Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/vwQ86GrGrWp7v2KhM01XYyrX_sg.roa
File: vwQ86GrGrWp7v2KhM01XYyrX_sg.roa (raw, json)
Hash identifier: Aly6eh40uDsYnSzANqYLXkbeEbcm2NCNEcOiv3aSfIc=
Subject key identifier: BF:04:3C:E8:6A:C6:AD:6A:7B:BF:62:A1:33:4D:57:63:2A:D7:FE:C8
Certificate issuer: /CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
Certificate serial: 018D34E9755C10E2EC7A418A78C0453981FE
Authority key identifier: 8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/vwQ86GrGrWp7v2KhM01XYyrX_sg.roa
Signing time: Tue 23 Jan 2024 06:02:11 +0000
ROA not before: Tue 23 Jan 2024 06:02:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209372
IP address blocks: 158.46.148.0/24 maxlen: 24
158.46.149.0/24 maxlen: 24
158.46.160.0/23 maxlen: 23
158.46.162.0/23 maxlen: 23
158.46.176.0/24 maxlen: 24
158.46.177.0/24 maxlen: 24
158.46.188.0/22 maxlen: 24
158.46.192.0/22 maxlen: 22
158.46.196.0/22 maxlen: 24
158.46.200.0/21 maxlen: 24
158.46.205.0/24 maxlen: 24
158.46.207.0/24 maxlen: 24
158.46.250.0/24 maxlen: 24
158.46.251.0/24 maxlen: 24
178.171.0.0/20 maxlen: 24
178.171.20.0/22 maxlen: 24
178.171.32.0/22 maxlen: 22
178.171.36.0/24 maxlen: 24
178.171.37.0/24 maxlen: 24
178.171.48.0/23 maxlen: 24
178.171.50.0/23 maxlen: 24
178.171.60.0/23 maxlen: 24
178.171.62.0/23 maxlen: 24
178.171.69.0/24 maxlen: 24
178.171.70.0/24 maxlen: 24
178.171.84.0/22 maxlen: 24
178.171.88.0/23 maxlen: 23
178.171.94.0/24 maxlen: 24
178.171.100.0/24 maxlen: 24
178.171.101.0/24 maxlen: 24
178.171.102.0/24 maxlen: 24
178.171.104.0/24 maxlen: 24
178.171.106.0/23 maxlen: 23
178.171.110.0/23 maxlen: 24
178.171.119.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 06 Feb 2024 09:49:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:34:e9:75:5c:10:e2:ec:7a:41:8a:78:c0:45:39:81:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
Validity
Not Before: Jan 23 06:02:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bf043ce86ac6ad6a7bbf62a1334d57632ad7fec8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:99:c0:61:6d:8e:40:fa:a1:f3:de:c4:16:34:
6b:be:19:61:f1:19:c0:bd:25:33:b7:3d:e6:64:39:
04:35:9b:c4:a0:b6:16:92:6a:d4:56:d1:52:13:c2:
fd:07:99:4b:a3:35:22:3f:de:9f:fd:78:6b:82:f1:
43:1f:b4:7f:68:86:09:b7:df:07:4a:b2:c7:e8:d9:
85:f1:24:ea:7d:5b:47:5d:5e:09:05:99:47:95:87:
f1:a8:e4:86:8d:05:d7:2a:cc:00:a4:f4:28:0a:b3:
d6:05:a3:3a:d1:e5:80:53:95:ef:8d:91:d2:06:a1:
75:aa:26:5e:f8:92:dc:70:07:98:50:f0:a3:e0:73:
be:5a:5b:0b:a5:b2:1c:70:f1:0e:53:0b:e8:31:12:
26:c0:84:ab:af:d4:93:a5:2f:40:b5:ed:61:bc:63:
8e:00:30:ed:95:73:ab:8c:e6:74:14:34:d6:c7:4a:
14:c9:7b:28:3e:2b:d1:66:0e:e0:23:41:e8:ab:01:
10:f1:35:6d:a6:0a:ae:5a:a8:43:99:57:c3:71:fa:
46:80:e1:d7:0a:d8:49:26:0a:09:25:c3:19:f6:41:
c2:b7:de:3a:ff:d2:a0:53:59:ce:58:12:83:90:16:
bf:57:a9:0e:72:bf:7a:81:db:12:76:e8:14:42:66:
7b:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:04:3C:E8:6A:C6:AD:6A:7B:BF:62:A1:33:4D:57:63:2A:D7:FE:C8
X509v3 Authority Key Identifier:
