Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/1-z65q_jM4dBysaubi7AZhN_ekjg.roa
File: 1-z65q_jM4dBysaubi7AZhN_ekjg.roa (raw, json)
Hash identifier: kzRm12F+GG0VBNuLdnXn0ZOsTMjV6/IIUU7e635rcDM=
Subject key identifier: FB:3E:B9:AB:F8:CC:E1:D0:72:B1:AB:9B:8B:B0:19:84:DF:DE:92:38
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018CCA29FC6E4AEE9C6CD4A08F9DAA4D5089
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/1-z65q_jM4dBysaubi7AZhN_ekjg.roa
Signing time: Tue 02 Jan 2024 12:33:18 +0000
ROA not before: Tue 02 Jan 2024 12:33:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47231
IP address blocks: 146.120.221.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:49:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:fc:6e:4a:ee:9c:6c:d4:a0:8f:9d:aa:4d:50:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 12:33:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fb3eb9abf8cce1d072b1ab9b8bb01984dfde9238
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:87:dc:7a:80:b0:bb:44:59:3b:72:95:1f:33:
41:59:65:3c:41:86:91:c8:97:04:1f:f3:70:d3:86:
59:0a:74:2a:07:49:3b:30:44:66:bf:5d:23:3d:5c:
28:90:55:ee:c9:f7:c6:16:ec:f7:91:4b:71:75:33:
eb:cf:64:bd:50:f7:49:4f:6c:64:10:38:99:3c:1f:
ad:a8:a8:3c:98:46:b2:b8:9f:51:fc:45:8d:d5:5a:
17:98:77:7f:88:a5:0b:7c:95:6a:7e:da:93:f7:20:
7d:8c:0f:da:57:1e:71:a8:66:f9:05:6d:42:b2:38:
98:5c:c5:f6:cf:bf:24:3a:a3:67:df:53:14:61:06:
e3:f8:61:09:74:10:09:71:34:40:22:80:1d:4a:2f:
29:23:2e:85:a5:be:9a:ea:fb:22:44:5a:e8:03:bd:
99:87:94:48:47:ed:10:18:3a:47:3c:64:d4:30:a5:
03:0f:47:a6:51:99:86:a1:5b:97:c0:06:2c:2f:68:
7d:21:81:1b:b3:a5:06:3a:6f:45:6c:96:dc:23:cc:
49:0a:b7:05:58:4d:ab:34:b9:31:18:76:a1:7a:78:
de:58:9f:57:03:4d:ce:1b:3e:81:10:09:25:80:d1:
a4:8e:3a:4a:7f:99:a4:39:6b:99:2a:14:6b:ad:47:
40:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:3E:B9:AB:F8:CC:E1:D0:72:B1:AB:9B:8B:B0:19:84:DF:DE:92:38
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/1-z65q_jM4dBysaubi7AZhN_ekjg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.120.221.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:12:0c:13:db:aa:2f:30:39:ae:75:ca:00:0c:89:57:3e:85:
eb:f3:15:e1:01:fd:ea:f2:eb:2a:2c:80:c3:bd:5b:05:d2:fb:
43:9d:54:70:76:9b:10:cb:21:32:13:f8:ff:ed:90:cf:74:a0:
fd:fb:df:c4:79:ad:f8:da:a2:4c:23:47:0e:3f:0d:19:dd:4d:
90:10:a8:01:f7:cb:f4:98:38:c6:45:42:3a:7a:33:25:bc:bc:
f9:ad:29:7d:56:ce:22:1e:4d:4c:e6:37:27:47:ad:20:31:fc:
00:b9:27:43:4b:f9:ca:2b:d6:c0:2d:d7:0f:9d:6b:ed:dc:39:
8e:bc:0f:a6:ae:82:4e:34:be:dc:61:c0:a3:b5:e3:d9:5e:30:
33:98:0d:fe:ef:83:9b:cc:7d:3a:0e:27:68:68:21:dd:9b:e8:
7c:df:d9:84:d9:88:eb:0e:15:d0:46:c9:75:ac:b6:f1:d2:29:
9e:89:60:25:3f:36:93:a2:09:0e:0a:50:f3:54:e7:60:97:53:
ff:1b:4f:8f:93:a3:e0:51:ac:a3:d3:d8:ed:ab:6f:ac:0c:3e:
08:87:72:cf:61:08:62:c0:7d:20:9d:fb:b5:49:06:d8:44:c9:
65:fb:a2:45:f8:b5:9f:6b:cd:10:b6:4d:66:fd:40:dd:08:83:
30:69:67:8d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzKKfxuSu6cbNSgj52qTVCJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjQwMTAyMTIzMzE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjNlYjlhYmY4Y2NlMWQwNzJiMWFiOWI4YmIwMTk4NGRmZGU5MjM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0YfceoCwu0RZO3KVHzNBWWU8QYaR
yJcEH/Nw04ZZCnQqB0k7MERmv10jPVwokFXuyffGFuz3kUtxdTPrz2S9UPdJT2xk
EDiZPB+tqKg8mEayuJ9R/EWN1VoXmHd/iKULfJVqftqT9yB9jA/aVx5xqGb5BW1C
sjiYXMX2z78kOqNn31MUYQbj+GEJdBAJcTRAIoAdSi8pIy6Fpb6a6vsiRFroA72Z
h5RIR+0QGDpHPGTUMKUDD0emUZmGoVuXwAYsL2h9IYEbs6UGOm9FbJbcI8xJCrcF
WE2rNLkxGHahenjeWJ9XA03OGz6BEAklgNGkjjpKf5mkOWuZKhRrrUdAQQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPs+uav4zOHQcrGrm4uwGYTf3pI4MB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvMS16NjVxX2pNNGRCeXNhdWJpN0FaaE5fZWtqZy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTgvMThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJl
ZC8xL2RKRWl3MVE0cE9zbUl6X2Nia3V4M3kycTcwSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAJJ43TAN
BgkqhkiG9w0BAQsFAAOCAQEAOxIME9uqLzA5rnXKAAyJVz6F6/MV4QH96vLrKiyA
w71bBdL7Q51UcHabEMshMhP4/+2Qz3Sg/fvfxHmt+NqiTCNHDj8NGd1NkBCoAffL
9Jg4xkVCOnozJby8+a0pfVbOIh5NTOY3J0etIDH8ALknQ0v5yivWwC3XD51r7dw5
jrwPpq6CTjS+3GHAo7Xj2V4wM5gN/u+Dm8x9Og4naGgh3ZvofN/ZhNmI6w4V0EbJ
day28dIpnolgJT82k6IJDgpQ81TnYJdT/xtPj5Oj4FGso9PY7atvrAw+CIdyz2EI
YsB9IJ37tUkG2ETJZfuiRfi1n2vNELZNZv1A3QiDMGlnjQ==
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:55:28 2025 by rpki-client