Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/488f61-2f00-4639-97b8-d24f562dedd2/1/pg0M2XcaO4w0kIgbKIF9w5mh2nU.roa
File: pg0M2XcaO4w0kIgbKIF9w5mh2nU.roa (raw, json)
Hash identifier: Q9cnMutNYHOOeWoCu7UcoV2Zur/Tkg7NSvGs7Tf80wI=
Subject key identifier: A6:0D:0C:D9:77:1A:3B:8C:34:90:88:1B:28:81:7D:C3:99:A1:DA:75
Certificate issuer: /CN=e760126dce78bc16e66c2e6e7635848ac46846af
Certificate serial: 018572DF0BBA21F7BD306407F1DCD8E1188A
Authority key identifier: E7:60:12:6D:CE:78:BC:16:E6:6C:2E:6E:76:35:84:8A:C4:68:46:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/52ASbc54vBbmbC5udjWEisRoRq8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/488f61-2f00-4639-97b8-d24f562dedd2/1/pg0M2XcaO4w0kIgbKIF9w5mh2nU.roa
Signing time: Mon 02 Jan 2023 14:24:58 +0000
ROA not before: Mon 02 Jan 2023 14:24:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49581
IP address blocks: 146.247.117.0/24 maxlen: 24
146.247.122.0/24 maxlen: 24
146.247.126.0/24 maxlen: 24
146.247.127.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:df:0b:ba:21:f7:bd:30:64:07:f1:dc:d8:e1:18:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e760126dce78bc16e66c2e6e7635848ac46846af
Validity
Not Before: Jan 2 14:24:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a60d0cd9771a3b8c3490881b28817dc399a1da75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:ca:04:df:da:16:b0:f5:98:22:4f:3a:6b:25:
c6:6e:df:b1:57:12:44:40:43:c8:3c:5c:6c:ad:a7:
36:18:0b:c2:14:d8:46:dd:33:b7:80:1c:db:64:b4:
66:eb:de:76:dd:5d:c7:2c:c6:c0:b0:1c:57:c2:9d:
2d:31:8a:59:bd:6b:2f:5e:20:05:ad:77:ed:1f:0d:
97:6a:25:1e:27:d5:67:87:b9:91:7a:54:3e:86:33:
0a:78:0f:4a:c0:c3:d5:72:8a:21:1e:34:8d:5e:9e:
61:e4:a8:77:01:b9:a6:e6:34:03:b2:2e:79:87:d9:
45:d4:7b:60:11:a3:5f:1d:b6:41:89:86:26:26:de:
e5:d2:47:46:e0:f8:e6:b7:82:9a:f7:c6:56:d0:5c:
21:24:b1:11:09:20:60:4e:56:b3:ca:9e:dc:d6:b0:
2a:07:be:94:fa:ef:b3:50:b7:e3:2f:28:e1:32:0e:
7f:35:13:08:bf:ed:85:ff:e4:c1:33:5f:9a:f7:bc:
45:a1:a5:0f:7e:b3:44:d8:b8:58:f4:9b:08:bf:46:
ee:21:45:0d:ab:58:4f:e6:16:a4:0d:a3:d4:82:4a:
4e:ea:1a:74:1d:1e:f0:30:e9:df:7d:05:d9:ab:e4:
90:87:12:00:b3:f0:e5:4a:72:b3:95:cd:04:af:f0:
7d:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:0D:0C:D9:77:1A:3B:8C:34:90:88:1B:28:81:7D:C3:99:A1:DA:75
X509v3 Authority Key Identifier:
keyid:E7:60:12:6D:CE:78:BC:16:E6:6C:2E:6E:76:35:84:8A:C4:68:46:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/52ASbc54vBbmbC5udjWEisRoRq8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/488f61-2f00-4639-97b8-d24f562dedd2/1/pg0M2XcaO4w0kIgbKIF9w5mh2nU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/488f61-2f00-4639-97b8-d24f562dedd2/1/52ASbc54vBbmbC5udjWEisRoRq8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.247.117.0/24
