Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/iqLLD57nDcIM7MiU_Va7C2d8dxQ.roa
File: iqLLD57nDcIM7MiU_Va7C2d8dxQ.roa (raw, json)
Hash identifier: WdqfN3LXFRnPMS/K2RmUU4F8vdI2RfF3/EMmUfjGHbI=
Subject key identifier: 8A:A2:CB:0F:9E:E7:0D:C2:0C:EC:C8:94:FD:56:BB:0B:67:7C:77:14
Certificate issuer: /CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
Certificate serial: 0188C207FE32373C803C3D81FC05364D749A
Authority key identifier: 8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/iqLLD57nDcIM7MiU_Va7C2d8dxQ.roa
Signing time: Fri 16 Jun 2023 02:28:03 +0000
ROA not before: Fri 16 Jun 2023 02:28:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209372
IP address blocks: 178.171.50.0/23 maxlen: 24
178.171.48.0/23 maxlen: 24
158.46.149.0/24 maxlen: 24
158.46.148.0/24 maxlen: 24
178.171.60.0/23 maxlen: 24
178.171.62.0/23 maxlen: 24
178.171.70.0/24 maxlen: 24
178.171.69.0/24 maxlen: 24
158.46.162.0/23 maxlen: 23
158.46.160.0/23 maxlen: 23
158.46.177.0/24 maxlen: 24
158.46.176.0/24 maxlen: 24
178.171.88.0/23 maxlen: 23
178.171.0.0/20 maxlen: 24
178.171.20.0/22 maxlen: 24
178.171.32.0/22 maxlen: 22
178.171.36.0/24 maxlen: 24
178.171.37.0/24 maxlen: 24
158.46.251.0/24 maxlen: 24
158.46.250.0/24 maxlen: 24
158.46.192.0/22 maxlen: 22
178.171.94.0/24 maxlen: 24
158.46.188.0/22 maxlen: 24
178.171.104.0/24 maxlen: 24
178.171.101.0/24 maxlen: 24
178.171.102.0/24 maxlen: 24
158.46.196.0/22 maxlen: 24
178.171.100.0/24 maxlen: 24
178.171.110.0/23 maxlen: 24
158.46.205.0/24 maxlen: 24
158.46.200.0/21 maxlen: 24
158.46.207.0/24 maxlen: 24
178.171.119.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:c2:07:fe:32:37:3c:80:3c:3d:81:fc:05:36:4d:74:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
Validity
Not Before: Jun 16 02:28:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8aa2cb0f9ee70dc20cecc894fd56bb0b677c7714
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:45:d9:f3:6a:2d:bc:42:bc:cb:01:1c:bd:45:
d4:6b:c4:b3:55:ab:12:ae:ab:8a:2d:ac:e7:2c:4a:
56:f1:a2:bb:3c:92:19:3e:6b:03:db:fb:20:38:b1:
f4:c9:85:46:c3:8a:a4:1e:42:be:df:7f:12:93:d5:
f0:80:8f:9d:56:2f:56:c5:5c:12:44:97:66:21:68:
a6:f5:b5:70:a5:81:ab:e9:dd:66:f5:3c:ff:79:11:
3d:bb:5e:a0:3c:a4:b0:22:8f:fe:d3:fd:08:11:2e:
d1:98:17:e1:53:fc:a7:96:6b:dc:79:9c:e5:81:62:
a2:f3:c8:cf:8f:2f:50:78:d4:fd:b7:05:48:62:13:
03:26:c4:36:62:d8:4e:fa:db:99:d3:cb:0c:cb:99:
d6:94:56:ff:f6:55:03:e6:ad:67:30:af:c7:b1:9f:
02:ec:c9:7d:9c:f7:84:01:8c:37:b6:e3:85:9b:21:
34:b1:f8:de:76:a3:f4:ac:2b:96:75:94:d8:50:4a:
98:38:ac:14:c6:09:88:db:e1:99:eb:8f:f6:88:e2:
83:30:ba:db:dd:f2:64:d1:82:1a:e5:3f:8f:31:fc:
93:7c:50:4d:52:ed:cb:43:09:c1:40:ec:d1:81:45:
49:a5:04:bc:d0:35:8b:be:e2:cf:e9:95:6a:d8:f7:
25:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:A2:CB:0F:9E:E7:0D:C2:0C:EC:C8:94:FD:56:BB:0B:67:7C:77:14
X509v3 Authority Key Identifier:
keyid:8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/iqLLD57nDcIM7MiU_Va7C2d8dxQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/jRHLAV35uqthIo27zhfdTgDmPBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.46.148.0/23
