Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/ZBru2jLXZm4nVnFkqrNiD83I1mk.roa
File: ZBru2jLXZm4nVnFkqrNiD83I1mk.roa (raw, json)
Hash identifier: WVQSmT2TMkHPxj6AsS8dfAAbaIiudV+22+/o5MhtJr8=
Subject key identifier: 64:1A:EE:DA:32:D7:66:6E:27:56:71:64:AA:B3:62:0F:CD:C8:D6:69
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018570951C71302B5D1F0412CA836CCA7789
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/ZBru2jLXZm4nVnFkqrNiD83I1mk.roa
Signing time: Mon 02 Jan 2023 03:44:58 +0000
ROA not before: Mon 02 Jan 2023 03:44:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41917
IP address blocks: 146.120.101.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:1c:71:30:2b:5d:1f:04:12:ca:83:6c:ca:77:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:44:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=641aeeda32d7666e27567164aab3620fcdc8d669
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:5d:60:ae:17:f1:48:d8:6d:14:fb:29:55:f5:
27:92:b8:08:43:5e:d6:1a:d8:96:6e:0e:0f:26:a1:
4c:a8:bb:bf:13:2f:a5:57:4c:77:4d:61:9a:8f:3d:
4a:6a:8f:f8:38:76:b1:1a:03:d1:e0:22:fb:be:01:
7e:f5:f6:c6:a6:bd:a7:e2:8e:71:2d:8e:c0:58:2b:
3e:00:8f:a7:1a:d4:f4:c1:12:e4:e9:28:15:5a:24:
29:3a:06:b6:31:55:f1:a7:3d:be:00:eb:37:a6:78:
29:8d:f6:ac:f5:25:24:37:e7:30:9d:e6:24:8f:80:
3b:95:25:02:6f:72:a0:e3:a2:aa:04:a6:9a:b1:11:
f3:d4:e1:cc:51:1a:a9:18:2c:72:d3:29:dd:8c:6b:
1a:8a:2e:17:40:c6:99:09:16:f8:73:da:e8:10:0a:
3c:47:24:02:5b:e4:20:01:12:e8:92:0a:f2:c5:34:
ce:aa:95:33:0e:fb:e4:54:d4:a0:6a:13:8d:2d:5d:
63:0c:19:ce:34:e5:4c:e2:61:2a:05:be:cb:b6:6f:
fa:bc:d9:50:43:7c:17:c2:e6:bf:de:b2:21:fb:2a:
75:46:86:fe:42:d4:aa:29:d5:2a:81:81:f3:94:66:
85:97:f4:57:36:c5:7c:4d:ac:42:71:ed:9c:db:57:
51:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:1A:EE:DA:32:D7:66:6E:27:56:71:64:AA:B3:62:0F:CD:C8:D6:69
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/ZBru2jLXZm4nVnFkqrNiD83I1mk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.120.101.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:95:44:a0:3f:ab:a1:fd:56:49:5b:0c:10:e0:2b:e8:4b:ca:
f0:e5:af:d7:60:80:0b:b5:dc:a3:83:cb:ed:d1:8b:0b:b9:7d:
c1:31:91:76:2a:05:a9:36:83:0f:7f:b5:3b:78:46:c0:4a:f1:
a6:cd:e5:29:c5:a5:49:84:22:b5:1b:0a:5a:7c:65:8e:d9:84:
10:b1:7b:33:ab:01:7b:bb:ff:bf:f6:fa:cf:10:fa:d0:85:50:
a5:0f:c8:41:b0:b1:be:35:47:27:26:7e:23:28:2d:9c:70:46:
7d:d6:13:2c:6a:93:ae:65:61:6c:28:fb:a3:fc:b0:d9:db:94:
ba:f4:60:ad:a5:33:b8:89:3c:ac:6b:db:60:46:18:fb:5e:5e:
12:d3:ce:3f:8c:0f:3c:49:13:10:6d:2f:8a:bf:1b:1f:89:a8:
7c:5b:38:8f:07:32:a7:7e:4b:bf:c8:65:d6:bb:0a:11:fc:44:
e9:d1:0f:e5:d0:70:8b:fc:98:78:43:c4:22:d8:11:8c:4e:14:
fc:3b:d5:d0:0c:ab:cd:a4:a2:02:ae:0a:c4:d9:7c:c3:ad:9c:
ae:39:c9:7e:15:f1:8d:2f:81:75:b6:da:74:27:24:f2:c2:1a:
d7:fd:a2:72:95:aa:7f:73:7f:59:bb:5c:2c:6d:a6:f9:83:93:
65:57:5b:1e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwlRxxMCtdHwQSyoNsyneJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDFhZWVkYTMyZDc2NjZlMjc1NjcxNjRhYWIzNjIwZmNkYzhkNjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApF1grhfxSNhtFPspVfUnkrgIQ17W
GtiWbg4PJqFMqLu/Ey+lV0x3TWGajz1Kao/4OHaxGgPR4CL7vgF+9fbGpr2n4o5x
LY7AWCs+AI+nGtT0wRLk6SgVWiQpOga2MVXxpz2+AOs3pngpjfas9SUkN+cwneYk
j4A7lSUCb3Kg46KqBKaasRHz1OHMURqpGCxy0yndjGsaii4XQMaZCRb4c9roEAo8
RyQCW+QgARLokgryxTTOqpUzDvvkVNSgahONLV1jDBnONOVM4mEqBb7Ltm/6vNlQ
Q3wXwua/3rIh+yp1Rob+QtSqKdUqgYHzlGaFl/RXNsV8TaxCce2c21dRzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGQa7toy12ZuJ1ZxZKqzYg/NyNZpMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvWkJydTJqTFhabTRuVm5Ga3FyTmlEODNJMW1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAknhlMA0G
CSqGSIb3DQEBCwUAA4IBAQBMlUSgP6uh/VZJWwwQ4CvoS8rw5a/XYIALtdyjg8vt
0YsLuX3BMZF2KgWpNoMPf7U7eEbASvGmzeUpxaVJhCK1GwpafGWO2YQQsXszqwF7
u/+/9vrPEPrQhVClD8hBsLG+NUcnJn4jKC2ccEZ91hMsapOuZWFsKPuj/LDZ25S6
9GCtpTO4iTysa9tgRhj7Xl4S084/jA88SRMQbS+Kvxsfiah8WziPBzKnfku/yGXW
uwoR/ETp0Q/l0HCL/Jh4Q8Qi2BGMThT8O9XQDKvNpKICrgrE2XzDrZyuOcl+FfGN
L4F1ttp0JyTywhrX/aJylap/c39Zu1wsbab5g5NlV1se
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:34:31 2024 by rpki-client on console-fra.rpki-client.org