Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/q6_Kxuu2pWIQhZBGxNoviyRNZuw.roa
File: q6_Kxuu2pWIQhZBGxNoviyRNZuw.roa (raw, json)
Hash identifier: EcDGlIFSMBM/OVOxqXwqPOc6aXtyOKotbOIk72vDEhk=
Subject key identifier: AB:AF:CA:C6:EB:B6:A5:62:10:85:90:46:C4:DA:2F:8B:24:4D:66:EC
Certificate issuer: /CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
Certificate serial: 019131880BEDF40720147A1E4A394E9312D8
Authority key identifier: 8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/q6_Kxuu2pWIQhZBGxNoviyRNZuw.roa
Signing time: Thu 08 Aug 2024 10:28:04 +0000
ROA not before: Thu 08 Aug 2024 10:28:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209372
IP address blocks: 158.46.148.0/24 maxlen: 24
158.46.149.0/24 maxlen: 24
158.46.160.0/23 maxlen: 23
158.46.162.0/23 maxlen: 23
158.46.176.0/24 maxlen: 24
158.46.177.0/24 maxlen: 24
158.46.181.0/24 maxlen: 24
158.46.188.0/22 maxlen: 24
158.46.192.0/22 maxlen: 22
158.46.196.0/22 maxlen: 24
158.46.200.0/21 maxlen: 24
158.46.205.0/24 maxlen: 24
158.46.207.0/24 maxlen: 24
158.46.250.0/24 maxlen: 24
158.46.251.0/24 maxlen: 24
178.171.0.0/20 maxlen: 24
178.171.20.0/22 maxlen: 24
178.171.32.0/22 maxlen: 22
178.171.36.0/24 maxlen: 24
178.171.37.0/24 maxlen: 24
178.171.48.0/23 maxlen: 24
178.171.50.0/23 maxlen: 24
178.171.60.0/23 maxlen: 24
178.171.62.0/23 maxlen: 24
178.171.69.0/24 maxlen: 24
178.171.70.0/24 maxlen: 24
178.171.84.0/22 maxlen: 24
178.171.86.0/24 maxlen: 24
178.171.88.0/23 maxlen: 23
178.171.94.0/24 maxlen: 24
178.171.100.0/24 maxlen: 24
178.171.101.0/24 maxlen: 24
178.171.102.0/24 maxlen: 24
178.171.104.0/24 maxlen: 24
178.171.106.0/23 maxlen: 23
178.171.110.0/23 maxlen: 24
178.171.119.0/24 maxlen: 24
178.171.123.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 21 Oct 2024 12:30:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:31:88:0b:ed:f4:07:20:14:7a:1e:4a:39:4e:93:12:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
Validity
Not Before: Aug 8 10:28:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=abafcac6ebb6a56210859046c4da2f8b244d66ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:8a:28:2e:c6:5b:91:8a:9a:ce:c9:56:f1:71:
bc:2f:3c:cb:f8:d1:73:b8:3c:38:8e:3b:f3:9c:9e:
ff:c3:df:90:aa:56:ef:dd:a5:85:f8:23:d0:8d:dc:
0f:e2:e7:43:48:bf:72:93:43:97:eb:86:f8:ae:97:
6c:52:6a:0b:7d:96:bc:06:76:78:3d:4b:5b:52:9c:
30:9e:69:26:90:85:31:35:8f:71:98:b7:3d:42:0e:
8a:23:26:5f:e3:d7:6e:fc:eb:6f:2d:ad:58:de:66:
61:2c:fe:87:a6:c5:46:ea:05:9c:97:fa:bd:16:65:
0c:17:f1:6c:21:03:69:18:67:8f:60:01:50:6a:01:
62:c9:67:78:d7:2d:22:40:0e:86:70:5d:2c:38:46:
f5:a8:d6:2f:0b:45:08:f5:0d:19:4c:fd:ae:4c:f7:
bc:47:f3:b1:25:af:89:50:c3:f8:58:0f:af:b4:f4:
90:2b:f2:ae:aa:d9:11:a2:ff:25:19:ee:d1:01:f5:
fc:4f:1c:fd:43:5a:fd:0f:dd:91:a6:74:13:15:c0:
53:b7:ce:3f:72:36:08:92:a4:ea:f6:58:b9:ae:fb:
57:4f:cf:02:a5:c4:f0:8c:c0:5f:56:64:68:ae:19:
0d:56:07:5e:40:97:1c:eb:7d:28:cd:cc:86:dd:3f:
bc:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:AF:CA:C6:EB:B6:A5:62:10:85:90:46:C4:DA:2F:8B:24:4D:66:EC
X509v3 Authority Key Identifier:
