Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/828652-addf-4fe8-9fe6-4b1f61653f3d/1/KgVHcnEhBn9pN23fititFHW-K_E.roa
File: KgVHcnEhBn9pN23fititFHW-K_E.roa (raw, json)
Hash identifier: PZG/1VmuN815RlbJBen2+QOOKoM/ab7qXh+ZYoqGJPA=
Subject key identifier: 2A:05:47:72:71:21:06:7F:69:37:6D:DF:8A:D8:AD:14:75:BE:2B:F1
Certificate issuer: /CN=13932782ee7758990404fa1ccfb09ec23a86123f
Certificate serial: 01856E01CBEF79B7048BA42B70904B042A30
Authority key identifier: 13:93:27:82:EE:77:58:99:04:04:FA:1C:CF:B0:9E:C2:3A:86:12:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E5Mngu53WJkEBPocz7CewjqGEj8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/828652-addf-4fe8-9fe6-4b1f61653f3d/1/KgVHcnEhBn9pN23fititFHW-K_E.roa
Signing time: Sun 01 Jan 2023 15:44:49 +0000
ROA not before: Sun 01 Jan 2023 15:44:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2856
IP address blocks: 46.248.112.0/22 maxlen: 24
46.248.108.0/22 maxlen: 24
46.248.106.0/23 maxlen: 23
46.248.116.0/22 maxlen: 24
46.248.124.0/23 maxlen: 23
46.248.120.0/22 maxlen: 24
46.248.126.0/23 maxlen: 23
85.116.2.0/23 maxlen: 23
82.136.56.0/22 maxlen: 24
85.116.4.0/23 maxlen: 23
82.136.52.0/24 maxlen: 24
82.136.54.0/23 maxlen: 24
85.116.0.0/23 maxlen: 23
85.116.11.0/24 maxlen: 24
85.116.6.0/23 maxlen: 23
85.116.16.0/21 maxlen: 21
85.116.24.0/24 maxlen: 24
85.116.30.0/24 maxlen: 24
85.116.29.0/24 maxlen: 24
85.116.31.0/24 maxlen: 24
85.116.26.0/24 maxlen: 24
85.116.25.0/24 maxlen: 24
85.116.28.0/24 maxlen: 24
85.116.27.0/24 maxlen: 24
82.136.30.0/23 maxlen: 24
82.136.26.0/24 maxlen: 24
82.136.43.0/24 maxlen: 24
82.136.48.0/22 maxlen: 24
82.136.47.0/24 maxlen: 24
46.248.96.0/22 maxlen: 22
46.248.102.0/23 maxlen: 24
46.248.104.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:01:cb:ef:79:b7:04:8b:a4:2b:70:90:4b:04:2a:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=13932782ee7758990404fa1ccfb09ec23a86123f
Validity
Not Before: Jan 1 15:44:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a0547727121067f69376ddf8ad8ad1475be2bf1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:e7:82:b2:0d:73:55:1c:25:76:69:3b:36:aa:
ef:9f:77:29:e5:c6:a8:16:b5:ac:15:f0:1d:36:42:
b5:c8:a8:4d:5b:79:24:03:de:07:b6:87:89:80:d2:
2a:fc:80:ac:ab:26:fa:a9:d9:9a:0b:57:d8:9a:29:
cd:ce:13:11:13:43:ef:7f:85:e2:82:c6:23:65:fb:
45:3a:6e:23:5d:1b:34:3a:6d:ff:bc:10:46:24:15:
28:af:da:ba:23:c0:47:bc:b0:29:d5:f8:45:04:f3:
33:b7:c6:21:99:02:c6:8e:01:a7:a8:3e:e0:0f:82:
7a:38:bb:ef:31:19:13:e4:8c:bd:16:ee:d4:29:f6:
a8:5a:26:97:81:9f:0a:82:02:10:7c:ce:d6:7e:88:
4f:bd:58:ea:f9:b4:77:b4:e1:27:da:a9:57:f6:39:
ba:bb:40:ed:bf:14:dd:36:5d:ab:09:a6:84:44:8c:
3e:83:cc:e8:ca:a2:dc:7e:75:f1:7a:80:88:21:00:
cf:16:4f:31:56:0d:8a:67:f1:62:b6:04:eb:c5:45:
93:b7:b7:8f:61:2f:6d:1c:e9:00:ab:33:0b:fb:8b:
ef:38:cf:2d:65:5b:ed:35:bf:d2:78:c8:b6:b7:46:
74:12:65:00:a6:06:0b:9b:f9:72:1a:98:c5:f5:14:
be:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:05:47:72:71:21:06:7F:69:37:6D:DF:8A:D8:AD:14:75:BE:2B:F1
X509v3 Authority Key Identifier:
