Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/aqCrnA6IvcvkfeTkWWt0KkOhxeI.roa
File: aqCrnA6IvcvkfeTkWWt0KkOhxeI.roa (raw, json)
Hash identifier: MMG+3dQ5vO/uln84GIOx5i2c6sKYx2FClXQMhOk4TK0=
Subject key identifier: 6A:A0:AB:9C:0E:88:BD:CB:E4:7D:E4:E4:59:6B:74:2A:43:A1:C5:E2
Certificate issuer: /CN=5588f197f97e8900755544e810cddef9d90fbc41
Certificate serial: 018578D4FBE6974CCAE897B0BD37D727EAEC
Authority key identifier: 55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/aqCrnA6IvcvkfeTkWWt0KkOhxeI.roa
Signing time: Tue 03 Jan 2023 18:11:42 +0000
ROA not before: Tue 03 Jan 2023 18:11:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 22773
IP address blocks: 46.232.64.0/21 maxlen: 24
46.3.64.0/22 maxlen: 22
46.232.80.0/20 maxlen: 24
46.3.68.0/22 maxlen: 22
46.3.80.0/22 maxlen: 22
46.232.0.0/24 maxlen: 24
46.3.4.0/22 maxlen: 22
46.232.24.0/21 maxlen: 24
46.3.16.0/22 maxlen: 22
46.232.32.0/20 maxlen: 24
46.3.24.0/22 maxlen: 22
46.3.30.0/24 maxlen: 24
46.3.32.0/21 maxlen: 21
46.3.152.0/22 maxlen: 22
46.3.156.0/24 maxlen: 24
46.3.157.0/24 maxlen: 24
46.3.188.0/22 maxlen: 24
46.3.92.0/22 maxlen: 22
46.3.135.0/24 maxlen: 24
149.126.251.0/24 maxlen: 24
149.126.253.0/24 maxlen: 24
149.126.254.0/24 maxlen: 24
149.126.255.0/24 maxlen: 24
46.3.203.0/24 maxlen: 24
46.3.202.0/24 maxlen: 24
46.3.204.0/24 maxlen: 24
46.3.200.0/24 maxlen: 24
46.3.208.0/21 maxlen: 21
149.126.197.0/24 maxlen: 24
149.126.203.0/24 maxlen: 24
149.126.200.0/24 maxlen: 24
46.3.224.0/22 maxlen: 22
149.126.207.0/24 maxlen: 24
149.126.215.0/24 maxlen: 24
46.3.250.0/24 maxlen: 24
46.3.252.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:78:d4:fb:e6:97:4c:ca:e8:97:b0:bd:37:d7:27:ea:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5588f197f97e8900755544e810cddef9d90fbc41
Validity
Not Before: Jan 3 18:11:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6aa0ab9c0e88bdcbe47de4e4596b742a43a1c5e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:29:f0:47:a8:c5:af:1f:bb:9f:57:f0:4f:51:
06:31:b1:6b:5f:ef:a8:8d:ea:2c:05:62:a6:88:c0:
58:77:be:53:9e:1a:02:08:50:03:de:0f:5e:3c:8a:
b5:3c:58:6c:eb:f0:fc:37:c9:c2:af:be:ae:31:b3:
09:cf:09:da:d8:8d:6e:a9:db:7b:5a:4a:c7:b6:57:
32:42:8d:bb:c1:b5:c0:f9:6f:bb:70:64:82:a8:da:
c3:d0:88:0a:b7:55:3c:96:47:dd:83:1d:4c:83:19:
91:6c:58:2e:6c:05:44:f0:7c:1a:ad:04:74:38:fb:
19:81:a2:59:6f:17:bf:71:b5:d7:36:1f:1e:47:88:
e4:31:3b:3c:cc:5b:c0:be:78:c9:d2:eb:aa:2b:3c:
8d:49:a5:6a:a5:a1:3f:ea:91:3e:f7:85:33:ec:0e:
1b:7c:73:48:92:77:ac:d4:33:d7:20:06:e3:07:55:
51:38:71:f7:1b:99:f5:6c:ac:88:a9:f9:41:58:d9:
f2:4a:14:77:a9:1e:a9:4b:c7:e7:73:83:6f:c0:a0:
65:51:65:94:78:aa:f7:e7:20:f3:07:39:8a:a7:3f:
c5:c2:26:0c:23:3f:6d:59:6b:de:1f:d1:5b:29:86:
bf:f6:5d:d9:44:59:df:2a:cd:5b:ca:7b:6a:06:46:
c0:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:A0:AB:9C:0E:88:BD:CB:E4:7D:E4:E4:59:6B:74:2A:43:A1:C5:E2
X509v3 Authority Key Identifier:
keyid:55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/aqCrnA6IvcvkfeTkWWt0KkOhxeI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.3.4.0/22
46.3.16.0/22
46.3.24.0/22
46.3.30.0/24
