Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/1-gCgVzhW04c2zPqhksQ0UI8PmZs.roa
File: 1-gCgVzhW04c2zPqhksQ0UI8PmZs.roa (raw, json)
Hash identifier: 95GRKj13LvZAY2cT+0RxG668aBHBCBFqAFNdQQPWZpY=
Subject key identifier: FA:00:A0:57:38:56:D3:87:36:CC:FA:A1:92:C4:34:50:8F:0F:99:9B
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0194B1F45341CBCF705477E23489B6DD467E
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/1-gCgVzhW04c2zPqhksQ0UI8PmZs.roa
Signing time: Wed 29 Jan 2025 12:06:06 +0000
ROA not before: Wed 29 Jan 2025 12:06:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213499
IP address blocks: 146.158.92.0/23 maxlen: 24
Validation: Failed, certificate revoked on Fri 07 Feb 2025 13:26:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:b1:f4:53:41:cb:cf:70:54:77:e2:34:89:b6:dd:46:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 29 12:06:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fa00a0573856d38736ccfaa192c434508f0f999b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:9e:1e:78:73:18:3f:5a:fd:54:4e:c0:cb:7a:
c1:bd:72:88:8c:f7:24:3c:e6:8c:ab:66:af:e8:90:
97:fb:2f:19:c2:6c:1f:27:86:c6:92:e1:ee:df:a6:
f4:d5:62:38:58:85:c5:f2:ed:cf:83:90:a5:13:31:
06:1c:6d:46:f4:d4:21:78:7f:68:44:0a:18:e1:7f:
07:04:4b:05:d7:36:dc:98:02:61:cb:33:87:67:1b:
5d:32:c2:e9:dc:bb:2f:3b:ce:5c:dd:50:80:25:bc:
ac:4f:77:31:1e:91:fb:ce:7b:e2:1b:b2:ea:16:90:
f0:28:4c:19:28:17:67:7b:6e:c8:23:ee:97:b2:91:
c4:a9:0b:4e:fa:77:ae:5c:38:36:83:27:2f:2f:b4:
8e:fb:3c:e1:0c:16:94:75:5f:f3:b0:f4:4f:06:ba:
49:fd:bd:65:6d:a9:7d:36:56:77:28:1e:6a:0c:dc:
38:cc:f2:a8:c0:cc:18:89:80:a7:52:18:7e:71:33:
37:0a:25:44:03:23:fa:cb:79:71:42:a1:84:71:4b:
89:94:b3:34:38:19:4d:06:3b:c8:75:b3:ef:65:ae:
26:d4:f8:2d:5d:bc:5c:ff:b0:bd:61:8e:1c:f2:b0:
e2:ff:1a:3c:c8:d7:ec:98:3b:07:47:e7:ac:cd:c7:
3a:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:00:A0:57:38:56:D3:87:36:CC:FA:A1:92:C4:34:50:8F:0F:99:9B
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/1-gCgVzhW04c2zPqhksQ0UI8PmZs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.158.92.0/23
Signature Algorithm: sha256WithRSAEncryption
a4:fc:cd:db:01:6e:f1:40:08:8b:72:f2:cc:c1:9b:e6:97:25:
ac:af:05:d0:57:de:8c:59:95:7f:c6:46:ee:0c:c0:77:67:44:
f7:85:5c:1e:63:f4:37:03:fb:b6:1b:33:8e:eb:16:2c:55:73:
37:f3:59:43:8a:99:70:57:73:86:c0:6e:74:b6:e5:80:7c:b7:
28:57:83:47:45:f6:8d:83:b5:e7:6a:b1:1c:89:d4:64:94:a0:
a5:ee:e6:b4:16:b5:2a:d3:ac:e1:04:4d:36:d7:02:ed:e9:8a:
07:ff:8b:2f:33:75:b3:6d:63:91:ad:09:d1:56:f5:f0:43:9d:
cd:db:02:55:50:a5:6d:e7:8f:3f:1c:83:7d:bf:32:7f:53:df:
80:f7:3e:a1:30:31:c3:97:2d:d3:68:13:8d:83:b0:a5:9a:d2:
2a:d0:1e:6a:69:1a:60:e7:8c:37:06:63:f5:b3:ea:ea:c6:a3:
9a:fb:c1:ee:dd:30:1a:9d:76:75:8d:d6:7d:b4:54:89:24:66:
1b:03:d9:5b:db:8e:64:da:c6:f5:db:36:cd:c4:4b:d4:bb:f8:
08:4d:87:4d:52:d3:c9:f8:26:68:89:9f:4c:eb:03:a2:0d:63:
85:fb:f9:41:59:b8:85:1e:69:2a:c7:23:74:4f:cc:ab:93:83:
ed:d9:31:5e
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZSx9FNBy89wVHfiNIm23UZ+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjUwMTI5MTIwNjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTAwYTA1NzM4NTZkMzg3MzZjY2ZhYTE5MmM0MzQ1MDhmMGY5OTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZ4eeHMYP1r9VE7Ay3rBvXKIjPck
POaMq2av6JCX+y8ZwmwfJ4bGkuHu36b01WI4WIXF8u3Pg5ClEzEGHG1G9NQheH9o
RAoY4X8HBEsF1zbcmAJhyzOHZxtdMsLp3LsvO85c3VCAJbysT3cxHpH7znviG7Lq
FpDwKEwZKBdne27II+6XspHEqQtO+neuXDg2gycvL7SO+zzhDBaUdV/zsPRPBrpJ
/b1lbal9NlZ3KB5qDNw4zPKowMwYiYCnUhh+cTM3CiVEAyP6y3lxQqGEcUuJlLM0
OBlNBjvIdbPvZa4m1PgtXbxc/7C9YY4c8rDi/xo8yNfsmDsHR+eszcc6RQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPoAoFc4VtOHNsz6oZLENFCPD5mbMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvMS1nQ2dWemhXMDRjMnpQcWhrc1EwVUk4UG1acy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTgvMThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJl
ZC8xL2RKRWl3MVE0cE9zbUl6X2Nia3V4M3kycTcwSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAZKeXDAN
BgkqhkiG9w0BAQsFAAOCAQEApPzN2wFu8UAIi3LyzMGb5pclrK8F0FfejFmVf8ZG
7gzAd2dE94VcHmP0NwP7thszjusWLFVzN/NZQ4qZcFdzhsBudLblgHy3KFeDR0X2
jYO152qxHInUZJSgpe7mtBa1KtOs4QRNNtcC7emKB/+LLzN1s21jka0J0Vb18EOd
zdsCVVClbeePPxyDfb8yf1PfgPc+oTAxw5ct02gTjYOwpZrSKtAeamkaYOeMNwZj
9bPq6sajmvvB7t0wGp12dY3WfbRUiSRmGwPZW9uOZNrG9ds2zcRL1Lv4CE2HTVLT
yfgmaImfTOsDog1jhfv5QVm4hR5pKscjdE/Mq5OD7dkxXg==
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:58:30 2025 by rpki-client