Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/mwIRjaRx7QqAvPQiJyD0-Nuey4k.roa
File: mwIRjaRx7QqAvPQiJyD0-Nuey4k.roa (raw, json)
Hash identifier: diyRNvnVpJNlsYeznuLLLhPwQm2GedBGOxHG+kXmZvc=
Subject key identifier: 9B:02:11:8D:A4:71:ED:0A:80:BC:F4:22:27:20:F4:F8:DB:9E:CB:89
Certificate issuer: /CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
Certificate serial: 0189864441AB63421E2F1B9BF45DD02A3C4B
Authority key identifier: 8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/mwIRjaRx7QqAvPQiJyD0-Nuey4k.roa
Signing time: Mon 24 Jul 2023 04:59:27 +0000
ROA not before: Mon 24 Jul 2023 04:59:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59729
IP address blocks: 158.46.144.0/24 maxlen: 24
158.46.145.0/24 maxlen: 24
158.46.146.0/24 maxlen: 24
158.46.147.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:86:44:41:ab:63:42:1e:2f:1b:9b:f4:5d:d0:2a:3c:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
Validity
Not Before: Jul 24 04:59:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9b02118da471ed0a80bcf4222720f4f8db9ecb89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:a3:33:d4:71:24:1f:79:66:1f:08:77:70:4a:
f6:25:a1:81:83:bc:9c:43:43:f9:41:0c:9e:4e:ae:
8b:38:51:af:0b:f2:07:b0:38:5a:d4:6d:97:4c:90:
cd:71:c3:a6:cb:bf:98:0b:78:b6:a5:79:17:fe:6f:
18:e2:7f:d3:bb:2c:e1:50:97:0b:a7:30:1a:c5:89:
d1:39:dd:5a:aa:90:9e:c5:fa:bb:7a:3c:6f:dc:4e:
89:ae:5d:ae:28:48:c6:30:4f:12:93:b7:26:46:e3:
b4:db:0d:a5:82:a6:87:63:48:ac:18:b9:93:38:94:
f7:87:cd:49:61:dc:15:57:45:13:64:1a:34:2d:bb:
30:b2:bf:6a:5a:e4:a9:12:6d:82:45:ba:4b:f2:ac:
29:3a:f3:70:70:a7:ff:2d:c9:8c:57:80:81:f5:24:
2e:88:48:1c:6a:9c:5e:dc:3a:cd:c9:a8:dc:f5:f1:
8b:b9:1b:5b:47:f8:78:97:45:82:68:ec:0a:cc:f7:
77:16:b1:5a:ed:f6:9a:bc:f8:d7:39:1e:0c:f2:3e:
d2:02:e4:b4:53:c6:7a:72:fd:3c:69:34:ec:df:62:
f9:64:06:32:3a:65:45:04:cb:11:10:d6:4a:80:65:
de:27:c3:79:c6:dd:5d:77:dc:cf:dc:08:67:9c:57:
09:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:02:11:8D:A4:71:ED:0A:80:BC:F4:22:27:20:F4:F8:DB:9E:CB:89
X509v3 Authority Key Identifier:
keyid:8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/mwIRjaRx7QqAvPQiJyD0-Nuey4k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/jRHLAV35uqthIo27zhfdTgDmPBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.46.144.0/22
Signature Algorithm: sha256WithRSAEncryption
05:4d:0e:0a:a6:95:ff:11:34:90:9d:5f:3d:ba:9a:8d:03:5c:
7b:db:41:3a:e5:fe:98:2e:d4:f4:41:c4:cb:79:0a:f6:98:1b:
e1:b9:d0:ac:dc:0c:c0:d1:75:9e:f2:e7:b7:3c:52:5b:67:d1:
99:58:ce:4e:6d:58:70:ab:28:49:36:b3:da:3a:62:49:70:ce:
60:ce:76:e0:d6:63:04:58:de:8e:e7:f0:46:b5:c1:8c:63:d3:
19:8d:dd:b6:f7:97:62:25:69:cb:11:28:1a:3f:23:71:45:92:
c7:c9:d0:20:09:8a:97:8b:97:89:86:c2:8a:78:03:e1:54:31:
1f:b4:78:e7:a0:38:5f:f5:c3:4c:1c:9c:95:e5:a5:e3:7d:fd:
9c:cc:7c:fc:e1:b1:56:86:40:54:28:5d:21:b4:11:a5:e8:56:
fa:f0:e5:e4:cb:dc:f8:b9:00:36:a9:3d:7a:99:39:06:74:75:
ff:73:7f:4b:eb:c8:06:fe:97:46:9d:c9:ea:c2:84:64:9a:da:
c9:f2:90:29:7b:4b:3c:01:7d:3c:4e:06:95:ea:e3:3a:e4:e5:
a8:a4:4c:36:e3:43:33:6b:6c:46:3f:17:a6:5f:61:82:e4:76:
15:db:8d:d9:53:47:00:17:ec:cf:17:76:a9:d6:95:70:0d:b7:
7e:57:24:41
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYmGREGrY0IeLxub9F3QKjxLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMTFjYjAxNWRmOWJhYWI2MTIyOGRiYmNlMTdkZDRlMDBl
NjNjMTMwHhcNMjMwNzI0MDQ1OTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjAyMTE4ZGE0NzFlZDBhODBiY2Y0MjIyNzIwZjRmOGRiOWVjYjg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoaMz1HEkH3lmHwh3cEr2JaGBg7yc
Q0P5QQyeTq6LOFGvC/IHsDha1G2XTJDNccOmy7+YC3i2pXkX/m8Y4n/TuyzhUJcL
pzAaxYnROd1aqpCexfq7ejxv3E6Jrl2uKEjGME8Sk7cmRuO02w2lgqaHY0isGLmT
OJT3h81JYdwVV0UTZBo0Lbswsr9qWuSpEm2CRbpL8qwpOvNwcKf/LcmMV4CB9SQu
iEgcapxe3DrNyajc9fGLuRtbR/h4l0WCaOwKzPd3FrFa7faavPjXOR4M8j7SAuS0
U8Z6cv08aTTs32L5ZAYyOmVFBMsRENZKgGXeJ8N5xt1dd9zP3AhnnFcJFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJsCEY2kce0KgLz0Iicg9PjbnsuJMB8GA1UdIwQY
MBaAFI0RywFd+bqrYSKNu84X3U4A5jwTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEt
YmE3NzFmZmQyNjljLzEvbXdJUmphUng3UXFBdlBRaUp5RDAtTnVleTRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEtYmE3NzFmZmQyNjlj
LzEvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCni6QMA0G
CSqGSIb3DQEBCwUAA4IBAQAFTQ4KppX/ETSQnV89upqNA1x720E65f6YLtT0QcTL
eQr2mBvhudCs3AzA0XWe8ue3PFJbZ9GZWM5ObVhwqyhJNrPaOmJJcM5gznbg1mME
WN6O5/BGtcGMY9MZjd2295diJWnLESgaPyNxRZLHydAgCYqXi5eJhsKKeAPhVDEf
tHjnoDhf9cNMHJyV5aXjff2czHz84bFWhkBUKF0htBGl6Fb68OXky9z4uQA2qT16
mTkGdHX/c39L68gG/pdGncnqwoRkmtrJ8pApe0s8AX08TgaV6uM65OWopEw240Mz
a2xGPxemX2GC5HYV243ZU0cAF+zPF3ap1pVwDbd+VyRB
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:09 2024 by rpki-client on console-ams.rpki-client.org