Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/RKLLokvzuNMfd7FCkg_FjjSYn9I.roa
File: RKLLokvzuNMfd7FCkg_FjjSYn9I.roa (raw, json)
Hash identifier: 0b1pyK1VBMGJ4yl/9uJqpZ7exb6aowPBQXer34xJL1A=
Subject key identifier: 44:A2:CB:A2:4B:F3:B8:D3:1F:77:B1:42:92:0F:C5:8E:34:98:9F:D2
Certificate issuer: /CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
Certificate serial: 018F62CFB025BDFE57D2466D297D05515E10
Authority key identifier: 8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/RKLLokvzuNMfd7FCkg_FjjSYn9I.roa
Signing time: Fri 10 May 2024 14:02:09 +0000
ROA not before: Fri 10 May 2024 14:02:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209372
IP address blocks: 158.46.148.0/24 maxlen: 24
158.46.149.0/24 maxlen: 24
158.46.160.0/23 maxlen: 23
158.46.162.0/23 maxlen: 23
158.46.176.0/24 maxlen: 24
158.46.177.0/24 maxlen: 24
158.46.181.0/24 maxlen: 24
158.46.188.0/22 maxlen: 24
158.46.192.0/22 maxlen: 22
158.46.196.0/22 maxlen: 24
158.46.200.0/21 maxlen: 24
158.46.205.0/24 maxlen: 24
158.46.207.0/24 maxlen: 24
158.46.250.0/24 maxlen: 24
158.46.251.0/24 maxlen: 24
178.171.0.0/20 maxlen: 24
178.171.20.0/22 maxlen: 24
178.171.32.0/22 maxlen: 22
178.171.36.0/24 maxlen: 24
178.171.37.0/24 maxlen: 24
178.171.48.0/23 maxlen: 24
178.171.50.0/23 maxlen: 24
178.171.60.0/23 maxlen: 24
178.171.62.0/23 maxlen: 24
178.171.69.0/24 maxlen: 24
178.171.70.0/24 maxlen: 24
178.171.84.0/22 maxlen: 24
178.171.86.0/24 maxlen: 24
178.171.88.0/23 maxlen: 23
178.171.94.0/24 maxlen: 24
178.171.100.0/24 maxlen: 24
178.171.101.0/24 maxlen: 24
178.171.102.0/24 maxlen: 24
178.171.104.0/24 maxlen: 24
178.171.106.0/23 maxlen: 23
178.171.110.0/23 maxlen: 24
178.171.119.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 08 Aug 2024 10:28:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:62:cf:b0:25:bd:fe:57:d2:46:6d:29:7d:05:51:5e:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
Validity
Not Before: May 10 14:02:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=44a2cba24bf3b8d31f77b142920fc58e34989fd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:83:8c:1c:13:3f:26:6c:b5:29:dc:3d:57:12:
79:dd:ec:df:6e:cb:8e:e0:b1:bb:7d:01:18:77:da:
89:29:d7:d1:26:39:84:19:fe:fd:f9:9c:66:1c:71:
a2:2a:19:c0:fc:bd:89:98:a6:5d:50:ab:d4:3f:3f:
dc:61:0b:bb:72:15:11:72:bc:53:1f:71:7c:69:74:
81:8f:ea:51:33:d0:94:86:2c:41:cd:33:f7:c5:d3:
4c:fb:cd:21:1d:bc:10:8b:9d:79:59:44:57:be:96:
25:63:03:51:a0:ba:79:b8:40:dd:e2:43:5d:92:d4:
ef:7d:3f:b6:81:1c:6a:5b:5c:f6:59:f7:74:80:2f:
9a:f9:a1:a5:82:21:11:40:12:3b:f9:f3:d5:63:de:
db:8d:67:57:b9:b7:34:ae:b6:26:ed:f3:46:ec:8f:
10:00:54:d1:c0:b4:de:24:b0:81:06:17:9d:f2:a9:
e2:9f:3f:2b:83:be:d2:ae:5d:99:3f:95:c8:33:ec:
ec:aa:db:3c:25:b0:48:dc:c9:9c:96:ad:7d:92:bf:
39:09:fa:f2:71:7c:ff:be:19:6b:19:3d:1f:d1:e0:
95:c6:1b:e9:0b:1f:2c:d2:44:e8:37:a5:8e:2d:0e:
f3:21:8f:01:24:e1:c4:27:65:0a:8b:a6:fd:c2:20:
46:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:A2:CB:A2:4B:F3:B8:D3:1F:77:B1:42:92:0F:C5:8E:34:98:9F:D2
X509v3 Authority Key Identifier:
