Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/FXPcfYWNYauU4_na7DJnANZvIOk.roa
File: FXPcfYWNYauU4_na7DJnANZvIOk.roa (raw, json)
Hash identifier: Fi4hgiqaPnkRd1clRKINcJQ87BgZyy1hdokciR9r+oo=
Subject key identifier: 15:73:DC:7D:85:8D:61:AB:94:E3:F9:DA:EC:32:67:00:D6:6F:20:E9
Certificate issuer: /CN=5588f197f97e8900755544e810cddef9d90fbc41
Certificate serial: 0192D912216EBD9BE09BC61DDD5E275E0E49
Authority key identifier: 55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/FXPcfYWNYauU4_na7DJnANZvIOk.roa
Signing time: Tue 29 Oct 2024 16:18:16 +0000
ROA not before: Tue 29 Oct 2024 16:18:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7029
IP address blocks: 46.3.8.0/22 maxlen: 22
46.3.28.0/23 maxlen: 24
46.3.40.0/21 maxlen: 24
46.3.89.0/24 maxlen: 24
46.3.90.0/24 maxlen: 24
46.3.91.0/24 maxlen: 24
46.3.120.0/21 maxlen: 24
46.3.134.0/24 maxlen: 24
46.3.160.0/24 maxlen: 24
46.3.161.0/24 maxlen: 24
46.3.162.0/24 maxlen: 24
46.3.163.0/24 maxlen: 24
46.3.184.0/22 maxlen: 24
46.3.188.0/24 maxlen: 24
46.3.201.0/24 maxlen: 24
46.3.206.0/23 maxlen: 24
46.3.208.0/22 maxlen: 24
46.3.212.0/22 maxlen: 24
46.3.228.0/23 maxlen: 24
46.3.236.0/23 maxlen: 24
46.3.243.0/24 maxlen: 24
46.3.244.0/24 maxlen: 24
46.3.246.0/24 maxlen: 24
46.3.248.0/24 maxlen: 24
46.3.251.0/24 maxlen: 24
46.3.253.0/24 maxlen: 24
46.3.254.0/24 maxlen: 24
46.3.255.0/24 maxlen: 24
46.232.0.0/22 maxlen: 24
46.232.16.0/23 maxlen: 24
46.232.18.0/23 maxlen: 24
46.232.64.0/24 maxlen: 24
46.232.65.0/24 maxlen: 24
46.232.66.0/24 maxlen: 24
46.232.68.0/24 maxlen: 24
46.232.116.0/23 maxlen: 24
46.232.118.0/23 maxlen: 24
46.232.124.0/23 maxlen: 24
46.232.126.0/23 maxlen: 24
149.126.193.0/24 maxlen: 24
149.126.196.0/24 maxlen: 24
149.126.226.0/24 maxlen: 24
149.126.228.0/24 maxlen: 24
149.126.231.0/24 maxlen: 24
149.126.242.0/24 maxlen: 24
149.126.244.0/24 maxlen: 24
149.126.245.0/24 maxlen: 24
149.126.247.0/24 maxlen: 24
149.126.248.0/24 maxlen: 24
149.126.249.0/24 maxlen: 24
149.126.250.0/24 maxlen: 24
149.126.252.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 19 Nov 2024 21:04:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:d9:12:21:6e:bd:9b:e0:9b:c6:1d:dd:5e:27:5e:0e:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5588f197f97e8900755544e810cddef9d90fbc41