146.247.122.0/24
146.247.126.0/23
Signature Algorithm: sha256WithRSAEncryption
51:32:57:54:d6:42:41:5b:ba:9d:cb:ec:4d:2b:72:b0:b3:8e:
4c:10:95:3b:80:2b:6b:e2:af:64:64:9b:e4:f6:9a:3e:89:9d:
b8:61:6a:e9:18:74:d6:bd:74:f1:d8:16:ee:b3:60:35:d6:a9:
fc:4b:3f:fa:90:7c:c7:36:2d:2e:d9:d1:26:1d:b4:d4:44:ce:
fb:b8:87:1e:78:8b:98:7e:83:6e:66:71:be:21:5c:f3:45:8b:
7c:97:4b:8a:15:10:53:de:a4:3b:c3:be:e5:d1:49:70:d2:ab:
41:76:08:a5:49:d5:84:d1:5d:27:d5:3d:ac:d3:75:ee:3b:af:
7a:81:4e:bb:3f:6a:7d:16:7e:10:ee:c2:82:1c:04:08:97:db:
93:2a:84:19:96:c0:9d:2c:3f:57:5d:d5:76:7b:1b:22:af:0e:
c9:0c:21:24:4b:20:f2:61:d9:a0:d8:dd:1a:4a:a9:09:4a:73:
b3:45:65:9c:2c:8f:2e:c4:d5:bd:fb:a2:0c:b8:13:26:73:9c:
13:cb:29:80:5f:22:4b:f5:77:75:ee:d7:03:d3:7d:61:7a:be:
70:d9:a6:9f:47:b6:8f:ca:52:86:a3:06:d4:75:f3:93:ba:38:
c6:de:54:2a:02:d9:18:d2:e4:39:9b:f9:f6:1a:08:30:75:2e:
ad:96:42:d9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVy3wu6Ife9MGQH8dzY4RiKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NjAxMjZkY2U3OGJjMTZlNjZjMmU2ZTc2MzU4NDhhYzQ2
ODQ2YWYwHhcNMjMwMTAyMTQyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjBkMGNkOTc3MWEzYjhjMzQ5MDg4MWIyODgxN2RjMzk5YTFkYTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuMoE39oWsPWYIk86ayXGbt+xVxJE
QEPIPFxsrac2GAvCFNhG3TO3gBzbZLRm69523V3HLMbAsBxXwp0tMYpZvWsvXiAF
rXftHw2XaiUeJ9Vnh7mRelQ+hjMKeA9KwMPVcoohHjSNXp5h5Kh3Abmm5jQDsi55
h9lF1HtgEaNfHbZBiYYmJt7l0kdG4Pjmt4Ka98ZW0FwhJLERCSBgTlazyp7c1rAq
B76U+u+zULfjLyjhMg5/NRMIv+2F/+TBM1+a97xFoaUPfrNE2LhY9JsIv0buIUUN
q1hP5hakDaPUgkpO6hp0HR7wMOnffQXZq+SQhxIAs/DlSnKzlc0Er/B9vwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKYNDNl3GjuMNJCIGyiBfcOZodp1MB8GA1UdIwQY
MBaAFOdgEm3OeLwW5mwubnY1hIrEaEavMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTJBU2JjNTR2QmJtYkM1dWRqV0Vpc1JvUnE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS80ODhmNjEtMmYwMC00NjM5LTk3Yjgt
ZDI0ZjU2MmRlZGQyLzEvcGcwTTJYY2FPNHcwa0lnYktJRjl3NW1oMm5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS80ODhmNjEtMmYwMC00NjM5LTk3YjgtZDI0ZjU2MmRlZGQy
LzEvNTJBU2JjNTR2QmJtYkM1dWRqV0Vpc1JvUnE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAkvd1AwQA
kvd6AwQBkvd+MA0GCSqGSIb3DQEBCwUAA4IBAQBRMldU1kJBW7qdy+xNK3Kws45M
EJU7gCtr4q9kZJvk9po+iZ24YWrpGHTWvXTx2Bbus2A11qn8Sz/6kHzHNi0u2dEm
HbTURM77uIceeIuYfoNuZnG+IVzzRYt8l0uKFRBT3qQ7w77l0Ulw0qtBdgilSdWE
0V0n1T2s03XuO696gU67P2p9Fn4Q7sKCHAQIl9uTKoQZlsCdLD9XXdV2exsirw7J
DCEkSyDyYdmg2N0aSqkJSnOzRWWcLI8uxNW9+6IMuBMmc5wTyymAXyJL9Xd17tcD
031her5w2aafR7aPylKGowbUdfOTujjG3lQqAtkY0uQ5m/n2GggwdS6tlkLZ
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:34 2023 by rpki-client on console-ams.rpki-client.org