Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/fb9215-d1d1-47c2-ac81-84712c9f3464/1/G1Fm73IDdRvL_GIDmCptHFR9TMY.roa
File: G1Fm73IDdRvL_GIDmCptHFR9TMY.roa (raw, json)
Hash identifier: LO3QroOL/ouWqnS+ubODet3+mZLAAbV1kl5XSZIUQBs=
Subject key identifier: 1B:51:66:EF:72:03:75:1B:CB:FC:62:03:98:2A:6D:1C:54:7D:4C:C6
Certificate issuer: /CN=3a0429b5aecac8364544bf623f94f163afdce561
Certificate serial: 018DC12E6DE9CC3A9B0BF31D0E965CD747DA
Authority key identifier: 3A:04:29:B5:AE:CA:C8:36:45:44:BF:62:3F:94:F1:63:AF:DC:E5:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OgQpta7KyDZFRL9iP5TxY6_c5WE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/fb9215-d1d1-47c2-ac81-84712c9f3464/1/G1Fm73IDdRvL_GIDmCptHFR9TMY.roa
Signing time: Mon 19 Feb 2024 11:44:21 +0000
ROA not before: Mon 19 Feb 2024 11:44:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 146.0.0.0/24 maxlen: 24
146.0.15.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 19 Feb 2024 14:34:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c1:2e:6d:e9:cc:3a:9b:0b:f3:1d:0e:96:5c:d7:47:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a0429b5aecac8364544bf623f94f163afdce561
Validity
Not Before: Feb 19 11:44:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1b5166ef7203751bcbfc6203982a6d1c547d4cc6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:7e:4d:10:33:23:76:3e:d7:11:de:44:4a:9f:
52:d7:c2:f9:76:91:a8:7d:0b:21:e2:94:79:85:3f:
e6:3f:c5:55:da:c3:7a:b3:c9:ab:1b:5f:8f:1c:c4:
16:ab:6b:e0:83:11:c7:b3:26:d7:6b:b8:83:6c:0d:
f4:fb:ac:81:63:42:eb:e2:34:d3:74:4b:07:a8:75:
ce:0e:cc:eb:50:90:ee:82:e0:61:9f:04:cd:9b:9d:
a4:43:86:94:ee:c8:0b:e5:15:f1:73:b6:ae:fe:55:
ce:db:f3:48:4a:a9:cd:92:18:ba:47:7d:a7:b9:27:
db:a0:59:7b:ed:f9:fb:7b:d4:33:8c:d9:be:e2:ec:
8f:d6:7f:81:79:82:d2:08:34:14:52:9b:a7:75:e0:
7d:79:82:1f:d6:52:12:4b:1e:a6:f9:09:ec:ef:2b:
5f:d7:e9:c0:99:9f:a3:c7:15:3b:6b:d2:ef:f3:c8:
d8:e7:9a:3b:7d:48:ef:b1:c9:42:61:90:34:00:4f:
6c:76:a7:11:af:20:a2:d0:bd:9e:63:7e:50:a8:35:
67:b5:5e:54:95:4d:22:96:f9:7a:af:55:c5:29:67:
34:7f:e6:12:ca:43:a8:6a:6f:f6:31:59:d0:d9:f2:
29:e1:bd:5c:43:30:f8:6c:08:71:4d:0f:32:52:30:
ab:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:51:66:EF:72:03:75:1B:CB:FC:62:03:98:2A:6D:1C:54:7D:4C:C6
X509v3 Authority Key Identifier:
keyid:3A:04:29:B5:AE:CA:C8:36:45:44:BF:62:3F:94:F1:63:AF:DC:E5:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OgQpta7KyDZFRL9iP5TxY6_c5WE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/fb9215-d1d1-47c2-ac81-84712c9f3464/1/G1Fm73IDdRvL_GIDmCptHFR9TMY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/fb9215-d1d1-47c2-ac81-84712c9f3464/1/OgQpta7KyDZFRL9iP5TxY6_c5WE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.0.0.0/24