158.46.160.0/22
158.46.176.0/23
158.46.188.0-158.46.207.255
158.46.250.0/23
178.171.0.0/20
178.171.20.0/22
178.171.32.0-178.171.37.255
178.171.48.0/22
178.171.60.0/22
178.171.69.0-178.171.70.255
178.171.88.0/23
178.171.94.0/24
178.171.100.0-178.171.102.255
178.171.104.0/24
178.171.110.0/23
178.171.119.0/24
Signature Algorithm: sha256WithRSAEncryption
72:f5:4c:7e:a5:d9:7f:48:e6:c0:32:cb:fe:c5:ec:b8:40:c9:
77:77:6e:b1:8e:ab:92:62:8d:8b:ff:5a:08:bc:35:4a:35:18:
c4:de:ab:6c:ae:80:62:ee:1a:70:97:e0:78:ef:45:34:a9:93:
13:26:28:84:82:1c:c9:52:80:ae:b4:20:e4:e9:ed:46:91:20:
73:98:93:49:85:4d:f2:e4:c8:7d:58:17:e1:40:5f:8a:23:8e:
c1:49:48:f1:7a:12:68:ed:50:9d:26:bc:ca:8d:78:3d:3f:f4:
11:85:41:14:73:20:d5:6a:1b:16:b2:3b:4b:54:b8:f1:b1:9b:
5c:b4:d0:26:b5:c4:10:f2:d0:48:bc:28:4a:f2:75:0f:6f:9f:
57:b9:8d:20:52:b2:31:8c:25:44:74:38:20:8e:b4:bd:45:a0:
c4:cd:75:aa:f1:70:c0:2d:2c:9e:0c:ec:7e:b3:a5:52:0e:bb:
73:85:d1:f3:5d:82:3b:68:12:60:9c:c9:68:4d:5e:71:11:2e:
04:ab:7a:88:a1:31:6b:30:3e:f1:c9:2c:79:70:63:35:7b:2b:
d4:44:58:04:c3:d1:97:f7:0f:d8:07:0c:b4:fb:37:ab:ad:ed:
22:0e:87:60:39:24:54:15:53:d2:54:e5:aa:a5:7d:6d:b2:e2:
a2:34:a4:fb
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgISAYjCB/4yNzyAPD2B/AU2TXSaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMTFjYjAxNWRmOWJhYWI2MTIyOGRiYmNlMTdkZDRlMDBl
NjNjMTMwHhcNMjMwNjE2MDIyODAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWEyY2IwZjllZTcwZGMyMGNlY2M4OTRmZDU2YmIwYjY3N2M3NzE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmkXZ82otvEK8ywEcvUXUa8SzVasS
rquKLaznLEpW8aK7PJIZPmsD2/sgOLH0yYVGw4qkHkK+338Sk9XwgI+dVi9WxVwS
RJdmIWim9bVwpYGr6d1m9Tz/eRE9u16gPKSwIo/+0/0IES7RmBfhU/ynlmvceZzl
gWKi88jPjy9QeNT9twVIYhMDJsQ2YthO+tuZ08sMy5nWlFb/9lUD5q1nMK/HsZ8C
7Ml9nPeEAYw3tuOFmyE0sfjedqP0rCuWdZTYUEqYOKwUxgmI2+GZ64/2iOKDMLrb
3fJk0YIa5T+PMfyTfFBNUu3LQwnBQOzRgUVJpQS80DWLvuLP6ZVq2PclFQIDAQAB
o4ICjjCCAoowHQYDVR0OBBYEFIqiyw+e5w3CDOzIlP1WuwtnfHcUMB8GA1UdIwQY
MBaAFI0RywFd+bqrYSKNu84X3U4A5jwTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEt
YmE3NzFmZmQyNjljLzEvaXFMTEQ1N25EY0lNN01pVV9WYTdDMmQ4ZHhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEtYmE3NzFmZmQyNjlj
LzEvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGjBggrBgEFBQcBBwEB/wSBkzCBkDCBjQQCAAEwgYYDBAGe
LpQDBAKeLqADBAGeLrAwDAMEAp4uvAMEBJ4uwAMEAZ4u+gMEBLKrAAMEArKrFDAM
AwQFsqsgAwQBsqskAwQCsqswAwQCsqs8MAwDBACyq0UDBACyq0YDBAGyq1gDBACy
q14wDAMEArKrZAMEALKrZgMEALKraAMEAbKrbgMEALKrdzANBgkqhkiG9w0BAQsF
AAOCAQEAcvVMfqXZf0jmwDLL/sXsuEDJd3dusY6rkmKNi/9aCLw1SjUYxN6rbK6A
Yu4acJfgeO9FNKmTEyYohIIcyVKArrQg5OntRpEgc5iTSYVN8uTIfVgX4UBfiiOO
wUlI8XoSaO1QnSa8yo14PT/0EYVBFHMg1WobFrI7S1S48bGbXLTQJrXEEPLQSLwo
SvJ1D2+fV7mNIFKyMYwlRHQ4II60vUWgxM11qvFwwC0sngzsfrOlUg67c4XR812C
O2gSYJzJaE1ecREuBKt6iKExazA+8ckseXBjNXsr1ERYBMPRl/cP2AcMtPs3q63t
Ig6HYDkkVBVT0lTlqqV9bbLiojSk+w==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:22 2023 by rpki-client on console-fra.rpki-client.org