Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/3VAIzTd2hLEs71y6C7x-4K13Flk.roa
File: 3VAIzTd2hLEs71y6C7x-4K13Flk.roa (raw, json)
Hash identifier: 15bGfGBNW/J+YSFHtyz7TQA50k8RHiu8YChxD87n9IU=
Subject key identifier: DD:50:08:CD:37:76:84:B1:2C:EF:5C:BA:0B:BC:7E:E0:AD:77:16:59
Certificate issuer: /CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
Certificate serial: 018571556FF1CD78719F47216579F99C4807
Authority key identifier: 8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/3VAIzTd2hLEs71y6C7x-4K13Flk.roa
Signing time: Mon 02 Jan 2023 07:15:02 +0000
ROA not before: Mon 02 Jan 2023 07:15:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 397423
IP address blocks: 178.171.50.0/23 maxlen: 23
178.171.48.0/23 maxlen: 23
178.171.62.0/23 maxlen: 23
178.171.60.0/23 maxlen: 23
158.46.176.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:55:6f:f1:cd:78:71:9f:47:21:65:79:f9:9c:48:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
Validity
Not Before: Jan 2 07:15:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dd5008cd377684b12cef5cba0bbc7ee0ad771659
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:43:bc:ea:4a:d7:4b:db:95:8e:86:71:28:8d:
33:76:af:47:28:d4:e0:f0:5a:e2:15:a0:1a:21:d0:
99:97:cf:9a:9f:a6:7a:ad:fc:e2:0e:29:a0:c6:e9:
b4:d5:bc:03:88:cf:4c:a3:35:1a:2f:d3:e1:ba:22:
58:3e:99:4e:a7:78:58:43:1d:62:3b:3a:61:0a:cf:
94:24:94:af:bd:b5:58:90:1e:a5:32:bb:62:ce:c8:
45:3e:a0:4b:b2:07:df:c7:f6:bf:04:32:b1:36:c1:
27:ae:9b:cd:04:d4:e4:f0:51:a1:86:b9:ea:20:55:
5c:fb:67:13:e4:fa:22:24:03:db:a0:e2:ff:f7:b3:
39:24:c1:6e:47:85:8a:b7:a1:41:02:cf:0f:e1:21:
89:80:9a:eb:56:54:2d:ed:b7:c0:ed:c7:a9:8b:6a:
ca:5a:46:ec:73:30:3d:4f:93:1c:6c:ef:57:3e:11:
fd:c6:d9:b4:d9:5d:40:73:ef:16:dc:ab:3f:5c:40:
93:80:9a:f3:9c:98:73:b3:fe:ed:7d:8d:64:79:5c:
47:bb:d0:ed:51:98:cf:81:92:d6:d7:a7:ca:d9:23:
1d:d1:41:78:67:37:82:10:db:61:0f:cd:c7:42:7f:
87:11:9f:42:d3:90:fc:0b:f5:85:af:d2:d1:c4:5e:
5e:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:50:08:CD:37:76:84:B1:2C:EF:5C:BA:0B:BC:7E:E0:AD:77:16:59
X509v3 Authority Key Identifier:
keyid:8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/3VAIzTd2hLEs71y6C7x-4K13Flk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/jRHLAV35uqthIo27zhfdTgDmPBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.46.176.0/22
178.171.48.0/22
178.171.60.0/22
Signature Algorithm: sha256WithRSAEncryption
0b:29:37:a3:f7:b4:88:e2:56:59:4e:00:1e:a4:45:9a:e8:3c:
1b:6a:a9:16:d2:50:bd:62:db:d8:a5:2f:40:5d:f0:a4:1e:29:
2c:5c:d3:2f:95:c4:8d:15:46:01:b9:03:68:2d:bd:d4:c6:8b:
d6:9a:d7:df:ac:97:db:88:70:e5:a0:54:ce:fe:d7:1f:e3:cd:
e0:e5:6b:16:3d:98:0e:07:ef:c9:a1:80:d3:1c:5a:99:3f:4e:
8b:eb:e2:d6:bc:7e:54:35:2c:ca:dc:bc:a0:10:54:9b:5c:7f:
f2:8b:a6:52:4e:d2:ed:e8:fc:24:d4:9e:19:11:3b:db:56:09:
e1:1c:06:8c:f4:bd:0b:79:09:36:1f:8d:ce:49:1d:20:cf:47:
60:ac:58:75:e2:84:06:67:37:28:29:37:18:51:2b:5d:30:db:
f4:23:f4:0b:61:a8:25:90:8d:1c:2a:3a:fd:7e:be:55:83:f4:
cc:79:4f:36:5a:ee:1d:61:9d:af:d3:7a:7b:75:70:b4:02:33:
a7:6b:e2:7a:cf:bb:61:c7:93:b2:b0:ee:f9:76:98:03:51:5b:
9a:07:be:62:20:09:e7:90:b5:48:47:bf:99:ba:9d:e6:57:f5:
42:a0:d8:82:19:c5:78:eb:ce:2c:77:de:83:37:4b:15:62:da:
08:be:65:e9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVxVW/xzXhxn0chZXn5nEgHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMTFjYjAxNWRmOWJhYWI2MTIyOGRiYmNlMTdkZDRlMDBl
NjNjMTMwHhcNMjMwMTAyMDcxNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDUwMDhjZDM3NzY4NGIxMmNlZjVjYmEwYmJjN2VlMGFkNzcxNjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyEO86krXS9uVjoZxKI0zdq9HKNTg
8FriFaAaIdCZl8+an6Z6rfziDimgxum01bwDiM9MozUaL9PhuiJYPplOp3hYQx1i
OzphCs+UJJSvvbVYkB6lMrtizshFPqBLsgffx/a/BDKxNsEnrpvNBNTk8FGhhrnq
IFVc+2cT5PoiJAPboOL/97M5JMFuR4WKt6FBAs8P4SGJgJrrVlQt7bfA7cepi2rK
WkbsczA9T5McbO9XPhH9xtm02V1Ac+8W3Ks/XECTgJrznJhzs/7tfY1keVxHu9Dt
UZjPgZLW16fK2SMd0UF4ZzeCENthD83HQn+HEZ9C05D8C/WFr9LRxF5eXQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFN1QCM03doSxLO9cugu8fuCtdxZZMB8GA1UdIwQY
MBaAFI0RywFd+bqrYSKNu84X3U4A5jwTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEt
YmE3NzFmZmQyNjljLzEvM1ZBSXpUZDJoTEVzNzF5NkM3eC00SzEzRmxrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEtYmE3NzFmZmQyNjlj
LzEvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCni6wAwQC
sqswAwQCsqs8MA0GCSqGSIb3DQEBCwUAA4IBAQALKTej97SI4lZZTgAepEWa6Dwb
aqkW0lC9YtvYpS9AXfCkHiksXNMvlcSNFUYBuQNoLb3UxovWmtffrJfbiHDloFTO
/tcf483g5WsWPZgOB+/JoYDTHFqZP06L6+LWvH5UNSzK3LygEFSbXH/yi6ZSTtLt
6Pwk1J4ZETvbVgnhHAaM9L0LeQk2H43OSR0gz0dgrFh14oQGZzcoKTcYUStdMNv0
I/QLYaglkI0cKjr9fr5Vg/TMeU82Wu4dYZ2v03p7dXC0AjOna+J6z7thx5OysO75
dpgDUVuaB75iIAnnkLVIR7+Zup3mV/VCoNiCGcV4684sd96DN0sVYtoIvmXp
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:09 2024 by rpki-client on console-ams.rpki-client.org