Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/9OZzxD3c4_efpXwg1FRX5nm_IWE.roa
File: 9OZzxD3c4_efpXwg1FRX5nm_IWE.roa (raw, json)
Hash identifier: GQOosDwLBNoXxejm0m0Y9oSbW08jzqdgf53pZhZYUbE=
Subject key identifier: F4:E6:73:C4:3D:DC:E3:F7:9F:A5:7C:20:D4:54:57:E6:79:BF:21:61
Certificate issuer: /CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
Certificate serial: 018712F6A5FB5F7F2F7C4E57479C060D52FC
Authority key identifier: 8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/9OZzxD3c4_efpXwg1FRX5nm_IWE.roa
Signing time: Fri 24 Mar 2023 09:32:46 +0000
ROA not before: Fri 24 Mar 2023 09:32:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9009
IP address blocks: 158.46.136.0/21 maxlen: 21
158.46.144.0/20 maxlen: 24
158.46.152.0/24 maxlen: 24
158.46.156.0/24 maxlen: 24
158.46.158.0/24 maxlen: 24
158.46.164.0/22 maxlen: 22
158.46.162.0/23 maxlen: 23
158.46.160.0/23 maxlen: 23
158.46.168.0/21 maxlen: 21
158.46.186.0/23 maxlen: 23
158.46.184.0/23 maxlen: 23
178.171.20.0/22 maxlen: 24
158.46.132.0/22 maxlen: 22
178.171.36.0/23 maxlen: 23
158.46.188.0/22 maxlen: 24
178.171.103.0/24 maxlen: 24
178.171.105.0/24 maxlen: 24
178.171.112.0/23 maxlen: 23
178.171.108.0/23 maxlen: 23
178.171.106.0/23 maxlen: 23
158.46.204.0/24 maxlen: 24
178.171.114.0/23 maxlen: 23
178.171.116.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 17 May 2023 02:27:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:12:f6:a5:fb:5f:7f:2f:7c:4e:57:47:9c:06:0d:52:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
Validity
Not Before: Mar 24 09:32:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f4e673c43ddce3f79fa57c20d45457e679bf2161
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:9e:92:d0:04:8a:a5:7b:a6:1f:83:ac:99:27:
8b:a5:9e:6d:90:45:1d:38:63:44:10:3f:6e:99:4a:
18:dc:48:ee:6d:81:b4:6a:05:8c:d1:eb:12:26:b2:
bb:38:04:05:9f:9e:9f:83:ba:44:e4:11:41:f8:93:
ea:70:42:18:86:07:49:cd:a6:22:0a:8e:87:6f:a7:
17:aa:29:24:3c:84:98:aa:bc:9a:75:cd:df:bd:e1:
36:a9:f4:1d:af:30:1b:48:9a:de:c4:8a:30:8c:ce:
77:87:9a:76:9b:9d:f6:20:71:86:e7:25:5c:d0:d8:
cc:69:e1:0f:13:59:d3:5c:3a:03:6a:f3:58:86:b0:
2a:e1:6e:6e:14:f9:7c:e1:93:5e:a0:6b:9e:60:49:
b2:38:d9:7b:2c:b7:2c:43:c1:f9:b0:ca:dc:55:05:
4b:d1:40:20:0a:70:6a:ce:5e:e1:67:59:61:d6:5f:
95:73:e3:bb:d7:7b:8a:4e:a2:70:04:c7:81:5a:58:
99:2e:65:e7:aa:a8:10:47:37:ef:aa:6a:de:e4:ee:
27:78:63:03:e9:08:4f:23:4a:3a:c2:68:4c:48:76:
96:6d:1e:95:9e:5b:34:fa:58:a3:04:5c:5d:11:89:
d8:14:34:cb:65:3b:a5:a8:fc:4e:b5:b9:7f:98:6d:
c8:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:E6:73:C4:3D:DC:E3:F7:9F:A5:7C:20:D4:54:57:E6:79:BF:21:61
X509v3 Authority Key Identifier:
keyid:8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/9OZzxD3c4_efpXwg1FRX5nm_IWE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/jRHLAV35uqthIo27zhfdTgDmPBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.46.132.0-158.46.175.255
158.46.184.0/21
158.46.204.0/24
178.171.20.0/22
178.171.36.0/23
178.171.103.0/24
178.171.105.0-178.171.109.255
178.171.112.0-178.171.117.255
Signature Algorithm: sha256WithRSAEncryption
77:69:f8:c8:32:e1:2c:26:0d:23:38:70:38:7a:e2:41:4a:d2:
15:f2:93:d1:dc:b6:a6:e8:43:7a:07:ea:e2:64:51:e7:3b:d2:
17:e5:42:29:b3:71:f7:f1:3c:7e:fb:9e:de:29:d8:d8:a0:07:
cd:f5:ea:69:14:98:7a:34:36:75:61:2d:3a:0d:16:c6:79:e3:
89:c5:06:78:35:54:5b:92:80:ca:62:88:6b:8a:79:d0:66:c0:
79:8b:1e:30:f1:e1:50:44:69:b4:7d:f8:5b:ee:ab:51:6e:1d:
e0:5f:04:86:e0:42:21:5e:bc:bd:ba:47:9a:b2:43:bf:71:2c:
20:75:19:17:5d:ec:15:91:02:95:ee:6f:d4:8c:f3:f0:12:c0:
f2:7c:ad:56:5f:e1:41:71:6b:08:0a:e7:47:52:53:d0:36:43:
b6:66:e7:00:4c:3b:06:85:86:5c:c0:22:3b:8c:c7:76:05:17:
0f:62:aa:b6:d1:94:dd:2f:3f:3b:ce:c0:ce:f1:af:55:d7:31:
3b:27:7d:ed:82:1d:3a:56:88:c6:0a:10:66:10:49:0c:ce:69:
b9:e4:fd:70:df:75:6e:2e:0d:41:b2:20:21:ff:b8:af:a8:42:
cf:98:92:13:e1:af:76:a7:8d:a0:ae:03:17:2f:76:2c:ad:06:
30:26:22:ed
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYcS9qX7X38vfE5XR5wGDVL8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMTFjYjAxNWRmOWJhYWI2MTIyOGRiYmNlMTdkZDRlMDBl
NjNjMTMwHhcNMjMwMzI0MDkzMjQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGU2NzNjNDNkZGNlM2Y3OWZhNTdjMjBkNDU0NTdlNjc5YmYyMTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZ6S0ASKpXumH4OsmSeLpZ5tkEUd
OGNEED9umUoY3EjubYG0agWM0esSJrK7OAQFn56fg7pE5BFB+JPqcEIYhgdJzaYi
Co6Hb6cXqikkPISYqryadc3fveE2qfQdrzAbSJrexIowjM53h5p2m532IHGG5yVc
0NjMaeEPE1nTXDoDavNYhrAq4W5uFPl84ZNeoGueYEmyONl7LLcsQ8H5sMrcVQVL
0UAgCnBqzl7hZ1lh1l+Vc+O713uKTqJwBMeBWliZLmXnqqgQRzfvqmre5O4neGMD
6QhPI0o6wmhMSHaWbR6Vnls0+lijBFxdEYnYFDTLZTulqPxOtbl/mG3I+wIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFPTmc8Q93OP3n6V8INRUV+Z5vyFhMB8GA1UdIwQY
MBaAFI0RywFd+bqrYSKNu84X3U4A5jwTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEt
YmE3NzFmZmQyNjljLzEvOU9aenhEM2M0X2VmcFh3ZzFGUlg1bm1fSVdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEtYmE3NzFmZmQyNjlj
LzEvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIMAwDBAKeLoQD
BASeLqADBAOeLrgDBACeLswDBAKyqxQDBAGyqyQDBACyq2cwDAMEALKraQMEAbKr
bDAMAwQEsqtwAwQBsqt0MA0GCSqGSIb3DQEBCwUAA4IBAQB3afjIMuEsJg0jOHA4
euJBStIV8pPR3Lam6EN6B+riZFHnO9IX5UIps3H38Tx++57eKdjYoAfN9eppFJh6
NDZ1YS06DRbGeeOJxQZ4NVRbkoDKYohrinnQZsB5ix4w8eFQRGm0ffhb7qtRbh3g
XwSG4EIhXry9ukeaskO/cSwgdRkXXewVkQKV7m/UjPPwEsDyfK1WX+FBcWsICudH
UlPQNkO2ZucATDsGhYZcwCI7jMd2BRcPYqq20ZTdLz87zsDO8a9V1zE7J33tgh06
VojGChBmEEkMzmm55P1w33VuLg1BsiAh/7ivqELPmJIT4a92p42grgMXL3YsrQYw
JiLt
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:09 2024 by rpki-client on console-ams.rpki-client.org