Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/I3pDSvi8dogaJna0n9mk0G-Vv3s.roa
File: I3pDSvi8dogaJna0n9mk0G-Vv3s.roa (raw, json)
Hash identifier: NkM03XG1nqNUepNwNJ24xcUBWLAGFqcqa1ivOJQLI6M=
Subject key identifier: 23:7A:43:4A:F8:BC:76:88:1A:26:76:B4:9F:D9:A4:D0:6F:95:BF:7B
Certificate issuer: /CN=5588f197f97e8900755544e810cddef9d90fbc41
Certificate serial: 018E584E38A952020281D78F1822DEBB25AA
Authority key identifier: 55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/I3pDSvi8dogaJna0n9mk0G-Vv3s.roa
Signing time: Tue 19 Mar 2024 20:01:44 +0000
ROA not before: Tue 19 Mar 2024 20:01:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209372
IP address blocks: 46.3.10.0/24 maxlen: 24
46.3.11.0/24 maxlen: 24
46.3.12.0/22 maxlen: 24
46.3.20.0/22 maxlen: 24
46.3.31.0/24 maxlen: 24
46.3.40.0/21 maxlen: 24
46.3.48.0/20 maxlen: 24
46.3.77.0/24 maxlen: 24
46.3.78.0/24 maxlen: 24
46.3.79.0/24 maxlen: 24
46.3.84.0/22 maxlen: 24
46.3.84.0/24 maxlen: 24
46.3.86.0/24 maxlen: 24
46.3.87.0/24 maxlen: 24
46.3.88.0/24 maxlen: 24
46.3.128.0/17 maxlen: 24
46.3.135.0/24 maxlen: 24
46.3.136.0/22 maxlen: 22
46.3.144.0/22 maxlen: 22
46.3.148.0/22 maxlen: 22
46.3.152.0/24 maxlen: 24
46.3.153.0/24 maxlen: 24
46.3.154.0/24 maxlen: 24
46.3.155.0/24 maxlen: 24
46.3.156.0/24 maxlen: 24
46.3.157.0/24 maxlen: 24
46.3.158.0/24 maxlen: 24
46.3.159.0/24 maxlen: 24
46.3.164.0/23 maxlen: 23
46.3.166.0/23 maxlen: 23
46.3.205.0/24 maxlen: 24
46.3.208.0/22 maxlen: 22
46.3.212.0/22 maxlen: 22
46.3.232.0/22 maxlen: 22
46.3.238.0/24 maxlen: 24
46.3.239.0/24 maxlen: 24
46.232.0.0/17 maxlen: 24
46.232.16.0/23 maxlen: 23
46.232.18.0/23 maxlen: 23
46.232.21.0/24 maxlen: 24
46.232.22.0/24 maxlen: 24
46.232.23.0/24 maxlen: 24
46.232.112.0/23 maxlen: 23
46.232.114.0/23 maxlen: 23
46.232.116.0/23 maxlen: 23
46.232.118.0/23 maxlen: 23
46.232.124.0/23 maxlen: 23
46.232.126.0/23 maxlen: 23
80.243.128.0/20 maxlen: 24
149.126.192.0/18 maxlen: 24
149.126.213.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 21 Mar 2024 20:57:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:58:4e:38:a9:52:02:02:81:d7:8f:18:22:de:bb:25:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5588f197f97e8900755544e810cddef9d90fbc41
Validity
Not Before: Mar 19 20:01:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=237a434af8bc76881a2676b49fd9a4d06f95bf7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:1e:4e:b8:74:23:e6:c4:98:0e:81:cb:b1:21:
9e:f7:6f:a1:65:10:43:45:8b:e3:ad:8f:c2:2f:8f:
99:71:d9:a2:83:fa:d2:06:a7:c4:2a:51:e4:46:80:
bf:74:8c:bc:72:40:37:32:60:12:c4:2f:94:7c:2c:
1a:a9:bd:e2:4d:fb:b5:52:b2:c5:5d:95:62:93:6b:
ba:ce:12:9f:24:ac:46:b3:84:b5:78:32:ae:ec:15:
e4:e9:2a:3c:2d:bf:86:b9:c1:89:1b:66:f1:97:57:
14:3c:b3:27:04:38:1b:50:23:a8:05:36:84:f7:e1:
e3:25:ca:8f:68:10:a3:4f:c4:6e:5d:a8:91:b2:12:
16:b8:ac:3f:d1:c1:68:58:4d:80:c6:09:9a:27:da:
20:b2:f2:2b:8f:84:98:5b:f1:5c:b1:47:b1:c4:b8:
b4:54:0a:e3:ce:c5:de:25:ad:24:8c:0c:bf:64:85:
72:c6:44:fa:dc:d1:db:03:bf:27:3f:91:ab:aa:b0:
66:41:4c:37:62:12:06:d2:96:ef:d3:2c:87:e6:f2:
69:4c:39:ee:8d:f8:46:fa:93:da:5d:6a:e6:7e:b9:
5c:a4:91:89:fc:ff:e3:a6:9f:12:cc:73:f8:91:35:
c5:bb:9f:0d:3e:06:af:2d:67:ac:05:e8:14:ec:73:
65:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:7A:43:4A:F8:BC:76:88:1A:26:76:B4:9F:D9:A4:D0:6F:95:BF:7B
X509v3 Authority Key Identifier:
keyid:55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/I3pDSvi8dogaJna0n9mk0G-Vv3s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.3.10.0-46.3.15.255
46.3.20.0/22
46.3.31.0/24
46.3.40.0-46.3.63.255
46.3.77.0-46.3.79.255
46.3.84.0-46.3.88.255
46.3.128.0/17
46.232.0.0/17
80.243.128.0/20
149.126.192.0/18
Signature Algorithm: sha256WithRSAEncryption
1d:89:63:e1:5c:dc:19:41:0a:9f:89:1d:2f:f2:fc:f3:75:85:
b6:7a:91:71:ff:f1:18:d7:a9:68:8e:23:83:f0:95:cd:f7:31:
a1:d7:c1:a5:24:b5:27:cd:43:ad:2c:7a:02:2d:3a:fc:8a:8a:
6c:41:6f:f9:4b:94:35:e3:23:8e:cf:2d:a1:73:8e:43:be:21:
c1:01:1c:82:d4:dc:7a:51:cc:24:89:f9:5b:c9:46:92:05:92:
9e:f0:2e:c9:79:c9:e3:33:e3:ef:69:21:0e:4a:6d:af:64:a6:
4b:67:6a:ef:f4:c7:96:38:f3:4d:00:27:c3:5d:6e:af:65:5a:
8a:2a:03:6e:0c:3a:26:18:f6:d6:18:be:23:cb:88:d0:c6:0e:
f2:69:50:dd:17:38:a0:43:63:14:74:52:d6:25:9e:78:38:20:
35:8b:7a:0a:92:fb:00:72:1d:76:06:d7:97:57:a4:cb:69:42:
53:5b:73:7b:f4:8c:c3:c1:43:42:92:4d:1c:ea:78:fe:b7:13:
8a:32:d1:36:29:d9:20:d4:1d:24:c0:71:45:73:d6:67:13:44:
28:92:8c:14:58:b3:e5:b9:3e:ca:af:9a:a1:87:33:57:46:2f:
b5:bd:05:6c:99:8b:80:6c:78:b7:b3:d7:b9:32:36:a8:28:ea:
fb:93:1e:52
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAY5YTjipUgICgdePGCLeuyWqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1ODhmMTk3Zjk3ZTg5MDA3NTU1NDRlODEwY2RkZWY5ZDkw
ZmJjNDEwHhcNMjQwMzE5MjAwMTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzdhNDM0YWY4YmM3Njg4MWEyNjc2YjQ5ZmQ5YTRkMDZmOTViZjdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmh5OuHQj5sSYDoHLsSGe92+hZRBD
RYvjrY/CL4+Zcdmig/rSBqfEKlHkRoC/dIy8ckA3MmASxC+UfCwaqb3iTfu1UrLF
XZVik2u6zhKfJKxGs4S1eDKu7BXk6So8Lb+GucGJG2bxl1cUPLMnBDgbUCOoBTaE
9+HjJcqPaBCjT8RuXaiRshIWuKw/0cFoWE2AxgmaJ9ogsvIrj4SYW/FcsUexxLi0
VArjzsXeJa0kjAy/ZIVyxkT63NHbA78nP5GrqrBmQUw3YhIG0pbv0yyH5vJpTDnu
jfhG+pPaXWrmfrlcpJGJ/P/jpp8SzHP4kTXFu58NPgavLWesBegU7HNlgwIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFCN6Q0r4vHaIGiZ2tJ/ZpNBvlb97MB8GA1UdIwQY
MBaAFFWI8Zf5fokAdVVE6BDN3vnZD7xBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2Et
N2NmZWY0Mjc2YTBmLzEvSTNwRFN2aThkb2dhSm5hMG45bWswRy1WdjNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2EtN2NmZWY0Mjc2YTBm
LzEvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBiBAIAATBcMAwDBAEuAwoD
BAQuAwADBAIuAxQDBAAuAx8wDAMEAy4DKAMEBi4DADAMAwQALgNNAwQELgNAMAwD
BAIuA1QDBAAuA1gDBAcuA4ADBAcu6AADBARQ84ADBAaVfsAwDQYJKoZIhvcNAQEL
BQADggEBAB2JY+Fc3BlBCp+JHS/y/PN1hbZ6kXH/8RjXqWiOI4Pwlc33MaHXwaUk
tSfNQ60segItOvyKimxBb/lLlDXjI47PLaFzjkO+IcEBHILU3HpRzCSJ+VvJRpIF
kp7wLsl5yeMz4+9pIQ5Kba9kpktnau/0x5Y4800AJ8Ndbq9lWooqA24MOiYY9tYY
viPLiNDGDvJpUN0XOKBDYxR0UtYlnng4IDWLegqS+wByHXYG15dXpMtpQlNbc3v0
jMPBQ0KSTRzqeP63E4oy0TYp2SDUHSTAcUVz1mcTRCiSjBRYs+W5PsqvmqGHM1dG
L7W9BWyZi4BseLez17kyNqgo6vuTHlI=
-----END CERTIFICATE-----
Generated at Thu Mar 21 23:46:24 2024 by rpki-client on console-ams.rpki-client.org