Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/PQyxzFaDP1_jNaJwnYhO1MLgCsE.roa
File: PQyxzFaDP1_jNaJwnYhO1MLgCsE.roa (raw, json)
Hash identifier: t1YA8ubQSftZUOTdkJm3qrmddW8dYKVpD9sSkxDQgbA=
Subject key identifier: 3D:0C:B1:CC:56:83:3F:5F:E3:35:A2:70:9D:88:4E:D4:C2:E0:0A:C1
Certificate issuer: /CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
Certificate serial: 0188278881A9936B18A626CF133DCAC8EC3D
Authority key identifier: 8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/PQyxzFaDP1_jNaJwnYhO1MLgCsE.roa
Signing time: Wed 17 May 2023 02:27:17 +0000
ROA not before: Wed 17 May 2023 02:27:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209372
IP address blocks: 178.171.50.0/23 maxlen: 24
178.171.48.0/23 maxlen: 24
158.46.149.0/24 maxlen: 24
158.46.148.0/24 maxlen: 24
178.171.60.0/23 maxlen: 24
178.171.62.0/23 maxlen: 24
178.171.70.0/24 maxlen: 24
178.171.69.0/24 maxlen: 24
158.46.162.0/23 maxlen: 23
158.46.160.0/23 maxlen: 23
158.46.177.0/24 maxlen: 24
158.46.176.0/24 maxlen: 24
178.171.88.0/23 maxlen: 23
178.171.0.0/20 maxlen: 24
178.171.20.0/22 maxlen: 24
178.171.32.0/22 maxlen: 22
178.171.36.0/24 maxlen: 24
178.171.37.0/24 maxlen: 24
158.46.251.0/24 maxlen: 24
158.46.250.0/24 maxlen: 24
178.171.94.0/24 maxlen: 24
158.46.188.0/22 maxlen: 24
178.171.104.0/24 maxlen: 24
178.171.101.0/24 maxlen: 24
178.171.102.0/24 maxlen: 24
158.46.196.0/22 maxlen: 24
178.171.100.0/24 maxlen: 24
178.171.110.0/23 maxlen: 24
158.46.205.0/24 maxlen: 24
158.46.200.0/21 maxlen: 24
158.46.207.0/24 maxlen: 24
178.171.119.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:27:88:81:a9:93:6b:18:a6:26:cf:13:3d:ca:c8:ec:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
Validity
Not Before: May 17 02:27:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3d0cb1cc56833f5fe335a2709d884ed4c2e00ac1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:72:4c:6d:0b:e6:56:27:30:79:f4:6a:a0:21:
3a:41:51:d9:f3:d9:d1:73:42:dd:cc:69:d5:ca:0d:
6c:e4:77:91:67:04:1d:81:fd:ce:fc:ec:ef:85:f4:
bd:7e:fa:cc:69:56:4e:78:c2:04:12:58:31:18:48:
9b:58:62:15:c6:89:b8:4a:32:4f:41:c7:a1:8e:0a:
6e:f9:3f:de:58:d1:ff:7c:7b:d0:eb:38:4d:6a:1a:
cd:67:a6:b1:da:6e:97:79:e3:8a:55:e5:3f:e5:73:
d8:ca:a9:01:8f:12:23:ee:29:10:11:79:65:b8:01:
e2:7b:7e:f3:fe:ba:5f:d8:55:2a:9f:48:cc:05:f6:
d7:e1:cd:ae:6a:ce:26:19:97:bc:6b:bc:b1:99:ec:
1a:e6:e1:6e:2a:77:8b:68:15:b7:3b:4f:38:78:87:
c6:68:ad:0d:03:6f:a7:8b:d4:e8:9e:5f:c1:44:a3:
1b:61:8b:4f:aa:a2:8f:03:98:b2:03:96:de:fc:26:
97:68:8e:b4:22:62:6f:7f:8b:c2:d6:7c:00:18:65:
0f:71:f4:05:97:e8:1c:ab:21:f2:83:f9:af:89:0b:
0f:32:5c:4d:70:e1:23:60:2d:54:d8:c0:59:57:5f:
a1:ce:d4:a9:ec:87:ec:c2:6c:4c:84:62:b8:13:94:
2e:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:0C:B1:CC:56:83:3F:5F:E3:35:A2:70:9D:88:4E:D4:C2:E0:0A:C1
X509v3 Authority Key Identifier:
keyid:8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/PQyxzFaDP1_jNaJwnYhO1MLgCsE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/jRHLAV35uqthIo27zhfdTgDmPBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.46.148.0/23
