Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/MaVmWwmCDKIyHHp4NCWCkN08tHQ.roa
File: MaVmWwmCDKIyHHp4NCWCkN08tHQ.roa (raw, json)
Hash identifier: sZPZO3JL44IilS+743nO9IUo+n685ge0imEr2+AEsB0=
Subject key identifier: 31:A5:66:5B:09:82:0C:A2:32:1C:7A:78:34:25:82:90:DD:3C:B4:74
Certificate issuer: /CN=5588f197f97e8900755544e810cddef9d90fbc41
Certificate serial: 018946C570A07BC7960E309447F2A39A4DA9
Authority key identifier: 55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/MaVmWwmCDKIyHHp4NCWCkN08tHQ.roa
Signing time: Tue 11 Jul 2023 21:04:51 +0000
ROA not before: Tue 11 Jul 2023 21:04:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 46.232.64.0/24 maxlen: 24
46.232.68.0/24 maxlen: 24
46.232.70.0/24 maxlen: 24
46.232.66.0/24 maxlen: 24
46.232.67.0/24 maxlen: 24
46.232.69.0/24 maxlen: 24
46.232.71.0/24 maxlen: 24
46.232.65.0/24 maxlen: 24
46.232.72.0/24 maxlen: 24
46.232.72.0/21 maxlen: 24
46.232.96.0/20 maxlen: 24
46.3.89.0/24 maxlen: 24
46.3.91.0/24 maxlen: 24
46.3.88.0/24 maxlen: 24
46.3.90.0/24 maxlen: 24
149.126.245.0/24 maxlen: 24
149.126.242.0/24 maxlen: 24
149.126.244.0/24 maxlen: 24
149.126.249.0/24 maxlen: 24
149.126.247.0/24 maxlen: 24
149.126.250.0/24 maxlen: 24
149.126.252.0/24 maxlen: 24
149.126.248.0/24 maxlen: 24
149.126.226.0/24 maxlen: 24
149.126.231.0/24 maxlen: 24
149.126.228.0/24 maxlen: 24
46.3.160.0/24 maxlen: 24
46.3.162.0/24 maxlen: 24
46.3.161.0/24 maxlen: 24
46.3.163.0/24 maxlen: 24
46.3.184.0/24 maxlen: 24
46.3.186.0/24 maxlen: 24
46.3.185.0/24 maxlen: 24
46.3.188.0/24 maxlen: 24
46.3.190.0/24 maxlen: 24
46.3.187.0/24 maxlen: 24
46.3.189.0/24 maxlen: 24
46.3.191.0/24 maxlen: 24
46.232.112.0/20 maxlen: 22
46.3.101.0/24 maxlen: 24
46.3.116.0/22 maxlen: 24
46.3.120.0/21 maxlen: 21
46.3.134.0/24 maxlen: 24
46.3.255.0/24 maxlen: 24
46.3.254.0/24 maxlen: 24
46.3.200.0/24 maxlen: 24
46.3.202.0/24 maxlen: 24
46.3.201.0/24 maxlen: 24
46.3.208.0/21 maxlen: 21
46.3.220.0/23 maxlen: 23
46.3.230.0/23 maxlen: 23
46.3.243.0/24 maxlen: 24
46.3.245.0/24 maxlen: 24
46.3.246.0/24 maxlen: 24
46.3.249.0/24 maxlen: 24
46.3.251.0/24 maxlen: 24
46.3.253.0/24 maxlen: 24
46.3.248.0/24 maxlen: 24
46.3.250.0/24 maxlen: 24
46.3.252.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:46:c5:70:a0:7b:c7:96:0e:30:94:47:f2:a3:9a:4d:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5588f197f97e8900755544e810cddef9d90fbc41
Validity
Not Before: Jul 11 21:04:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=31a5665b09820ca2321c7a7834258290dd3cb474
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:c6:e7:8e:c2:8e:e2:35:85:99:93:b5:89:d6:
19:18:f9:73:be:bc:6b:b8:ac:24:54:e8:16:27:07:
3b:2a:4c:e4:0a:1c:c9:83:3c:55:eb:99:44:ff:c1:
0d:e7:1e:e8:46:89:1f:18:a9:1c:ae:17:87:67:19:
1d:39:0b:a8:f6:c9:37:91:9a:77:09:c0:0d:f6:3a:
2e:1e:fc:a3:9e:53:aa:f2:73:0c:fe:01:d9:21:73:
cf:e0:32:76:45:5f:ad:4b:5d:92:c2:e2:a4:86:ba:
df:1b:87:75:1a:5a:34:4a:a1:70:7a:95:30:26:23:
6a:38:41:d5:04:76:31:3c:a2:0c:d4:0e:05:39:4f:
5a:5f:d0:67:b7:94:35:4d:12:f1:bb:fb:7e:7e:a4:
5c:50:db:3f:ab:8f:11:ae:2d:9a:e2:78:1f:54:15:
c7:c3:39:19:75:ed:2c:18:31:90:90:98:29:97:6d:
62:d1:ec:b7:89:22:cc:52:00:23:e0:16:71:22:9f:
80:b4:4b:79:0d:0d:f1:4a:9a:15:52:ab:22:0c:ed:
5c:30:c3:9c:57:b3:45:79:15:68:01:2e:39:d3:e3:
b0:29:c9:09:d7:23:5c:2a:19:bb:76:d4:07:47:01:
e5:ef:db:17:d6:a6:e3:6f:60:10:e7:55:4f:c2:77:
fd:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:A5:66:5B:09:82:0C:A2:32:1C:7A:78:34:25:82:90:DD:3C:B4:74
X509v3 Authority Key Identifier:
keyid:55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/MaVmWwmCDKIyHHp4NCWCkN08tHQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.3.88.0/22
46.3.101.0/24
46.3.116.0-46.3.127.255
46.3.134.0/24
46.3.160.0/22
46.3.184.0/21
46.3.200.0-46.3.202.255
46.3.208.0/21
46.3.220.0/23
46.3.230.0/23
46.3.243.0/24
46.3.245.0-46.3.246.255
46.3.248.0/21
46.232.64.0/20
46.232.96.0/19
149.126.226.0/24
149.126.228.0/24
149.126.231.0/24
149.126.242.0/24
149.126.244.0/23
149.126.247.0-149.126.250.255
149.126.252.0/24
Signature Algorithm: sha256WithRSAEncryption
00:43:8c:70:79:19:1b:b0:af:9b:ee:9d:22:70:90:f0:eb:45:
49:15:9d:fd:39:a7:30:19:c4:d8:b8:33:38:6c:cd:88:9b:b1:
5a:8e:c6:83:21:9e:ee:a7:6d:2d:ee:72:f5:43:8e:68:79:3f:
13:28:46:f6:9d:e6:93:58:16:e4:2e:2d:36:92:37:56:8c:cd:
33:25:ce:ce:69:c8:c6:6c:35:90:27:b8:c4:2a:f7:f4:35:ea:
9f:f3:14:e8:33:c1:bd:9f:bd:7e:97:34:a9:93:41:b3:9f:f2:
9a:74:fa:b1:99:22:92:91:e4:36:86:74:f7:28:ac:22:64:c8:
74:48:5f:c3:48:99:b8:f5:28:22:a3:db:ab:5c:08:43:d3:90:
c4:6d:48:78:72:67:02:cb:c4:7b:df:80:4a:19:83:c4:44:51:
70:33:3c:3a:25:20:fd:4b:09:d9:bc:9d:1c:e7:fe:ed:2c:e3:
a9:4f:18:90:bd:59:48:f1:85:90:73:2c:4c:63:ac:cd:68:e4:
f7:90:45:60:73:6d:57:bd:ea:be:e0:7d:49:b2:29:31:ce:3a:
c6:7b:06:0f:34:5a:df:1a:d7:5a:0f:13:16:91:08:29:e2:af:
90:c4:70:f6:dd:55:dd:6c:6f:27:ae:07:ec:51:cf:b9:91:f1:
ca:17:dd:5c
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgISAYlGxXCge8eWDjCUR/Kjmk2pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1ODhmMTk3Zjk3ZTg5MDA3NTU1NDRlODEwY2RkZWY5ZDkw
ZmJjNDEwHhcNMjMwNzExMjEwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWE1NjY1YjA5ODIwY2EyMzIxYzdhNzgzNDI1ODI5MGRkM2NiNDc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl8bnjsKO4jWFmZO1idYZGPlzvrxr
uKwkVOgWJwc7KkzkChzJgzxV65lE/8EN5x7oRokfGKkcrheHZxkdOQuo9sk3kZp3
CcAN9jouHvyjnlOq8nMM/gHZIXPP4DJ2RV+tS12SwuKkhrrfG4d1Glo0SqFwepUw
JiNqOEHVBHYxPKIM1A4FOU9aX9Bnt5Q1TRLxu/t+fqRcUNs/q48Rri2a4ngfVBXH
wzkZde0sGDGQkJgpl21i0ey3iSLMUgAj4BZxIp+AtEt5DQ3xSpoVUqsiDO1cMMOc
V7NFeRVoAS450+OwKckJ1yNcKhm7dtQHRwHl79sX1qbjb2AQ51VPwnf9iQIDAQAB
o4ICrDCCAqgwHQYDVR0OBBYEFDGlZlsJggyiMhx6eDQlgpDdPLR0MB8GA1UdIwQY
MBaAFFWI8Zf5fokAdVVE6BDN3vnZD7xBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2Et
N2NmZWY0Mjc2YTBmLzEvTWFWbVd3bUNES0l5SEhwNE5DV0NrTjA4dEhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2EtN2NmZWY0Mjc2YTBm
LzEvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHBBggrBgEFBQcBBwEB/wSBsTCBrjCBqwQCAAEwgaQDBAIu
A1gDBAAuA2UwDAMEAi4DdAMEBy4DAAMEAC4DhgMEAi4DoAMEAy4DuDAMAwQDLgPI
AwQALgPKAwQDLgPQAwQBLgPcAwQBLgPmAwQALgPzMAwDBAAuA/UDBAAuA/YDBAMu
A/gDBAQu6EADBAUu6GADBACVfuIDBACVfuQDBACVfucDBACVfvIDBAGVfvQwDAME
AJV+9wMEAJV++gMEAJV+/DANBgkqhkiG9w0BAQsFAAOCAQEAAEOMcHkZG7Cvm+6d
InCQ8OtFSRWd/TmnMBnE2LgzOGzNiJuxWo7GgyGe7qdtLe5y9UOOaHk/EyhG9p3m
k1gW5C4tNpI3VozNMyXOzmnIxmw1kCe4xCr39DXqn/MU6DPBvZ+9fpc0qZNBs5/y
mnT6sZkikpHkNoZ09yisImTIdEhfw0iZuPUoIqPbq1wIQ9OQxG1IeHJnAsvEe9+A
ShmDxERRcDM8OiUg/UsJ2bydHOf+7SzjqU8YkL1ZSPGFkHMsTGOszWjk95BFYHNt
V73qvuB9SbIpMc46xnsGDzRa3xrXWg8TFpEIKeKvkMRw9t1V3WxvJ64H7FHPuZHx
yhfdXA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:36 2023 by rpki-client on console-fra.rpki-client.org