Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/288416-a46e-49c3-9337-249ce0c312b3/1/4s36IzJMiEJ6JzpZsNrVyKJyCcQ.roa
File: 4s36IzJMiEJ6JzpZsNrVyKJyCcQ.roa (raw, json)
Hash identifier: evMzjwwOD4Ptns9ljW+agXaivDrKU3Kn9jtmEszkeHA=
Subject key identifier: E2:CD:FA:23:32:4C:88:42:7A:27:3A:59:B0:DA:D5:C8:A2:72:09:C4
Certificate issuer: /CN=bfaea358aeeeb7d0b9e0f93d23f67d29a7ec62c8
Certificate serial: 018571B0D7A370BE7A578FE7BCCB23BC3E43
Authority key identifier: BF:AE:A3:58:AE:EE:B7:D0:B9:E0:F9:3D:23:F6:7D:29:A7:EC:62:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v66jWK7ut9C54Pk9I_Z9KafsYsg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/288416-a46e-49c3-9337-249ce0c312b3/1/4s36IzJMiEJ6JzpZsNrVyKJyCcQ.roa
Signing time: Mon 02 Jan 2023 08:54:52 +0000
ROA not before: Mon 02 Jan 2023 08:54:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24685
IP address blocks: 146.19.54.0/24 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:30:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:b0:d7:a3:70:be:7a:57:8f:e7:bc:cb:23:bc:3e:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfaea358aeeeb7d0b9e0f93d23f67d29a7ec62c8
Validity
Not Before: Jan 2 08:54:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e2cdfa23324c88427a273a59b0dad5c8a27209c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:2b:fc:4d:31:43:1c:21:5e:ff:e3:d8:92:5d:
03:5b:7f:e2:47:8d:2c:b1:ab:52:0e:59:ac:8a:02:
20:86:cb:31:0c:ee:cf:00:9d:15:a9:b1:08:78:7d:
a7:19:7b:63:16:a3:cd:4b:d9:04:6b:8f:65:bc:49:
21:5e:c5:36:19:02:22:72:ba:98:2e:e9:03:73:44:
84:61:00:07:09:3d:a9:26:8b:00:cf:78:98:67:1b:
57:db:a5:2e:96:34:aa:f5:b8:86:0a:a9:d1:db:c3:
ae:2d:35:59:57:1a:5b:90:1c:07:cb:5d:f3:b9:57:
8a:c2:4a:0d:77:7e:d5:07:68:67:2c:65:2c:11:1b:
c6:7b:5d:a5:cf:0e:c4:fd:0f:6b:ed:11:e6:68:4e:
bf:93:56:85:9e:be:ef:f2:66:b7:6f:87:da:74:81:
ba:b3:a6:7c:a2:f4:64:d5:48:76:ce:22:ab:34:82:
28:3a:3d:07:7f:bb:35:75:46:a9:52:41:bb:ff:f6:
ce:2a:49:7b:79:07:f0:20:e7:ed:31:85:f0:b4:35:
d0:29:1d:86:d0:d9:83:77:44:12:63:55:f2:5f:30:
56:2d:d8:38:19:e4:6d:f5:0c:8a:e8:93:02:39:52:
32:0f:10:1d:4f:db:d0:d7:64:ea:f3:b9:f9:4e:87:
15:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:CD:FA:23:32:4C:88:42:7A:27:3A:59:B0:DA:D5:C8:A2:72:09:C4
X509v3 Authority Key Identifier:
keyid:BF:AE:A3:58:AE:EE:B7:D0:B9:E0:F9:3D:23:F6:7D:29:A7:EC:62:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v66jWK7ut9C54Pk9I_Z9KafsYsg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/288416-a46e-49c3-9337-249ce0c312b3/1/4s36IzJMiEJ6JzpZsNrVyKJyCcQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/288416-a46e-49c3-9337-249ce0c312b3/1/v66jWK7ut9C54Pk9I_Z9KafsYsg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.54.0/24