keyid:8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/vwQ86GrGrWp7v2KhM01XYyrX_sg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/jRHLAV35uqthIo27zhfdTgDmPBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.46.148.0/23
158.46.160.0/22
158.46.176.0/23
158.46.188.0-158.46.207.255
158.46.250.0/23
178.171.0.0/20
178.171.20.0/22
178.171.32.0-178.171.37.255
178.171.48.0/22
178.171.60.0/22
178.171.69.0-178.171.70.255
178.171.84.0-178.171.89.255
178.171.94.0/24
178.171.100.0-178.171.102.255
178.171.104.0/24
178.171.106.0/23
178.171.110.0/23
178.171.119.0/24
Signature Algorithm: sha256WithRSAEncryption
08:af:5e:04:c4:9e:5d:e6:0e:f3:d5:73:77:6d:a6:42:84:61:
c9:da:6a:2f:03:ad:59:b8:69:9a:9f:bb:f7:8a:f7:da:cd:04:
8b:e2:eb:79:8c:de:6b:d9:4d:24:61:02:bf:23:fa:02:f3:2c:
d6:1a:b8:94:10:0d:1f:6f:e9:f2:2e:00:41:ac:48:46:51:10:
32:43:43:01:13:f8:50:3a:ee:82:38:13:a1:83:f7:e2:ce:a7:
24:c6:8f:36:3d:88:26:d3:ff:30:9a:76:ab:66:5c:49:ba:df:
1b:79:96:be:fc:39:78:cc:b3:21:1d:42:82:e6:66:45:3f:a4:
5a:6a:6d:c9:d9:1d:34:07:0c:75:b8:dc:40:47:f5:81:e2:7f:
63:63:d5:c9:5b:ab:40:44:28:09:ef:90:38:55:fb:35:4f:dd:
d4:bf:be:35:8b:ac:63:55:6d:c5:d6:25:ee:23:a6:7d:85:d0:
81:d2:d0:4b:e3:f1:c1:03:46:c8:ce:8c:34:94:2f:26:b2:6b:
0c:a1:4b:79:7f:eb:a8:0e:60:6c:20:eb:a9:29:b3:70:79:16:
db:8e:03:56:48:91:14:fa:63:ec:f0:5c:28:66:b8:4c:e6:df:
a4:7d:a4:9e:96:16:0e:64:62:ca:c9:f3:3d:6a:ef:7d:0a:2e:
b4:f3:f2:91
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgISAY006XVcEOLsekGKeMBFOYH+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMTFjYjAxNWRmOWJhYWI2MTIyOGRiYmNlMTdkZDRlMDBl
NjNjMTMwHhcNMjQwMTIzMDYwMjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjA0M2NlODZhYzZhZDZhN2JiZjYyYTEzMzRkNTc2MzJhZDdmZWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZnAYW2OQPqh897EFjRrvhlh8RnA
vSUztz3mZDkENZvEoLYWkmrUVtFSE8L9B5lLozUiP96f/XhrgvFDH7R/aIYJt98H
SrLH6NmF8STqfVtHXV4JBZlHlYfxqOSGjQXXKswApPQoCrPWBaM60eWAU5XvjZHS
BqF1qiZe+JLccAeYUPCj4HO+WlsLpbIccPEOUwvoMRImwISrr9STpS9Ate1hvGOO
ADDtlXOrjOZ0FDTWx0oUyXsoPivRZg7gI0HoqwEQ8TVtpgquWqhDmVfDcfpGgOHX
CthJJgoJJcMZ9kHCt946/9KgU1nOWBKDkBa/V6kOcr96gdsSdugUQmZ7PQIDAQAB
o4ICnDCCApgwHQYDVR0OBBYEFL8EPOhqxq1qe79ioTNNV2Mq1/7IMB8GA1UdIwQY
MBaAFI0RywFd+bqrYSKNu84X3U4A5jwTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEt
YmE3NzFmZmQyNjljLzEvdndRODZHckdyV3A3djJLaE0wMVhZeXJYX3NnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEtYmE3NzFmZmQyNjlj
LzEvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGxBggrBgEFBQcBBwEB/wSBoTCBnjCBmwQCAAEwgZQDBAGe
LpQDBAKeLqADBAGeLrAwDAMEAp4uvAMEBJ4uwAMEAZ4u+gMEBLKrAAMEArKrFDAM
AwQFsqsgAwQBsqskAwQCsqswAwQCsqs8MAwDBACyq0UDBACyq0YwDAMEArKrVAME
AbKrWAMEALKrXjAMAwQCsqtkAwQAsqtmAwQAsqtoAwQBsqtqAwQBsqtuAwQAsqt3
MA0GCSqGSIb3DQEBCwUAA4IBAQAIr14ExJ5d5g7z1XN3baZChGHJ2movA61ZuGma
n7v3ivfazQSL4ut5jN5r2U0kYQK/I/oC8yzWGriUEA0fb+nyLgBBrEhGURAyQ0MB
E/hQOu6COBOhg/fizqckxo82PYgm0/8wmnarZlxJut8beZa+/Dl4zLMhHUKC5mZF
P6Raam3J2R00Bwx1uNxAR/WB4n9jY9XJW6tARCgJ75A4Vfs1T93Uv741i6xjVW3F
1iXuI6Z9hdCB0tBL4/HBA0bIzow0lC8msmsMoUt5f+uoDmBsIOupKbNweRbbjgNW
SJEU+mPs8FwoZrhM5t+kfaSelhYOZGLKyfM9au99Ci608/KR
-----END CERTIFICATE-----
Generated at Tue Feb 6 15:04:16 2024 by rpki-client on console-ams.rpki-client.org