:c5:fe:5a:b8:b8:c7:78:0a:
63:e1:9d:43:78:b9:a5:29:a2:72:4c:4a:da:39:4b:
51:8d:6a:d1:ce:63:fc:f1:9f:8d:50:00:0f:9b:0a:
e0:18:42:e1:d8:e1:e4:02:25:1f:79:c5:63:ae:48:
2e:f8:99:b7:d3:59:b1:6d:e8:da:4e:6e:2f:5f:4f:
00:95:ad:c1:67:db:25:37:fc:c8:d5:aa:f9:91:47:
05:a7:19:68:51:3c:6e:2c:1c:2e:f3:d5:78:55:e1:
87:7b:30:8e:9a:7b:1c:81:2f:05:32:8a:31:5e:1c:
f5:26:84:b4:43:7e:18:7a:00:15:15:f9:87:96:d1:
6c:0e:94:89:bc:ef:86:2c:cf:a6:df:5d:2c:7f:2b:
24:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:01:46:1A:CC:04:3E:94:9A:30:08:08:B8:FB:48:37:01:DC:7E:E9
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/NAFGGswEPpSaMAgIuPtINwHcfuk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.20.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:d4:87:74:fa:76:b5:c9:5c:a0:bc:5a:1a:71:0b:d0:bc:38:
79:be:0f:1e:d7:e2:63:b5:d9:26:fc:a0:e7:82:e4:f8:07:b0:
22:7f:b1:69:7d:a6:45:07:a0:0d:f3:fb:a4:9c:08:ba:02:cf:
cd:27:b2:8d:ef:bb:d2:63:09:ca:29:73:ef:74:a0:b0:e2:72:
22:b5:11:8f:e9:09:19:aa:a9:b4:be:a8:35:af:57:03:87:d9:
22:3e:ca:0e:83:86:af:12:13:a7:f0:32:00:87:0c:f3:92:b3:
ca:df:28:6d:b1:91:c1:83:f5:e6:63:66:96:6a:fb:88:43:bf:
11:66:55:9b:f9:a7:5c:7d:e4:39:74:be:67:f7:2a:b3:fa:c0:
fe:8d:ac:27:cc:27:1e:a7:ba:a5:f2:b4:a2:87:02:c5:b3:69:
a2:c6:5a:21:e5:b4:e6:0a:4e:ab:ca:bf:dd:be:7c:3b:8f:0f:
96:58:cb:b3:68:d9:a0:06:92:1d:d9:e2:37:06:6e:cf:08:e5:
aa:05:6c:5f:95:31:2e:3f:d4:cf:9d:a1:48:7b:25:60:ac:d1:
d3:da:9d:7f:86:6a:ba:c4:e7:a9:b7:2b:ad:12:38:c8:53:ef:
86:6c:4b:14:cd:77:f6:a2:bb:8a:7f:de:ba:13:ef:5c:ea:87:
83:2b:d2:5e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY8GR1R9QoCviyOh3IRjaHVVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjQwNDIyMTQ0ODA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDAxNDYxYWNjMDQzZTk0OWEzMDA4MDhiOGZiNDgzNzAxZGM3ZWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk2e5BwCxMAa6O0vCWorlp15uZGkl
2l2M4VTSCFMV7O8+R0do8isZ9GRzeYphzXKV1IGlWwK1yDqDuqgEFkH7+4Vrll0l
fofLYLT4NdLPQCJLMSzhqRmcAq3hAkgJ0DN8NYBHAw2jubzMbdsVmcdHxf5auLjH
eApj4Z1DeLmlKaJyTEraOUtRjWrRzmP88Z+NUAAPmwrgGELh2OHkAiUfecVjrkgu
+Jm301mxbejaTm4vX08Ala3BZ9slN/zI1ar5kUcFpxloUTxuLBwu89V4VeGHezCO
mnscgS8FMooxXhz1JoS0Q34YegAVFfmHltFsDpSJvO+GLM+m310sfyskywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDQBRhrMBD6UmjAICLj7SDcB3H7pMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvTkFGR0dzd0VQcFNhTUFnSXVQdElOd0hjZnVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkhMUMA0G
CSqGSIb3DQEBCwUAA4IBAQBO1Id0+na1yVygvFoacQvQvDh5vg8e1+Jjtdkm/KDn
guT4B7Aif7FpfaZFB6AN8/uknAi6As/NJ7KN77vSYwnKKXPvdKCw4nIitRGP6QkZ
qqm0vqg1r1cDh9kiPsoOg4avEhOn8DIAhwzzkrPK3yhtsZHBg/XmY2aWavuIQ78R
ZlWb+adcfeQ5dL5n9yqz+sD+jawnzCcep7ql8rSihwLFs2mixloh5bTmCk6ryr/d
vnw7jw+WWMuzaNmgBpId2eI3Bm7PCOWqBWxflTEuP9TPnaFIeyVgrNHT2p1/hmq6
xOeptyutEjjIU++GbEsUzXf2oruKf966E+9c6oeDK9Je
-----END CERTIFICATE-----
Generated at Thu Apr 25 15:37:21 2024 by rpki-client on console-ams.rpki-client.org