Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/aDKm-AffMYWHh7Dog88fxF1L1Xs.roa
File: aDKm-AffMYWHh7Dog88fxF1L1Xs.roa (raw, json)
Hash identifier: At7daIVm+3XQSVGXqJVcS/JS7unEINSajMAN2caijj8=
Subject key identifier: 68:32:A6:F8:07:DF:31:85:87:87:B0:E8:83:CF:1F:C4:5D:4B:D5:7B
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018CCA2A52C6209DEF3603F765B56D5137EA
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/aDKm-AffMYWHh7Dog88fxF1L1Xs.roa
Signing time: Tue 02 Jan 2024 12:33:40 +0000
ROA not before: Tue 02 Jan 2024 12:33:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210616
IP address blocks: 146.158.96.0/19 maxlen: 24
Validation: Failed, certificate revoked on Thu 31 Oct 2024 15:23:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:52:c6:20:9d:ef:36:03:f7:65:b5:6d:51:37:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 12:33:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6832a6f807df31858787b0e883cf1fc45d4bd57b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:55:dd:d3:d1:ea:11:d5:3f:6c:11:92:f8:95:
da:fe:8b:84:5f:90:65:1a:e4:87:88:4f:de:22:3f:
24:98:90:fc:10:c3:aa:01:9c:7f:e7:18:0f:97:e2:
59:05:f5:dd:96:73:cf:13:a1:44:d6:8a:66:22:96:
7b:da:32:e4:21:43:f7:68:58:6d:b6:e8:3c:63:03:
ea:5c:70:ae:80:a0:de:5a:42:89:b5:d0:af:7c:a8:
dd:19:d2:1c:5b:3e:43:5e:28:88:07:e0:c1:ab:6a:
0d:86:73:92:71:d9:aa:fc:b1:85:1b:8a:93:42:a6:
9e:83:85:88:ca:ab:bd:bf:92:2e:6a:94:66:c5:aa:
5d:00:d5:8d:04:05:fc:1f:60:6c:9e:31:81:51:46:
ec:c5:2e:b7:0a:fa:87:fe:81:e3:43:8a:ff:94:1a:
29:e6:c5:8a:ea:b0:fa:59:1a:73:48:47:fb:4d:a3:
b4:f6:84:d9:a7:1d:4f:ff:af:62:00:a6:b3:0e:c6:
0c:93:a0:e1:1a:ee:57:d8:0e:19:1b:5b:b0:c1:71:
0d:8f:9c:8c:36:22:64:23:e5:4f:8e:8c:89:f6:78:
9e:64:be:a4:95:d2:70:f5:e8:9b:f8:86:f7:cd:b9:
05:61:18:14:a9:e7:5d:b0:07:7e:b8:19:30:a4:38:
18:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:32:A6:F8:07:DF:31:85:87:87:B0:E8:83:CF:1F:C4:5D:4B:D5:7B
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/aDKm-AffMYWHh7Dog88fxF1L1Xs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.158.96.0/19
Signature Algorithm: sha256WithRSAEncryption
63:f5:a6:71:47:14:7d:43:4c:08:fd:02:88:f8:0a:c7:48:a2:
0b:55:21:2d:1c:78:f7:5f:6e:aa:b1:ff:60:b8:cd:30:d0:62:
ad:8b:b4:2e:2b:9b:fc:41:e0:a0:51:5f:52:eb:54:f2:02:ff:
c5:8c:d5:e7:b8:dd:40:b7:ab:e0:56:25:48:d8:8c:05:0e:14:
02:0b:b4:e5:0e:93:2b:33:1f:c5:6c:12:1b:3d:a8:09:01:6e:
2c:b2:dd:15:39:e5:fa:b3:f0:6c:96:a2:0b:21:1f:33:2e:c5:
0a:88:ac:9c:71:fe:0e:c4:03:b8:d5:5e:fd:79:0d:49:18:c3:
33:2c:c9:59:bd:c2:58:0c:9c:ae:b0:39:da:c7:1d:b0:ea:d7:
21:73:c1:21:49:8e:0e:97:5e:f6:c1:f3:01:10:ac:ea:b6:6a:
a7:90:99:6d:44:e1:b3:3c:7d:82:fc:39:c0:70:ff:13:b6:57:
d6:88:20:ee:a5:fc:fa:36:7d:8b:7b:a1:02:36:4a:4f:43:69:
99:6c:7a:31:7c:81:88:df:fe:bb:85:ff:62:37:33:e0:a0:e0:
4f:4b:07:e2:6e:4f:7a:07:94:18:43:27:cd:82:89:41:9f:9e:
64:be:9f:c1:52:07:93:6b:47:8b:5a:8b:0c:bf:6d:8f:56:71:
bd:dc:e1:48
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKlLGIJ3vNgP3ZbVtUTfqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjQwMTAyMTIzMzQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODMyYTZmODA3ZGYzMTg1ODc4N2IwZTg4M2NmMWZjNDVkNGJkNTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtlXd09HqEdU/bBGS+JXa/ouEX5Bl
GuSHiE/eIj8kmJD8EMOqAZx/5xgPl+JZBfXdlnPPE6FE1opmIpZ72jLkIUP3aFht
tug8YwPqXHCugKDeWkKJtdCvfKjdGdIcWz5DXiiIB+DBq2oNhnOScdmq/LGFG4qT
Qqaeg4WIyqu9v5IuapRmxapdANWNBAX8H2BsnjGBUUbsxS63CvqH/oHjQ4r/lBop
5sWK6rD6WRpzSEf7TaO09oTZpx1P/69iAKazDsYMk6DhGu5X2A4ZG1uwwXENj5yM
NiJkI+VPjoyJ9nieZL6kldJw9eib+Ib3zbkFYRgUqeddsAd+uBkwpDgYRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGgypvgH3zGFh4ew6IPPH8RdS9V7MB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvYURLbS1BZmZNWVdIaDdEb2c4OGZ4RjFMMVhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFkp5gMA0G
CSqGSIb3DQEBCwUAA4IBAQBj9aZxRxR9Q0wI/QKI+ArHSKILVSEtHHj3X26qsf9g
uM0w0GKti7QuK5v8QeCgUV9S61TyAv/FjNXnuN1At6vgViVI2IwFDhQCC7TlDpMr
Mx/FbBIbPagJAW4sst0VOeX6s/BslqILIR8zLsUKiKyccf4OxAO41V79eQ1JGMMz
LMlZvcJYDJyusDnaxx2w6tchc8EhSY4Ol172wfMBEKzqtmqnkJltROGzPH2C/DnA
cP8TtlfWiCDupfz6Nn2Le6ECNkpPQ2mZbHoxfIGI3/67hf9iNzPgoOBPSwfibk96
B5QYQyfNgolBn55kvp/BUgeTa0eLWosMv22PVnG93OFI
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:36:51 2025 by rpki-client