Signature Algorithm: sha256WithRSAEncryption
77:16:1f:85:fe:55:b0:86:2f:5a:66:31:b6:3c:94:f6:f0:d2:
ee:0c:3c:39:1a:0b:dc:93:32:08:41:32:12:3d:4f:eb:aa:d1:
02:18:46:d3:43:a8:7e:e0:97:a4:a5:88:17:0b:3e:bd:c2:7c:
3b:14:50:7e:d8:a1:86:14:86:36:11:ea:90:5c:7e:5b:c2:14:
92:c7:6a:4c:4f:fe:91:f6:bd:72:f2:07:2e:f2:cb:d5:6a:ce:
5c:9e:da:85:18:42:5d:13:94:f5:6e:73:78:34:04:d2:05:b1:
69:11:b4:0a:7e:9e:38:6b:5a:87:4e:a7:31:9c:69:99:3f:ae:
8a:9b:a3:bc:ff:a5:f5:63:33:f1:a2:77:c2:8c:66:1e:10:38:
a8:f3:30:d0:a7:70:04:d8:b6:41:b0:dd:7e:5d:1a:5b:48:a7:
9f:3e:f7:6f:7f:12:31:19:6d:fc:80:68:2e:13:c4:c3:13:d4:
4e:ca:cf:e1:90:b4:f7:40:3e:64:a9:05:21:4e:ed:ae:24:93:
a8:22:f8:be:9b:35:f4:08:87:26:c9:51:1d:00:53:02:bc:5e:
ad:a4:4e:02:af:08:3c:26:f5:e2:66:06:6b:cc:33:a9:0f:98:
e7:3a:0d:eb:60:1e:f4:b3:27:46:a2:db:6c:58:4e:1b:7c:89:
78:26:77:ea
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxsNejcL56V4/nvMsjvD5DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmYWVhMzU4YWVlZWI3ZDBiOWUwZjkzZDIzZjY3ZDI5YTdl
YzYyYzgwHhcNMjMwMTAyMDg1NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmNkZmEyMzMyNGM4ODQyN2EyNzNhNTliMGRhZDVjOGEyNzIwOWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApyv8TTFDHCFe/+PYkl0DW3/iR40s
satSDlmsigIghssxDO7PAJ0VqbEIeH2nGXtjFqPNS9kEa49lvEkhXsU2GQIicrqY
LukDc0SEYQAHCT2pJosAz3iYZxtX26UuljSq9biGCqnR28OuLTVZVxpbkBwHy13z
uVeKwkoNd37VB2hnLGUsERvGe12lzw7E/Q9r7RHmaE6/k1aFnr7v8ma3b4fadIG6
s6Z8ovRk1Uh2ziKrNIIoOj0Hf7s1dUapUkG7//bOKkl7eQfwIOftMYXwtDXQKR2G
0NmDd0QSY1XyXzBWLdg4GeRt9QyK6JMCOVIyDxAdT9vQ12Tq87n5TocVLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOLN+iMyTIhCeic6WbDa1ciicgnEMB8GA1UdIwQY
MBaAFL+uo1iu7rfQueD5PSP2fSmn7GLIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjY2aldLN3V0OUM1NFBrOUlfWjlLYWZzWXNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC8yODg0MTYtYTQ2ZS00OWMzLTkzMzct
MjQ5Y2UwYzMxMmIzLzEvNHMzNkl6Sk1pRUo2SnpwWnNOclZ5S0p5Q2NRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC8yODg0MTYtYTQ2ZS00OWMzLTkzMzctMjQ5Y2UwYzMxMmIz
LzEvdjY2aldLN3V0OUM1NFBrOUlfWjlLYWZzWXNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkhM2MA0G
CSqGSIb3DQEBCwUAA4IBAQB3Fh+F/lWwhi9aZjG2PJT28NLuDDw5GgvckzIIQTIS
PU/rqtECGEbTQ6h+4JekpYgXCz69wnw7FFB+2KGGFIY2EeqQXH5bwhSSx2pMT/6R
9r1y8gcu8svVas5cntqFGEJdE5T1bnN4NATSBbFpEbQKfp44a1qHTqcxnGmZP66K
m6O8/6X1YzPxonfCjGYeEDio8zDQp3AE2LZBsN1+XRpbSKefPvdvfxIxGW38gGgu
E8TDE9ROys/hkLT3QD5kqQUhTu2uJJOoIvi+mzX0CIcmyVEdAFMCvF6tpE4Crwg8
JvXiZgZrzDOpD5jnOg3rYB70sydGottsWE4bfIl4Jnfq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:42 2024 by rpki-client on console-ams.rpki-client.org