Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/ugYXP3fvlziFLQxxlVnZFTRsJss.roa
File: ugYXP3fvlziFLQxxlVnZFTRsJss.roa (raw, json)
Hash identifier: Ip6Dr8YQE1wJeOGDUjVCVo9slYCUsl58IC4x1DbRDS0=
Subject key identifier: BA:06:17:3F:77:EF:97:38:85:2D:0C:71:95:59:D9:15:34:6C:26:CB
Certificate issuer: /CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
Certificate serial: 01865099F816AE5662247A66AFFD17D4C5FA
Authority key identifier: 8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/ugYXP3fvlziFLQxxlVnZFTRsJss.roa
Signing time: Tue 14 Feb 2023 15:45:13 +0000
ROA not before: Tue 14 Feb 2023 15:45:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209372
IP address blocks: 158.46.149.0/24 maxlen: 24
158.46.148.0/24 maxlen: 24
178.171.70.0/24 maxlen: 24
178.171.69.0/24 maxlen: 24
158.46.160.0/23 maxlen: 23
158.46.177.0/24 maxlen: 24
178.171.88.0/23 maxlen: 23
178.171.20.0/22 maxlen: 24
178.171.32.0/22 maxlen: 22
178.171.36.0/24 maxlen: 24
178.171.37.0/24 maxlen: 24
158.46.251.0/24 maxlen: 24
158.46.250.0/24 maxlen: 24
158.46.188.0/22 maxlen: 24
178.171.104.0/24 maxlen: 24
178.171.101.0/24 maxlen: 24
178.171.100.0/24 maxlen: 24
158.46.200.0/21 maxlen: 21
178.171.119.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 16 Feb 2023 11:03:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:50:99:f8:16:ae:56:62:24:7a:66:af:fd:17:d4:c5:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
Validity
Not Before: Feb 14 15:45:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ba06173f77ef9738852d0c719559d915346c26cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:a6:fc:4c:4b:5e:71:4c:98:97:8f:09:79:3d:
fd:7d:78:25:f8:29:50:e0:c1:f3:d2:2e:d5:cc:14:
6a:ec:c3:08:72:55:fd:b5:c7:b9:b6:c4:fb:90:df:
3a:c4:a8:8a:e6:36:37:1d:f5:1d:3a:af:52:ba:48:
df:f4:ef:cf:a1:d7:94:6a:fe:d4:41:a2:43:38:89:
ec:34:cb:17:17:47:5e:19:35:12:fd:63:43:b7:7a:
11:20:89:2d:57:32:5c:97:54:d3:4d:06:6c:24:9c:
96:73:e0:b0:31:29:5a:1a:f1:12:b2:4b:7b:af:5a:
26:4a:6a:58:89:ed:ef:c3:77:2b:84:10:f6:fc:c2:
c8:2b:e2:ad:43:7a:5c:62:e1:84:20:0d:92:74:57:
02:9d:19:52:94:e0:aa:0d:ec:a0:9f:c2:d8:74:87:
9e:36:af:4f:c0:a1:80:e4:55:a9:f6:52:10:0a:98:
d4:79:60:24:de:60:bb:78:1d:e5:32:df:11:97:da:
0b:1e:c6:99:cc:5d:da:07:5d:07:74:76:d9:07:ed:
bc:f4:c1:14:3b:a2:8d:8e:1f:80:12:82:8f:3a:f4:
bb:1f:dd:bb:2d:cd:72:f2:87:7f:e0:1a:cd:2d:bb:
6d:31:3c:a9:d3:bd:cc:8d:80:85:e0:61:13:a2:af:
dd:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:06:17:3F:77:EF:97:38:85:2D:0C:71:95:59:D9:15:34:6C:26:CB
X509v3 Authority Key Identifier:
keyid:8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/ugYXP3fvlziFLQxxlVnZFTRsJss.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/jRHLAV35uqthIo27zhfdTgDmPBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.46.148.0/23
