Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/488f61-2f00-4639-97b8-d24f562dedd2/1/AMRz3ic7gshS05wkFayMGnvvaDU.roa
File: AMRz3ic7gshS05wkFayMGnvvaDU.roa (raw, json)
Hash identifier: gIvMDOApNV//FGwbc7uGExQJZ9AdPNS56unhydu9+hY=
Subject key identifier: 00:C4:73:DE:27:3B:82:C8:52:D3:9C:24:15:AC:8C:1A:7B:EF:68:35
Certificate issuer: /CN=e760126dce78bc16e66c2e6e7635848ac46846af
Certificate serial: 018965793F986035CA99720B4176C896DC97
Authority key identifier: E7:60:12:6D:CE:78:BC:16:E6:6C:2E:6E:76:35:84:8A:C4:68:46:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/52ASbc54vBbmbC5udjWEisRoRq8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/488f61-2f00-4639-97b8-d24f562dedd2/1/AMRz3ic7gshS05wkFayMGnvvaDU.roa
Signing time: Mon 17 Jul 2023 20:09:52 +0000
ROA not before: Mon 17 Jul 2023 20:09:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 146.247.107.0/24 maxlen: 24
146.247.112.0/23 maxlen: 24
146.247.118.0/24 maxlen: 24
146.247.122.0/24 maxlen: 24
146.247.119.0/24 maxlen: 24
146.247.126.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 22 Jul 2023 11:48:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:65:79:3f:98:60:35:ca:99:72:0b:41:76:c8:96:dc:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e760126dce78bc16e66c2e6e7635848ac46846af
Validity
Not Before: Jul 17 20:09:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=00c473de273b82c852d39c2415ac8c1a7bef6835
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:5e:80:3d:33:f7:33:cd:a3:47:e9:8c:0d:1e:
60:35:16:43:b9:6f:2b:32:d3:84:c5:e7:d4:1c:90:
c3:e8:d1:fd:d5:d7:77:97:87:87:0c:1d:7e:9f:e8:
b2:4d:e7:69:65:c3:ed:29:7e:13:d5:33:15:6f:97:
6c:64:55:1d:ea:0c:a4:a7:d9:26:57:09:e9:80:04:
5e:ac:dc:8c:1a:4e:c1:2c:d1:dc:21:1b:5e:36:5e:
c2:a8:70:ae:48:80:10:82:14:fa:0b:60:fa:68:16:
15:26:c0:ca:7b:f6:57:12:49:69:ad:19:e2:6b:0c:
dc:05:48:0a:57:ff:92:c7:4e:32:00:27:1b:8c:49:
0e:db:c2:43:bc:3b:98:88:49:60:bb:14:42:b1:53:
4f:75:75:a3:f9:e7:16:8c:1f:50:ce:d5:78:fb:07:
17:cc:d3:e5:2c:2d:76:ea:0e:6d:95:d3:f9:46:16:
27:be:e0:56:2a:90:6c:d2:ed:2e:5d:61:8c:c6:16:
77:89:7f:35:fc:7f:00:63:52:bb:a0:4f:d6:33:f9:
89:58:3f:2f:37:0d:e6:68:10:a0:84:aa:e7:cd:86:
69:50:44:6f:92:ee:15:7b:8d:74:ff:af:c0:c6:50:
5d:67:3b:f5:8b:44:17:e2:e0:28:b3:ea:e9:54:16:
bf:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:C4:73:DE:27:3B:82:C8:52:D3:9C:24:15:AC:8C:1A:7B:EF:68:35
X509v3 Authority Key Identifier:
keyid:E7:60:12:6D:CE:78:BC:16:E6:6C:2E:6E:76:35:84:8A:C4:68:46:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/52ASbc54vBbmbC5udjWEisRoRq8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/488f61-2f00-4639-97b8-d24f562dedd2/1/AMRz3ic7gshS05wkFayMGnvvaDU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/488f61-2f00-4639-97b8-d24f562dedd2/1/52ASbc54vBbmbC5udjWEisRoRq8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.247.107.0/24