158.46.160.0/22
158.46.176.0/23
158.46.188.0/22
158.46.196.0-158.46.207.255
158.46.250.0/23
178.171.0.0/20
178.171.20.0/22
178.171.32.0-178.171.37.255
178.171.48.0/22
178.171.60.0/22
178.171.69.0-178.171.70.255
178.171.88.0/23
178.171.94.0/24
178.171.100.0-178.171.102.255
178.171.104.0/24
178.171.110.0/23
178.171.119.0/24
Signature Algorithm: sha256WithRSAEncryption
15:c2:c1:95:2c:b9:42:19:92:3d:84:28:17:fd:26:b9:3f:b1:
4d:10:cf:67:e7:dc:01:dc:73:76:07:36:40:e1:84:1b:01:78:
32:b5:05:4c:78:59:cc:b2:81:c1:46:0f:72:b2:89:f0:1c:00:
58:da:2e:11:96:ad:0b:b2:0e:36:d5:2f:d8:5c:e9:cd:f9:8f:
c7:78:10:56:57:5d:6d:54:73:4d:53:b2:c7:d7:d4:1f:8c:03:
da:a0:f4:10:cc:9c:b5:81:bb:9e:4b:fc:49:7b:6d:b3:2e:13:
3c:f9:e6:b4:4d:96:9f:db:c1:38:d1:c1:6f:a6:81:72:27:63:
ce:62:1d:f5:e0:bb:2d:4a:5c:6b:6b:21:19:a7:31:7d:5d:c0:
75:9e:96:bd:4b:5d:4a:f7:e0:ba:d8:b6:25:10:90:f5:11:9f:
08:7e:ed:b9:76:95:16:34:6b:1c:a9:20:6f:6a:42:f3:6a:13:
f4:c1:6f:0f:84:c5:8b:e9:4b:46:8b:e5:9c:d1:b9:4d:6e:bd:
80:5a:76:b5:d7:e9:06:0b:08:b4:47:41:e9:01:89:c0:eb:b5:
ca:21:2a:0d:52:88:96:d2:42:05:74:0c:e3:1c:7a:6c:d2:c4:
df:94:f1:a2:ad:90:8a:2c:ea:19:b0:b7:fa:7c:54:2a:8b:ed:
23:f4:2b:18
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgISAYgniIGpk2sYpibPEz3KyOw9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMTFjYjAxNWRmOWJhYWI2MTIyOGRiYmNlMTdkZDRlMDBl
NjNjMTMwHhcNMjMwNTE3MDIyNzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDBjYjFjYzU2ODMzZjVmZTMzNWEyNzA5ZDg4NGVkNGMyZTAwYWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA83JMbQvmVicwefRqoCE6QVHZ89nR
c0LdzGnVyg1s5HeRZwQdgf3O/OzvhfS9fvrMaVZOeMIEElgxGEibWGIVxom4SjJP
Qcehjgpu+T/eWNH/fHvQ6zhNahrNZ6ax2m6XeeOKVeU/5XPYyqkBjxIj7ikQEXll
uAHie37z/rpf2FUqn0jMBfbX4c2uas4mGZe8a7yxmewa5uFuKneLaBW3O084eIfG
aK0NA2+ni9Tonl/BRKMbYYtPqqKPA5iyA5be/CaXaI60ImJvf4vC1nwAGGUPcfQF
l+gcqyHyg/mviQsPMlxNcOEjYC1U2MBZV1+hztSp7IfswmxMhGK4E5QuWQIDAQAB
o4IClDCCApAwHQYDVR0OBBYEFD0MscxWgz9f4zWicJ2ITtTC4ArBMB8GA1UdIwQY
MBaAFI0RywFd+bqrYSKNu84X3U4A5jwTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEt
YmE3NzFmZmQyNjljLzEvUFF5eHpGYURQMV9qTmFKd25ZaE8xTUxnQ3NFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEtYmE3NzFmZmQyNjlj
LzEvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGpBggrBgEFBQcBBwEB/wSBmTCBljCBkwQCAAEwgYwDBAGe
LpQDBAKeLqADBAGeLrADBAKeLrwwDAMEAp4uxAMEBJ4uwAMEAZ4u+gMEBLKrAAME
ArKrFDAMAwQFsqsgAwQBsqskAwQCsqswAwQCsqs8MAwDBACyq0UDBACyq0YDBAGy
q1gDBACyq14wDAMEArKrZAMEALKrZgMEALKraAMEAbKrbgMEALKrdzANBgkqhkiG
9w0BAQsFAAOCAQEAFcLBlSy5QhmSPYQoF/0muT+xTRDPZ+fcAdxzdgc2QOGEGwF4
MrUFTHhZzLKBwUYPcrKJ8BwAWNouEZatC7IONtUv2FzpzfmPx3gQVlddbVRzTVOy
x9fUH4wD2qD0EMyctYG7nkv8SXttsy4TPPnmtE2Wn9vBONHBb6aBcidjzmId9eC7
LUpca2shGacxfV3AdZ6WvUtdSvfguti2JRCQ9RGfCH7tuXaVFjRrHKkgb2pC82oT
9MFvD4TFi+lLRovlnNG5TW69gFp2tdfpBgsItEdB6QGJwOu1yiEqDVKIltJCBXQM
4xx6bNLE35Txoq2QiizqGbC3+nxUKovtI/QrGA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:04 2023 by rpki-client on console-ams.rpki-client.org