46.3.32.0/21
46.3.64.0/21
46.3.80.0/22
46.3.92.0/22
46.3.135.0/24
46.3.152.0-46.3.157.255
46.3.188.0/22
46.3.200.0/24
46.3.202.0-46.3.204.255
46.3.208.0/21
46.3.224.0/22
46.3.250.0/24
46.3.252.0/24
46.232.0.0/24
46.232.24.0-46.232.47.255
46.232.64.0/21
46.232.80.0/20
149.126.197.0/24
149.126.200.0/24
149.126.203.0/24
149.126.207.0/24
149.126.215.0/24
149.126.251.0/24
149.126.253.0-149.126.255.255
Signature Algorithm: sha256WithRSAEncryption
8a:84:5a:43:0e:da:32:f8:c4:12:08:f5:2b:07:6d:f9:7f:a7:
68:be:13:3c:92:ee:28:fb:08:b0:4d:0f:fc:65:c3:32:d9:fa:
b5:f5:d3:17:8a:a7:a8:a5:cb:3e:55:42:df:2f:5d:d2:bf:78:
fd:0f:bf:a4:69:43:c9:72:77:ab:d2:91:d8:b3:e7:b1:28:b6:
a7:83:3c:61:16:d3:ae:bf:66:ad:0e:6f:ce:54:93:bf:7f:7f:
f8:f6:ab:68:44:94:02:23:1f:c5:38:20:d2:ca:d3:a0:c0:d7:
65:ef:ed:2c:b2:71:a9:53:17:a2:53:33:28:9f:99:4b:97:34:
e7:64:af:04:6e:a5:5d:b1:12:d7:28:a4:15:05:53:69:a4:ae:
94:f1:e7:89:26:bb:e8:b4:25:5b:ef:f5:c1:75:fa:1e:09:ec:
01:49:d8:e2:61:67:ef:ea:81:fb:36:59:1b:7e:f9:5b:06:09:
b4:24:d5:67:6b:c6:74:20:97:aa:2e:74:96:60:6b:e5:32:a4:
f1:04:7d:d6:ba:c6:d7:8e:1d:9f:f5:16:7e:47:63:38:4d:23:
c0:9a:5d:1c:4c:15:32:2b:94:8a:5f:12:f3:29:52:b5:8d:34:
70:c8:9a:04:59:ee:5a:33:1a:3c:20:e1:9c:ad:cf:2a:6b:ff:
bf:7c:6f:97
-----BEGIN CERTIFICATE-----
MIIFwzCCBKugAwIBAgISAYV41Pvml0zK6JewvTfXJ+rsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1ODhmMTk3Zjk3ZTg5MDA3NTU1NDRlODEwY2RkZWY5ZDkw
ZmJjNDEwHhcNMjMwMTAzMTgxMTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWEwYWI5YzBlODhiZGNiZTQ3ZGU0ZTQ1OTZiNzQyYTQzYTFjNWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmSnwR6jFrx+7n1fwT1EGMbFrX++o
jeosBWKmiMBYd75TnhoCCFAD3g9ePIq1PFhs6/D8N8nCr76uMbMJzwna2I1uqdt7
WkrHtlcyQo27wbXA+W+7cGSCqNrD0IgKt1U8lkfdgx1MgxmRbFgubAVE8HwarQR0
OPsZgaJZbxe/cbXXNh8eR4jkMTs8zFvAvnjJ0uuqKzyNSaVqpaE/6pE+94Uz7A4b
fHNIknes1DPXIAbjB1VROHH3G5n1bKyIqflBWNnyShR3qR6pS8fnc4NvwKBlUWWU
eKr35yDzBzmKpz/FwiYMIz9tWWveH9FbKYa/9l3ZRFnfKs1byntqBkbAywIDAQAB
o4ICzzCCAsswHQYDVR0OBBYEFGqgq5wOiL3L5H3k5FlrdCpDocXiMB8GA1UdIwQY
MBaAFFWI8Zf5fokAdVVE6BDN3vnZD7xBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2Et
N2NmZWY0Mjc2YTBmLzEvYXFDcm5BNkl2Y3ZrZmVUa1dXdDBLa09oeGVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2EtN2NmZWY0Mjc2YTBm
LzEvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHkBggrBgEFBQcBBwEB/wSB1DCB0TCBzgQCAAEwgccDBAIu
AwQDBAIuAxADBAIuAxgDBAAuAx4DBAMuAyADBAMuA0ADBAIuA1ADBAIuA1wDBAAu
A4cwDAMEAy4DmAMEAS4DnAMEAi4DvAMEAC4DyDAMAwQBLgPKAwQALgPMAwQDLgPQ
AwQCLgPgAwQALgP6AwQALgP8AwQALugAMAwDBAMu6BgDBAQu6CADBAMu6EADBAQu
6FADBACVfsUDBACVfsgDBACVfssDBACVfs8DBACVftcDBACVfvswCwMEAJV+/QMD
AJV+MA0GCSqGSIb3DQEBCwUAA4IBAQCKhFpDDtoy+MQSCPUrB235f6dovhM8ku4o
+wiwTQ/8ZcMy2fq19dMXiqeopcs+VULfL13Sv3j9D7+kaUPJcner0pHYs+exKLan
gzxhFtOuv2atDm/OVJO/f3/49qtoRJQCIx/FOCDSytOgwNdl7+0ssnGpUxeiUzMo
n5lLlzTnZK8EbqVdsRLXKKQVBVNppK6U8eeJJrvotCVb7/XBdfoeCewBSdjiYWfv
6oH7NlkbfvlbBgm0JNVna8Z0IJeqLnSWYGvlMqTxBH3WusbXjh2f9RZ+R2M4TSPA
ml0cTBUyK5SKXxLzKVK1jTRwyJoEWe5aMxo8IOGcrc8qa/+/fG+X
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:36 2023 by rpki-client on console-fra.rpki-client.org