Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/U_lMkXWNpQPXTdbyl-WFMK4RQso.roa
File: U_lMkXWNpQPXTdbyl-WFMK4RQso.roa (raw, json)
Hash identifier: 5JWbjVZut5AECWvkLsbuKvvb7Wn8mqY2O/XzyEHVTuU=
Subject key identifier: 53:F9:4C:91:75:8D:A5:03:D7:4D:D6:F2:97:E5:85:30:AE:11:42:CA
Certificate issuer: /CN=5588f197f97e8900755544e810cddef9d90fbc41
Certificate serial: 0187E141910BA5993A02B4E490BEFBA6B431
Authority key identifier: 55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/U_lMkXWNpQPXTdbyl-WFMK4RQso.roa
Signing time: Wed 03 May 2023 10:56:23 +0000
ROA not before: Wed 03 May 2023 10:56:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 996
IP address blocks: 46.3.86.0/23 maxlen: 23
46.3.160.0/22 maxlen: 22
46.3.134.0/24 maxlen: 24
46.3.255.0/24 maxlen: 24
149.126.243.0/24 maxlen: 24
149.126.245.0/24 maxlen: 24
46.3.254.0/24 maxlen: 24
149.126.246.0/24 maxlen: 24
149.126.244.0/24 maxlen: 24
149.126.242.0/24 maxlen: 24
149.126.247.0/24 maxlen: 24
149.126.249.0/24 maxlen: 24
149.126.250.0/24 maxlen: 24
149.126.252.0/24 maxlen: 24
149.126.248.0/24 maxlen: 24
46.3.205.0/24 maxlen: 24
46.3.201.0/24 maxlen: 24
149.126.198.0/24 maxlen: 24
149.126.196.0/24 maxlen: 24
149.126.195.0/24 maxlen: 24
149.126.193.0/24 maxlen: 24
46.3.216.0/22 maxlen: 22
149.126.204.0/24 maxlen: 24
149.126.206.0/24 maxlen: 24
149.126.202.0/24 maxlen: 24
149.126.205.0/24 maxlen: 24
149.126.201.0/24 maxlen: 24
46.3.222.0/24 maxlen: 24
149.126.208.0/24 maxlen: 24
149.126.210.0/24 maxlen: 24
149.126.213.0/24 maxlen: 24
149.126.214.0/24 maxlen: 24
149.126.226.0/24 maxlen: 24
149.126.224.0/24 maxlen: 24
149.126.225.0/24 maxlen: 24
149.126.229.0/24 maxlen: 24
149.126.231.0/24 maxlen: 24
149.126.228.0/24 maxlen: 24
149.126.230.0/24 maxlen: 24
46.3.253.0/24 maxlen: 24
46.3.249.0/24 maxlen: 24
46.3.251.0/24 maxlen: 24
46.3.248.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e1:41:91:0b:a5:99:3a:02:b4:e4:90:be:fb:a6:b4:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5588f197f97e8900755544e810cddef9d90fbc41
Validity
Not Before: May 3 10:56:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=53f94c91758da503d74dd6f297e58530ae1142ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:c2:97:76:8e:3f:05:93:37:9a:0c:75:d1:c4:
3d:33:eb:87:22:73:d4:f6:97:d7:89:5e:f4:2c:b7:
a0:56:c5:3b:2e:0e:32:c8:9c:76:3e:32:ab:ec:98:
5a:f6:cc:d0:23:57:ce:c5:c3:c4:23:8c:3f:4b:9f:
ff:0a:c5:79:b6:b3:e8:c3:bd:d0:b7:5b:93:ea:ae:
f8:9e:96:e5:af:7e:cc:20:c7:51:25:fb:da:83:fe:
3e:75:1a:88:eb:5b:f0:d3:9b:bb:b8:3f:8b:eb:f7:
8a:68:4d:a2:94:e7:6e:e2:9c:dc:e4:59:46:33:00:
a5:a0:b9:0f:0d:3d:ac:19:ec:42:31:d3:8a:f2:7f:
73:58:7f:17:c6:95:1b:ba:94:b2:84:38:50:b6:8a:
0b:05:7c:92:ff:ac:35:f0:65:08:14:bd:98:c6:e0:
07:9a:0b:5a:ef:3c:86:aa:6b:43:98:79:8e:74:65:
dd:ce:ad:8e:73:65:0b:84:2e:ff:7c:e6:3a:05:aa:
33:17:4d:84:b3:57:6d:24:2e:95:bb:19:8c:e1:a0:
da:1b:28:89:65:71:19:63:26:26:d3:07:9f:f1:af:
80:c0:08:ec:d8:47:7c:0f:4a:54:19:f3:1e:58:53:
65:15:10:a0:5c:b8:61:b8:39:e3:3f:46:1f:eb:12:
a5:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:F9:4C:91:75:8D:A5:03:D7:4D:D6:F2:97:E5:85:30:AE:11:42:CA
X509v3 Authority Key Identifier:
keyid:55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/U_lMkXWNpQPXTdbyl-WFMK4RQso.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.3.86.0/23
46.3.134.0/24
46.3.160.0/22
46.3.201.0/24
46.3.205.0/24
46.3.216.0/22
46.3.222.0/24
46.3.248.0/23
46.3.251.0/24
46.3.253.0-46.3.255.255
149.126.193.0/24
149.126.195.0-149.126.196.255
149.126.198.0/24
149.126.201.0-149.126.202.255
149.126.204.0-149.126.206.255
149.126.208.0/24
149.126.210.0/24
149.126.213.0-149.126.214.255
149.126.224.0-149.126.226.255
149.126.228.0/22
149.126.242.0-149.126.250.255
149.126.252.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:e3:5c:26:13:79:1c:38:23:34:9f:60:f8:f7:4f:4b:ca:e2:
77:69:ee:09:2a:1c:68:5f:9d:74:ca:e3:5f:4b:d6:05:0e:69:
7e:1f:5a:44:f0:bf:17:14:50:ef:f9:e7:99:13:90:07:fa:f8:
a0:1a:ab:8b:4f:af:82:37:eb:14:90:41:56:0c:00:2a:e3:9c:
fb:9e:66:97:24:1e:9b:9e:4f:08:d9:46:6c:3a:35:2d:71:1c:
cd:1d:36:3c:bb:5e:ad:5e:69:08:98:25:5e:b4:70:c9:73:00:
46:5d:a3:99:56:b7:83:92:24:95:6a:5d:01:45:78:98:0f:80:
09:fb:e8:69:91:9c:26:d8:4f:15:7a:5b:51:41:44:ca:f2:1a:
5e:c6:c2:92:ee:d3:1c:6d:be:38:75:c2:5c:19:f9:a0:a9:fa:
79:0f:f4:ca:1e:94:19:c2:ee:e8:c4:73:7d:5c:d7:33:db:60:
ba:30:26:3c:c2:8b:e3:05:23:6f:d5:b0:2b:1a:0b:ba:60:80:
b8:69:a9:47:05:32:e6:7c:b7:5f:06:37:b1:f0:84:09:b6:a2:
76:fb:bb:bf:f9:5c:09:95:e9:5f:1b:16:fc:ff:c0:b5:a3:cf:
80:dd:e7:38:c0:8e:32:c6:e0:cd:5b:dc:18:20:2b:98:ca:af:
08:a8:00:4c
-----BEGIN CERTIFICATE-----
MIIFtzCCBJ+gAwIBAgISAYfhQZELpZk6ArTkkL77prQxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1ODhmMTk3Zjk3ZTg5MDA3NTU1NDRlODEwY2RkZWY5ZDkw
ZmJjNDEwHhcNMjMwNTAzMTA1NjIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2Y5NGM5MTc1OGRhNTAzZDc0ZGQ2ZjI5N2U1ODUzMGFlMTE0MmNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjMKXdo4/BZM3mgx10cQ9M+uHInPU
9pfXiV70LLegVsU7Lg4yyJx2PjKr7Jha9szQI1fOxcPEI4w/S5//CsV5trPow73Q
t1uT6q74npblr37MIMdRJfvag/4+dRqI61vw05u7uD+L6/eKaE2ilOdu4pzc5FlG
MwCloLkPDT2sGexCMdOK8n9zWH8XxpUbupSyhDhQtooLBXyS/6w18GUIFL2YxuAH
mgta7zyGqmtDmHmOdGXdzq2Oc2ULhC7/fOY6BaozF02Es1dtJC6VuxmM4aDaGyiJ
ZXEZYyYm0wef8a+AwAjs2Ed8D0pUGfMeWFNlFRCgXLhhuDnjP0Yf6xKl2QIDAQAB
o4ICwzCCAr8wHQYDVR0OBBYEFFP5TJF1jaUD103W8pflhTCuEULKMB8GA1UdIwQY
MBaAFFWI8Zf5fokAdVVE6BDN3vnZD7xBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2Et
N2NmZWY0Mjc2YTBmLzEvVV9sTWtYV05wUVBYVGRieWwtV0ZNSzRSUXNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2EtN2NmZWY0Mjc2YTBm
LzEvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHYBggrBgEFBQcBBwEB/wSByDCBxTCBwgQCAAEwgbsDBAEu
A1YDBAAuA4YDBAIuA6ADBAAuA8kDBAAuA80DBAIuA9gDBAAuA94DBAEuA/gDBAAu
A/swCwMEAC4D/QMDAi4AAwQAlX7BMAwDBACVfsMDBACVfsQDBACVfsYwDAMEAJV+
yQMEAJV+yjAMAwQClX7MAwQAlX7OAwQAlX7QAwQAlX7SMAwDBACVftUDBACVftYw
DAMEBZV+4AMEAJV+4gMEApV+5DAMAwQBlX7yAwQAlX76AwQAlX78MA0GCSqGSIb3
DQEBCwUAA4IBAQB641wmE3kcOCM0n2D4909LyuJ3ae4JKhxoX510yuNfS9YFDml+
H1pE8L8XFFDv+eeZE5AH+vigGquLT6+CN+sUkEFWDAAq45z7nmaXJB6bnk8I2UZs
OjUtcRzNHTY8u16tXmkImCVetHDJcwBGXaOZVreDkiSVal0BRXiYD4AJ++hpkZwm
2E8VeltRQUTK8hpexsKS7tMcbb44dcJcGfmgqfp5D/TKHpQZwu7oxHN9XNcz22C6
MCY8wovjBSNv1bArGgu6YIC4aalHBTLmfLdfBjex8IQJtqJ2+7u/+VwJlelfGxb8
/8C1o8+A3ec4wI4yxuDNW9wYICuYyq8IqABM
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:36 2023 by rpki-client on console-fra.rpki-client.org