Validity
Not Before: Oct 29 16:18:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1573dc7d858d61ab94e3f9daec326700d66f20e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:5c:f7:ae:86:3d:a8:e1:92:52:bb:3a:82:c8:
31:33:3a:02:e4:ce:22:79:50:b5:ac:1e:22:6d:c8:
13:6f:16:52:2e:b9:1a:e1:0c:75:2d:cf:46:50:ff:
db:c6:68:03:83:cb:9b:da:86:4b:bc:c1:96:8d:1b:
0a:bc:61:96:cd:1a:12:0e:00:4a:56:a1:ce:8e:7e:
77:cf:f4:a1:6b:3d:61:29:c1:e9:e9:90:b9:6d:f6:
c6:11:0b:e3:1b:93:45:af:1d:40:44:81:46:3c:91:
83:ec:7b:98:7a:88:e0:ba:4d:02:70:ff:29:91:3a:
d9:31:7b:96:42:68:13:bd:b4:6d:84:ef:30:83:33:
71:bf:40:de:08:3d:0d:23:23:2b:5a:6e:fc:75:4c:
a7:d3:b2:9a:37:f9:ff:53:41:78:8a:06:4a:9b:0c:
45:fd:8f:16:99:d9:5a:be:ef:84:4e:f7:15:9b:4c:
79:bf:33:91:03:a2:a4:2b:40:d7:f5:7b:38:75:06:
68:aa:77:d1:af:ad:f8:92:2a:35:e6:00:7f:38:87:
17:69:3c:5d:93:7a:74:32:71:a8:75:fc:d2:40:7a:
90:46:32:74:e3:60:f3:bc:75:0e:2c:a7:90:db:9f:
9a:58:7c:d6:c6:fa:24:76:4d:e5:8a:2e:a8:e6:a2:
ee:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:73:DC:7D:85:8D:61:AB:94:E3:F9:DA:EC:32:67:00:D6:6F:20:E9
X509v3 Authority Key Identifier:
keyid:55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/FXPcfYWNYauU4_na7DJnANZvIOk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.3.8.0/22
46.3.28.0/23
46.3.40.0/21
46.3.89.0-46.3.91.255
46.3.120.0/21
46.3.134.0/24
46.3.160.0/22
46.3.184.0-46.3.188.255
46.3.201.0/24
46.3.206.0-46.3.215.255
46.3.228.0/23
46.3.236.0/23
46.3.243.0-46.3.244.255
46.3.246.0/24
46.3.248.0/24
46.3.251.0/24
46.3.253.0-46.3.255.255
46.232.0.0/22
46.232.16.0/22
46.232.64.0-46.232.66.255
46.232.68.0/24
46.232.116.0/22
46.232.124.0/22
149.126.193.0/24
149.126.196.0/24
149.126.226.0/24
149.126.228.0/24
149.126.231.0/24
149.126.242.0/24
149.126.244.0/23
149.126.247.0-149.126.250.255
149.126.252.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:8c:49:2a:3f:8b:cf:95:8d:db:27:c1:f7:de:fb:34:bc:98:
37:23:d7:34:88:d3:be:fe:4c:a5:b3:d0:fa:0a:0e:a3:19:4c:
cc:55:60:ac:b0:44:b5:b9:d9:3c:29:7b:61:ee:de:0f:7f:a4:
88:cc:a3:ce:b0:02:25:8d:21:7e:f9:03:06:ce:94:c7:36:3c:
f4:0d:6e:ec:a8:67:09:1e:a4:47:00:ce:3a:f7:e4:67:86:17:
83:85:13:7f:64:fc:97:e9:5f:f6:5b:e0:0e:cc:b9:99:69:6e:
86:70:43:37:59:f1:f9:9a:03:2d:5f:e6:2f:54:fa:0a:21:24:
3b:82:8a:5e:fd:e7:35:44:8a:9f:a6:65:88:7b:0f:8e:f1:0a:
6c:fa:70:d2:6e:6b:1b:ed:c5:d3:7f:b6:b1:78:e5:45:4b:6b:
e3:d1:49:63:45:74:a9:0a:00:64:88:ea:65:a4:1a:d8:89:f6:
18:16:3a:a0:1d:3c:a1:19:15:cf:34:28:4e:e2:89:18:f3:ab:
ac:77:2e:e1:c4:d2:bf:dc:18:30:5c:c5:00:ca:ab:d1:5c:c7:
37:0d:cf:f8:1a:34:7f:dd:b8:ba:24:61:6c:56:29:b3:ea:19:
b0:3f:d6:59:78:7f:33:62:53:21:26:ce:f2:a0:49:86:dc:6c:
3f:06:3a:2c
-----BEGIN CERTIFICATE-----
MIIF9jCCBN6gAwIBAgISAZLZEiFuvZvgm8Yd3V4nXg5JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1ODhmMTk3Zjk3ZTg5MDA3NTU1NDRlODEwY2RkZWY5ZDkw
ZmJjNDEwHhcNMjQxMDI5MTYxODE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTczZGM3ZDg1OGQ2MWFiOTRlM2Y5ZGFlYzMyNjcwMGQ2NmYyMGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAilz3roY9qOGSUrs6gsgxMzoC5M4i
eVC1rB4ibcgTbxZSLrka4Qx1Lc9GUP/bxmgDg8ub2oZLvMGWjRsKvGGWzRoSDgBK
VqHOjn53z/Shaz1hKcHp6ZC5bfbGEQvjG5NFrx1ARIFGPJGD7HuYeojguk0CcP8p
kTrZMXuWQmgTvbRthO8wgzNxv0DeCD0NIyMrWm78dUyn07KaN/n/U0F4igZKmwxF
/Y8Wmdlavu+ETvcVm0x5vzORA6KkK0DX9Xs4dQZoqnfRr634kio15gB/OIcXaTxd
k3p0MnGodfzSQHqQRjJ042DzvHUOLKeQ25+aWHzWxvokdk3lii6o5qLuewIDAQAB
o4IDAjCCAv4wHQYDVR0OBBYEFBVz3H2FjWGrlOP52uwyZwDWbyDpMB8GA1UdIwQY
MBaAFFWI8Zf5fokAdVVE6BDN3vnZD7xBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2Et
N2NmZWY0Mjc2YTBmLzEvRlhQY2ZZV05ZYXVVNF9uYTdESm5BTlp2SU9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2EtN2NmZWY0Mjc2YTBm
LzEvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBFgYIKwYBBQUHAQcBAf8EggEFMIIBATCB/gQCAAEwgfcD
BAIuAwgDBAEuAxwDBAMuAygwDAMEAC4DWQMEAi4DWAMEAy4DeAMEAC4DhgMEAi4D
oDAMAwQDLgO4AwQALgO8AwQALgPJMAwDBAEuA84DBAMuA9ADBAEuA+QDBAEuA+ww
DAMEAC4D8wMEAC4D9AMEAC4D9gMEAC4D+AMEAC4D+zALAwQALgP9AwMCLgADBAIu
6AADBAIu6BAwDAMEBi7oQAMEAC7oQgMEAC7oRAMEAi7odAMEAi7ofAMEAJV+wQME
AJV+xAMEAJV+4gMEAJV+5AMEAJV+5wMEAJV+8gMEAZV+9DAMAwQAlX73AwQAlX76
AwQAlX78MA0GCSqGSIb3DQEBCwUAA4IBAQArjEkqP4vPlY3bJ8H33vs0vJg3I9c0
iNO+/kyls9D6Cg6jGUzMVWCssES1udk8KXth7t4Pf6SIzKPOsAIljSF++QMGzpTH
Njz0DW7sqGcJHqRHAM469+RnhheDhRN/ZPyX6V/2W+AOzLmZaW6GcEM3WfH5mgMt
X+YvVPoKISQ7gope/ec1RIqfpmWIew+O8Qps+nDSbmsb7cXTf7axeOVFS2vj0Ulj
RXSpCgBkiOplpBrYifYYFjqgHTyhGRXPNChO4okY86usdy7hxNK/3BgwXMUAyqvR
XMc3Dc/4GjR/3bi6JGFsVimz6hmwP9ZZeH8zYlMhJs7yoEmG3Gw/Bjos
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:10:15 2025 by rpki-client