Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/3PGfEn19zJ2tNYHZkHkbpq_1J1w.roa
File: 3PGfEn19zJ2tNYHZkHkbpq_1J1w.roa (raw, json)
Hash identifier: HmhE5yuv5NygPtemTccmIG+Wuf+tQ0KdDPwHel1fNNA=
Subject key identifier: DC:F1:9F:12:7D:7D:CC:9D:AD:35:81:D9:90:79:1B:A6:AF:F5:27:5C
Certificate issuer: /CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
Certificate serial: 018571556C7205104B077FF2FDED7B01D2C7
Authority key identifier: 8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/3PGfEn19zJ2tNYHZkHkbpq_1J1w.roa
Signing time: Mon 02 Jan 2023 07:15:01 +0000
ROA not before: Mon 02 Jan 2023 07:15:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9009
IP address blocks: 158.46.136.0/21 maxlen: 21
158.46.144.0/20 maxlen: 24
158.46.152.0/24 maxlen: 24
158.46.156.0/24 maxlen: 24
158.46.158.0/24 maxlen: 24
158.46.164.0/22 maxlen: 22
158.46.162.0/23 maxlen: 23
158.46.160.0/23 maxlen: 23
158.46.168.0/21 maxlen: 21
158.46.186.0/23 maxlen: 23
158.46.184.0/23 maxlen: 23
178.171.20.0/22 maxlen: 24
158.46.132.0/22 maxlen: 22
178.171.36.0/23 maxlen: 23
158.46.188.0/22 maxlen: 24
178.171.103.0/24 maxlen: 24
178.171.105.0/24 maxlen: 24
178.171.112.0/23 maxlen: 23
178.171.108.0/23 maxlen: 23
178.171.106.0/23 maxlen: 23
178.171.114.0/23 maxlen: 23
178.171.116.0/23 maxlen: 23
Validation: Failed, certificate revoked on Fri 24 Mar 2023 09:32:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:55:6c:72:05:10:4b:07:7f:f2:fd:ed:7b:01:d2:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
Validity
Not Before: Jan 2 07:15:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dcf19f127d7dcc9dad3581d990791ba6aff5275c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:9b:22:37:ba:1b:53:f6:05:62:f1:96:9f:32:
96:84:b6:07:24:ef:50:47:fe:52:2b:8f:81:60:f2:
0d:c1:06:ed:e9:ec:a4:1d:2d:47:c0:a2:2f:56:ba:
90:ec:be:0e:e1:2d:c1:d1:9d:98:43:a6:42:11:96:
19:d2:49:38:04:c6:0e:6a:16:e0:fc:63:9c:66:f8:
ed:c5:61:23:41:79:bb:1c:f9:0b:38:fa:4f:49:e3:
46:01:d5:d8:45:58:de:9b:0b:74:d3:ee:4f:2f:eb:
38:1d:c4:40:b9:00:8a:41:70:d7:ed:63:79:a1:ec:
9a:8b:2e:53:b3:3d:72:8f:17:f0:7f:1f:e6:37:88:
61:93:e6:4e:fa:1c:a8:37:a3:b1:4d:ea:9b:26:9f:
c4:21:58:1c:9c:27:99:7f:cc:02:68:22:e1:2f:01:
29:c5:5b:f1:c8:2d:5f:f6:f6:a5:65:59:a1:1c:46:
44:d7:8e:8b:5d:79:66:a8:b8:2f:af:78:b8:8c:c5:
c8:51:af:b6:39:4a:dd:1a:90:cc:47:70:50:84:0e:
80:af:fb:fc:6a:a7:9d:24:3b:64:8e:7d:3d:d8:4c:
56:58:17:1c:64:d5:87:58:5f:e5:7c:81:8a:a3:15:
cc:26:13:8e:0d:6a:27:4a:59:7e:35:e4:ea:5b:53:
18:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:F1:9F:12:7D:7D:CC:9D:AD:35:81:D9:90:79:1B:A6:AF:F5:27:5C
X509v3 Authority Key Identifier:
