Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/yMRg_fpqrBtzPzpeabnTk0SzhD0.roa
File: yMRg_fpqrBtzPzpeabnTk0SzhD0.roa (raw, json)
Hash identifier: gv/ISSqychjxlf9Tw7kxf+Ui7V04FWKLd6WUsbSC1KU=
Subject key identifier: C8:C4:60:FD:FA:6A:AC:1B:73:3F:3A:5E:69:B9:D3:93:44:B3:84:3D
Certificate issuer: /CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
Certificate serial: 01879CE1E03AFFA12A03C7521900CC16385E
Authority key identifier: 8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/yMRg_fpqrBtzPzpeabnTk0SzhD0.roa
Signing time: Thu 20 Apr 2023 04:17:41 +0000
ROA not before: Thu 20 Apr 2023 04:17:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209372
IP address blocks: 178.171.50.0/23 maxlen: 24
178.171.48.0/23 maxlen: 24
158.46.149.0/24 maxlen: 24
158.46.148.0/24 maxlen: 24
178.171.60.0/23 maxlen: 24
178.171.62.0/23 maxlen: 24
178.171.70.0/24 maxlen: 24
178.171.69.0/24 maxlen: 24
158.46.160.0/23 maxlen: 23
158.46.177.0/24 maxlen: 24
158.46.176.0/24 maxlen: 24
178.171.88.0/23 maxlen: 23
178.171.0.0/20 maxlen: 24
178.171.20.0/22 maxlen: 24
178.171.32.0/22 maxlen: 22
178.171.36.0/24 maxlen: 24
178.171.37.0/24 maxlen: 24
158.46.251.0/24 maxlen: 24
158.46.250.0/24 maxlen: 24
178.171.94.0/24 maxlen: 24
158.46.188.0/22 maxlen: 24
178.171.104.0/24 maxlen: 24
178.171.101.0/24 maxlen: 24
178.171.102.0/24 maxlen: 24
158.46.196.0/22 maxlen: 24
178.171.100.0/24 maxlen: 24
178.171.110.0/23 maxlen: 24
158.46.205.0/24 maxlen: 24
158.46.200.0/21 maxlen: 24
158.46.207.0/24 maxlen: 24
178.171.119.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 17 May 2023 02:27:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:9c:e1:e0:3a:ff:a1:2a:03:c7:52:19:00:cc:16:38:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
Validity
Not Before: Apr 20 04:17:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c8c460fdfa6aac1b733f3a5e69b9d39344b3843d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:df:41:30:45:bf:2e:f1:c3:2d:65:5f:6d:7b:
c2:2a:94:50:ed:5f:d4:de:f2:43:04:65:22:b3:9f:
55:50:2a:a3:0c:9f:ca:df:ef:9b:17:11:be:c7:32:
8a:b1:97:45:23:c9:c7:5f:a8:80:12:f4:4d:6c:42:
f2:8c:97:44:bd:38:9f:3d:10:3d:da:6a:56:3d:0b:
a6:b2:43:97:a0:c5:c6:10:74:d1:4a:48:50:8e:a1:
ad:41:cb:3b:66:7b:3e:d9:10:81:0c:1f:c1:e3:49:
0c:48:46:7d:e2:27:dd:97:c2:7f:c7:15:fe:24:12:
78:2c:39:a8:6a:39:24:af:b5:f9:0e:04:85:a5:66:
12:ea:fa:a3:05:63:51:57:e2:29:c2:08:35:65:6e:
c1:72:e9:29:da:51:e6:7d:3c:3b:cd:4e:18:2a:8b:
ca:01:d8:1a:3c:09:2f:73:02:c0:49:41:d8:ae:21:
01:40:d4:6d:3a:ba:49:8f:d5:57:9b:7d:d0:bf:7f:
a5:b6:b9:62:1a:06:08:de:6f:f5:36:e8:5f:d7:86:
c0:ee:6e:a8:e0:b9:03:07:a1:34:dc:22:06:72:f9:
4c:43:b7:29:bc:6c:2d:9f:2c:a4:0b:3d:36:c0:d5:
53:05:ed:c0:11:66:8d:bd:2f:68:f1:6f:b7:19:92:
49:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:C4:60:FD:FA:6A:AC:1B:73:3F:3A:5E:69:B9:D3:93:44:B3:84:3D
X509v3 Authority Key Identifier:
keyid:8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/yMRg_fpqrBtzPzpeabnTk0SzhD0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/jRHLAV35uqthIo27zhfdTgDmPBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.46.148.0/23
