Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/AGG2x9nIOxYOR6Xv-kKFQrNY4SE.roa
File: AGG2x9nIOxYOR6Xv-kKFQrNY4SE.roa (raw, json)
Hash identifier: x/M5BCIsotw/lAkeb8xlE2H7zA3e7FHMS0Xc8DninRo=
Subject key identifier: 00:61:B6:C7:D9:C8:3B:16:0E:47:A5:EF:FA:42:85:42:B3:58:E1:21
Certificate issuer: /CN=5588f197f97e8900755544e810cddef9d90fbc41
Certificate serial: 018946BE1F36C6225F3F120AC5E6BEDB4B59
Authority key identifier: 55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/AGG2x9nIOxYOR6Xv-kKFQrNY4SE.roa
Signing time: Tue 11 Jul 2023 20:56:52 +0000
ROA not before: Tue 11 Jul 2023 20:56:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 399587
IP address blocks: 46.3.164.0/22 maxlen: 24
46.3.160.0/22 maxlen: 24
46.3.96.0/20 maxlen: 24
46.3.120.0/21 maxlen: 22
80.243.128.0/21 maxlen: 24
80.243.130.0/23 maxlen: 24
80.243.128.0/23 maxlen: 24
46.3.40.0/21 maxlen: 24
46.232.64.0/22 maxlen: 24
46.3.48.0/21 maxlen: 24
46.3.56.0/21 maxlen: 24
46.3.80.0/21 maxlen: 22
46.3.208.0/21 maxlen: 21
46.3.216.0/22 maxlen: 24
46.3.216.0/21 maxlen: 22
46.232.20.0/22 maxlen: 24
46.3.222.0/24 maxlen: 24
46.3.224.0/21 maxlen: 22
46.3.20.0/22 maxlen: 24
46.3.32.0/19 maxlen: 24
46.3.32.0/20 maxlen: 20
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:46:be:1f:36:c6:22:5f:3f:12:0a:c5:e6:be:db:4b:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5588f197f97e8900755544e810cddef9d90fbc41
Validity
Not Before: Jul 11 20:56:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0061b6c7d9c83b160e47a5effa428542b358e121
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:8e:49:5e:19:f2:7c:7f:a8:bc:05:05:03:81:
92:bd:b7:65:f7:05:86:3e:cb:27:87:4d:33:b8:39:
d7:20:bb:d9:9b:75:42:2d:7a:15:72:c7:47:8e:ed:
43:78:2a:8a:5d:b7:30:c7:c5:50:14:4e:77:e0:6b:
91:c1:dd:7d:12:7a:00:3b:25:7e:31:5f:36:ce:a8:
80:01:6d:98:0b:73:df:7c:55:f9:61:ff:48:19:e6:
20:bf:af:20:f5:0b:eb:56:93:c0:10:73:48:54:89:
b4:11:56:76:96:9b:f7:1a:6c:b5:d2:69:39:e3:fd:
2b:16:89:0c:96:51:36:4a:bc:0b:80:b4:6a:2c:fd:
51:1f:bf:4d:fa:98:50:97:8e:58:c5:19:f9:33:81:
cd:93:df:71:0f:4e:aa:b5:8c:f2:a7:ab:6a:11:04:
95:9a:14:ff:84:61:38:08:57:b2:ff:2e:e2:f0:3a:
72:b0:e7:2f:b3:81:dc:95:2c:e4:23:bf:fe:d6:7b:
06:46:1a:5f:83:97:97:82:c2:0e:b0:5e:52:1d:8a:
6f:d2:7c:46:3f:6f:1e:07:9a:cd:37:96:8d:4e:80:
ba:24:76:c1:0d:89:36:de:94:ff:50:01:42:c2:9c:
87:41:fb:ca:ee:f2:a0:87:88:63:ff:a7:f1:26:b5:
87:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:61:B6:C7:D9:C8:3B:16:0E:47:A5:EF:FA:42:85:42:B3:58:E1:21
X509v3 Authority Key Identifier:
keyid:55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/AGG2x9nIOxYOR6Xv-kKFQrNY4SE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.3.20.0/22
