Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/IRA77lMOriAoB5sH6qOuKHF99W4.roa
File: IRA77lMOriAoB5sH6qOuKHF99W4.roa (raw, json)
Hash identifier: Ddp5GCDwcbxmmQ9c20PZ4vUp/fS3euLmsMwZvBXYh2c=
Subject key identifier: 21:10:3B:EE:53:0E:AE:20:28:07:9B:07:EA:A3:AE:28:71:7D:F5:6E
Certificate issuer: /CN=5588f197f97e8900755544e810cddef9d90fbc41
Certificate serial: 0188354612D0CCFFD95114D04AF69FB3BD14
Authority key identifier: 55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/IRA77lMOriAoB5sH6qOuKHF99W4.roa
Signing time: Fri 19 May 2023 18:29:24 +0000
ROA not before: Fri 19 May 2023 18:29:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62240
IP address blocks: 46.3.39.0/24 maxlen: 24
46.3.64.0/24 maxlen: 24
46.3.67.0/24 maxlen: 24
46.232.84.0/24 maxlen: 24
46.3.69.0/24 maxlen: 24
46.232.82.0/24 maxlen: 24
46.3.71.0/24 maxlen: 24
46.232.80.0/24 maxlen: 24
46.232.81.0/24 maxlen: 24
46.3.65.0/24 maxlen: 24
46.232.85.0/24 maxlen: 24
46.3.66.0/24 maxlen: 24
46.3.68.0/24 maxlen: 24
46.3.70.0/24 maxlen: 24
46.232.83.0/24 maxlen: 24
46.3.73.0/24 maxlen: 24
46.232.86.0/24 maxlen: 24
46.3.77.0/24 maxlen: 24
46.3.76.0/24 maxlen: 24
46.3.78.0/24 maxlen: 24
46.232.90.0/24 maxlen: 24
46.232.89.0/24 maxlen: 24
46.232.91.0/24 maxlen: 24
46.3.75.0/24 maxlen: 24
46.232.88.0/24 maxlen: 24
46.3.74.0/24 maxlen: 24
46.232.87.0/24 maxlen: 24
46.3.72.0/24 maxlen: 24
46.232.94.0/24 maxlen: 24
46.3.79.0/24 maxlen: 24
46.232.92.0/24 maxlen: 24
46.232.95.0/24 maxlen: 24
46.232.93.0/24 maxlen: 24
46.3.4.0/24 maxlen: 24
46.3.6.0/24 maxlen: 24
46.3.7.0/24 maxlen: 24
46.3.5.0/24 maxlen: 24
46.232.24.0/24 maxlen: 24
46.232.31.0/24 maxlen: 24
46.232.27.0/24 maxlen: 24
46.3.16.0/24 maxlen: 24
46.232.29.0/24 maxlen: 24
46.232.25.0/24 maxlen: 24
46.232.28.0/24 maxlen: 24
46.232.26.0/24 maxlen: 24
46.3.17.0/24 maxlen: 24
46.232.30.0/24 maxlen: 24
46.232.38.0/24 maxlen: 24
46.232.35.0/24 maxlen: 24
46.3.18.0/24 maxlen: 24
46.232.33.0/24 maxlen: 24
46.3.24.0/24 maxlen: 24
46.232.37.0/24 maxlen: 24
46.232.36.0/24 maxlen: 24
46.232.32.0/24 maxlen: 24
46.232.34.0/24 maxlen: 24
46.3.19.0/24 maxlen: 24
46.3.26.0/24 maxlen: 24
46.232.41.0/24 maxlen: 24
46.3.30.0/24 maxlen: 24
46.232.43.0/24 maxlen: 24
46.232.39.0/24 maxlen: 24
46.232.42.0/24 maxlen: 24
46.3.27.0/24 maxlen: 24
46.232.40.0/24 maxlen: 24
46.232.44.0/24 maxlen: 24
