Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/eu1zGwninrZK4mVP35gp0fKbJwY.roa
File: eu1zGwninrZK4mVP35gp0fKbJwY.roa (raw, json)
Hash identifier: HgjH+6vROhPMwaP3KVWYOpY5LC47yqLl2YWDRui4YQA=
Subject key identifier: 7A:ED:73:1B:09:E2:9E:B6:4A:E2:65:4F:DF:98:29:D1:F2:9B:27:06
Certificate issuer: /CN=6d6fbfa9753db8d846433db5351d9a9ec07c96bd
Certificate serial: 019886
Authority key identifier: 6D:6F:BF:A9:75:3D:B8:D8:46:43:3D:B5:35:1D:9A:9E:C0:7C:96:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bW-_qXU9uNhGQz21NR2ansB8lr0.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/eu1zGwninrZK4mVP35gp0fKbJwY.roa
Signing time: Fri 18 Apr 2025 22:53:09 +0000
ROA not before: Fri 18 Apr 2025 22:53:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 10233
IP address blocks: 147.28.8.0/23 maxlen: 24
Validation: Failed, certificate revoked on Sun 20 Apr 2025 17:37:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 104582 (0x19886)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d6fbfa9753db8d846433db5351d9a9ec07c96bd
Validity
Not Before: Apr 18 22:53:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7AED731B09E29EB64AE2654FDF9829D1F29B2706
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:48:12:f0:a6:e4:78:7e:11:2e:a7:93:a4:f9:
3b:bc:25:66:bf:23:c5:c1:de:ea:4f:09:63:f9:3b:
56:bc:48:c8:cc:93:20:6d:1c:c2:b5:b3:53:b2:12:
f9:27:e6:e1:8e:3b:c6:2e:bd:99:71:6f:bf:91:d5:
14:53:a1:36:6e:85:d7:57:04:df:b7:30:e6:34:2e:
6f:9f:b8:27:39:9a:20:66:cc:cc:ce:6f:b2:c5:cb:
a6:2b:46:34:0c:87:9c:7c:1b:9d:67:e8:b1:61:c6:
8b:9b:74:c0:16:f1:dd:e7:fd:aa:ec:67:f1:28:a7:
ce:6f:93:5e:83:66:96:f6:35:0c:f8:a8:78:de:dc:
fb:37:8b:10:42:de:85:a1:ab:82:e5:5e:25:0c:4c:
f5:54:58:d9:c0:cc:4e:a8:d6:70:18:95:d3:02:d9:
65:2d:06:05:34:e4:07:9d:6b:77:35:d0:8d:95:3e:
c1:f5:cc:f9:09:c5:55:87:f6:38:ae:c7:b4:5b:1a:
50:53:06:21:30:d3:dd:96:21:b1:c7:63:fb:5c:c0:
8d:1d:fc:21:b8:6a:a6:3a:c4:07:a2:c6:d4:8c:e3:
9a:32:69:5d:cb:0a:a2:2a:07:55:96:c3:ed:c4:f9:
98:ad:89:d1:a9:79:49:90:10:3b:d6:02:8a:f8:ba:
41:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:ED:73:1B:09:E2:9E:B6:4A:E2:65:4F:DF:98:29:D1:F2:9B:27:06
X509v3 Authority Key Identifier:
keyid:6D:6F:BF:A9:75:3D:B8:D8:46:43:3D:B5:35:1D:9A:9E:C0:7C:96:BD
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/bW-_qXU9uNhGQz21NR2ansB8lr0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bW-_qXU9uNhGQz21NR2ansB8lr0.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/eu1zGwninrZK4mVP35gp0fKbJwY.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
147.28.8.0/23
Signature Algorithm: sha256WithRSAEncryption
72:47:75:04:1f:6f:ad:d8:79:ff:36:e7:e5:15:13:fc:4b:bd:
5c:46:1f:4f:dc:3d:c8:2c:75:f5:9f:88:b8:49:e5:a5:18:40:
d8:a5:ab:5b:7b:80:61:55:a1:11:16:27:43:9f:b3:d7:95:48:
34:fb:50:49:da:30:1a:58:73:20:02:d5:35:95:be:34:05:fa:
54:1a:07:65:67:69:e6:b0:63:f3:34:3a:3a:fd:f1:a1:f6:39:
61:f4:6e:bc:78:9b:57:1e:02:39:b2:31:ed:81:2f:14:ff:6f:
31:b3:f2:c0:ca:2f:c2:a3:e1:47:d5:25:76:34:05:ce:67:0f:
16:7b:76:3c:47:c4:97:5d:3c:67:61:63:a0:04:19:4e:25:43:
11:a4:87:c5:57:91:31:98:a1:d4:76:5b:54:24:12:55:34:56:
2f:5b:83:d0:ae:ca:45:e6:35:2b:1e:fe:ba:83:66:bc:d3:34:
71:2d:af:ac:6a:8b:61:ff:56:09:8e:49:46:de:76:38:c3:0f:
3e:a6:fb:cc:0f:28:2b:50:03:81:70:5a:09:94:6d:ba:7a:fa:
63:37:5d:c8:d0:ad:9a:6a:c9:75:35:6e:f3:5e:64:d7:6d:d6:
fc:db:30:e4:c2:7f:c8:c8:e4:82:7a:b2:a5:bd:7b:9f:20:dd:
92:1e:ae:04
-----BEGIN CERTIFICATE-----
MIIEuTCCA6GgAwIBAgIDAZiGMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDZk
NmZiZmE5NzUzZGI4ZDg0NjQzM2RiNTM1MWQ5YTllYzA3Yzk2YmQwHhcNMjUwNDE4
MjI1MzA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg3QUVENzMxQjA5RTI5
RUI2NEFFMjY1NEZERjk4MjlEMUYyOUIyNzA2MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA8UgS8KbkeH4RLqeTpPk7vCVmvyPFwd7qTwlj+TtWvEjIzJMg
bRzCtbNTshL5J+bhjjvGLr2ZcW+/kdUUU6E2boXXVwTftzDmNC5vn7gnOZogZszM
zm+yxcumK0Y0DIecfBudZ+ixYcaLm3TAFvHd5/2q7GfxKKfOb5Neg2aW9jUM+Kh4
3tz7N4sQQt6FoauC5V4lDEz1VFjZwMxOqNZwGJXTAtllLQYFNOQHnWt3NdCNlT7B
9cz5CcVVh/Y4rse0WxpQUwYhMNPdliGxx2P7XMCNHfwhuGqmOsQHosbUjOOaMmld
ywqiKgdVlsPtxPmYrYnRqXlJkBA71gKK+LpBFwIDAQABo4IB1DCCAdAwHQYDVR0O
BBYEFHrtcxsJ4p62SuJlT9+YKdHymycGMB8GA1UdIwQYMBaAFG1vv6l1PbjYRkM9
tTUdmp7AfJa9MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwUAYDVR0fBEkwRzBF
oEOgQYY/cnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9SR25ldC1PVS9iVy1fcVhVOXVO
aEdRejIxTlIyYW5zQjhscjAuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggrBgEFBQcw
AoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iVy1f
cVhVOXVOaEdRejIxTlIyYW5zQjhscjAuY2VyMA4GA1UdDwEB/wQEAwIHgDCBigYI
KwYBBQUHAQsEfjB8MEsGCCsGAQUFBzALhj9yc3luYzovL2NhLnJnLm5ldC9ycGtp
L1JHbmV0LU9VL2V1MXpHd25pbnJaSzRtVlAzNWdwMGZLYkp3WS5yb2EwLQYIKwYB
BQUHMA2GIWh0dHBzOi8vY2EucmcubmV0L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEF
BQcBBwEB/wQQMA4wDAQCAAEwBgMEAZMcCDANBgkqhkiG9w0BAQsFAAOCAQEAckd1
BB9vrdh5/zbn5RUT/Eu9XEYfT9w9yCx19Z+IuEnlpRhA2KWrW3uAYVWhERYnQ5+z
15VINPtQSdowGlhzIALVNZW+NAX6VBoHZWdp5rBj8zQ6Ov3xofY5YfRuvHibVx4C
ObIx7YEvFP9vMbPywMovwqPhR9UldjQFzmcPFnt2PEfEl108Z2FjoAQZTiVDEaSH
xVeRMZih1HZbVCQSVTRWL1uD0K7KReY1Kx7+uoNmvNM0cS2vrGqLYf9WCY5JRt52
OMMPPqb7zA8oK1ADgXBaCZRtunr6YzddyNCtmmrJdTVu815k123W/Nsw5MJ/yMjk
gnqypb17nyDdkh6uBA==
-----END CERTIFICATE-----
Generated at Sun May 18 11:23:24 2025 by rpki-client