146.247.112.0/23
146.247.118.0/23
146.247.122.0/24
146.247.126.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:7a:e6:d4:a9:ef:ec:d9:e7:b2:3c:8e:1c:a0:de:52:69:c3:
cf:f1:1f:dc:fd:20:d6:21:ce:17:70:fd:f8:76:7e:95:32:b9:
9e:39:e3:16:38:27:02:3b:7b:a8:11:6e:d5:1f:24:0d:41:0d:
4a:37:50:a1:43:a3:4b:4b:3d:a5:22:73:5b:da:f3:84:f5:72:
f7:03:f2:29:91:63:13:8e:65:5d:a0:60:7f:60:24:48:eb:f6:
86:e6:22:ed:8e:97:14:a5:bb:d0:19:5d:35:97:89:5a:e8:cd:
38:fb:39:4a:04:1a:95:6e:2b:e5:cc:cb:58:99:f1:b1:91:a8:
c6:a1:97:b5:71:28:dd:21:9c:03:ac:58:1b:a0:de:f7:65:6c:
61:7d:03:30:82:9e:a8:14:95:3b:5f:38:32:fd:39:c1:91:01:
f8:e8:b1:c2:66:fc:99:cc:21:45:ec:82:4b:2a:7f:30:ce:94:
53:57:fc:3d:69:20:a5:c8:ef:d5:2f:35:46:a0:80:ce:66:bf:
3b:2f:35:2a:c3:22:3e:8a:45:e2:ef:99:bd:ff:a5:33:c5:fc:
61:ac:63:ad:8f:4e:2d:19:54:6c:98:54:97:75:1f:ac:a5:ba:
8f:cf:d8:e8:59:79:da:52:9e:e7:54:d6:be:bf:d8:f6:22:03:
24:83:a8:8b
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYlleT+YYDXKmXILQXbIltyXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NjAxMjZkY2U3OGJjMTZlNjZjMmU2ZTc2MzU4NDhhYzQ2
ODQ2YWYwHhcNMjMwNzE3MjAwOTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGM0NzNkZTI3M2I4MmM4NTJkMzljMjQxNWFjOGMxYTdiZWY2ODM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAml6APTP3M82jR+mMDR5gNRZDuW8r
MtOExefUHJDD6NH91dd3l4eHDB1+n+iyTedpZcPtKX4T1TMVb5dsZFUd6gykp9km
VwnpgARerNyMGk7BLNHcIRteNl7CqHCuSIAQghT6C2D6aBYVJsDKe/ZXEklprRni
awzcBUgKV/+Sx04yACcbjEkO28JDvDuYiElguxRCsVNPdXWj+ecWjB9QztV4+wcX
zNPlLC126g5tldP5RhYnvuBWKpBs0u0uXWGMxhZ3iX81/H8AY1K7oE/WM/mJWD8v
Nw3maBCghKrnzYZpUERvku4Ve410/6/AxlBdZzv1i0QX4uAos+rpVBa/uwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFADEc94nO4LIUtOcJBWsjBp772g1MB8GA1UdIwQY
MBaAFOdgEm3OeLwW5mwubnY1hIrEaEavMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTJBU2JjNTR2QmJtYkM1dWRqV0Vpc1JvUnE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS80ODhmNjEtMmYwMC00NjM5LTk3Yjgt
ZDI0ZjU2MmRlZGQyLzEvQU1SejNpYzdnc2hTMDV3a0ZheU1HbnZ2YURVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS80ODhmNjEtMmYwMC00NjM5LTk3YjgtZDI0ZjU2MmRlZGQy
LzEvNTJBU2JjNTR2QmJtYkM1dWRqV0Vpc1JvUnE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAkvdrAwQB
kvdwAwQBkvd2AwQAkvd6AwQAkvd+MA0GCSqGSIb3DQEBCwUAA4IBAQAdeubUqe/s
2eeyPI4coN5SacPP8R/c/SDWIc4XcP34dn6VMrmeOeMWOCcCO3uoEW7VHyQNQQ1K
N1ChQ6NLSz2lInNb2vOE9XL3A/IpkWMTjmVdoGB/YCRI6/aG5iLtjpcUpbvQGV01
l4la6M04+zlKBBqVbivlzMtYmfGxkajGoZe1cSjdIZwDrFgboN73ZWxhfQMwgp6o
FJU7Xzgy/TnBkQH46LHCZvyZzCFF7IJLKn8wzpRTV/w9aSClyO/VLzVGoIDOZr87
LzUqwyI+ikXi75m9/6UzxfxhrGOtj04tGVRsmFSXdR+spbqPz9joWXnaUp7nVNa+
v9j2IgMkg6iL
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:19 2024 by rpki-client on console-fra.rpki-client.org