Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/0NVfCGCGvlmakm6Z4Ae5Cg2UQws.roa
File: 0NVfCGCGvlmakm6Z4Ae5Cg2UQws.roa (raw, json)
Hash identifier: dGtyQbmn1mA0X2rj7C5pCsonX/k6BuQ1EhuAt1yGmBI=
Subject key identifier: D0:D5:5F:08:60:86:BE:59:9A:92:6E:99:E0:07:B9:0A:0D:94:43:0B
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018A2BF82ED098E6665F1DB54535C5160F68
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/0NVfCGCGvlmakm6Z4Ae5Cg2UQws.roa
Signing time: Fri 25 Aug 2023 09:13:19 +0000
ROA not before: Fri 25 Aug 2023 09:13:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208087
IP address blocks: 146.120.196.0/23 maxlen: 24
146.120.246.0/23 maxlen: 24
146.120.158.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:2b:f8:2e:d0:98:e6:66:5f:1d:b5:45:35:c5:16:0f:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Aug 25 09:13:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d0d55f086086be599a926e99e007b90a0d94430b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:65:61:f6:7b:ed:f1:8b:41:c4:b3:cf:c2:5d:
17:0d:5a:ea:ee:4e:af:f7:bd:a7:8b:2d:4f:37:75:
e2:0d:14:89:25:4c:37:e7:22:48:dd:52:3a:48:6b:
e1:b4:0e:30:99:42:c7:77:c7:17:80:e4:a7:f9:28:
fe:e4:ee:a2:b9:cd:32:07:b5:c7:cb:e4:ce:32:17:
0e:f0:71:39:50:8f:bf:88:f5:f3:42:d0:24:f4:ff:
57:75:57:eb:eb:8d:e6:04:a8:d0:76:c5:5c:04:f2:
4a:2f:8e:c7:4b:24:49:40:36:d2:b7:cc:34:3d:73:
3a:7f:20:9b:0b:8d:82:fb:85:3e:c0:a6:ef:48:4c:
e4:cc:0e:b6:b0:0f:1c:61:14:90:c3:34:16:37:e2:
17:ff:5d:55:c9:78:71:df:d5:40:10:59:05:af:b0:
25:61:ae:0b:f9:b3:96:c3:dc:d2:c2:94:f5:82:de:
9a:1b:e8:4e:0e:76:57:35:c5:1c:22:94:f7:42:c4:
f2:c8:89:8a:07:27:4a:b1:0b:bf:f1:c2:78:48:45:
66:96:ec:5e:15:a1:7e:99:a9:69:6f:50:43:15:eb:
be:a1:fd:bb:65:22:07:7f:a0:49:bb:12:c7:0e:fd:
a8:f5:45:f3:a4:80:6a:d0:f6:5a:53:06:87:23:a0:
19:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:D5:5F:08:60:86:BE:59:9A:92:6E:99:E0:07:B9:0A:0D:94:43:0B
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/0NVfCGCGvlmakm6Z4Ae5Cg2UQws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.120.158.0/23
146.120.196.0/23
146.120.246.0/23
Signature Algorithm: sha256WithRSAEncryption
90:08:c6:75:50:fe:b5:5f:b8:d7:5a:a8:4f:cb:aa:d5:46:ba:
38:97:ba:b6:c2:48:bf:14:08:39:ff:fe:3f:73:94:be:e0:02:
10:63:63:87:23:53:91:0a:ef:a2:2d:52:8f:a8:89:9d:39:bc:
52:60:64:92:4a:83:8c:78:e3:2b:1a:5c:35:d1:fe:d4:38:33:
89:3b:5b:17:08:af:26:71:8a:22:e4:76:18:a5:13:74:47:56:
2c:fd:74:dd:3e:19:0c:9e:bc:d6:7e:89:2c:45:d1:d3:d3:45:
c8:c9:a4:57:c6:77:1d:18:b2:fe:fe:b4:e9:69:0a:04:1c:da:
80:1b:09:74:96:7f:73:9a:ca:55:d5:d9:5c:63:10:de:ac:f6:
62:61:e6:db:a1:a9:c8:c4:5d:d2:3a:b8:e2:24:e3:d2:b3:d1:
09:48:80:1a:b7:50:4a:ea:65:09:22:70:e9:3e:32:5e:02:00:
59:69:81:30:9f:27:08:58:04:6b:70:63:b5:92:51:4a:12:d8:
ee:4f:29:45:fe:02:de:f9:bc:2f:58:bb:c3:7c:79:5f:c7:cf:
ae:a5:2c:94:32:5b:7b:cb:5c:a4:cf:1b:d6:ee:7c:61:a7:7e:
b0:8f:33:36:4d:4a:d2:f9:2b:52:cc:bc:52:08:45:50:9c:60:
ed:de:ef:71
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYor+C7QmOZmXx21RTXFFg9oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwODI1MDkxMzE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGQ1NWYwODYwODZiZTU5OWE5MjZlOTllMDA3YjkwYTBkOTQ0MzBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqmVh9nvt8YtBxLPPwl0XDVrq7k6v
972niy1PN3XiDRSJJUw35yJI3VI6SGvhtA4wmULHd8cXgOSn+Sj+5O6iuc0yB7XH
y+TOMhcO8HE5UI+/iPXzQtAk9P9XdVfr643mBKjQdsVcBPJKL47HSyRJQDbSt8w0
PXM6fyCbC42C+4U+wKbvSEzkzA62sA8cYRSQwzQWN+IX/11VyXhx39VAEFkFr7Al
Ya4L+bOWw9zSwpT1gt6aG+hODnZXNcUcIpT3QsTyyImKBydKsQu/8cJ4SEVmluxe
FaF+malpb1BDFeu+of27ZSIHf6BJuxLHDv2o9UXzpIBq0PZaUwaHI6AZzQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNDVXwhghr5ZmpJumeAHuQoNlEMLMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvME5WZkNHQ0d2bG1ha202WjRBZTVDZzJVUXdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBknieAwQB
knjEAwQBknj2MA0GCSqGSIb3DQEBCwUAA4IBAQCQCMZ1UP61X7jXWqhPy6rVRro4
l7q2wki/FAg5//4/c5S+4AIQY2OHI1ORCu+iLVKPqImdObxSYGSSSoOMeOMrGlw1
0f7UODOJO1sXCK8mcYoi5HYYpRN0R1Ys/XTdPhkMnrzWfoksRdHT00XIyaRXxncd
GLL+/rTpaQoEHNqAGwl0ln9zmspV1dlcYxDerPZiYebboanIxF3SOrjiJOPSs9EJ
SIAat1BK6mUJInDpPjJeAgBZaYEwnycIWARrcGO1klFKEtjuTylF/gLe+bwvWLvD
fHlfx8+upSyUMlt7y1ykzxvW7nxhp36wjzM2TUrS+StSzLxSCEVQnGDt3u9x
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:59 2024 by rpki-client on console-ams.rpki-client.org