Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/8042bf-71ba-4fbd-9e17-447edc4f9af6/1/NXteH195G-AOvxqBEGmzNnF5Tew.roa
File: NXteH195G-AOvxqBEGmzNnF5Tew.roa (raw, json)
Hash identifier: HRfCxCBRayLO/2c02K1/GXayA6OL8SMGfYGfZcHliag=
Subject key identifier: 35:7B:5E:1F:5F:79:1B:E0:0E:BF:1A:81:10:69:B3:36:71:79:4D:EC
Certificate issuer: /CN=e2e8f56bc1f5010291681bc2d8c02f9acbf714a0
Certificate serial: 019102C0F0B172F27B833E10DE80B9FFD1FF
Authority key identifier: E2:E8:F5:6B:C1:F5:01:02:91:68:1B:C2:D8:C0:2F:9A:CB:F7:14:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4uj1a8H1AQKRaBvC2MAvmsv3FKA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/8042bf-71ba-4fbd-9e17-447edc4f9af6/1/NXteH195G-AOvxqBEGmzNnF5Tew.roa
Signing time: Tue 30 Jul 2024 08:28:04 +0000
ROA not before: Tue 30 Jul 2024 08:28:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48789
IP address blocks: 46.238.212.0/22 maxlen: 22
46.238.228.0/22 maxlen: 22
46.238.240.0/21 maxlen: 21
46.238.248.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 30 Jul 2024 08:42:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:02:c0:f0:b1:72:f2:7b:83:3e:10:de:80:b9:ff:d1:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2e8f56bc1f5010291681bc2d8c02f9acbf714a0
Validity
Not Before: Jul 30 08:28:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=357b5e1f5f791be00ebf1a811069b33671794dec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:e5:2f:79:ec:e1:ad:4d:08:2a:c4:37:56:b1:
39:af:f0:90:32:8e:ee:e7:62:7f:04:9f:43:15:6b:
ee:c9:71:d7:20:1a:94:e5:42:b3:40:82:4e:9a:3c:
11:da:d3:c5:ea:e4:db:c5:7a:ab:6b:b5:d8:d0:58:
d7:d1:06:29:18:e4:46:52:4f:aa:4e:3e:fe:bf:34:
95:b7:99:24:2f:b1:3b:21:9c:1d:50:9a:81:bc:a2:
6c:d0:25:de:3d:d9:dc:33:03:06:6a:59:a1:f0:7f:
a1:ea:95:4c:c6:9d:81:39:9f:be:1e:92:c6:1d:43:
82:48:15:a4:88:a2:19:4a:d1:fa:1d:f3:9d:7c:09:
19:30:29:d7:92:7d:bf:08:db:37:2e:6d:35:c2:a5:
25:04:69:84:25:83:0f:61:eb:ed:c8:9f:e4:b4:63:
6b:12:92:14:82:68:df:f5:e0:f8:3b:2e:fb:f3:22:
84:f8:6e:7f:d0:f2:15:76:7c:2e:32:c9:a8:47:81:
54:fe:cf:44:ab:bf:02:11:03:c9:1d:d1:d6:c8:df:
03:f3:18:6d:70:98:e9:31:f2:04:6e:01:17:75:ba:
b8:c0:aa:02:14:c6:58:99:92:d1:4a:62:f9:d3:4c:
7e:78:03:42:8a:d8:fd:a5:cb:57:b4:81:c5:84:ef:
ce:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:7B:5E:1F:5F:79:1B:E0:0E:BF:1A:81:10:69:B3:36:71:79:4D:EC
X509v3 Authority Key Identifier:
keyid:E2:E8:F5:6B:C1:F5:01:02:91:68:1B:C2:D8:C0:2F:9A:CB:F7:14:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4uj1a8H1AQKRaBvC2MAvmsv3FKA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/8042bf-71ba-4fbd-9e17-447edc4f9af6/1/NXteH195G-AOvxqBEGmzNnF5Tew.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/8042bf-71ba-4fbd-9e17-447edc4f9af6/1/4uj1a8H1AQKRaBvC2MAvmsv3FKA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.238.212.0/22
