Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/c-QtXSDBkBZl6jVArU4oyX1pNkA.roa
File: c-QtXSDBkBZl6jVArU4oyX1pNkA.roa (raw, json)
Hash identifier: p2DWwPhnkfRdAsvq24juec2Y+T10Yyo5NDEBMAYyZ0w=
Subject key identifier: 73:E4:2D:5D:20:C1:90:16:65:EA:35:40:AD:4E:28:C9:7D:69:36:40
Certificate issuer: /CN=5588f197f97e8900755544e810cddef9d90fbc41
Certificate serial: 01909DE3DD9A256AB2F6F5BA633C4EC02F11
Authority key identifier: 55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/c-QtXSDBkBZl6jVArU4oyX1pNkA.roa
Signing time: Wed 10 Jul 2024 18:24:34 +0000
ROA not before: Wed 10 Jul 2024 18:24:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3257
IP address blocks: 46.3.86.0/23 maxlen: 23
46.232.20.0/22 maxlen: 22
46.232.72.0/21 maxlen: 21
46.232.96.0/20 maxlen: 20
149.126.196.0/24 maxlen: 24
149.126.206.0/24 maxlen: 24
149.126.224.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 19 Nov 2024 21:11:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:9d:e3:dd:9a:25:6a:b2:f6:f5:ba:63:3c:4e:c0:2f:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5588f197f97e8900755544e810cddef9d90fbc41
Validity
Not Before: Jul 10 18:24:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=73e42d5d20c1901665ea3540ad4e28c97d693640
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:26:36:5c:7d:3e:b5:cc:50:7a:7b:62:5f:74:
3c:18:0b:da:84:f3:c5:b6:a3:66:4b:79:d0:a8:41:
f7:dc:2d:50:6b:06:1d:6e:63:46:fe:97:b9:ea:67:
a9:85:80:76:c7:80:64:5c:cc:71:9a:07:79:61:b4:
d9:39:f7:ce:2c:27:a3:a2:12:72:d8:33:da:2e:63:
ad:87:f1:03:b2:32:a2:2e:b4:ea:ba:e5:fd:23:5e:
97:e7:6d:49:ef:7c:29:da:6b:ff:89:22:98:9b:3a:
9a:f1:c9:94:ab:cc:a8:f8:d7:7c:15:d4:9b:cc:11:
9b:8a:ea:52:88:08:10:a2:80:47:c0:56:53:f1:9a:
ba:11:69:6b:76:ac:43:d0:3d:e3:af:4d:49:32:48:
f5:5f:48:b3:84:73:3d:d8:27:59:b8:a3:ad:e2:44:
d9:56:fe:9f:d5:23:82:14:ea:7b:22:bc:0b:2e:88:
63:33:9f:0d:f1:fd:46:77:d6:04:35:78:ea:70:1d:
32:1a:7b:84:94:bf:d8:cf:e5:26:c1:3d:90:10:60:
74:5b:cb:67:ed:e7:33:84:9b:33:0b:35:48:60:3b:
7d:64:7a:59:67:d0:c3:85:9c:bd:f7:1d:03:8b:80:
f1:2a:60:a4:db:29:d0:30:2f:e6:de:cb:14:79:26:
63:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:E4:2D:5D:20:C1:90:16:65:EA:35:40:AD:4E:28:C9:7D:69:36:40
X509v3 Authority Key Identifier:
keyid:55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/c-QtXSDBkBZl6jVArU4oyX1pNkA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.3.86.0/23
46.232.20.0/22
46.232.72.0/21
46.232.96.0/20
149.126.196.0/24
