Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/29e166-98d2-49f2-8497-0503749adea0/1/crwquNcGrQ1pWLQNO9X2NIDCpnc.roa
File: crwquNcGrQ1pWLQNO9X2NIDCpnc.roa (raw, json)
Hash identifier: /nJuDv4NGLjuJk0gnZsN0m08HrLpC8lhFSVUIL4D/Wg=
Subject key identifier: 72:BC:2A:B8:D7:06:AD:0D:69:58:B4:0D:3B:D5:F6:34:80:C2:A6:77
Certificate issuer: /CN=468b592f3110bc6c35249a8271a0dac1a9acb0ce
Certificate serial: 018DDC07B1EBE9D6D46B2F7383D9F5DD4C2E
Authority key identifier: 46:8B:59:2F:31:10:BC:6C:35:24:9A:82:71:A0:DA:C1:A9:AC:B0:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RotZLzEQvGw1JJqCcaDawamssM4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/29e166-98d2-49f2-8497-0503749adea0/1/crwquNcGrQ1pWLQNO9X2NIDCpnc.roa
Signing time: Sat 24 Feb 2024 16:51:48 +0000
ROA not before: Sat 24 Feb 2024 16:51:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3257
IP address blocks: 146.19.50.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 15 Mar 2024 15:45:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:dc:07:b1:eb:e9:d6:d4:6b:2f:73:83:d9:f5:dd:4c:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=468b592f3110bc6c35249a8271a0dac1a9acb0ce
Validity
Not Before: Feb 24 16:51:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=72bc2ab8d706ad0d6958b40d3bd5f63480c2a677
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:54:6a:83:65:92:43:80:00:ee:d9:24:7d:ba:
0d:f2:6e:8d:3d:59:57:b1:84:b8:43:b6:85:d8:a7:
75:a3:f8:e3:7e:5c:9f:eb:8a:f9:b0:01:9e:fb:dc:
90:28:a6:e0:a8:f0:61:32:4b:84:76:25:e7:b2:61:
8d:ac:9c:75:79:d9:73:e0:f5:4e:3c:e6:d5:77:d7:
fd:d6:35:c2:c6:f1:3c:1e:47:53:e3:c5:45:30:01:
7f:87:5a:86:8d:c1:e1:0b:8b:07:63:29:66:c5:c4:
d3:19:e7:9e:5c:ea:4f:97:0b:a0:18:f9:85:e0:92:
e2:80:99:9a:d1:a6:55:a3:53:6b:fe:94:f2:fb:ea:
cf:a5:3e:cb:89:3a:d2:97:11:0c:b0:0f:b8:2a:17:
26:67:28:00:d0:40:18:d2:09:3d:81:4b:b4:38:7d:
b1:60:cb:a4:01:67:31:83:68:87:2b:c2:9e:4f:8f:
11:a3:ee:2d:01:63:d9:2e:1c:ac:02:99:e7:9a:d8:
7d:4a:bf:2e:79:77:7c:a2:3f:d8:f6:59:1e:e2:82:
af:e8:0f:54:e4:e2:f2:36:7a:bf:4f:54:a3:72:74:
a3:cc:65:fd:48:cb:ee:44:50:84:74:26:ef:19:af:
a8:c8:d8:36:90:95:57:04:20:82:0e:73:2d:e6:f3:
8c:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:BC:2A:B8:D7:06:AD:0D:69:58:B4:0D:3B:D5:F6:34:80:C2:A6:77
X509v3 Authority Key Identifier:
keyid:46:8B:59:2F:31:10:BC:6C:35:24:9A:82:71:A0:DA:C1:A9:AC:B0:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RotZLzEQvGw1JJqCcaDawamssM4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/29e166-98d2-49f2-8497-0503749adea0/1/crwquNcGrQ1pWLQNO9X2NIDCpnc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/29e166-98d2-49f2-8497-0503749adea0/1/RotZLzEQvGw1JJqCcaDawamssM4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.50.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:1d:68:ce:e8:d2:ac:55:2d:27:ee:7b:99:17:54:b3:a1:c9:
54:36:72:aa:22:85:f6:34:83:5c:cb:8f:58:29:c2:80:61:9f:
b1:28:e9:c9:5f:22:06:0f:b5:4b:31:9d:37:c5:e1:fb:77:24:
52:fc:d8:97:91:7f:ea:fa:7d:df:7b:8b:22:78:36:56:f0:de:
cd:70:4d:ae:b1:f3:7e:61:12:c7:55:5c:4f:c5:04:c5:8c:c3:
7d:c1:40:05:00:89:6f:8e:d2:1f:e9:ae:a8:2e:61:95:12:ec:
08:bb:f6:78:98:4a:7e:b1:95:5f:48:de:4f:2a:6c:bf:d9:91:
8b:59:df:e4:4d:09:38:29:84:b6:79:4b:f0:61:a2:a5:4d:9f:
c2:9a:c5:aa:bc:e8:e6:25:4e:37:67:07:ae:b3:a8:39:be:87:
08:57:30:a9:0c:35:14:5f:73:1b:97:37:cb:e6:25:1b:7b:24:
82:ac:e6:36:88:df:bb:4f:c6:30:fd:34:5c:e2:c2:87:f4:75:
17:33:dc:3e:e7:31:c2:2f:b7:60:ad:05:d9:e1:0f:2a:0c:1d:
7e:75:95:ec:04:67:bd:39:a6:6d:c6:b2:c0:5e:88:4d:fb:80:
01:18:d9:f5:53:a5:0d:36:97:b3:12:99:4f:5e:24:f8:2d:97:
a7:d0:72:d5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY3cB7Hr6dbUay9zg9n13UwuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2OGI1OTJmMzExMGJjNmMzNTI0OWE4MjcxYTBkYWMxYTlh
Y2IwY2UwHhcNMjQwMjI0MTY1MTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmJjMmFiOGQ3MDZhZDBkNjk1OGI0MGQzYmQ1ZjYzNDgwYzJhNjc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmFRqg2WSQ4AA7tkkfboN8m6NPVlX
sYS4Q7aF2Kd1o/jjflyf64r5sAGe+9yQKKbgqPBhMkuEdiXnsmGNrJx1edlz4PVO
PObVd9f91jXCxvE8HkdT48VFMAF/h1qGjcHhC4sHYylmxcTTGeeeXOpPlwugGPmF
4JLigJma0aZVo1Nr/pTy++rPpT7LiTrSlxEMsA+4KhcmZygA0EAY0gk9gUu0OH2x
YMukAWcxg2iHK8KeT48Ro+4tAWPZLhysApnnmth9Sr8ueXd8oj/Y9lke4oKv6A9U
5OLyNnq/T1SjcnSjzGX9SMvuRFCEdCbvGa+oyNg2kJVXBCCCDnMt5vOMGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHK8KrjXBq0NaVi0DTvV9jSAwqZ3MB8GA1UdIwQY
MBaAFEaLWS8xELxsNSSagnGg2sGprLDOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUm90Wkx6RVF2R3cxSkpxQ2NhRGF3YW1zc000LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy8yOWUxNjYtOThkMi00OWYyLTg0OTct
MDUwMzc0OWFkZWEwLzEvY3J3cXVOY0dyUTFwV0xRTk85WDJOSURDcG5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy8yOWUxNjYtOThkMi00OWYyLTg0OTctMDUwMzc0OWFkZWEw
LzEvUm90Wkx6RVF2R3cxSkpxQ2NhRGF3YW1zc000LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkhMyMA0G
CSqGSIb3DQEBCwUAA4IBAQAOHWjO6NKsVS0n7nuZF1SzoclUNnKqIoX2NINcy49Y
KcKAYZ+xKOnJXyIGD7VLMZ03xeH7dyRS/NiXkX/q+n3fe4sieDZW8N7NcE2usfN+
YRLHVVxPxQTFjMN9wUAFAIlvjtIf6a6oLmGVEuwIu/Z4mEp+sZVfSN5PKmy/2ZGL
Wd/kTQk4KYS2eUvwYaKlTZ/CmsWqvOjmJU43Zweus6g5vocIVzCpDDUUX3MblzfL
5iUbeySCrOY2iN+7T8Yw/TRc4sKH9HUXM9w+5zHCL7dgrQXZ4Q8qDB1+dZXsBGe9
OaZtxrLAXohN+4ABGNn1U6UNNpezEplPXiT4LZen0HLV
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:27 2024 by rpki-client on console-ams.rpki-client.org