Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/02ac2d-0e8b-4b77-8d29-486334de7127/1/tcrFMZMd-ooQJ2ErM5fW_nlOujw.roa
File: tcrFMZMd-ooQJ2ErM5fW_nlOujw.roa (raw, json)
Hash identifier: EPbNd/9w5v6PnzJPwdfMUMUNqw6EgxKdSy/OfdACgxg=
Subject key identifier: B5:CA:C5:31:93:1D:FA:8A:10:27:61:2B:33:97:D6:FE:79:4E:BA:3C
Certificate issuer: /CN=3a178048d127af3433f17bccda5d07d657eca688
Certificate serial: 018570F09B3AD954FE69322717B371B0F85D
Authority key identifier: 3A:17:80:48:D1:27:AF:34:33:F1:7B:CC:DA:5D:07:D6:57:EC:A6:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OheASNEnrzQz8XvM2l0H1lfspog.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/02ac2d-0e8b-4b77-8d29-486334de7127/1/tcrFMZMd-ooQJ2ErM5fW_nlOujw.roa
Signing time: Mon 02 Jan 2023 05:24:54 +0000
ROA not before: Mon 02 Jan 2023 05:24:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 146.19.142.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:f0:9b:3a:d9:54:fe:69:32:27:17:b3:71:b0:f8:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a178048d127af3433f17bccda5d07d657eca688
Validity
Not Before: Jan 2 05:24:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b5cac531931dfa8a1027612b3397d6fe794eba3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:57:e6:db:92:a2:65:66:3a:d6:5e:ae:33:bb:
b6:ad:3c:8e:6f:d0:b8:67:82:25:15:c5:e6:66:ea:
75:fd:cf:12:1b:da:33:43:16:6b:29:91:12:2a:bf:
3c:cd:d5:de:d0:10:ed:65:4e:aa:95:ac:f2:2b:79:
2f:45:e3:84:e8:cf:06:95:8b:9e:bf:71:4a:da:e7:
52:7f:83:f2:a8:d6:5c:8e:5d:05:f8:85:bb:50:1b:
3e:ba:5f:ad:34:57:53:ca:f9:8b:a3:ce:9e:5f:41:
c2:6a:84:97:95:af:71:2f:1b:51:8f:da:35:cf:1a:
ff:4e:4f:60:4c:60:34:80:78:bd:69:6a:d5:db:25:
c4:94:75:47:9f:7b:5c:57:72:26:1c:5e:9b:9d:b6:
7c:2d:46:1e:70:99:d8:5d:64:4d:d0:f4:90:77:98:
07:53:90:35:f3:ea:69:fc:b1:b2:91:a3:af:6b:7a:
d8:ed:f4:e2:f3:cb:5f:d4:e6:e1:ed:68:9d:70:e5:
14:8d:18:0b:71:54:bf:e7:ca:50:c3:3f:5b:9d:e2:
c8:27:e5:6f:9e:19:d1:66:61:4a:1f:7a:08:32:7a:
27:ef:1c:74:81:49:66:7b:97:8f:8e:16:d8:dd:87:
ee:2e:43:5c:df:bd:1f:81:8d:69:09:7a:7f:83:2e:
8e:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:CA:C5:31:93:1D:FA:8A:10:27:61:2B:33:97:D6:FE:79:4E:BA:3C
X509v3 Authority Key Identifier:
keyid:3A:17:80:48:D1:27:AF:34:33:F1:7B:CC:DA:5D:07:D6:57:EC:A6:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OheASNEnrzQz8XvM2l0H1lfspog.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/02ac2d-0e8b-4b77-8d29-486334de7127/1/tcrFMZMd-ooQJ2ErM5fW_nlOujw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/02ac2d-0e8b-4b77-8d29-486334de7127/1/OheASNEnrzQz8XvM2l0H1lfspog.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.142.0/24