46.3.32.0/19
46.3.80.0/21
46.3.96.0/20
46.3.120.0/21
46.3.160.0/21
46.3.208.0-46.3.231.255
46.232.20.0/22
46.232.64.0/22
80.243.128.0/21
Signature Algorithm: sha256WithRSAEncryption
85:a5:bd:ef:ca:d2:03:23:26:8e:ca:ff:ee:0d:69:4b:37:e7:
d7:39:c4:ca:56:78:c3:59:30:b9:67:7d:06:cf:6d:2f:5d:b9:
d7:5f:7f:88:19:b3:7b:50:a7:58:31:23:d4:f8:7b:1d:04:d4:
98:81:be:04:fc:cc:98:8e:86:59:68:fd:ee:28:5b:c4:c5:bb:
61:ed:a1:6e:a2:b8:f8:4c:80:72:6d:8c:23:e4:e8:cd:89:d0:
51:c3:5a:c7:57:c4:95:6f:91:79:3d:9b:ea:84:23:9c:d9:be:
58:4c:c1:e3:24:d6:f2:7e:a0:fc:52:b6:00:28:3f:a1:63:da:
96:74:b3:92:d3:aa:8b:3c:7f:0f:36:6e:47:43:55:55:d0:db:
d5:4e:7d:04:45:9a:74:00:1d:d5:49:cb:49:46:1c:89:3a:a7:
c2:32:d5:38:c5:64:19:d2:15:6d:0b:96:78:40:86:a5:38:10:
40:37:1e:e2:3d:e1:00:22:75:78:88:7f:d7:d3:a4:d0:df:d6:
13:be:45:d3:4c:fa:c8:de:0c:e4:02:20:2c:aa:0d:e1:79:5b:
e1:7c:23:1f:92:37:91:8f:a5:80:5f:0b:23:d0:e7:74:42:0b:
be:03:88:91:02:7b:7d:80:a0:99:bd:7d:2a:2d:b8:ac:1b:82:
ae:a1:3a:70
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAYlGvh82xiJfPxIKxea+20tZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1ODhmMTk3Zjk3ZTg5MDA3NTU1NDRlODEwY2RkZWY5ZDkw
ZmJjNDEwHhcNMjMwNzExMjA1NjUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDYxYjZjN2Q5YzgzYjE2MGU0N2E1ZWZmYTQyODU0MmIzNThlMTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApo5JXhnyfH+ovAUFA4GSvbdl9wWG
Pssnh00zuDnXILvZm3VCLXoVcsdHju1DeCqKXbcwx8VQFE534GuRwd19EnoAOyV+
MV82zqiAAW2YC3PffFX5Yf9IGeYgv68g9QvrVpPAEHNIVIm0EVZ2lpv3Gmy10mk5
4/0rFokMllE2SrwLgLRqLP1RH79N+phQl45YxRn5M4HNk99xD06qtYzyp6tqEQSV
mhT/hGE4CFey/y7i8DpysOcvs4HclSzkI7/+1nsGRhpfg5eXgsIOsF5SHYpv0nxG
P28eB5rNN5aNToC6JHbBDYk23pT/UAFCwpyHQfvK7vKgh4hj/6fxJrWH0wIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFABhtsfZyDsWDkel7/pChUKzWOEhMB8GA1UdIwQY
MBaAFFWI8Zf5fokAdVVE6BDN3vnZD7xBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2Et
N2NmZWY0Mjc2YTBmLzEvQUdHMng5bklPeFlPUjZYdi1rS0ZRck5ZNFNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2EtN2NmZWY0Mjc2YTBm
LzEvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQCLgMUAwQF
LgMgAwQDLgNQAwQELgNgAwQDLgN4AwQDLgOgMAwDBAQuA9ADBAMuA+ADBAIu6BQD
BAIu6EADBANQ84AwDQYJKoZIhvcNAQELBQADggEBAIWlve/K0gMjJo7K/+4NaUs3
59c5xMpWeMNZMLlnfQbPbS9duddff4gZs3tQp1gxI9T4ex0E1JiBvgT8zJiOhllo
/e4oW8TFu2HtoW6iuPhMgHJtjCPk6M2J0FHDWsdXxJVvkXk9m+qEI5zZvlhMweMk
1vJ+oPxStgAoP6Fj2pZ0s5LTqos8fw82bkdDVVXQ29VOfQRFmnQAHdVJy0lGHIk6
p8Iy1TjFZBnSFW0LlnhAhqU4EEA3HuI94QAidXiIf9fTpNDf1hO+RdNM+sjeDOQC
ICyqDeF5W+F8Ix+SN5GPpYBfCyPQ53RCC74DiJECe32AoJm9fSotuKwbgq6hOnA=
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:52:59 2024 by rpki-client on console-fra.rpki-client.org