keyid:13:93:27:82:EE:77:58:99:04:04:FA:1C:CF:B0:9E:C2:3A:86:12:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E5Mngu53WJkEBPocz7CewjqGEj8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/828652-addf-4fe8-9fe6-4b1f61653f3d/1/KgVHcnEhBn9pN23fititFHW-K_E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/828652-addf-4fe8-9fe6-4b1f61653f3d/1/E5Mngu53WJkEBPocz7CewjqGEj8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.248.96.0/22
46.248.102.0-46.248.127.255
82.136.26.0/24
82.136.30.0/23
82.136.43.0/24
82.136.47.0-82.136.52.255
82.136.54.0-82.136.59.255
85.116.0.0/21
85.116.11.0/24
85.116.16.0/20
Signature Algorithm: sha256WithRSAEncryption
08:4b:d1:b4:64:95:34:35:4c:64:3c:a3:e9:ed:bb:78:ad:ab:
d3:9c:dc:72:2e:7f:c2:ba:6e:ab:50:5d:69:17:f6:2c:b8:98:
18:3e:11:7a:50:15:5b:b4:fe:95:c3:19:69:41:8a:0d:a8:d0:
38:57:45:d4:0a:81:80:cd:5d:88:69:04:96:be:7b:fc:ad:a0:
77:c8:58:57:b4:f7:42:7b:b8:72:19:eb:38:63:d2:10:b7:53:
9c:24:18:3f:cc:49:41:b1:dd:80:f0:2d:13:55:f1:fa:dd:7c:
01:fa:0a:ca:4a:b3:c4:07:eb:bf:c5:8f:ce:44:2b:69:61:a9:
b7:7c:3e:ab:26:65:58:ea:e3:63:33:40:7b:44:47:d6:d9:b5:
40:60:02:57:93:29:ae:66:c7:28:d0:35:62:92:3e:2e:b6:34:
61:25:f5:d3:e0:b3:5a:3a:43:10:18:f1:4f:49:01:c5:63:3e:
e4:f9:4c:1f:2c:3a:1a:fb:40:4d:fc:5f:e5:d4:7d:6b:74:ef:
44:d7:88:dc:67:9e:c8:01:ac:02:d5:49:09:38:59:61:75:3e:
2a:90:2e:55:a6:fb:cc:03:b1:ce:af:01:e6:32:6a:aa:23:ba:
6d:c1:92:b9:0a:d8:a0:ec:dd:2e:92:66:2f:cb:20:e5:56:31:
60:10:39:e1
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYVuAcvvebcEi6QrcJBLBCowMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzOTMyNzgyZWU3NzU4OTkwNDA0ZmExY2NmYjA5ZWMyM2E4
NjEyM2YwHhcNMjMwMTAxMTU0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTA1NDc3MjcxMjEwNjdmNjkzNzZkZGY4YWQ4YWQxNDc1YmUyYmYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAveeCsg1zVRwldmk7Nqrvn3cp5cao
FrWsFfAdNkK1yKhNW3kkA94HtoeJgNIq/ICsqyb6qdmaC1fYminNzhMRE0Pvf4Xi
gsYjZftFOm4jXRs0Om3/vBBGJBUor9q6I8BHvLAp1fhFBPMzt8YhmQLGjgGnqD7g
D4J6OLvvMRkT5Iy9Fu7UKfaoWiaXgZ8KggIQfM7WfohPvVjq+bR3tOEn2qlX9jm6
u0DtvxTdNl2rCaaERIw+g8zoyqLcfnXxeoCIIQDPFk8xVg2KZ/FitgTrxUWTt7eP
YS9tHOkAqzML+4vvOM8tZVvtNb/SeMi2t0Z0EmUApgYLm/lyGpjF9RS+WQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFCoFR3JxIQZ/aTdt34rYrRR1vivxMB8GA1UdIwQY
MBaAFBOTJ4Lud1iZBAT6HM+wnsI6hhI/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTVNbmd1NTNXSmtFQlBvY3o3Q2V3anFHRWo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS84Mjg2NTItYWRkZi00ZmU4LTlmZTYt
NGIxZjYxNjUzZjNkLzEvS2dWSGNuRWhCbjlwTjIzZml0aXRGSFctS19FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS84Mjg2NTItYWRkZi00ZmU4LTlmZTYtNGIxZjYxNjUzZjNk
LzEvRTVNbmd1NTNXSmtFQlBvY3o3Q2V3anFHRWo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQCLvhgMAwD
BAEu+GYDBAcu+AADBABSiBoDBAFSiB4DBABSiCswDAMEAFKILwMEAFKINDAMAwQB
Uog2AwQCUog4AwQDVXQAAwQAVXQLAwQEVXQQMA0GCSqGSIb3DQEBCwUAA4IBAQAI
S9G0ZJU0NUxkPKPp7bt4ravTnNxyLn/Cum6rUF1pF/YsuJgYPhF6UBVbtP6Vwxlp
QYoNqNA4V0XUCoGAzV2IaQSWvnv8raB3yFhXtPdCe7hyGes4Y9IQt1OcJBg/zElB
sd2A8C0TVfH63XwB+grKSrPEB+u/xY/ORCtpYam3fD6rJmVY6uNjM0B7REfW2bVA
YAJXkymuZsco0DVikj4utjRhJfXT4LNaOkMQGPFPSQHFYz7k+UwfLDoa+0BN/F/l
1H1rdO9E14jcZ57IAawC1UkJOFlhdT4qkC5VpvvMA7HOrwHmMmqqI7ptwZK5Ctig
7N0ukmYvyyDlVjFgEDnh
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:11 2023 by rpki-client on console-fra.rpki-client.org