Signature Algorithm: sha256WithRSAEncryption
31:2d:e9:87:12:0c:3b:db:35:be:b8:0d:79:a3:65:8d:e4:f0:
b6:59:29:cc:26:8c:97:75:95:73:bd:cf:ca:61:1b:aa:92:72:
36:03:c0:5d:80:81:9c:44:cd:92:9d:67:74:f1:08:2c:fc:04:
84:9d:70:27:d9:1f:82:55:0f:4f:f2:fd:94:b1:79:07:9f:9b:
4c:6c:7e:87:1c:63:fe:54:3d:c8:90:c6:e3:c4:f7:1b:aa:6d:
c1:d0:c0:f6:09:a0:5e:54:0f:02:94:06:49:20:e5:37:b4:87:
10:d3:2e:21:60:30:e6:bf:aa:93:7b:3d:7d:4b:db:62:b5:08:
a9:2b:02:77:38:75:97:26:f6:ae:b3:8d:96:7a:3c:07:45:73:
29:ef:67:aa:d5:51:bd:ed:59:bf:da:5a:41:4d:08:0d:b0:9a:
fb:7a:ab:c8:40:f1:36:99:4f:fd:79:61:6d:2f:69:d7:ca:a1:
70:a3:e8:5d:b3:e2:20:e6:2b:4b:c0:f4:82:32:ff:f4:5c:e3:
f6:85:c0:73:d9:48:c3:f3:fc:56:b1:a6:ea:4b:10:74:b1:f1:
b8:5d:83:88:a0:32:5b:36:0d:cc:ec:8f:98:9d:c7:44:c4:2f:
17:2a:a1:cd:af:06:53:bc:5b:ef:68:fa:7f:f3:08:ba:b3:75:
35:7f:09:e3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw8Js62VT+aTInF7NxsPhdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhMTc4MDQ4ZDEyN2FmMzQzM2YxN2JjY2RhNWQwN2Q2NTdl
Y2E2ODgwHhcNMjMwMTAyMDUyNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWNhYzUzMTkzMWRmYThhMTAyNzYxMmIzMzk3ZDZmZTc5NGViYTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiFfm25KiZWY61l6uM7u2rTyOb9C4
Z4IlFcXmZup1/c8SG9ozQxZrKZESKr88zdXe0BDtZU6qlazyK3kvReOE6M8GlYue
v3FK2udSf4PyqNZcjl0F+IW7UBs+ul+tNFdTyvmLo86eX0HCaoSXla9xLxtRj9o1
zxr/Tk9gTGA0gHi9aWrV2yXElHVHn3tcV3ImHF6bnbZ8LUYecJnYXWRN0PSQd5gH
U5A18+pp/LGykaOva3rY7fTi88tf1Obh7WidcOUUjRgLcVS/58pQwz9bneLIJ+Vv
nhnRZmFKH3oIMnon7xx0gUlme5ePjhbY3YfuLkNc370fgY1pCXp/gy6O9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLXKxTGTHfqKECdhKzOX1v55Tro8MB8GA1UdIwQY
MBaAFDoXgEjRJ680M/F7zNpdB9ZX7KaIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2hlQVNORW5yelF6OFh2TTJsMEgxbGZzcG9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8wMmFjMmQtMGU4Yi00Yjc3LThkMjkt
NDg2MzM0ZGU3MTI3LzEvdGNyRk1aTWQtb29RSjJFck01ZldfbmxPdWp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8wMmFjMmQtMGU4Yi00Yjc3LThkMjktNDg2MzM0ZGU3MTI3
LzEvT2hlQVNORW5yelF6OFh2TTJsMEgxbGZzcG9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkhOOMA0G
CSqGSIb3DQEBCwUAA4IBAQAxLemHEgw72zW+uA15o2WN5PC2WSnMJoyXdZVzvc/K
YRuqknI2A8BdgIGcRM2SnWd08Qgs/ASEnXAn2R+CVQ9P8v2UsXkHn5tMbH6HHGP+
VD3IkMbjxPcbqm3B0MD2CaBeVA8ClAZJIOU3tIcQ0y4hYDDmv6qTez19S9titQip
KwJ3OHWXJvaus42WejwHRXMp72eq1VG97Vm/2lpBTQgNsJr7eqvIQPE2mU/9eWFt
L2nXyqFwo+hds+Ig5itLwPSCMv/0XOP2hcBz2UjD8/xWsabqSxB0sfG4XYOIoDJb
Ng3M7I+YncdExC8XKqHNrwZTvFvvaPp/8wi6s3U1fwnj
-----END CERTIFICATE-----
Generated at Tue Jan 2 08:59:49 2024 by rpki-client on console-ams.rpki-client.org