keyid:8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/q6_Kxuu2pWIQhZBGxNoviyRNZuw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/jRHLAV35uqthIo27zhfdTgDmPBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.46.148.0/23
158.46.160.0/22
158.46.176.0/23
158.46.181.0/24
158.46.188.0-158.46.207.255
158.46.250.0/23
178.171.0.0/20
178.171.20.0/22
178.171.32.0-178.171.37.255
178.171.48.0/22
178.171.60.0/22
178.171.69.0-178.171.70.255
178.171.84.0-178.171.89.255
178.171.94.0/24
178.171.100.0-178.171.102.255
178.171.104.0/24
178.171.106.0/23
178.171.110.0/23
178.171.119.0/24
178.171.123.0/24
Signature Algorithm: sha256WithRSAEncryption
00:e4:d9:5e:69:97:43:0b:2e:fc:87:9d:5d:df:09:9b:d3:50:
95:ef:6c:cc:56:36:2b:05:ec:ed:a7:75:02:4d:5e:3a:7a:bf:
50:df:35:32:da:fb:af:f9:c4:bd:47:bb:f0:fe:26:df:91:14:
03:e3:a5:f9:00:46:6a:10:d9:96:b0:0f:28:ff:1d:a0:d4:1b:
d4:54:7b:32:bb:2d:a4:1e:80:97:85:ca:9d:31:c9:c4:21:17:
ba:b6:1d:37:7e:66:1e:33:81:89:0c:75:df:15:3f:43:29:c2:
be:4d:9a:57:55:d3:b8:6c:07:00:9c:5a:c2:58:0c:e8:9c:fa:
2e:8a:96:09:f1:e3:14:47:10:a0:f2:d6:8b:db:f7:b2:52:27:
eb:78:75:74:14:95:24:33:18:ed:09:ca:0c:d6:80:0f:15:f7:
f9:32:e9:c1:fb:71:9c:05:b1:76:54:7b:3d:d5:03:a4:72:2d:
a7:a2:41:79:55:94:dd:44:3f:85:73:c7:95:ce:a2:67:cf:07:
64:97:9c:b4:9d:93:e8:25:4c:eb:ae:3c:6f:a6:9e:c4:f9:39:
ea:3f:64:cc:9c:d9:f3:59:d0:b7:ee:fb:ab:98:bc:ba:6e:d4:
b0:26:00:91:75:d9:17:8d:4d:fd:a5:e8:3a:f5:42:2a:44:07:
7d:cd:5d:08
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgISAZExiAvt9AcgFHoeSjlOkxLYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMTFjYjAxNWRmOWJhYWI2MTIyOGRiYmNlMTdkZDRlMDBl
NjNjMTMwHhcNMjQwODA4MTAyODA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmFmY2FjNmViYjZhNTYyMTA4NTkwNDZjNGRhMmY4YjI0NGQ2NmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo4ooLsZbkYqazslW8XG8LzzL+NFz
uDw4jjvznJ7/w9+Qqlbv3aWF+CPQjdwP4udDSL9yk0OX64b4rpdsUmoLfZa8BnZ4
PUtbUpwwnmkmkIUxNY9xmLc9Qg6KIyZf49du/OtvLa1Y3mZhLP6HpsVG6gWcl/q9
FmUMF/FsIQNpGGePYAFQagFiyWd41y0iQA6GcF0sOEb1qNYvC0UI9Q0ZTP2uTPe8
R/OxJa+JUMP4WA+vtPSQK/KuqtkRov8lGe7RAfX8Txz9Q1r9D92RpnQTFcBTt84/
cjYIkqTq9li5rvtXT88CpcTwjMBfVmRorhkNVgdeQJcc630ozcyG3T+8hwIDAQAB
o4ICqDCCAqQwHQYDVR0OBBYEFKuvysbrtqViEIWQRsTaL4skTWbsMB8GA1UdIwQY
MBaAFI0RywFd+bqrYSKNu84X3U4A5jwTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEt
YmE3NzFmZmQyNjljLzEvcTZfS3h1dTJwV0lRaFpCR3hOb3ZpeVJOWnV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEtYmE3NzFmZmQyNjlj
LzEvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG9BggrBgEFBQcBBwEB/wSBrTCBqjCBpwQCAAEwgaADBAGe
LpQDBAKeLqADBAGeLrADBACeLrUwDAMEAp4uvAMEBJ4uwAMEAZ4u+gMEBLKrAAME
ArKrFDAMAwQFsqsgAwQBsqskAwQCsqswAwQCsqs8MAwDBACyq0UDBACyq0YwDAME
ArKrVAMEAbKrWAMEALKrXjAMAwQCsqtkAwQAsqtmAwQAsqtoAwQBsqtqAwQBsqtu
AwQAsqt3AwQAsqt7MA0GCSqGSIb3DQEBCwUAA4IBAQAA5NleaZdDCy78h51d3wmb
01CV72zMVjYrBeztp3UCTV46er9Q3zUy2vuv+cS9R7vw/ibfkRQD46X5AEZqENmW
sA8o/x2g1BvUVHsyuy2kHoCXhcqdMcnEIRe6th03fmYeM4GJDHXfFT9DKcK+TZpX
VdO4bAcAnFrCWAzonPouipYJ8eMURxCg8taL2/eyUifreHV0FJUkMxjtCcoM1oAP
Fff5MunB+3GcBbF2VHs91QOkci2nokF5VZTdRD+Fc8eVzqJnzwdkl5y0nZPoJUzr
rjxvpp7E+TnqP2TMnNnzWdC37vurmLy6btSwJgCRddkXjU39peg69UIqRAd9zV0I
-----END CERTIFICATE-----
Generated at Mon Oct 21 15:40:34 2024 by rpki-client on console-fra.rpki-client.org