Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/eQc8ZWMe1YaA_fAvVOuO0xzh8Mk.roa
File: eQc8ZWMe1YaA_fAvVOuO0xzh8Mk.roa (raw, json)
Hash identifier: n8bF74wCT0Po3DR8mGivoqhQeavZE5RW/uDLBGojv7U=
Subject key identifier: 79:07:3C:65:63:1E:D5:86:80:FD:F0:2F:54:EB:8E:D3:1C:E1:F0:C9
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018AA870AA9FE8EF7089AE3ECDE144DB2566
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/eQc8ZWMe1YaA_fAvVOuO0xzh8Mk.roa
Signing time: Mon 18 Sep 2023 13:17:50 +0000
ROA not before: Mon 18 Sep 2023 13:17:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43849
IP address blocks: 146.158.0.0/21 maxlen: 24
146.158.8.0/23 maxlen: 24
2a02:128:17::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:a8:70:aa:9f:e8:ef:70:89:ae:3e:cd:e1:44:db:25:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Sep 18 13:17:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=79073c65631ed58680fdf02f54eb8ed31ce1f0c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:cc:98:08:89:21:e7:d5:07:a6:c2:0e:f2:ef:
f9:d5:b8:0f:fc:f5:26:b2:26:52:26:98:d5:8e:37:
7d:74:77:9a:7f:91:a0:b6:be:c6:58:4f:47:09:09:
b1:62:dc:ef:d8:20:14:87:dd:53:df:a3:a4:18:6a:
49:f8:c0:11:56:c2:86:b5:3a:21:61:88:3d:56:5b:
02:9e:a8:6a:64:60:18:5e:14:5d:b6:dc:62:08:3b:
ff:5d:9d:16:77:3a:9d:0f:45:3c:8a:86:c6:e6:7d:
81:28:af:4a:c5:47:cf:37:27:08:d7:57:ff:81:8f:
4e:3d:d6:92:f6:5b:60:34:ed:48:69:6d:a0:1a:11:
0e:ef:d2:43:93:7c:59:6c:96:82:73:73:51:37:a6:
5e:47:1c:98:83:67:c6:a5:89:04:84:a8:d5:5c:1a:
1a:54:08:8a:83:24:ec:5f:48:70:cd:69:50:e8:f4:
ca:32:84:88:37:de:80:00:c4:d0:c1:f3:bd:83:d1:
68:b6:89:ef:32:4f:b0:49:0c:1b:a6:74:91:a2:73:
7f:aa:8b:4a:d0:99:e4:f7:05:aa:19:ad:06:d3:47:
c1:80:14:fd:d4:06:51:cd:5c:13:cf:d8:5b:0b:e2:
7e:5c:97:75:63:71:46:39:86:fc:dd:48:fa:08:bd:
bb:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:07:3C:65:63:1E:D5:86:80:FD:F0:2F:54:EB:8E:D3:1C:E1:F0:C9
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/eQc8ZWMe1YaA_fAvVOuO0xzh8Mk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.158.0.0-146.158.9.255
IPv6:
2a02:128:17::/48
Signature Algorithm: sha256WithRSAEncryption
2f:cc:2e:1b:eb:53:e3:1f:81:3a:f6:40:e8:1b:68:7d:72:f4:
61:6c:91:2a:a0:4e:3c:6a:f5:05:c3:d1:1b:35:11:60:c9:c2:
a4:67:bf:2c:e6:b7:25:7f:09:85:6c:64:c2:bf:6c:02:5e:b8:
f3:29:a8:af:f9:d3:89:2b:c3:7d:65:08:68:b1:a1:64:66:87:
93:6b:f9:fc:df:dd:6f:2a:27:6f:8a:c4:0f:08:49:65:2a:95:
40:3f:5d:c8:21:9e:c4:5a:14:73:9e:bc:46:d2:0b:f3:12:73:
47:62:b6:4b:a0:4e:25:ba:7c:a2:2c:12:0e:00:40:14:f6:96:
d1:fb:3e:90:93:8d:e5:6b:a6:8d:c8:8e:dd:c5:7e:42:c3:69:
b8:94:89:98:aa:56:bd:c3:8c:7e:cd:7c:a8:ce:3a:87:4e:63:
b8:14:a2:9f:85:c6:e9:c6:27:0e:5c:2a:c5:07:0f:83:24:7c:
6c:eb:1c:87:db:77:ec:60:ca:1d:55:4b:d2:25:80:5c:42:5e:
2e:ba:37:60:26:8d:b5:e9:52:66:3e:dc:44:42:72:ad:b5:34:
81:0a:88:47:e5:6e:7f:ad:50:3b:4b:5e:0a:f9:e2:9e:ec:52:
3f:6b:20:6e:af:b6:76:dc:9a:20:db:90:3e:06:cd:d6:8d:32:
be:f3:76:29
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYqocKqf6O9wia4+zeFE2yVmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwOTE4MTMxNzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTA3M2M2NTYzMWVkNTg2ODBmZGYwMmY1NGViOGVkMzFjZTFmMGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvcyYCIkh59UHpsIO8u/51bgP/PUm
siZSJpjVjjd9dHeaf5Ggtr7GWE9HCQmxYtzv2CAUh91T36OkGGpJ+MARVsKGtToh
YYg9VlsCnqhqZGAYXhRdttxiCDv/XZ0WdzqdD0U8iobG5n2BKK9KxUfPNycI11f/
gY9OPdaS9ltgNO1IaW2gGhEO79JDk3xZbJaCc3NRN6ZeRxyYg2fGpYkEhKjVXBoa
VAiKgyTsX0hwzWlQ6PTKMoSIN96AAMTQwfO9g9FotonvMk+wSQwbpnSRonN/qotK
0Jnk9wWqGa0G00fBgBT91AZRzVwTz9hbC+J+XJd1Y3FGOYb83Uj6CL27lwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHkHPGVjHtWGgP3wL1TrjtMc4fDJMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvZVFjOFpXTWUxWWFBX2ZBdlZPdU8weHpoOE1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjATBAIAATANMAsDAwGSngME
AZKeCDAPBAIAAjAJAwcAKgIBKAAXMA0GCSqGSIb3DQEBCwUAA4IBAQAvzC4b61Pj
H4E69kDoG2h9cvRhbJEqoE48avUFw9EbNRFgycKkZ78s5rclfwmFbGTCv2wCXrjz
Kaiv+dOJK8N9ZQhosaFkZoeTa/n8391vKidvisQPCEllKpVAP13IIZ7EWhRznrxG
0gvzEnNHYrZLoE4lunyiLBIOAEAU9pbR+z6Qk43la6aNyI7dxX5Cw2m4lImYqla9
w4x+zXyozjqHTmO4FKKfhcbpxicOXCrFBw+DJHxs6xyH23fsYModVUvSJYBcQl4u
ujdgJo216VJmPtxEQnKttTSBCohH5W5/rVA7S14K+eKe7FI/ayBur7Z23Jog25A+
Bs3WjTK+83Yp
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:21:00 2024 by rpki-client on console-ams.rpki-client.org