Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/89962e-b11c-4e69-b413-ab63d45f4b6a/1/b83l7mW4GPmuZmEL0ghC-O6d4mE.roa
File: b83l7mW4GPmuZmEL0ghC-O6d4mE.roa (raw, json)
Hash identifier: Y8AhJAumTn9xkUCcVPNoAWu16epeZa7oeWUya4dsEIw=
Subject key identifier: 6F:CD:E5:EE:65:B8:18:F9:AE:66:61:0B:D2:08:42:F8:EE:9D:E2:61
Certificate issuer: /CN=4f9131775b3260b11a16240d1d8e76891d7f3732
Certificate serial: 0190F6881ECDFD349A653BC7B47133219B72
Authority key identifier: 4F:91:31:77:5B:32:60:B1:1A:16:24:0D:1D:8E:76:89:1D:7F:37:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5Exd1syYLEaFiQNHY52iR1_NzI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/89962e-b11c-4e69-b413-ab63d45f4b6a/1/b83l7mW4GPmuZmEL0ghC-O6d4mE.roa
Signing time: Sat 27 Jul 2024 23:30:34 +0000
ROA not before: Sat 27 Jul 2024 23:30:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16276
IP address blocks: 43.226.0.0/23 maxlen: 23
46.17.217.0/24 maxlen: 24
63.251.117.0/24 maxlen: 24
64.95.150.0/23 maxlen: 23
64.225.244.0/23 maxlen: 23
91.198.19.0/24 maxlen: 24
104.225.253.0/24 maxlen: 24
117.18.104.0/24 maxlen: 24
123.100.227.0/24 maxlen: 24
148.222.40.0/22 maxlen: 22
167.234.38.0/24 maxlen: 24
198.49.103.0/24 maxlen: 24
202.2.60.0/22 maxlen: 22
216.183.120.0/24 maxlen: 24
216.203.15.0/24 maxlen: 24
217.11.174.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 27 Aug 2024 15:25:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:f6:88:1e:cd:fd:34:9a:65:3b:c7:b4:71:33:21:9b:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9131775b3260b11a16240d1d8e76891d7f3732
Validity
Not Before: Jul 27 23:30:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6fcde5ee65b818f9ae66610bd20842f8ee9de261
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:e3:b0:9f:0c:90:87:15:5e:7f:34:70:c8:57:
51:61:59:46:21:4f:8c:f7:25:3d:6a:d2:10:b4:31:
db:a4:22:c6:14:46:a8:7a:19:e2:0b:2d:48:5c:b9:
bb:56:af:17:5e:ab:18:75:22:c1:a1:ca:d0:f7:59:
85:15:89:62:3e:35:88:04:92:ff:46:27:35:0b:14:
37:77:9c:c3:a3:e9:67:bf:a4:64:58:13:10:70:0b:
32:32:27:cf:8e:db:a8:35:61:5b:ed:b3:29:61:a3:
35:96:e2:5e:0b:ac:83:3c:35:7a:5e:61:b4:61:a2:
76:42:65:e1:eb:00:f7:5d:81:b4:f5:58:d1:2a:0c:
20:2c:71:a4:1b:d0:3d:fc:0d:f0:45:4b:2b:dd:7b:
61:4f:70:02:ea:3a:ab:06:8d:aa:67:3a:98:99:10:
24:af:65:8e:8a:5e:19:57:b1:bf:83:50:30:29:db:
84:8c:52:03:88:6a:60:e1:2a:90:74:3b:4b:7d:5c:
7a:cb:b6:6c:ff:cb:2a:5a:86:28:94:88:46:5b:96:
e4:32:54:13:f4:d8:52:86:95:48:0e:3a:7b:72:e6:
c4:5e:35:8b:ee:d8:29:94:73:04:f6:d8:fe:1d:f4:
53:17:df:9d:3e:ba:5b:1e:80:98:95:a2:08:43:90:
58:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:CD:E5:EE:65:B8:18:F9:AE:66:61:0B:D2:08:42:F8:EE:9D:E2:61
X509v3 Authority Key Identifier:
keyid:4F:91:31:77:5B:32:60:B1:1A:16:24:0D:1D:8E:76:89:1D:7F:37:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5Exd1syYLEaFiQNHY52iR1_NzI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/89962e-b11c-4e69-b413-ab63d45f4b6a/1/b83l7mW4GPmuZmEL0ghC-O6d4mE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/89962e-b11c-4e69-b413-ab63d45f4b6a/1/T5Exd1syYLEaFiQNHY52iR1_NzI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.226.0.0/23
