Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/M2zmymh05or-C-pRHO-JYkheIi0.roa
File: M2zmymh05or-C-pRHO-JYkheIi0.roa (raw, json)
Hash identifier: B+FN+vHeUXpmtrjboITwhOpHF0kjwe79sgD82hFJEMU=
Subject key identifier: 33:6C:E6:CA:68:74:E6:8A:FE:0B:EA:51:1C:EF:89:62:48:5E:22:2D
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018CCA29EA8A5448C2A176F62B5587B57155
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/M2zmymh05or-C-pRHO-JYkheIi0.roa
Signing time: Tue 02 Jan 2024 12:33:13 +0000
ROA not before: Tue 02 Jan 2024 12:33:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41409
IP address blocks: 146.120.245.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:49:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:ea:8a:54:48:c2:a1:76:f6:2b:55:87:b5:71:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 12:33:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=336ce6ca6874e68afe0bea511cef8962485e222d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:9f:22:9d:f1:54:14:cb:2a:26:b8:6f:85:2f:
a4:97:27:92:9b:c0:dd:9d:b2:27:61:ed:ad:91:ca:
3c:6d:2e:1b:a4:9f:1e:f7:7b:72:b6:4b:9c:c9:cf:
0e:50:26:60:bc:af:7a:a4:5b:24:8e:71:a3:75:72:
c7:1a:01:60:c9:72:b0:eb:ce:d4:03:84:b1:fe:ef:
88:13:e7:ee:4e:05:74:dd:0d:ae:50:ea:a0:1c:b6:
a1:e3:12:2e:b7:40:b1:b3:c2:e8:0c:19:44:cd:cc:
f1:fb:10:37:a3:4f:ee:39:63:cc:19:d3:9f:f3:7f:
4d:92:9e:71:31:f6:24:d1:dd:2a:87:84:f7:ba:ed:
3f:ec:ef:47:ab:34:e0:ce:52:68:51:a7:77:ff:94:
4c:14:4f:ed:bf:15:0b:90:af:b1:a6:f6:7d:92:c9:
bc:6d:83:b6:34:ae:ef:c4:40:ce:38:df:ab:cf:11:
a6:f7:8b:35:8d:bc:a2:ce:89:aa:f8:02:ab:f5:c5:
ab:b6:ec:53:b3:5e:48:70:27:26:66:49:a2:a2:b6:
90:e1:87:64:a4:20:d4:bf:4b:05:eb:22:4d:50:23:
f0:dc:8a:8a:86:da:f9:30:78:2e:0a:52:67:93:f3:
e4:5e:d0:88:88:87:36:a2:b9:fe:0b:05:b7:04:93:
c2:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:6C:E6:CA:68:74:E6:8A:FE:0B:EA:51:1C:EF:89:62:48:5E:22:2D
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/M2zmymh05or-C-pRHO-JYkheIi0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.120.245.0/24
Signature Algorithm: sha256WithRSAEncryption
30:86:19:c5:c3:f3:88:30:50:72:15:2c:36:a2:cd:3e:3c:b3:
c6:da:4c:26:72:25:bf:79:38:8a:61:56:cb:46:eb:35:d3:10:
7e:51:c9:fa:96:e0:19:6a:2b:5d:8a:c4:19:77:6c:c8:42:7b:
09:c5:49:1a:f8:d0:77:cb:64:3a:e7:26:4b:f3:65:1f:01:ad:
20:94:58:98:8d:40:64:d4:9b:2d:a1:f4:80:d3:93:82:94:6b:
9e:9f:cc:fc:4c:b2:40:a1:df:39:94:d9:12:e5:2b:57:f3:36:
f8:be:03:6e:9d:79:5f:08:3f:f9:86:fc:9a:2c:2c:d9:e2:fe:
82:96:6c:39:7a:95:5c:f2:82:ee:5c:c8:45:93:86:32:a0:e9:
ac:9c:e4:9d:a1:90:ae:5e:b9:1e:d8:67:93:4c:49:0a:ff:4b:
3e:1c:fd:99:95:2a:ea:cf:23:f9:df:bf:54:4e:12:59:43:30:
d7:18:99:6e:5f:66:ec:d6:3f:31:8f:7d:86:b5:22:e5:57:8d:
f2:62:69:7b:e9:3e:06:6d:b6:dd:6f:2c:14:a9:3b:b2:73:81:
94:91:a0:91:d4:1b:21:2f:dc:a6:e3:02:98:73:dc:21:c2:f4:
d0:3f:e6:12:56:40:11:7c:24:b0:3d:c9:38:53:f3:63:bd:cb:
f5:e5:71:ad
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKeqKVEjCoXb2K1WHtXFVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjQwMTAyMTIzMzEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzZjZTZjYTY4NzRlNjhhZmUwYmVhNTExY2VmODk2MjQ4NWUyMjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkZ8infFUFMsqJrhvhS+klyeSm8Dd
nbInYe2tkco8bS4bpJ8e93tytkucyc8OUCZgvK96pFskjnGjdXLHGgFgyXKw687U
A4Sx/u+IE+fuTgV03Q2uUOqgHLah4xIut0Cxs8LoDBlEzczx+xA3o0/uOWPMGdOf
839Nkp5xMfYk0d0qh4T3uu0/7O9HqzTgzlJoUad3/5RMFE/tvxULkK+xpvZ9ksm8
bYO2NK7vxEDOON+rzxGm94s1jbyizomq+AKr9cWrtuxTs15IcCcmZkmioraQ4Ydk
pCDUv0sF6yJNUCPw3IqKhtr5MHguClJnk/PkXtCIiIc2orn+CwW3BJPChwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDNs5spodOaK/gvqURzviWJIXiItMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvTTJ6bXltaDA1b3ItQy1wUkhPLUpZa2hlSWkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAknj1MA0G
CSqGSIb3DQEBCwUAA4IBAQAwhhnFw/OIMFByFSw2os0+PLPG2kwmciW/eTiKYVbL
Rus10xB+Ucn6luAZaitdisQZd2zIQnsJxUka+NB3y2Q65yZL82UfAa0glFiYjUBk
1JstofSA05OClGuen8z8TLJAod85lNkS5StX8zb4vgNunXlfCD/5hvyaLCzZ4v6C
lmw5epVc8oLuXMhFk4YyoOmsnOSdoZCuXrke2GeTTEkK/0s+HP2ZlSrqzyP5379U
ThJZQzDXGJluX2bs1j8xj32GtSLlV43yYml76T4GbbbdbywUqTuyc4GUkaCR1Bsh
L9ym4wKYc9whwvTQP+YSVkARfCSwPck4U/Njvcv15XGt
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:52:35 2025 by rpki-client