Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/fw-kOSOsfayZFU4vk1Ua9xaf6pA.roa
File: fw-kOSOsfayZFU4vk1Ua9xaf6pA.roa (raw, json)
Hash identifier: rRWiURESxxwAifcxJzs9L6TxWVAcoFUjskxZHNfg81A=
Subject key identifier: 7F:0F:A4:39:23:AC:7D:AC:99:15:4E:2F:93:55:1A:F7:16:9F:EA:90
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018CCA2A0FCAB46E8EFDD578CD85E3C49510
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/fw-kOSOsfayZFU4vk1Ua9xaf6pA.roa
Signing time: Tue 02 Jan 2024 12:33:23 +0000
ROA not before: Tue 02 Jan 2024 12:33:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51503
IP address blocks: 146.120.232.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:49:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:0f:ca:b4:6e:8e:fd:d5:78:cd:85:e3:c4:95:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 12:33:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7f0fa43923ac7dac99154e2f93551af7169fea90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:f4:21:ad:79:f4:aa:1e:7d:1e:6e:5b:d9:ce:
2e:75:08:a5:4b:ef:bd:e1:71:a6:ef:7f:0b:89:87:
4a:88:57:f4:7b:14:21:cc:09:6a:25:cc:eb:f1:dc:
59:db:5f:78:7b:64:de:3c:12:36:d4:7f:bd:30:77:
2f:0d:39:97:c6:58:71:b1:2e:42:88:3c:15:8d:1d:
a4:c9:f7:4d:df:09:83:48:d6:df:d4:49:bc:d2:66:
5c:62:4b:9f:35:94:e7:01:f2:5c:26:23:6b:36:6d:
e8:cd:85:3c:94:6f:a2:d5:51:b6:cd:c8:01:41:f3:
17:36:6e:1e:6c:07:bb:61:ac:37:ba:64:b1:df:6a:
f7:d2:f9:9c:77:16:31:65:2b:72:18:df:c1:2f:0b:
92:e9:7e:5f:9c:af:c1:1a:ec:49:1d:41:c8:5a:0f:
42:82:9e:94:c1:b8:a7:18:3d:d0:30:92:21:53:ec:
f8:34:93:3f:d5:ee:d0:df:6b:65:47:06:f7:12:65:
8e:cf:5d:a2:6c:89:72:b9:ed:98:c2:8c:e8:0d:a1:
7f:19:ef:6b:55:2d:88:90:df:01:c1:54:40:22:8a:
4e:e1:bb:3b:43:15:87:d0:e7:4a:9a:d8:e3:f4:12:
c8:c7:ea:1e:24:01:70:73:f9:7d:9e:92:ae:69:78:
ee:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:0F:A4:39:23:AC:7D:AC:99:15:4E:2F:93:55:1A:F7:16:9F:EA:90
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/fw-kOSOsfayZFU4vk1Ua9xaf6pA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.120.232.0/23
Signature Algorithm: sha256WithRSAEncryption
ab:61:84:aa:8c:e1:fd:d1:0a:4a:96:5b:1f:42:33:f5:22:a0:
48:37:a8:87:f5:63:28:26:e4:84:b8:10:62:6c:5a:21:99:24:
f4:bb:d5:4f:e5:96:c3:12:d3:07:58:54:d4:ed:76:6f:bb:2d:
7a:c0:a0:18:23:54:4e:f8:e0:36:eb:83:06:3a:2e:d9:d6:e0:
63:96:84:d8:52:17:27:18:a7:96:4b:e1:90:60:e6:86:5f:00:
2f:57:b5:01:81:6d:26:f5:f5:0b:ce:1e:80:a9:2b:97:5e:58:
14:98:e4:2a:58:42:eb:5e:8b:b7:26:c6:2d:bc:1c:a3:65:4c:
dd:ec:0b:04:c1:50:fb:f2:63:c0:07:3a:60:fa:01:5b:1a:13:
83:e9:b1:bf:5d:83:4b:92:96:07:90:3f:64:33:be:cf:2d:80:
62:c2:2a:2c:25:51:05:6a:ea:f6:ff:73:48:17:c5:4e:3a:0c:
de:ae:50:ea:33:d4:45:0d:3f:b7:21:00:d2:95:b7:1a:7a:f7:
b8:4c:b1:da:f3:dd:f8:dc:4e:4b:a4:57:fa:83:1e:6b:12:c4:
43:85:7a:81:63:3d:f7:57:c6:72:a6:61:b1:3c:45:34:ef:bd:
fa:3f:77:8b:31:0c:db:c3:3c:cf:b1:e2:70:3f:b1:4b:53:3b:
ac:41:9b:f4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKg/KtG6O/dV4zYXjxJUQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjQwMTAyMTIzMzIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjBmYTQzOTIzYWM3ZGFjOTkxNTRlMmY5MzU1MWFmNzE2OWZlYTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhfQhrXn0qh59Hm5b2c4udQilS++9
4XGm738LiYdKiFf0exQhzAlqJczr8dxZ2194e2TePBI21H+9MHcvDTmXxlhxsS5C
iDwVjR2kyfdN3wmDSNbf1Em80mZcYkufNZTnAfJcJiNrNm3ozYU8lG+i1VG2zcgB
QfMXNm4ebAe7Yaw3umSx32r30vmcdxYxZStyGN/BLwuS6X5fnK/BGuxJHUHIWg9C
gp6UwbinGD3QMJIhU+z4NJM/1e7Q32tlRwb3EmWOz12ibIlyue2YwozoDaF/Ge9r
VS2IkN8BwVRAIopO4bs7QxWH0OdKmtjj9BLIx+oeJAFwc/l9npKuaXjuUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH8PpDkjrH2smRVOL5NVGvcWn+qQMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvZncta09TT3NmYXlaRlU0dmsxVWE5eGFmNnBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBknjoMA0G
CSqGSIb3DQEBCwUAA4IBAQCrYYSqjOH90QpKllsfQjP1IqBIN6iH9WMoJuSEuBBi
bFohmST0u9VP5ZbDEtMHWFTU7XZvuy16wKAYI1RO+OA264MGOi7Z1uBjloTYUhcn
GKeWS+GQYOaGXwAvV7UBgW0m9fULzh6AqSuXXlgUmOQqWELrXou3JsYtvByjZUzd
7AsEwVD78mPABzpg+gFbGhOD6bG/XYNLkpYHkD9kM77PLYBiwiosJVEFaur2/3NI
F8VOOgzerlDqM9RFDT+3IQDSlbcaeve4TLHa89343E5LpFf6gx5rEsRDhXqBYz33
V8ZypmGxPEU07736P3eLMQzbwzzPseJwP7FLUzusQZv0
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:49:25 2025 by rpki-client