Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/iwDKlFB9qWdR1IE56Pw07jO6q4o.roa
File: iwDKlFB9qWdR1IE56Pw07jO6q4o.roa (raw, json)
Hash identifier: FCcPSrwpT/+u+58AnSQH+YdyR7m87mPOKYZnd0YnnGk=
Subject key identifier: 8B:00:CA:94:50:7D:A9:67:51:D4:81:39:E8:FC:34:EE:33:BA:AB:8A
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018CCA2A26505A3AD32FB097C835E405B4A4
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/iwDKlFB9qWdR1IE56Pw07jO6q4o.roa
Signing time: Tue 02 Jan 2024 12:33:29 +0000
ROA not before: Tue 02 Jan 2024 12:33:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61166
IP address blocks: 146.120.90.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 17 Apr 2024 15:17:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:26:50:5a:3a:d3:2f:b0:97:c8:35:e4:05:b4:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 12:33:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8b00ca94507da96751d48139e8fc34ee33baab8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:20:71:0a:78:9a:93:0b:48:48:da:f7:3e:b1:
13:68:21:2c:f2:f0:63:6f:65:59:6c:77:07:9e:0b:
88:36:3c:ac:a0:66:c3:1f:bd:39:91:fd:59:ae:50:
0d:82:cc:09:03:fe:c1:36:cb:67:6f:59:4d:73:33:
dc:82:31:30:9e:48:18:01:ea:69:64:ed:69:9f:1a:
8c:cd:dd:d2:9a:62:98:16:0d:b1:a9:66:d2:89:77:
fb:65:b5:fe:2c:3d:d1:f1:8d:b5:95:93:a1:e9:ad:
c1:81:81:1f:6b:73:fd:66:97:8e:c9:de:fb:d0:87:
7b:a6:de:1c:94:67:01:65:da:70:7d:dd:44:90:3b:
87:11:3a:3e:c5:e7:14:e9:13:75:06:02:1d:fe:dd:
16:24:a2:ae:f7:79:36:25:f0:26:8e:22:96:ab:23:
7d:55:5d:c1:9d:b7:4b:59:8f:80:b1:63:77:a7:e9:
ed:9d:c2:25:97:29:1c:24:64:72:17:13:89:5d:5f:
5b:35:85:d4:4c:fc:95:07:83:7f:84:2e:07:50:92:
50:28:bd:6b:29:c8:ee:3a:e1:1f:1a:bd:50:c6:2c:
09:93:b3:29:47:36:1a:14:46:76:18:da:ea:eb:fb:
76:36:4c:b3:64:eb:ad:ea:02:7e:d2:e6:a3:a6:23:
4a:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:00:CA:94:50:7D:A9:67:51:D4:81:39:E8:FC:34:EE:33:BA:AB:8A
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/iwDKlFB9qWdR1IE56Pw07jO6q4o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.120.90.0/24
Signature Algorithm: sha256WithRSAEncryption
95:d4:b2:8d:eb:6c:35:13:87:ff:97:c7:00:71:ab:c1:20:ca:
e0:13:08:ac:35:b6:58:3a:86:9c:eb:03:33:f3:05:8b:65:c5:
f9:44:ec:bf:74:fc:0b:c0:3d:a6:10:62:76:16:d7:3d:e8:a7:
78:e3:82:f0:4d:3a:cc:38:b6:6a:39:7c:1c:1b:79:3a:1c:5a:
5c:0c:bd:b9:d5:84:c2:bc:5f:18:fb:69:88:f2:0c:e4:b7:28:
fb:a4:0e:c0:4f:d1:cc:1e:60:aa:d1:69:62:d1:37:97:ca:8f:
74:78:cc:4a:ec:ae:d6:74:3e:da:99:83:25:43:1f:a5:db:16:
00:8d:e4:a4:4e:70:fa:68:11:30:ac:39:e8:bf:93:eb:74:b7:
02:01:c6:3e:8d:f4:ca:7b:6f:61:e6:1c:a9:10:c5:3e:6f:c5:
2c:6e:a2:1f:05:34:f7:26:58:78:65:d4:a3:fd:ab:5f:b8:09:
d1:a0:27:6c:56:00:4e:0b:d1:30:f8:e7:b2:04:5f:d5:79:c0:
15:98:12:26:91:6c:f4:7f:9f:a3:40:c0:b4:71:2b:1f:18:15:
26:3d:fb:f2:e2:a6:78:57:e4:b7:6d:ce:89:ed:fe:34:d3:16:
78:49:68:9a:31:32:11:d7:3c:e0:2f:a3:5f:78:85:d8:a3:d8:
26:f2:48:c4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKiZQWjrTL7CXyDXkBbSkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjQwMTAyMTIzMzI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjAwY2E5NDUwN2RhOTY3NTFkNDgxMzllOGZjMzRlZTMzYmFhYjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhCBxCniakwtISNr3PrETaCEs8vBj
b2VZbHcHnguINjysoGbDH705kf1ZrlANgswJA/7BNstnb1lNczPcgjEwnkgYAepp
ZO1pnxqMzd3SmmKYFg2xqWbSiXf7ZbX+LD3R8Y21lZOh6a3BgYEfa3P9ZpeOyd77
0Id7pt4clGcBZdpwfd1EkDuHETo+xecU6RN1BgId/t0WJKKu93k2JfAmjiKWqyN9
VV3BnbdLWY+AsWN3p+ntncIllykcJGRyFxOJXV9bNYXUTPyVB4N/hC4HUJJQKL1r
KcjuOuEfGr1QxiwJk7MpRzYaFEZ2GNrq6/t2NkyzZOut6gJ+0uajpiNKFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIsAypRQfalnUdSBOej8NO4zuquKMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvaXdES2xGQjlxV2RSMUlFNTZQdzA3ak82cTRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAknhaMA0G
CSqGSIb3DQEBCwUAA4IBAQCV1LKN62w1E4f/l8cAcavBIMrgEwisNbZYOoac6wMz
8wWLZcX5ROy/dPwLwD2mEGJ2Ftc96Kd444LwTTrMOLZqOXwcG3k6HFpcDL251YTC
vF8Y+2mI8gzktyj7pA7AT9HMHmCq0Wli0TeXyo90eMxK7K7WdD7amYMlQx+l2xYA
jeSkTnD6aBEwrDnov5PrdLcCAcY+jfTKe29h5hypEMU+b8UsbqIfBTT3Jlh4ZdSj
/atfuAnRoCdsVgBOC9Ew+OeyBF/VecAVmBImkWz0f5+jQMC0cSsfGBUmPfvy4qZ4
V+S3bc6J7f400xZ4SWiaMTIR1zzgL6NfeIXYo9gm8kjE
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:03:23 2025 by rpki-client