Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/CBJVgEbibuI47lsFZ1PMUzZcy-A.roa
File: CBJVgEbibuI47lsFZ1PMUzZcy-A.roa (raw, json)
Hash identifier: 5iYf9uBqs0tJsL8xMCUaDWR3f6JY8PnwPHt8PG482J8=
Subject key identifier: 08:12:55:80:46:E2:6E:E2:38:EE:5B:05:67:53:CC:53:36:5C:CB:E0
Certificate issuer: /CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
Certificate serial: 018677049FDD9EA98D93E2E7244DDBABD33B
Authority key identifier: 8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/CBJVgEbibuI47lsFZ1PMUzZcy-A.roa
Signing time: Wed 22 Feb 2023 02:47:17 +0000
ROA not before: Wed 22 Feb 2023 02:47:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209372
IP address blocks: 178.171.50.0/23 maxlen: 24
178.171.48.0/23 maxlen: 24
158.46.149.0/24 maxlen: 24
158.46.148.0/24 maxlen: 24
178.171.60.0/23 maxlen: 24
178.171.62.0/23 maxlen: 24
178.171.70.0/24 maxlen: 24
178.171.69.0/24 maxlen: 24
158.46.160.0/23 maxlen: 23
158.46.177.0/24 maxlen: 24
178.171.88.0/23 maxlen: 23
178.171.0.0/20 maxlen: 24
178.171.20.0/22 maxlen: 24
178.171.32.0/22 maxlen: 22
178.171.36.0/24 maxlen: 24
178.171.37.0/24 maxlen: 24
158.46.251.0/24 maxlen: 24
158.46.250.0/24 maxlen: 24
158.46.188.0/22 maxlen: 24
178.171.104.0/24 maxlen: 24
178.171.101.0/24 maxlen: 24
158.46.196.0/22 maxlen: 24
178.171.100.0/24 maxlen: 24
158.46.205.0/24 maxlen: 24
158.46.200.0/21 maxlen: 21
178.171.119.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:77:04:9f:dd:9e:a9:8d:93:e2:e7:24:4d:db:ab:d3:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
Validity
Not Before: Feb 22 02:47:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0812558046e26ee238ee5b056753cc53365ccbe0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:90:d5:1b:bd:79:b0:bf:07:46:b1:83:99:22:
37:97:53:31:c4:03:80:86:f6:27:ff:89:4c:90:23:
24:d8:8b:93:e0:59:43:ad:37:2b:6f:d6:90:a5:a1:
bb:e2:59:1f:c8:04:82:e1:fc:3a:76:f6:af:f6:ff:
8f:3d:90:24:a3:1a:ec:0e:1e:e8:f0:7c:45:68:94:
6b:4e:0e:b4:91:ea:d5:93:0b:c2:a6:e3:96:0a:67:
d8:ef:96:a3:16:63:61:e6:c6:1d:49:66:5b:6d:e5:
12:82:aa:98:8e:55:bf:53:d4:67:a1:44:0f:24:0d:
38:5f:b7:74:80:46:76:11:00:5a:d8:49:3a:4c:fd:
ff:77:bc:dd:21:72:73:03:50:4a:e6:c0:c1:64:81:
95:11:09:3e:23:d9:09:c7:39:18:51:e8:15:5b:e1:
37:10:9b:18:3a:f6:88:cf:f1:c6:f8:c4:54:d7:e0:
fe:58:71:44:1a:b9:f5:dc:53:4c:ca:e1:20:15:c0:
e3:d5:b7:91:d1:0f:22:2f:ba:19:80:7b:ae:00:ac:
3a:d4:fa:8c:cd:63:db:10:49:00:3a:86:ea:c0:af:
4b:0d:aa:fe:37:96:3f:f7:30:7a:b9:7c:41:c4:6d:
38:09:2f:01:52:8d:a3:f4:a8:5d:27:ba:75:ad:98:
bf:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:12:55:80:46:E2:6E:E2:38:EE:5B:05:67:53:CC:53:36:5C:CB:E0
X509v3 Authority Key Identifier:
keyid:8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/CBJVgEbibuI47lsFZ1PMUzZcy-A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/jRHLAV35uqthIo27zhfdTgDmPBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.46.148.0/23