46.3.35.0/24 maxlen: 24
46.3.33.0/24 maxlen: 24
46.3.37.0/24 maxlen: 24
46.232.45.0/24 maxlen: 24
46.3.34.0/24 maxlen: 24
46.232.47.0/24 maxlen: 24
46.3.38.0/24 maxlen: 24
46.232.46.0/24 maxlen: 24
149.126.192.0/24 maxlen: 24
149.126.197.0/24 maxlen: 24
149.126.200.0/24 maxlen: 24
149.126.215.0/24 maxlen: 24
46.3.95.0/24 maxlen: 24
46.3.93.0/24 maxlen: 24
46.3.94.0/24 maxlen: 24
46.3.204.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:35:46:12:d0:cc:ff:d9:51:14:d0:4a:f6:9f:b3:bd:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5588f197f97e8900755544e810cddef9d90fbc41
Validity
Not Before: May 19 18:29:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=21103bee530eae2028079b07eaa3ae28717df56e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:35:87:3e:36:b6:64:a3:c8:2b:4d:d7:c2:df:
a2:e9:15:2e:91:4b:a3:da:48:93:7a:ff:d8:97:6b:
7a:07:e3:3a:30:b4:12:bb:89:95:76:a8:28:23:db:
25:78:01:aa:da:d6:29:30:2f:e9:30:fd:33:94:02:
58:e4:d3:a7:26:f7:65:e4:80:9c:0f:b4:23:6c:37:
78:e4:ec:90:14:a9:1b:bd:e0:0c:b0:e2:ac:14:8e:
11:97:23:f5:11:20:89:34:ff:fa:af:bd:11:03:9a:
2c:1d:90:67:b4:1b:06:d7:65:41:6b:09:ad:de:28:
87:40:17:24:94:48:f1:0c:e5:d2:d8:12:d5:2b:12:
99:c3:7a:7f:5c:90:02:8a:7f:5f:c6:f5:a9:9e:ba:
78:93:8d:fa:4a:ab:1d:32:41:f7:0b:22:63:18:87:
d4:2d:87:68:56:d4:fc:d4:0f:7a:27:5e:3f:22:5d:
f4:bd:74:b9:30:f7:86:29:e7:bd:94:b5:37:71:a8:
65:bd:d0:fd:c4:c1:74:db:7e:99:3e:0c:53:ce:57:
9c:19:25:26:5c:f2:c1:66:5d:ac:8c:52:77:62:81:
f9:dd:f8:51:92:3d:92:12:f8:a6:89:10:50:87:8e:
3b:6e:e1:e9:c5:5f:6c:fc:64:cb:21:a8:d3:f3:08:
4e:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:10:3B:EE:53:0E:AE:20:28:07:9B:07:EA:A3:AE:28:71:7D:F5:6E
X509v3 Authority Key Identifier:
keyid:55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/IRA77lMOriAoB5sH6qOuKHF99W4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.3.4.0/22
46.3.16.0/22
46.3.24.0/24
46.3.26.0/23
46.3.30.0/24
46.3.33.0-46.3.35.255
46.3.37.0-46.3.39.255
46.3.64.0/20
46.3.93.0-46.3.95.255
46.3.204.0/24
46.232.24.0-46.232.47.255
46.232.80.0/20
149.126.192.0/24
149.126.197.0/24
149.126.200.0/24
149.126.215.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:1b:04:2a:15:0c:3c:43:d4:8a:d8:b2:47:36:6a:bc:82:4b:
7d:04:0c:cf:f5:ce:f5:3f:32:ba:01:97:58:46:43:42:87:63:
3c:28:77:1a:9c:b0:6e:ef:3b:9a:02:b1:4c:f5:01:6f:59:af:
e9:ea:7e:53:65:7b:5a:39:e1:b0:ee:27:e2:30:94:78:e7:83:
db:00:39:08:68:56:e1:20:5d:fa:78:e3:21:b7:2b:f6:de:08:
c6:21:06:02:dc:4e:55:e0:28:b2:90:73:8e:8a:9b:05:57:6a:
c5:16:e0:2d:f7:7c:c8:3a:fd:20:4b:0b:dd:3c:6c:40:6c:90:
95:e5:86:d9:cd:74:9c:72:a7:09:a3:ed:a3:2f:22:5b:f3:42:
f0:61:6c:1f:10:74:24:68:23:ce:b5:a5:55:aa:7b:cc:98:09:
8b:42:36:1a:71:8c:93:5c:94:d0:21:a7:21:af:00:26:bb:c6:
35:5e:77:81:5f:e1:a7:80:6e:53:2f:03:80:41:d2:31:88:dc:
cb:7a:a1:93:79:69:df:e3:da:c8:08:88:53:be:6d:8f:e9:e5:
58:07:ea:20:11:29:d8:45:b8:bf:7d:44:30:ad:8d:ed:70:50:
06:4f:50:54:27:56:19:43:6f:10:af:26:18:9e:42:cd:77:d2:
83:c6:0b:c4
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgISAYg1RhLQzP/ZURTQSvafs70UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1ODhmMTk3Zjk3ZTg5MDA3NTU1NDRlODEwY2RkZWY5ZDkw
ZmJjNDEwHhcNMjMwNTE5MTgyOTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTEwM2JlZTUzMGVhZTIwMjgwNzliMDdlYWEzYWUyODcxN2RmNTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmzWHPja2ZKPIK03Xwt+i6RUukUuj
2kiTev/Yl2t6B+M6MLQSu4mVdqgoI9sleAGq2tYpMC/pMP0zlAJY5NOnJvdl5ICc
D7QjbDd45OyQFKkbveAMsOKsFI4RlyP1ESCJNP/6r70RA5osHZBntBsG12VBawmt
3iiHQBcklEjxDOXS2BLVKxKZw3p/XJACin9fxvWpnrp4k436SqsdMkH3CyJjGIfU
LYdoVtT81A96J14/Il30vXS5MPeGKee9lLU3cahlvdD9xMF0236ZPgxTzlecGSUm
XPLBZl2sjFJ3YoH53fhRkj2SEvimiRBQh447buHpxV9s/GTLIajT8whODwIDAQAB
o4ICiDCCAoQwHQYDVR0OBBYEFCEQO+5TDq4gKAebB+qjrihxffVuMB8GA1UdIwQY
MBaAFFWI8Zf5fokAdVVE6BDN3vnZD7xBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2Et
N2NmZWY0Mjc2YTBmLzEvSVJBNzdsTU9yaUFvQjVzSDZxT3VLSEY5OVc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2EtN2NmZWY0Mjc2YTBm
LzEvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGdBggrBgEFBQcBBwEB/wSBjTCBijCBhwQCAAEwgYADBAIu
AwQDBAIuAxADBAAuAxgDBAEuAxoDBAAuAx4wDAMEAC4DIQMEAi4DIDAMAwQALgMl
AwQDLgMgAwQELgNAMAwDBAAuA10DBAUuA0ADBAAuA8wwDAMEAy7oGAMEBC7oIAME
BC7oUAMEAJV+wAMEAJV+xQMEAJV+yAMEAJV+1zANBgkqhkiG9w0BAQsFAAOCAQEA
GhsEKhUMPEPUitiyRzZqvIJLfQQMz/XO9T8yugGXWEZDQodjPCh3Gpywbu87mgKx
TPUBb1mv6ep+U2V7WjnhsO4n4jCUeOeD2wA5CGhW4SBd+njjIbcr9t4IxiEGAtxO
VeAospBzjoqbBVdqxRbgLfd8yDr9IEsL3TxsQGyQleWG2c10nHKnCaPtoy8iW/NC
8GFsHxB0JGgjzrWlVap7zJgJi0I2GnGMk1yU0CGnIa8AJrvGNV53gV/hp4BuUy8D
gEHSMYjcy3qhk3lp3+PayAiIU75tj+nlWAfqIBEp2EW4v31EMK2N7XBQBk9QVCdW
GUNvEK8mGJ5CzXfSg8YLxA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:36 2023 by rpki-client on console-fra.rpki-client.org