Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/NpMQsomptYu7GNI4PXw4FLSUDdA.roa
File: NpMQsomptYu7GNI4PXw4FLSUDdA.roa (raw, json)
Hash identifier: 75T1rFojHCsDtrDbviCAGgoLjvNFaH2aBOkZbxVMNBc=
Subject key identifier: 36:93:10:B2:89:A9:B5:8B:BB:18:D2:38:3D:7C:38:14:B4:94:0D:D0
Certificate issuer: /CN=5588f197f97e8900755544e810cddef9d90fbc41
Certificate serial: 018B852F11B591594A78888C66B68C88EA62
Authority key identifier: 55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/NpMQsomptYu7GNI4PXw4FLSUDdA.roa
Signing time: Tue 31 Oct 2023 10:02:16 +0000
ROA not before: Tue 31 Oct 2023 10:02:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398465
IP address blocks: 46.232.64.0/24 maxlen: 24
46.232.65.0/24 maxlen: 24
46.232.71.0/24 maxlen: 24
46.232.67.0/24 maxlen: 24
46.232.69.0/24 maxlen: 24
46.232.66.0/24 maxlen: 24
46.232.70.0/24 maxlen: 24
46.232.68.0/24 maxlen: 24
46.232.72.0/21 maxlen: 24
46.232.72.0/24 maxlen: 24
46.3.89.0/24 maxlen: 24
46.3.91.0/24 maxlen: 24
46.3.88.0/24 maxlen: 24
46.3.90.0/24 maxlen: 24
149.126.242.0/24 maxlen: 24
149.126.244.0/24 maxlen: 24
149.126.245.0/24 maxlen: 24
149.126.248.0/24 maxlen: 24
149.126.252.0/24 maxlen: 24
149.126.250.0/24 maxlen: 24
149.126.247.0/24 maxlen: 24
149.126.249.0/24 maxlen: 24
149.126.226.0/24 maxlen: 24
149.126.228.0/24 maxlen: 24
149.126.231.0/24 maxlen: 24
46.3.161.0/24 maxlen: 24
46.3.163.0/24 maxlen: 24
46.3.162.0/24 maxlen: 24
46.3.160.0/24 maxlen: 24
46.3.190.0/24 maxlen: 24
46.3.188.0/24 maxlen: 24
46.3.191.0/24 maxlen: 24
46.3.116.0/22 maxlen: 24
46.3.120.0/21 maxlen: 21
46.3.134.0/24 maxlen: 24
46.3.254.0/24 maxlen: 24
46.3.255.0/24 maxlen: 24
46.3.200.0/24 maxlen: 24
46.3.201.0/24 maxlen: 24
46.3.220.0/23 maxlen: 23
46.3.230.0/23 maxlen: 23
46.3.246.0/24 maxlen: 24
46.3.245.0/24 maxlen: 24
46.3.252.0/24 maxlen: 24
46.3.248.0/24 maxlen: 24
46.3.250.0/24 maxlen: 24
46.3.253.0/24 maxlen: 24
46.3.249.0/24 maxlen: 24
46.3.251.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:85:2f:11:b5:91:59:4a:78:88:8c:66:b6:8c:88:ea:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5588f197f97e8900755544e810cddef9d90fbc41
Validity
Not Before: Oct 31 10:02:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=369310b289a9b58bbb18d2383d7c3814b4940dd0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:52:ca:b8:49:be:48:e0:4b:3d:b1:58:2b:ce:
9f:0c:af:5c:c9:6d:6a:94:89:18:76:20:ea:dd:6b:
8f:60:5a:0f:ef:ef:f7:33:32:25:f9:69:9c:40:dd:
b6:a2:72:63:95:d7:00:aa:26:3b:ad:fa:e9:90:39:
2f:bf:0f:4b:38:12:da:97:99:93:92:5d:52:f7:b7:
44:3a:be:4e:2f:8a:88:51:4e:fa:00:cc:65:df:5f:
5b:07:63:ae:0b:ba:ff:40:df:f9:a3:2f:4f:2a:b4:
ea:21:dd:e9:f4:1c:bd:4a:b5:31:ee:07:4d:38:cf:
40:ce:4e:90:fb:f2:ed:a0:c1:f2:96:e7:d3:c5:c7:
80:98:51:3f:0b:c9:06:20:e2:4c:ff:1d:34:f3:08:
bf:e6:35:69:c2:2b:94:2b:7b:e5:fc:0c:6f:db:dc:
dd:ee:0b:c9:3b:a0:6e:d4:6c:3d:8e:74:58:8b:5a:
e7:ca:39:00:12:24:4d:99:35:ca:b4:26:71:47:dc:
af:1f:71:1f:67:68:49:ad:b0:b0:2c:79:0c:35:3f:
2b:fd:7a:65:b2:e0:4e:3a:79:98:17:02:e6:66:8e:
98:5e:60:c2:65:cd:e1:83:76:37:4c:ec:70:4c:93:
b4:8d:58:7d:68:f8:dc:79:60:1a:b2:f7:78:5c:23:
a6:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:93:10:B2:89:A9:B5:8B:BB:18:D2:38:3D:7C:38:14:B4:94:0D:D0