158.46.160.0/23
158.46.177.0/24
158.46.188.0/22
158.46.200.0/21
158.46.250.0/23
178.171.20.0/22
178.171.32.0-178.171.37.255
178.171.69.0-178.171.70.255
178.171.88.0/23
178.171.100.0/23
178.171.104.0/24
178.171.119.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:67:6f:42:65:56:33:94:59:c6:29:0d:00:f3:e5:63:90:6c:
0e:5d:0e:e1:84:d5:55:d8:a9:8d:b0:af:cd:f5:77:b8:41:e2:
42:ba:66:03:a6:8a:c4:ff:d1:ff:92:d5:b0:01:66:49:c1:8d:
57:b3:1c:05:ab:7b:63:6a:7b:35:79:61:e2:59:25:28:a4:44:
b1:61:cd:c7:e9:03:fd:0b:a3:17:9c:67:85:d6:cb:ac:0c:d3:
c7:0d:09:77:54:c6:c9:a6:11:84:0f:a2:16:23:70:c0:21:6d:
98:88:f3:6f:9b:90:14:45:9e:fb:50:52:13:b3:e9:e8:56:6e:
74:7a:e2:ac:2e:f1:59:40:41:14:06:07:96:d3:a5:e6:f9:dd:
4d:a9:e7:d9:10:4d:2e:2b:12:79:5b:d6:5b:fc:cc:bc:f9:d5:
c8:c4:c3:91:e3:9f:7e:91:e8:ff:a2:a3:56:3b:23:60:e0:d7:
f5:0e:a8:c4:f4:9a:a6:fa:de:72:f0:d6:9c:8a:39:b1:f7:21:
24:04:b1:ec:18:39:c7:33:4a:f7:08:71:e0:20:16:bd:22:a4:
ae:bb:9f:6e:ba:6a:76:41:13:c5:e4:3f:e3:64:ae:9f:90:b4:
b5:13:19:e1:5c:dc:ea:7a:57:e6:97:db:ed:b7:72:dc:97:73:
29:ac:48:67
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAYZQmfgWrlZiJHpmr/0X1MX6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMTFjYjAxNWRmOWJhYWI2MTIyOGRiYmNlMTdkZDRlMDBl
NjNjMTMwHhcNMjMwMjE0MTU0NTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTA2MTczZjc3ZWY5NzM4ODUyZDBjNzE5NTU5ZDkxNTM0NmMyNmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiqb8TEtecUyYl48JeT39fXgl+ClQ
4MHz0i7VzBRq7MMIclX9tce5tsT7kN86xKiK5jY3HfUdOq9Sukjf9O/PodeUav7U
QaJDOInsNMsXF0deGTUS/WNDt3oRIIktVzJcl1TTTQZsJJyWc+CwMSlaGvESskt7
r1omSmpYie3vw3crhBD2/MLIK+KtQ3pcYuGEIA2SdFcCnRlSlOCqDeygn8LYdIee
Nq9PwKGA5FWp9lIQCpjUeWAk3mC7eB3lMt8Rl9oLHsaZzF3aB10HdHbZB+289MEU
O6KNjh+AEoKPOvS7H927Lc1y8od/4BrNLbttMTyp073MjYCF4GEToq/d6wIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFLoGFz9375c4hS0McZVZ2RU0bCbLMB8GA1UdIwQY
MBaAFI0RywFd+bqrYSKNu84X3U4A5jwTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEt
YmE3NzFmZmQyNjljLzEvdWdZWFAzZnZsemlGTFF4eGxWblpGVFJzSnNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEtYmE3NzFmZmQyNjlj
LzEvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBkBAIAATBeAwQBni6UAwQB
ni6gAwQAni6xAwQCni68AwQDni7IAwQBni76AwQCsqsUMAwDBAWyqyADBAGyqyQw
DAMEALKrRQMEALKrRgMEAbKrWAMEAbKrZAMEALKraAMEALKrdzANBgkqhkiG9w0B
AQsFAAOCAQEAamdvQmVWM5RZxikNAPPlY5BsDl0O4YTVVdipjbCvzfV3uEHiQrpm
A6aKxP/R/5LVsAFmScGNV7McBat7Y2p7NXlh4lklKKREsWHNx+kD/QujF5xnhdbL
rAzTxw0Jd1TGyaYRhA+iFiNwwCFtmIjzb5uQFEWe+1BSE7Pp6FZudHrirC7xWUBB
FAYHltOl5vndTann2RBNLisSeVvWW/zMvPnVyMTDkeOffpHo/6KjVjsjYODX9Q6o
xPSapvrecvDWnIo5sfchJASx7Bg5xzNK9whx4CAWvSKkrrufbrpqdkETxeQ/42Su
n5C0tRMZ4Vzc6npX5pfb7bdy3JdzKaxIZw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:09 2024 by rpki-client on console-ams.rpki-client.org