146.0.15.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:0c:7f:cb:28:b2:ea:ad:d1:3c:36:b9:72:80:cb:30:0b:3c:
92:9e:97:2d:e4:77:86:e4:70:8c:b6:49:19:41:1b:3f:64:33:
1d:8c:26:a4:07:f4:5b:ea:89:7d:e3:71:60:2c:71:71:f3:92:
28:ed:d4:6e:2a:2f:41:7b:fd:fc:15:59:d4:36:b1:66:19:fd:
f1:0a:8c:16:12:5e:c7:0d:88:2c:17:27:0a:7b:f0:cf:ce:f3:
14:6f:4c:8f:78:c7:ff:76:9b:8d:4e:37:a5:9a:09:0f:06:e0:
69:72:a8:4c:01:3a:ba:d3:4a:f0:1b:c2:ba:be:00:11:37:50:
b7:eb:64:7e:8c:1b:7d:32:5a:1b:9c:94:c6:c6:c8:31:f9:8f:
f8:4f:80:dd:27:cd:ff:f1:26:e6:1d:0c:03:ce:c8:54:1d:f9:
fa:d9:98:cd:f9:d2:f5:89:2b:6f:c7:dd:7b:32:3f:26:d0:cd:
85:10:3b:1d:63:d2:c1:ba:fd:f8:35:25:5d:a2:39:29:0e:61:
47:a9:d7:85:4e:d3:b7:b3:d9:bb:eb:ab:a0:a8:ec:42:3b:ba:
14:8f:b4:bd:84:c4:bf:ac:c0:88:78:12:b3:65:bd:d1:e3:0e:
9c:66:59:e0:1b:bf:e6:0d:12:ea:6a:41:a8:e5:2e:58:a7:f2:
e0:24:07:20
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY3BLm3pzDqbC/MdDpZc10faMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhMDQyOWI1YWVjYWM4MzY0NTQ0YmY2MjNmOTRmMTYzYWZk
Y2U1NjEwHhcNMjQwMjE5MTE0NDIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjUxNjZlZjcyMDM3NTFiY2JmYzYyMDM5ODJhNmQxYzU0N2Q0Y2M2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvX5NEDMjdj7XEd5ESp9S18L5dpGo
fQsh4pR5hT/mP8VV2sN6s8mrG1+PHMQWq2vggxHHsybXa7iDbA30+6yBY0Lr4jTT
dEsHqHXODszrUJDuguBhnwTNm52kQ4aU7sgL5RXxc7au/lXO2/NISqnNkhi6R32n
uSfboFl77fn7e9QzjNm+4uyP1n+BeYLSCDQUUpundeB9eYIf1lISSx6m+Qns7ytf
1+nAmZ+jxxU7a9Lv88jY55o7fUjvsclCYZA0AE9sdqcRryCi0L2eY35QqDVntV5U
lU0ilvl6r1XFKWc0f+YSykOoam/2MVnQ2fIp4b1cQzD4bAhxTQ8yUjCrBQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBtRZu9yA3Uby/xiA5gqbRxUfUzGMB8GA1UdIwQY
MBaAFDoEKbWuysg2RUS/Yj+U8WOv3OVhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2dRcHRhN0t5RFpGUkw5aVA1VHhZNl9jNVdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9mYjkyMTUtZDFkMS00N2MyLWFjODEt
ODQ3MTJjOWYzNDY0LzEvRzFGbTczSURkUnZMX0dJRG1DcHRIRlI5VE1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9mYjkyMTUtZDFkMS00N2MyLWFjODEtODQ3MTJjOWYzNDY0
LzEvT2dRcHRhN0t5RFpGUkw5aVA1VHhZNl9jNVdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAkgAAAwQA
kgAPMA0GCSqGSIb3DQEBCwUAA4IBAQCpDH/LKLLqrdE8NrlygMswCzySnpct5HeG
5HCMtkkZQRs/ZDMdjCakB/Rb6ol943FgLHFx85Io7dRuKi9Be/38FVnUNrFmGf3x
CowWEl7HDYgsFycKe/DPzvMUb0yPeMf/dpuNTjelmgkPBuBpcqhMATq600rwG8K6
vgARN1C362R+jBt9MlobnJTGxsgx+Y/4T4DdJ83/8SbmHQwDzshUHfn62ZjN+dL1
iStvx917Mj8m0M2FEDsdY9LBuv34NSVdojkpDmFHqdeFTtO3s9m766ugqOxCO7oU
j7S9hMS/rMCIeBKzZb3R4w6cZlngG7/mDRLqakGo5S5Yp/LgJAcg
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:03:00 2025 by rpki-client