keyid:8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/3PGfEn19zJ2tNYHZkHkbpq_1J1w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/jRHLAV35uqthIo27zhfdTgDmPBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.46.132.0-158.46.175.255
158.46.184.0/21
178.171.20.0/22
178.171.36.0/23
178.171.103.0/24
178.171.105.0-178.171.109.255
178.171.112.0-178.171.117.255
Signature Algorithm: sha256WithRSAEncryption
44:0c:97:17:60:be:2b:13:1d:7e:00:9f:d5:72:b3:00:cf:61:
9a:2c:9c:f8:cc:6e:5d:88:ee:05:5e:8d:6b:8a:10:c0:d5:a5:
1d:c7:f8:c5:92:93:f4:69:e4:21:53:08:7c:94:11:d9:ed:f2:
78:2a:dc:0d:bb:21:8d:0e:82:c4:bd:69:e3:6f:37:f6:5c:f4:
be:3d:92:67:75:89:d9:47:98:8b:fa:c5:d8:fe:2a:d7:40:6b:
c0:55:b4:e2:06:fd:f4:7c:af:62:11:af:9b:c3:9b:8c:5f:c0:
37:32:1b:3e:d8:95:15:01:71:17:9e:ad:db:33:53:a5:91:b0:
bd:bc:3c:86:6f:8a:d9:94:f6:63:e7:63:99:f6:ca:ef:14:e9:
8a:17:82:95:1a:59:f1:4f:d4:ca:db:5c:88:39:93:96:ff:cf:
fd:06:4f:5e:29:26:1a:46:81:0c:d9:5d:f7:12:43:f9:f2:9c:
2c:de:71:fd:41:80:5e:46:74:23:67:28:90:7e:d3:57:29:06:
3e:79:99:4f:41:f9:a2:9d:01:9c:7d:dc:32:fe:75:52:a8:71:
fe:5e:33:9e:42:fc:b4:34:bf:5b:eb:95:3a:a7:d9:44:9b:90:
86:95:fb:47:4a:40:0c:04:cf:58:93:54:ec:d5:88:6d:d1:84:
85:a8:90:06
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYVxVWxyBRBLB3/y/e17AdLHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMTFjYjAxNWRmOWJhYWI2MTIyOGRiYmNlMTdkZDRlMDBl
NjNjMTMwHhcNMjMwMTAyMDcxNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2YxOWYxMjdkN2RjYzlkYWQzNTgxZDk5MDc5MWJhNmFmZjUyNzVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjJsiN7obU/YFYvGWnzKWhLYHJO9Q
R/5SK4+BYPINwQbt6eykHS1HwKIvVrqQ7L4O4S3B0Z2YQ6ZCEZYZ0kk4BMYOahbg
/GOcZvjtxWEjQXm7HPkLOPpPSeNGAdXYRVjemwt00+5PL+s4HcRAuQCKQXDX7WN5
oeyaiy5Tsz1yjxfwfx/mN4hhk+ZO+hyoN6OxTeqbJp/EIVgcnCeZf8wCaCLhLwEp
xVvxyC1f9valZVmhHEZE146LXXlmqLgvr3i4jMXIUa+2OUrdGpDMR3BQhA6Ar/v8
aqedJDtkjn092ExWWBccZNWHWF/lfIGKoxXMJhOODWonSll+NeTqW1MYSQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFNzxnxJ9fcydrTWB2ZB5G6av9SdcMB8GA1UdIwQY
MBaAFI0RywFd+bqrYSKNu84X3U4A5jwTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEt
YmE3NzFmZmQyNjljLzEvM1BHZkVuMTl6SjJ0TllIWmtIa2JwcV8xSjF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEtYmE3NzFmZmQyNjlj
LzEvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCMAwDBAKeLoQD
BASeLqADBAOeLrgDBAKyqxQDBAGyqyQDBACyq2cwDAMEALKraQMEAbKrbDAMAwQE
sqtwAwQBsqt0MA0GCSqGSIb3DQEBCwUAA4IBAQBEDJcXYL4rEx1+AJ/VcrMAz2Ga
LJz4zG5diO4FXo1rihDA1aUdx/jFkpP0aeQhUwh8lBHZ7fJ4KtwNuyGNDoLEvWnj
bzf2XPS+PZJndYnZR5iL+sXY/irXQGvAVbTiBv30fK9iEa+bw5uMX8A3Mhs+2JUV
AXEXnq3bM1OlkbC9vDyGb4rZlPZj52OZ9srvFOmKF4KVGlnxT9TK21yIOZOW/8/9
Bk9eKSYaRoEM2V33EkP58pws3nH9QYBeRnQjZyiQftNXKQY+eZlPQfminQGcfdwy
/nVSqHH+XjOeQvy0NL9b65U6p9lEm5CGlftHSkAMBM9Yk1Ts1Yht0YSFqJAG
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:09 2024 by rpki-client on console-ams.rpki-client.org