158.46.160.0/23
158.46.176.0/23
158.46.188.0/22
158.46.196.0-158.46.207.255
158.46.250.0/23
178.171.0.0/20
178.171.20.0/22
178.171.32.0-178.171.37.255
178.171.48.0/22
178.171.60.0/22
178.171.69.0-178.171.70.255
178.171.88.0/23
178.171.94.0/24
178.171.100.0-178.171.102.255
178.171.104.0/24
178.171.110.0/23
178.171.119.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:ab:0a:6a:1d:59:b7:ab:b8:fa:bc:c9:42:63:09:d6:3a:ee:
44:d4:30:2c:8e:72:a7:88:ae:6b:1e:49:6a:e6:bf:49:5f:2a:
72:63:1a:85:3e:e6:5e:b1:df:4a:83:81:f0:05:be:8f:56:2d:
f9:87:3c:29:cd:23:78:0e:90:4f:df:40:95:60:81:f7:34:79:
ac:3c:b8:56:eb:99:0a:5e:e3:2b:de:3e:bd:ac:43:83:51:8d:
02:73:e1:3a:6e:2e:b4:69:96:5e:b4:d8:d0:f3:c9:87:43:40:
ca:b5:32:67:5c:8c:51:ff:2d:11:23:ea:23:00:52:55:19:92:
a8:0a:72:e4:9f:9e:e3:3e:01:a0:72:96:f3:2d:dd:00:fd:e8:
21:36:1d:f2:36:56:49:96:c8:8a:06:4e:c7:89:73:bb:88:b7:
74:92:93:2c:3b:0c:de:a0:7c:49:2b:7b:98:be:f7:ec:69:74:
28:9e:0e:03:28:26:1e:b4:3d:72:d3:b6:70:e9:58:1a:c9:1c:
58:5e:cd:7d:6a:c9:84:0b:9d:73:43:f8:2d:49:2e:fc:2e:a1:
20:3f:24:99:a2:3f:91:9a:c8:7b:2a:af:3d:4f:a3:f2:89:64:
18:07:5e:0e:f9:8c:f9:96:91:e3:d5:4d:f2:26:1d:89:84:ab:
06:64:bb:e1
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgISAYec4eA6/6EqA8dSGQDMFjheMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMTFjYjAxNWRmOWJhYWI2MTIyOGRiYmNlMTdkZDRlMDBl
NjNjMTMwHhcNMjMwNDIwMDQxNzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGM0NjBmZGZhNmFhYzFiNzMzZjNhNWU2OWI5ZDM5MzQ0YjM4NDNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtd9BMEW/LvHDLWVfbXvCKpRQ7V/U
3vJDBGUis59VUCqjDJ/K3++bFxG+xzKKsZdFI8nHX6iAEvRNbELyjJdEvTifPRA9
2mpWPQumskOXoMXGEHTRSkhQjqGtQcs7Zns+2RCBDB/B40kMSEZ94ifdl8J/xxX+
JBJ4LDmoajkkr7X5DgSFpWYS6vqjBWNRV+Ipwgg1ZW7Bcukp2lHmfTw7zU4YKovK
AdgaPAkvcwLASUHYriEBQNRtOrpJj9VXm33Qv3+ltrliGgYI3m/1Nuhf14bA7m6o
4LkDB6E03CIGcvlMQ7cpvGwtnyykCz02wNVTBe3AEWaNvS9o8W+3GZJJgQIDAQAB
o4IClDCCApAwHQYDVR0OBBYEFMjEYP36aqwbcz86Xmm505NEs4Q9MB8GA1UdIwQY
MBaAFI0RywFd+bqrYSKNu84X3U4A5jwTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEt
YmE3NzFmZmQyNjljLzEveU1SZ19mcHFyQnR6UHpwZWFiblRrMFN6aEQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEtYmE3NzFmZmQyNjlj
LzEvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGpBggrBgEFBQcBBwEB/wSBmTCBljCBkwQCAAEwgYwDBAGe
LpQDBAGeLqADBAGeLrADBAKeLrwwDAMEAp4uxAMEBJ4uwAMEAZ4u+gMEBLKrAAME
ArKrFDAMAwQFsqsgAwQBsqskAwQCsqswAwQCsqs8MAwDBACyq0UDBACyq0YDBAGy
q1gDBACyq14wDAMEArKrZAMEALKrZgMEALKraAMEAbKrbgMEALKrdzANBgkqhkiG
9w0BAQsFAAOCAQEApKsKah1Zt6u4+rzJQmMJ1jruRNQwLI5yp4iuax5Jaua/SV8q
cmMahT7mXrHfSoOB8AW+j1Yt+Yc8Kc0jeA6QT99AlWCB9zR5rDy4VuuZCl7jK94+
vaxDg1GNAnPhOm4utGmWXrTY0PPJh0NAyrUyZ1yMUf8tESPqIwBSVRmSqApy5J+e
4z4BoHKW8y3dAP3oITYd8jZWSZbIigZOx4lzu4i3dJKTLDsM3qB8SSt7mL737Gl0
KJ4OAygmHrQ9ctO2cOlYGskcWF7NfWrJhAudc0P4LUku/C6hID8kmaI/kZrIeyqv
PU+j8olkGAdeDvmM+ZaR49VN8iYdiYSrBmS74Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:10 2024 by rpki-client on console-ams.rpki-client.org