keyid:8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/RKLLokvzuNMfd7FCkg_FjjSYn9I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/jRHLAV35uqthIo27zhfdTgDmPBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.46.148.0/23
158.46.160.0/22
158.46.176.0/23
158.46.181.0/24
158.46.188.0-158.46.207.255
158.46.250.0/23
178.171.0.0/20
178.171.20.0/22
178.171.32.0-178.171.37.255
178.171.48.0/22
178.171.60.0/22
178.171.69.0-178.171.70.255
178.171.84.0-178.171.89.255
178.171.94.0/24
178.171.100.0-178.171.102.255
178.171.104.0/24
178.171.106.0/23
178.171.110.0/23
178.171.119.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:17:6f:66:fb:26:25:4c:97:c4:9b:95:78:f3:59:e0:aa:33:
9e:84:07:ce:91:18:4d:31:28:2c:bd:ca:44:7e:51:ad:5b:fb:
3b:31:f5:9b:48:0d:c5:67:cd:59:b1:41:eb:80:bc:80:fa:75:
f7:f6:76:a8:f7:4c:e3:e9:3a:55:3f:3b:b4:63:d3:ab:7e:be:
db:89:c0:46:a2:51:dd:90:bd:9c:c3:2b:05:25:d2:51:b7:9e:
13:a9:91:d8:0d:e9:e4:f6:77:d7:90:23:e1:d1:1e:ab:9b:75:
ca:6a:81:26:d7:20:a6:ef:de:5b:3e:f7:88:ec:a0:47:3b:22:
1e:76:e5:5d:36:80:b6:07:fa:b9:71:44:e8:9c:8a:b7:f3:f7:
4a:e2:68:5f:46:a3:c3:bf:b7:8e:14:44:4a:50:50:50:ec:ce:
4f:e3:a5:d5:21:84:9d:bd:30:2c:30:74:f1:af:14:d4:ca:29:
34:dc:3c:ec:c2:2f:f8:ec:ae:e3:6a:35:53:2b:e4:8e:40:8e:
94:4b:0d:47:0b:b1:5e:aa:8c:bc:bd:ba:07:36:52:97:4b:67:
ff:0b:ac:5b:2f:6c:e3:79:37:d6:c2:9f:8f:eb:ac:8e:ba:67:
b4:e8:79:47:5a:09:c8:fe:d5:3b:c5:30:6c:4c:c6:b6:f5:05:
8c:01:06:b4
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgISAY9iz7Alvf5X0kZtKX0FUV4QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMTFjYjAxNWRmOWJhYWI2MTIyOGRiYmNlMTdkZDRlMDBl
NjNjMTMwHhcNMjQwNTEwMTQwMjA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGEyY2JhMjRiZjNiOGQzMWY3N2IxNDI5MjBmYzU4ZTM0OTg5ZmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApoOMHBM/Jmy1Kdw9VxJ53ezfbsuO
4LG7fQEYd9qJKdfRJjmEGf79+ZxmHHGiKhnA/L2JmKZdUKvUPz/cYQu7chURcrxT
H3F8aXSBj+pRM9CUhixBzTP3xdNM+80hHbwQi515WURXvpYlYwNRoLp5uEDd4kNd
ktTvfT+2gRxqW1z2Wfd0gC+a+aGlgiERQBI7+fPVY97bjWdXubc0rrYm7fNG7I8Q
AFTRwLTeJLCBBhed8qninz8rg77Srl2ZP5XIM+zsqts8JbBI3Mmclq19kr85Cfry
cXz/vhlrGT0f0eCVxhvpCx8s0kToN6WOLQ7zIY8BJOHEJ2UKi6b9wiBG9wIDAQAB
o4ICojCCAp4wHQYDVR0OBBYEFESiy6JL87jTH3exQpIPxY40mJ/SMB8GA1UdIwQY
MBaAFI0RywFd+bqrYSKNu84X3U4A5jwTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEt
YmE3NzFmZmQyNjljLzEvUktMTG9rdnp1Tk1mZDdGQ2tnX0ZqalNZbjlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEtYmE3NzFmZmQyNjlj
LzEvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG3BggrBgEFBQcBBwEB/wSBpzCBpDCBoQQCAAEwgZoDBAGe
LpQDBAKeLqADBAGeLrADBACeLrUwDAMEAp4uvAMEBJ4uwAMEAZ4u+gMEBLKrAAME
ArKrFDAMAwQFsqsgAwQBsqskAwQCsqswAwQCsqs8MAwDBACyq0UDBACyq0YwDAME
ArKrVAMEAbKrWAMEALKrXjAMAwQCsqtkAwQAsqtmAwQAsqtoAwQBsqtqAwQBsqtu
AwQAsqt3MA0GCSqGSIb3DQEBCwUAA4IBAQCaF29m+yYlTJfEm5V481ngqjOehAfO
kRhNMSgsvcpEflGtW/s7MfWbSA3FZ81ZsUHrgLyA+nX39nao90zj6TpVPzu0Y9Or
fr7bicBGolHdkL2cwysFJdJRt54TqZHYDenk9nfXkCPh0R6rm3XKaoEm1yCm795b
PveI7KBHOyIeduVdNoC2B/q5cUTonIq38/dK4mhfRqPDv7eOFERKUFBQ7M5P46XV
IYSdvTAsMHTxrxTUyik03Dzswi/47K7jajVTK+SOQI6USw1HC7Feqoy8vboHNlKX
S2f/C6xbL2zjeTfWwp+P66yOume06HlHWgnI/tU7xTBsTMa29QWMAQa0
-----END CERTIFICATE-----
Generated at Thu Aug 8 12:52:50 2024 by rpki-client on console-ams.rpki-client.org