46.17.217.0/24
63.251.117.0/24
64.95.150.0/23
64.225.244.0/23
91.198.19.0/24
104.225.253.0/24
117.18.104.0/24
123.100.227.0/24
148.222.40.0/22
167.234.38.0/24
198.49.103.0/24
202.2.60.0/22
216.183.120.0/24
216.203.15.0/24
217.11.174.0/24
Signature Algorithm: sha256WithRSAEncryption
62:d4:e7:c9:2a:3e:21:f1:44:79:e7:1e:8e:e0:a9:83:de:25:
43:c6:b8:c8:34:02:41:3c:15:2c:83:24:45:6c:d7:25:16:08:
70:b1:90:e8:89:26:8c:b2:58:1a:25:5e:d2:3f:f2:5e:d5:65:
2f:51:b7:93:9b:fe:cd:da:e8:aa:0b:53:08:67:c0:82:59:2d:
14:05:8b:59:8d:78:ef:de:c6:e4:46:26:a3:cc:cf:e0:a7:94:
4b:fe:ae:95:fd:bb:ee:e2:bc:72:e2:17:cd:29:c4:f4:60:6c:
50:3b:b5:fa:f0:ba:2c:d2:8d:7e:e7:6a:6c:75:98:b4:70:34:
86:ee:59:bc:de:6f:96:8c:5c:e6:40:5f:a9:bf:4e:ff:e0:e2:
76:38:8d:02:a0:18:32:44:33:b8:36:3e:08:ab:b0:27:a5:59:
8b:64:86:de:7c:30:96:10:de:b2:14:f8:4c:54:d4:6b:d6:2f:
60:cc:87:65:84:25:b0:de:d1:f2:28:c3:b4:da:8b:a2:44:f3:
f3:0c:e0:02:7e:01:ab:c2:12:57:68:bb:bc:65:b1:22:0e:75:
22:46:66:45:d4:9b:57:33:c5:22:11:67:fd:ea:33:8e:69:cb:
cc:aa:ac:18:62:aa:e3:ac:e9:3d:05:a4:1a:eb:65:c6:72:23:
32:2f:71:37
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAZD2iB7N/TSaZTvHtHEzIZtyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTEzMTc3NWIzMjYwYjExYTE2MjQwZDFkOGU3Njg5MWQ3
ZjM3MzIwHhcNMjQwNzI3MjMzMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmNkZTVlZTY1YjgxOGY5YWU2NjYxMGJkMjA4NDJmOGVlOWRlMjYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnOOwnwyQhxVefzRwyFdRYVlGIU+M
9yU9atIQtDHbpCLGFEaoehniCy1IXLm7Vq8XXqsYdSLBocrQ91mFFYliPjWIBJL/
Ric1CxQ3d5zDo+lnv6RkWBMQcAsyMifPjtuoNWFb7bMpYaM1luJeC6yDPDV6XmG0
YaJ2QmXh6wD3XYG09VjRKgwgLHGkG9A9/A3wRUsr3XthT3AC6jqrBo2qZzqYmRAk
r2WOil4ZV7G/g1AwKduEjFIDiGpg4SqQdDtLfVx6y7Zs/8sqWoYolIhGW5bkMlQT
9NhShpVIDjp7cubEXjWL7tgplHME9tj+HfRTF9+dPrpbHoCYlaIIQ5BYTwIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFG/N5e5luBj5rmZhC9IIQvjuneJhMB8GA1UdIwQY
MBaAFE+RMXdbMmCxGhYkDR2OdokdfzcyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVFeGQxc3lZTEVhRmlRTkhZNTJpUjFfTnpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi84OTk2MmUtYjExYy00ZTY5LWI0MTMt
YWI2M2Q0NWY0YjZhLzEvYjgzbDdtVzRHUG11Wm1FTDBnaEMtTzZkNG1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi84OTk2MmUtYjExYy00ZTY5LWI0MTMtYWI2M2Q0NWY0YjZh
LzEvVDVFeGQxc3lZTEVhRmlRTkhZNTJpUjFfTnpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBmBAIAATBgAwQBK+IAAwQA
LhHZAwQAP/t1AwQBQF+WAwQBQOH0AwQAW8YTAwQAaOH9AwQAdRJoAwQAe2TjAwQC
lN4oAwQAp+omAwQAxjFnAwQCygI8AwQA2Ld4AwQA2MsPAwQA2QuuMA0GCSqGSIb3
DQEBCwUAA4IBAQBi1OfJKj4h8UR55x6O4KmD3iVDxrjINAJBPBUsgyRFbNclFghw
sZDoiSaMslgaJV7SP/Je1WUvUbeTm/7N2uiqC1MIZ8CCWS0UBYtZjXjv3sbkRiaj
zM/gp5RL/q6V/bvu4rxy4hfNKcT0YGxQO7X68Los0o1+52psdZi0cDSG7lm83m+W
jFzmQF+pv07/4OJ2OI0CoBgyRDO4Nj4Iq7AnpVmLZIbefDCWEN6yFPhMVNRr1i9g
zIdlhCWw3tHyKMO02ouiRPPzDOACfgGrwhJXaLu8ZbEiDnUiRmZF1JtXM8UiEWf9
6jOOacvMqqwYYqrjrOk9BaQa62XGciMyL3E3
-----END CERTIFICATE-----
Generated at Tue Aug 27 18:20:06 2024 by rpki-client on console-fra.rpki-client.org