Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/n9NO4mR4jzVCwG1PPy-8hAelQqU.roa
File: n9NO4mR4jzVCwG1PPy-8hAelQqU.roa (raw, json)
Hash identifier: ctvHJszgYPPNiHu49pc9BqgTuZM7u61cILZ6y0HQR3c=
Subject key identifier: 9F:D3:4E:E2:64:78:8F:35:42:C0:6D:4F:3F:2F:BC:84:07:A5:42:A5
Certificate issuer: /CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
Certificate serial: 018571556F2C05E6866418268C92128B464D
Authority key identifier: 8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/n9NO4mR4jzVCwG1PPy-8hAelQqU.roa
Signing time: Mon 02 Jan 2023 07:15:02 +0000
ROA not before: Mon 02 Jan 2023 07:15:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213296
IP address blocks: 158.46.192.0/22 maxlen: 22
158.46.191.0/24 maxlen: 24
158.46.188.0/24 maxlen: 24
178.171.22.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:55:6f:2c:05:e6:86:64:18:26:8c:92:12:8b:46:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
Validity
Not Before: Jan 2 07:15:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9fd34ee264788f3542c06d4f3f2fbc8407a542a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:29:6b:cc:4b:a7:25:a1:f4:85:4b:4e:58:90:
80:bb:91:f3:4a:dd:06:05:84:0f:88:8c:e5:84:5f:
a4:ac:5f:ec:d1:98:4c:68:87:55:e2:3a:c3:44:fd:
4d:e3:c9:bf:0a:11:db:27:c0:ae:70:48:21:82:e5:
14:af:fd:13:7b:80:50:db:b9:7a:b2:5e:30:3e:f4:
05:e9:fc:94:32:29:46:36:50:06:62:24:89:eb:df:
87:4d:67:49:24:fe:76:98:23:11:9b:a9:eb:4a:1d:
a5:4b:3e:52:7f:eb:c8:69:79:ef:9d:4e:89:ee:29:
ec:45:4d:cf:e6:a2:ce:74:50:6a:68:24:16:53:10:
f6:24:89:02:25:a0:bc:8c:3c:73:dc:a8:ee:68:04:
8b:df:74:71:db:c3:95:f7:e8:99:a6:60:24:9d:0f:
f8:82:5d:b0:60:25:86:09:ff:16:6c:89:ab:38:b3:
55:e3:5f:5a:03:de:09:db:5b:b6:2b:7f:43:45:e9:
e2:dc:2a:6e:c8:f5:fb:89:f7:3a:46:9e:b1:43:d9:
ab:51:a8:09:32:c7:16:bd:8d:7d:c1:2c:be:d2:98:
06:ad:45:69:07:00:24:cc:35:4b:93:d6:4d:14:ac:
36:0b:01:57:64:8e:1e:5c:fa:df:2f:2e:07:24:db:
f2:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:D3:4E:E2:64:78:8F:35:42:C0:6D:4F:3F:2F:BC:84:07:A5:42:A5
X509v3 Authority Key Identifier:
keyid:8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/n9NO4mR4jzVCwG1PPy-8hAelQqU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/jRHLAV35uqthIo27zhfdTgDmPBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.46.188.0/24
158.46.191.0-158.46.195.255
178.171.22.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:83:6b:c9:b5:ce:97:fd:14:23:8c:66:db:3d:1e:52:0b:a9:
91:cd:05:34:38:fb:90:2f:0e:49:d6:c0:35:55:f3:26:35:3c:
a9:d8:cc:56:ff:a0:a5:f9:93:68:38:7a:e1:00:26:b1:55:ab:
e0:c7:ab:bb:52:31:30:a6:99:7f:e9:2e:c0:50:8b:42:be:7f:
52:69:30:8d:66:19:88:cc:54:e8:78:13:0e:44:45:83:a7:d4:
5b:8c:f6:3c:a2:de:cb:31:11:4b:3f:68:a9:a5:33:3c:96:bd:
2c:ee:ba:09:7d:22:e9:b8:5a:5f:db:09:09:ac:91:f7:6f:a3:
11:21:11:25:64:25:9c:88:52:45:24:9a:f9:6b:0c:81:d6:5a:
a7:8b:e9:27:45:7e:a2:11:a4:05:d8:5e:45:c6:19:d2:82:6c:
45:1e:5a:5e:00:05:6b:5f:b8:2b:75:aa:18:90:b0:6e:98:13:
8d:01:f9:cb:fb:6c:a9:4b:a1:96:da:f4:ed:28:e2:97:cf:49:
37:00:85:f2:a4:a3:3d:56:39:89:ec:f9:23:ca:d2:7d:48:e4:
2d:51:3a:8b:ca:9f:6b:dd:10:1d:ee:10:2f:e0:a5:85:d4:63:
c1:44:6c:89:0a:c6:df:33:f5:bb:b2:60:5d:84:b2:30:d5:29:
6e:bb:63:22
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYVxVW8sBeaGZBgmjJISi0ZNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMTFjYjAxNWRmOWJhYWI2MTIyOGRiYmNlMTdkZDRlMDBl
NjNjMTMwHhcNMjMwMTAyMDcxNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmQzNGVlMjY0Nzg4ZjM1NDJjMDZkNGYzZjJmYmM4NDA3YTU0MmE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtilrzEunJaH0hUtOWJCAu5HzSt0G
BYQPiIzlhF+krF/s0ZhMaIdV4jrDRP1N48m/ChHbJ8CucEghguUUr/0Te4BQ27l6
sl4wPvQF6fyUMilGNlAGYiSJ69+HTWdJJP52mCMRm6nrSh2lSz5Sf+vIaXnvnU6J
7insRU3P5qLOdFBqaCQWUxD2JIkCJaC8jDxz3KjuaASL33Rx28OV9+iZpmAknQ/4
gl2wYCWGCf8WbImrOLNV419aA94J21u2K39DReni3CpuyPX7ifc6Rp6xQ9mrUagJ
MscWvY19wSy+0pgGrUVpBwAkzDVLk9ZNFKw2CwFXZI4eXPrfLy4HJNvyWwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFJ/TTuJkeI81QsBtTz8vvIQHpUKlMB8GA1UdIwQY
MBaAFI0RywFd+bqrYSKNu84X3U4A5jwTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEt
YmE3NzFmZmQyNjljLzEvbjlOTzRtUjRqelZDd0cxUFB5LThoQWVsUXFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEtYmE3NzFmZmQyNjlj
LzEvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAni68MAwD
BACeLr8DBAKeLsADBACyqxYwDQYJKoZIhvcNAQELBQADggEBAH6Da8m1zpf9FCOM
Zts9HlILqZHNBTQ4+5AvDknWwDVV8yY1PKnYzFb/oKX5k2g4euEAJrFVq+DHq7tS
MTCmmX/pLsBQi0K+f1JpMI1mGYjMVOh4Ew5ERYOn1FuM9jyi3ssxEUs/aKmlMzyW
vSzuugl9Ium4Wl/bCQmskfdvoxEhESVkJZyIUkUkmvlrDIHWWqeL6SdFfqIRpAXY
XkXGGdKCbEUeWl4ABWtfuCt1qhiQsG6YE40B+cv7bKlLoZba9O0o4pfPSTcAhfKk
oz1WOYns+SPK0n1I5C1ROovKn2vdEB3uEC/gpYXUY8FEbIkKxt8z9buyYF2EsjDV
KW67YyI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:39 2024 by rpki-client on console-fra.rpki-client.org