158.46.160.0/23
158.46.177.0/24
158.46.188.0/22
158.46.196.0-158.46.207.255
158.46.250.0/23
178.171.0.0/20
178.171.20.0/22
178.171.32.0-178.171.37.255
178.171.48.0/22
178.171.60.0/22
178.171.69.0-178.171.70.255
178.171.88.0/23
178.171.100.0/23
178.171.104.0/24
178.171.119.0/24
Signature Algorithm: sha256WithRSAEncryption
89:38:57:f5:5d:1e:e7:4a:57:13:f3:8e:a9:25:4b:39:9f:00:
78:ed:02:08:f0:9e:fa:da:63:28:69:00:cc:65:59:60:99:05:
bb:ad:7d:4c:74:c4:f3:b5:68:cd:69:44:5c:d3:c0:64:bf:d0:
cf:40:8d:b1:75:74:6f:a5:e4:6c:7e:32:cc:fa:37:89:9f:34:
5b:da:1e:cc:79:78:a4:c9:4b:ac:2a:a3:45:64:31:6f:2d:b4:
43:c4:2b:38:75:23:57:53:cb:1d:fb:f0:8c:e9:6c:05:ae:c4:
fb:b3:55:f4:60:88:85:f8:f4:33:ae:a4:2b:cb:f5:58:7c:a1:
78:74:85:3f:4f:4e:b3:23:ff:44:27:b8:5a:40:d5:99:b2:f6:
75:d8:b5:ff:27:98:d5:5c:ba:13:eb:5a:38:69:6c:37:37:6f:
1f:9d:f7:05:93:dd:e6:d6:c7:d3:b8:41:72:f3:2f:f4:2c:32:
4b:9a:a1:43:34:16:28:3e:26:28:06:50:95:45:19:0d:25:45:
98:5e:2c:62:33:df:84:d0:ca:98:4c:9d:88:ec:81:4c:81:18:
a6:65:c9:e9:23:aa:de:e3:36:7e:eb:7a:9d:79:e3:7f:ff:56:
80:0d:51:ab:60:43:8d:d5:1a:16:51:e6:51:ff:ed:07:a5:69:
6a:e7:df:bc
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAYZ3BJ/dnqmNk+LnJE3bq9M7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMTFjYjAxNWRmOWJhYWI2MTIyOGRiYmNlMTdkZDRlMDBl
NjNjMTMwHhcNMjMwMjIyMDI0NzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODEyNTU4MDQ2ZTI2ZWUyMzhlZTViMDU2NzUzY2M1MzM2NWNjYmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnZDVG715sL8HRrGDmSI3l1MxxAOA
hvYn/4lMkCMk2IuT4FlDrTcrb9aQpaG74lkfyASC4fw6dvav9v+PPZAkoxrsDh7o
8HxFaJRrTg60kerVkwvCpuOWCmfY75ajFmNh5sYdSWZbbeUSgqqYjlW/U9RnoUQP
JA04X7d0gEZ2EQBa2Ek6TP3/d7zdIXJzA1BK5sDBZIGVEQk+I9kJxzkYUegVW+E3
EJsYOvaIz/HG+MRU1+D+WHFEGrn13FNMyuEgFcDj1beR0Q8iL7oZgHuuAKw61PqM
zWPbEEkAOobqwK9LDar+N5Y/9zB6uXxBxG04CS8BUo2j9KhdJ7p1rZi/jQIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFAgSVYBG4m7iOO5bBWdTzFM2XMvgMB8GA1UdIwQY
MBaAFI0RywFd+bqrYSKNu84X3U4A5jwTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEt
YmE3NzFmZmQyNjljLzEvQ0JKVmdFYmlidUk0N2xzRloxUE1VelpjeS1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEtYmE3NzFmZmQyNjlj
LzEvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDB+BAIAATB4AwQBni6U
AwQBni6gAwQAni6xAwQCni68MAwDBAKeLsQDBASeLsADBAGeLvoDBASyqwADBAKy
qxQwDAMEBbKrIAMEAbKrJAMEArKrMAMEArKrPDAMAwQAsqtFAwQAsqtGAwQBsqtY
AwQBsqtkAwQAsqtoAwQAsqt3MA0GCSqGSIb3DQEBCwUAA4IBAQCJOFf1XR7nSlcT
846pJUs5nwB47QII8J762mMoaQDMZVlgmQW7rX1MdMTztWjNaURc08Bkv9DPQI2x
dXRvpeRsfjLM+jeJnzRb2h7MeXikyUusKqNFZDFvLbRDxCs4dSNXU8sd+/CM6WwF
rsT7s1X0YIiF+PQzrqQry/VYfKF4dIU/T06zI/9EJ7haQNWZsvZ12LX/J5jVXLoT
61o4aWw3N28fnfcFk93m1sfTuEFy8y/0LDJLmqFDNBYoPiYoBlCVRRkNJUWYXixi
M9+E0MqYTJ2I7IFMgRimZcnpI6re4zZ+63qdeeN//1aADVGrYEON1RoWUeZR/+0H
pWlq59+8
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:22 2023 by rpki-client on console-fra.rpki-client.org