46.238.228.0/22
46.238.240.0-46.238.249.255
Signature Algorithm: sha256WithRSAEncryption
48:ea:79:78:fd:27:3e:6f:b3:83:4d:1e:12:cd:46:c4:1e:0b:
3e:03:0c:4e:ec:b3:f1:a3:5e:11:b6:85:c0:ac:15:79:a1:ef:
09:58:24:b8:f0:c5:25:09:26:8b:a0:97:a6:3d:e2:14:d5:12:
a0:a1:06:56:35:13:74:69:8b:02:1b:66:bd:e4:f0:4a:49:20:
05:0e:d8:c5:f9:a7:8b:c0:66:92:4d:79:b9:9e:e6:be:47:d8:
ae:8f:98:ee:7c:fc:b2:a9:de:0b:85:89:37:f4:ee:3c:80:86:
7e:83:bf:06:11:3f:6c:4d:40:2c:f4:30:e3:13:04:7c:24:0d:
b2:d2:5c:a1:f6:15:43:45:e6:f5:67:a1:6d:fb:5c:a4:81:4d:
6a:3e:bf:00:ed:f6:cd:9d:3a:7c:f8:0b:80:9a:99:ee:35:80:
ee:5b:c1:d5:dc:2c:d1:c1:cf:79:38:77:56:7f:d8:c5:d5:29:
b6:a6:a4:35:08:65:7b:31:2a:d1:5f:76:15:e4:bc:e6:25:6a:
87:f2:e6:ed:2a:64:05:95:84:04:8c:73:58:19:51:50:c3:21:
9a:4b:95:8d:1d:eb:47:4b:bd:45:5b:a2:c4:48:5e:3a:3b:a5:
77:c0:b3:43:17:c8:31:83:1f:7a:18:5f:65:64:41:05:d4:ac:
57:a7:73:10
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZECwPCxcvJ7gz4Q3oC5/9H/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZThmNTZiYzFmNTAxMDI5MTY4MWJjMmQ4YzAyZjlhY2Jm
NzE0YTAwHhcNMjQwNzMwMDgyODA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTdiNWUxZjVmNzkxYmUwMGViZjFhODExMDY5YjMzNjcxNzk0ZGVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjuUveezhrU0IKsQ3VrE5r/CQMo7u
52J/BJ9DFWvuyXHXIBqU5UKzQIJOmjwR2tPF6uTbxXqra7XY0FjX0QYpGORGUk+q
Tj7+vzSVt5kkL7E7IZwdUJqBvKJs0CXePdncMwMGalmh8H+h6pVMxp2BOZ++HpLG
HUOCSBWkiKIZStH6HfOdfAkZMCnXkn2/CNs3Lm01wqUlBGmEJYMPYevtyJ/ktGNr
EpIUgmjf9eD4Oy778yKE+G5/0PIVdnwuMsmoR4FU/s9Eq78CEQPJHdHWyN8D8xht
cJjpMfIEbgEXdbq4wKoCFMZYmZLRSmL500x+eANCitj9pctXtIHFhO/OHwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFDV7Xh9feRvgDr8agRBpszZxeU3sMB8GA1UdIwQY
MBaAFOLo9WvB9QECkWgbwtjAL5rL9xSgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHVqMWE4SDFBUUtSYUJ2QzJNQXZtc3YzRktBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC84MDQyYmYtNzFiYS00ZmJkLTllMTct
NDQ3ZWRjNGY5YWY2LzEvTlh0ZUgxOTVHLUFPdnhxQkVHbXpObkY1VGV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC84MDQyYmYtNzFiYS00ZmJkLTllMTctNDQ3ZWRjNGY5YWY2
LzEvNHVqMWE4SDFBUUtSYUJ2QzJNQXZtc3YzRktBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCLu7UAwQC
Lu7kMAwDBAQu7vADBAEu7vgwDQYJKoZIhvcNAQELBQADggEBAEjqeXj9Jz5vs4NN
HhLNRsQeCz4DDE7ss/GjXhG2hcCsFXmh7wlYJLjwxSUJJougl6Y94hTVEqChBlY1
E3RpiwIbZr3k8EpJIAUO2MX5p4vAZpJNebme5r5H2K6PmO58/LKp3guFiTf07jyA
hn6DvwYRP2xNQCz0MOMTBHwkDbLSXKH2FUNF5vVnoW37XKSBTWo+vwDt9s2dOnz4
C4Came41gO5bwdXcLNHBz3k4d1Z/2MXVKbampDUIZXsxKtFfdhXkvOYlaofy5u0q
ZAWVhASMc1gZUVDDIZpLlY0d60dLvUVbosRIXjo7pXfAs0MXyDGDH3oYX2VkQQXU
rFencxA=
-----END CERTIFICATE-----
Generated at Tue Jul 30 12:34:32 2024 by rpki-client on console-ams.rpki-client.org