X509v3 Authority Key Identifier:
keyid:55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/NpMQsomptYu7GNI4PXw4FLSUDdA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.3.88.0/22
46.3.116.0-46.3.127.255
46.3.134.0/24
46.3.160.0/22
46.3.188.0/24
46.3.190.0/23
46.3.200.0/23
46.3.220.0/23
46.3.230.0/23
46.3.245.0-46.3.246.255
46.3.248.0/21
46.232.64.0/20
149.126.226.0/24
149.126.228.0/24
149.126.231.0/24
149.126.242.0/24
149.126.244.0/23
149.126.247.0-149.126.250.255
149.126.252.0/24
Signature Algorithm: sha256WithRSAEncryption
63:ea:1d:e9:b6:74:17:a1:05:4f:e3:6a:ca:d8:f9:68:87:b4:
c1:14:b5:41:ce:40:6d:d2:0f:c0:c6:5d:f5:21:6b:9e:79:0f:
b0:dc:f9:4a:27:7a:0b:0d:c0:8f:97:3b:c4:46:8d:99:77:43:
8d:1a:c8:d5:b8:fe:f9:d1:67:3e:4e:87:26:69:e7:cd:f0:12:
b8:c1:b1:a5:b5:5f:12:ec:63:b6:62:78:25:62:22:9d:30:77:
d3:25:b2:f7:ab:db:a4:6b:76:e2:f7:81:f3:75:0b:11:21:38:
4f:0d:bb:eb:55:ef:c6:03:5c:b0:d5:3f:c2:bd:92:7e:22:59:
7d:25:76:8a:a8:3b:4e:2f:e6:ba:59:47:cb:ed:5a:c0:a1:0a:
1d:59:eb:c9:3e:e2:16:27:42:da:0f:68:27:90:84:8d:97:90:
6d:0d:2a:91:81:d5:dc:0d:5d:69:de:55:19:06:c7:6b:df:de:
d6:7e:25:68:a9:b7:a4:bf:a8:fc:e7:4e:ab:42:bb:06:9f:aa:
10:e9:38:57:29:c2:ef:c2:fe:32:c6:d4:37:98:af:69:28:d4:
4c:10:a5:27:f6:d9:e8:1f:8a:3e:99:a6:68:10:89:11:dc:00:
43:0a:84:f4:ee:71:2f:67:fa:f8:7f:0c:68:78:bf:8f:ba:50:
37:f2:d5:49
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAYuFLxG1kVlKeIiMZraMiOpiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1ODhmMTk3Zjk3ZTg5MDA3NTU1NDRlODEwY2RkZWY5ZDkw
ZmJjNDEwHhcNMjMxMDMxMTAwMjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjkzMTBiMjg5YTliNThiYmIxOGQyMzgzZDdjMzgxNGI0OTQwZGQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg1LKuEm+SOBLPbFYK86fDK9cyW1q
lIkYdiDq3WuPYFoP7+/3MzIl+WmcQN22onJjldcAqiY7rfrpkDkvvw9LOBLal5mT
kl1S97dEOr5OL4qIUU76AMxl319bB2OuC7r/QN/5oy9PKrTqId3p9By9SrUx7gdN
OM9Azk6Q+/LtoMHylufTxceAmFE/C8kGIOJM/x008wi/5jVpwiuUK3vl/Axv29zd
7gvJO6Bu1Gw9jnRYi1rnyjkAEiRNmTXKtCZxR9yvH3EfZ2hJrbCwLHkMNT8r/Xpl
suBOOnmYFwLmZo6YXmDCZc3hg3Y3TOxwTJO0jVh9aPjceWAasvd4XCOmnwIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFDaTELKJqbWLuxjSOD18OBS0lA3QMB8GA1UdIwQY
MBaAFFWI8Zf5fokAdVVE6BDN3vnZD7xBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2Et
N2NmZWY0Mjc2YTBmLzEvTnBNUXNvbXB0WXU3R05JNFBYdzRGTFNVRGRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2EtN2NmZWY0Mjc2YTBm
LzEvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDCBkQQCAAEwgYoDBAIu
A1gwDAMEAi4DdAMEBy4DAAMEAC4DhgMEAi4DoAMEAC4DvAMEAS4DvgMEAS4DyAME
AS4D3AMEAS4D5jAMAwQALgP1AwQALgP2AwQDLgP4AwQELuhAAwQAlX7iAwQAlX7k
AwQAlX7nAwQAlX7yAwQBlX70MAwDBACVfvcDBACVfvoDBACVfvwwDQYJKoZIhvcN
AQELBQADggEBAGPqHem2dBehBU/jasrY+WiHtMEUtUHOQG3SD8DGXfUha555D7Dc
+UonegsNwI+XO8RGjZl3Q40ayNW4/vnRZz5OhyZp583wErjBsaW1XxLsY7ZieCVi
Ip0wd9Mlsver26RrduL3gfN1CxEhOE8Nu+tV78YDXLDVP8K9kn4iWX0ldoqoO04v
5rpZR8vtWsChCh1Z68k+4hYnQtoPaCeQhI2XkG0NKpGB1dwNXWneVRkGx2vf3tZ+
JWipt6S/qPznTqtCuwafqhDpOFcpwu/C/jLG1DeYr2ko1EwQpSf22egfij6ZpmgQ
iRHcAEMKhPTucS9n+vh/DGh4v4+6UDfy1Uk=
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:52:59 2024 by rpki-client on console-fra.rpki-client.org