Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/VBjRSav6mwwVd5PwHfMa2P7jM0Q.roa
File: VBjRSav6mwwVd5PwHfMa2P7jM0Q.roa (raw, json)
Hash identifier: PRFq4OMhVsvp3NBb+f7Lbr1nU3xSKC48pB/N/TzG4W0=
Subject key identifier: 54:18:D1:49:AB:FA:9B:0C:15:77:93:F0:1D:F3:1A:D8:FE:E3:33:44
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018CCA29F9A9973440954C49323C70BFDA40
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/VBjRSav6mwwVd5PwHfMa2P7jM0Q.roa
Signing time: Tue 02 Jan 2024 12:33:17 +0000
ROA not before: Tue 02 Jan 2024 12:33:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44835
IP address blocks: 146.120.224.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:49:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:f9:a9:97:34:40:95:4c:49:32:3c:70:bf:da:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 12:33:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5418d149abfa9b0c157793f01df31ad8fee33344
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:5a:27:f2:64:aa:b0:0b:f1:b1:95:78:fe:8b:
08:fc:8c:c7:b3:d5:a4:01:0b:14:52:aa:7d:61:7f:
4b:c4:fe:b3:6c:7c:de:02:b5:d2:92:cd:91:27:95:
17:95:ad:9f:60:a3:2f:b4:25:80:27:99:c5:c7:1b:
aa:7b:b1:ff:f4:3b:04:a6:77:59:ba:59:a0:58:48:
bc:8a:2c:b9:25:2d:57:77:4a:7a:6c:cc:46:a5:72:
fe:11:c5:c2:5c:7c:70:f4:e6:21:4f:2f:26:f7:8d:
8c:5d:1b:c6:ec:1e:e3:13:2d:91:72:ce:e6:dc:17:
b7:48:87:a6:82:8e:3e:69:db:7d:95:ce:4c:ac:16:
73:34:76:a7:0f:e9:32:60:e5:64:d4:da:44:c6:c4:
28:8d:2c:44:43:66:f1:33:88:77:57:fe:33:eb:56:
12:a2:32:b1:16:d4:f0:13:f8:01:dd:40:f8:ea:63:
05:6f:7d:c2:72:fc:0b:c3:62:15:e4:09:5d:20:2c:
17:fd:ce:56:a3:64:ae:28:21:e3:1c:bb:a5:4b:3a:
31:81:70:3b:5a:00:2e:62:55:11:57:d2:75:d8:91:
57:1a:75:94:91:ef:d1:c2:dd:58:b6:76:dc:73:22:
66:c5:bc:1d:ee:f4:7f:be:db:f9:a4:c4:14:56:cd:
8e:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:18:D1:49:AB:FA:9B:0C:15:77:93:F0:1D:F3:1A:D8:FE:E3:33:44
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/VBjRSav6mwwVd5PwHfMa2P7jM0Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.120.224.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:8d:91:5a:ad:f4:6d:c2:80:7f:bf:bc:c1:dc:24:8c:51:98:
a1:25:a7:d2:a9:5a:63:d0:5e:74:a2:ac:8d:4e:3e:d8:76:5b:
a1:94:72:fa:c8:b2:f1:f6:9d:50:95:9d:4d:05:9d:8d:87:f2:
20:a7:b4:9a:d8:9d:da:c5:f9:0b:80:39:2c:86:6c:eb:6f:67:
22:dd:94:c8:82:f7:c0:93:d4:db:e9:fa:78:82:63:62:cb:ef:
ba:bf:ba:f0:65:7d:18:04:85:94:02:01:8d:96:a0:b1:86:50:
2a:f0:3e:14:99:b2:75:7e:44:1c:0e:a7:ad:6e:f8:d7:1b:dd:
27:18:17:95:2b:e8:a3:1a:b7:4a:62:45:ab:a3:2c:63:96:68:
85:fc:4c:4e:33:06:e8:55:54:43:88:d1:7d:ee:da:ca:b2:50:
92:1d:2a:b4:21:8a:d8:20:e5:fe:7f:cf:be:4f:59:85:3d:6f:
53:dc:45:75:8d:49:8d:7d:18:72:e5:5a:dd:01:f9:94:9d:29:
da:dd:af:d3:be:f5:83:a7:97:af:8b:5c:de:f3:61:7b:12:ca:
36:ea:4d:a2:01:18:2f:0a:8f:18:bd:f2:40:5b:9d:3d:9b:56:
55:cf:74:42:16:bd:1d:f1:fb:77:23:5f:6c:37:cc:fe:5d:94:
ac:82:7a:9b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKfmplzRAlUxJMjxwv9pAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjQwMTAyMTIzMzE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDE4ZDE0OWFiZmE5YjBjMTU3NzkzZjAxZGYzMWFkOGZlZTMzMzQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqVon8mSqsAvxsZV4/osI/IzHs9Wk
AQsUUqp9YX9LxP6zbHzeArXSks2RJ5UXla2fYKMvtCWAJ5nFxxuqe7H/9DsEpndZ
ulmgWEi8iiy5JS1Xd0p6bMxGpXL+EcXCXHxw9OYhTy8m942MXRvG7B7jEy2Rcs7m
3Be3SIemgo4+adt9lc5MrBZzNHanD+kyYOVk1NpExsQojSxEQ2bxM4h3V/4z61YS
ojKxFtTwE/gB3UD46mMFb33CcvwLw2IV5AldICwX/c5Wo2SuKCHjHLulSzoxgXA7
WgAuYlURV9J12JFXGnWUke/Rwt1YtnbccyJmxbwd7vR/vtv5pMQUVs2OKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFQY0Umr+psMFXeT8B3zGtj+4zNEMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvVkJqUlNhdjZtd3dWZDVQd0hmTWEyUDdqTTBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAknjgMA0G
CSqGSIb3DQEBCwUAA4IBAQCljZFarfRtwoB/v7zB3CSMUZihJafSqVpj0F50oqyN
Tj7YdluhlHL6yLLx9p1QlZ1NBZ2Nh/Igp7Sa2J3axfkLgDkshmzrb2ci3ZTIgvfA
k9Tb6fp4gmNiy++6v7rwZX0YBIWUAgGNlqCxhlAq8D4UmbJ1fkQcDqetbvjXG90n
GBeVK+ijGrdKYkWroyxjlmiF/ExOMwboVVRDiNF97trKslCSHSq0IYrYIOX+f8++
T1mFPW9T3EV1jUmNfRhy5VrdAfmUnSna3a/TvvWDp5evi1ze82F7Eso26k2iARgv
Co8YvfJAW509m1ZVz3RCFr0d8ft3I19sN8z+XZSsgnqb
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:59:17 2025 by rpki-client