Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/csRGrmMw9Jcv0BPmXoQIL0vnqPA.roa
File: csRGrmMw9Jcv0BPmXoQIL0vnqPA.roa (raw, json)
Hash identifier: 2IzCuDPGZxRDpei5ChA1PNhGN/87kQ9vPNAFAbcfJYk=
Subject key identifier: 72:C4:46:AE:63:30:F4:97:2F:D0:13:E6:5E:84:08:2F:4B:E7:A8:F0
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0185709592C2F7680322F0570E594CDC52B9
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/csRGrmMw9Jcv0BPmXoQIL0vnqPA.roa
Signing time: Mon 02 Jan 2023 03:45:28 +0000
ROA not before: Mon 02 Jan 2023 03:45:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202533
IP address blocks: 146.120.20.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:92:c2:f7:68:03:22:f0:57:0e:59:4c:dc:52:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:45:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=72c446ae6330f4972fd013e65e84082f4be7a8f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:40:cf:16:e5:0b:f8:20:33:4c:a4:6b:b6:e5:
36:a2:7f:c1:1c:21:61:ed:b5:ba:00:87:30:02:ca:
7c:07:8a:db:c3:92:26:a2:9a:cf:b8:35:0a:49:f1:
a3:99:67:b8:1b:88:e1:49:11:63:82:bf:fc:74:6d:
14:f9:2e:73:f3:75:74:07:ef:aa:58:94:f4:d5:2f:
39:3d:92:b2:ec:f8:6b:83:ac:70:12:f9:61:3e:8a:
e8:9d:9c:d2:bd:e9:17:6a:71:74:c4:15:ba:dd:3f:
37:01:62:8f:c7:fd:53:a6:34:0c:c5:45:fc:27:fa:
0e:a2:78:52:4d:6f:2f:54:42:47:84:10:6a:c4:bd:
fe:cd:9c:7e:30:bd:c8:2c:1c:3d:49:9a:9f:01:53:
ca:13:1e:81:39:60:45:de:9e:47:b6:b8:31:04:59:
cb:a3:2e:0a:3b:9e:ac:62:79:aa:59:8a:c5:a0:c5:
f6:59:ef:65:15:6c:d1:76:0c:3b:40:12:fd:5c:97:
32:52:20:6f:c9:0a:b1:4c:67:1f:f1:ca:8f:c9:24:
d1:c7:c0:90:45:4c:c1:df:42:54:65:ea:46:4d:49:
5e:b9:e6:09:09:10:48:b5:e5:6c:73:b9:9d:c6:e7:
5c:95:aa:8a:61:4f:45:31:94:2c:5d:87:a1:0e:63:
67:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:C4:46:AE:63:30:F4:97:2F:D0:13:E6:5E:84:08:2F:4B:E7:A8:F0
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/csRGrmMw9Jcv0BPmXoQIL0vnqPA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.120.20.0/24
Signature Algorithm: sha256WithRSAEncryption
34:72:f8:40:52:52:45:0a:af:21:ec:03:87:ad:eb:b6:f1:9f:
ed:10:63:6e:15:80:36:f8:be:b7:d8:3c:58:92:f1:ca:63:e8:
6c:db:da:bb:4e:10:85:60:3c:d0:7d:f2:11:3b:fb:dd:6b:0a:
f6:bf:a5:0b:83:c6:25:32:33:d9:91:e3:e1:58:52:f7:b0:0a:
ea:02:c3:0d:e8:e3:b5:a7:99:7c:4c:6f:33:b1:ae:ff:ea:ac:
9e:7c:01:79:61:9f:02:a6:57:1a:1e:89:d5:5f:a6:6b:fc:80:
81:60:0f:65:31:dd:77:02:7c:66:2b:55:61:7e:78:df:cb:29:
6d:9b:84:5b:5f:4f:1a:33:a1:3e:64:3e:7f:de:8c:d6:19:12:
b4:63:b8:70:01:be:51:7b:07:c4:a9:98:4b:4e:24:a8:75:58:
e0:7a:63:ca:7b:26:e6:b1:0f:96:3b:4a:ae:80:d6:cc:d2:16:
d0:ef:3b:a5:76:d4:b5:25:58:f2:08:c4:a1:f3:f0:ab:d9:40:
00:7f:e2:51:9f:ef:a2:1b:8c:ab:9b:d3:25:58:22:d6:ad:a8:
76:47:e2:98:d9:4b:63:92:e9:f3:26:2d:dc:d3:47:60:b2:b2:
da:da:94:dd:41:ae:e7:8f:4c:46:b4:a5:05:93:4f:1a:db:21:
89:b3:36:c3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwlZLC92gDIvBXDllM3FK5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmM0NDZhZTYzMzBmNDk3MmZkMDEzZTY1ZTg0MDgyZjRiZTdhOGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiEDPFuUL+CAzTKRrtuU2on/BHCFh
7bW6AIcwAsp8B4rbw5ImoprPuDUKSfGjmWe4G4jhSRFjgr/8dG0U+S5z83V0B++q
WJT01S85PZKy7Phrg6xwEvlhPoronZzSvekXanF0xBW63T83AWKPx/1TpjQMxUX8
J/oOonhSTW8vVEJHhBBqxL3+zZx+ML3ILBw9SZqfAVPKEx6BOWBF3p5HtrgxBFnL
oy4KO56sYnmqWYrFoMX2We9lFWzRdgw7QBL9XJcyUiBvyQqxTGcf8cqPySTRx8CQ
RUzB30JUZepGTUleueYJCRBIteVsc7mdxudclaqKYU9FMZQsXYehDmNn1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHLERq5jMPSXL9AT5l6ECC9L56jwMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvY3NSR3JtTXc5SmN2MEJQbVhvUUlMMHZucVBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkngUMA0G
CSqGSIb3DQEBCwUAA4IBAQA0cvhAUlJFCq8h7AOHreu28Z/tEGNuFYA2+L632DxY
kvHKY+hs29q7ThCFYDzQffIRO/vdawr2v6ULg8YlMjPZkePhWFL3sArqAsMN6OO1
p5l8TG8zsa7/6qyefAF5YZ8CplcaHonVX6Zr/ICBYA9lMd13AnxmK1Vhfnjfyylt
m4RbX08aM6E+ZD5/3ozWGRK0Y7hwAb5RewfEqZhLTiSodVjgemPKeybmsQ+WO0qu
gNbM0hbQ7zuldtS1JVjyCMSh8/Cr2UAAf+JRn++iG4yrm9MlWCLWrah2R+KY2Utj
kunzJi3c00dgsrLa2pTdQa7nj0xGtKUFk08a2yGJszbD
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:34:31 2024 by rpki-client on console-fra.rpki-client.org