149.126.206.0/24
149.126.224.0/24
Signature Algorithm: sha256WithRSAEncryption
56:b5:70:93:c4:27:d8:ac:46:3a:16:da:32:8c:e7:c2:4a:50:
75:02:b7:1f:a0:ea:52:7d:02:52:4d:11:6a:dd:a7:7f:0e:5d:
4f:e6:b3:2a:11:54:91:ce:e6:43:6f:bb:4e:2b:2b:ff:80:55:
08:52:24:84:27:84:60:93:58:c5:41:57:c3:08:32:4f:af:40:
85:3e:64:87:b3:b9:15:fe:4b:da:e8:8f:63:89:a0:c1:fc:a7:
ae:a9:87:50:70:b4:64:de:4d:e9:b5:60:de:cd:d3:b8:bf:5d:
57:6a:88:60:c6:7d:f0:82:1e:1e:c6:0e:09:13:46:cc:0b:ed:
30:5d:55:3a:c0:01:45:75:1f:1a:c1:94:52:67:7e:7f:0d:62:
01:8d:c1:b2:71:05:5b:86:71:cc:ab:b3:a9:1e:c0:f6:58:ab:
c7:d7:f3:db:19:61:3c:ba:48:68:6f:40:db:a0:49:3e:9d:12:
f7:98:66:62:93:17:f1:44:14:4a:ce:04:6e:8f:b4:f6:fa:f7:
ca:f0:76:6a:a6:c9:b9:cf:6f:cc:9d:08:16:1d:01:03:ce:ec:
27:89:59:f3:a8:ce:25:cc:8a:29:ba:82:41:91:91:91:a4:df:
96:e2:99:8a:a8:66:c6:1b:0c:da:96:d3:5e:5e:fe:40:91:6b:
3b:66:b7:a0
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZCd492aJWqy9vW6YzxOwC8RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1ODhmMTk3Zjk3ZTg5MDA3NTU1NDRlODEwY2RkZWY5ZDkw
ZmJjNDEwHhcNMjQwNzEwMTgyNDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2U0MmQ1ZDIwYzE5MDE2NjVlYTM1NDBhZDRlMjhjOTdkNjkzNjQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtyY2XH0+tcxQentiX3Q8GAvahPPF
tqNmS3nQqEH33C1QawYdbmNG/pe56mephYB2x4BkXMxxmgd5YbTZOffOLCejohJy
2DPaLmOth/EDsjKiLrTquuX9I16X521J73wp2mv/iSKYmzqa8cmUq8yo+Nd8FdSb
zBGbiupSiAgQooBHwFZT8Zq6EWlrdqxD0D3jr01JMkj1X0izhHM92CdZuKOt4kTZ
Vv6f1SOCFOp7IrwLLohjM58N8f1Gd9YENXjqcB0yGnuElL/Yz+UmwT2QEGB0W8tn
7eczhJszCzVIYDt9ZHpZZ9DDhZy99x0Di4DxKmCk2ynQMC/m3ssUeSZjXQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFHPkLV0gwZAWZeo1QK1OKMl9aTZAMB8GA1UdIwQY
MBaAFFWI8Zf5fokAdVVE6BDN3vnZD7xBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2Et
N2NmZWY0Mjc2YTBmLzEvYy1RdFhTREJrQlpsNmpWQXJVNG95WDFwTmtBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2EtN2NmZWY0Mjc2YTBm
LzEvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBLgNWAwQC
LugUAwQDLuhIAwQELuhgAwQAlX7EAwQAlX7OAwQAlX7gMA0GCSqGSIb3DQEBCwUA
A4IBAQBWtXCTxCfYrEY6FtoyjOfCSlB1ArcfoOpSfQJSTRFq3ad/Dl1P5rMqEVSR
zuZDb7tOKyv/gFUIUiSEJ4Rgk1jFQVfDCDJPr0CFPmSHs7kV/kva6I9jiaDB/Keu
qYdQcLRk3k3ptWDezdO4v11Xaohgxn3wgh4exg4JE0bMC+0wXVU6wAFFdR8awZRS
Z35/DWIBjcGycQVbhnHMq7OpHsD2WKvH1/PbGWE8ukhob0DboEk+nRL3mGZikxfx
RBRKzgRuj7T2+vfK8HZqpsm5z2/MnQgWHQEDzuwniVnzqM4lzIopuoJBkZGRpN+W
4pmKqGbGGwzaltNeXv5AkWs7Zreg
-----END CERTIFICATE-----
Generated at Mon Apr 21 05:40:35 2025 by rpki-client