Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/dveVXIz3aC-2Mmjfs6dZKr8sK7k.roa
File: dveVXIz3aC-2Mmjfs6dZKr8sK7k.roa (raw, json)
Hash identifier: cSSOqCX9ZwvrnwGHP0JBRKj9XY4plekGXD6AdZ4Cev8=
Subject key identifier: 76:F7:95:5C:8C:F7:68:2F:B6:32:68:DF:B3:A7:59:2A:BF:2C:2B:B9
Certificate issuer: /CN=5588f197f97e8900755544e810cddef9d90fbc41
Certificate serial: 018E62CD4E712AF9AF07C8C31D2177B7FD7C
Authority key identifier: 55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/dveVXIz3aC-2Mmjfs6dZKr8sK7k.roa
Signing time: Thu 21 Mar 2024 20:56:45 +0000
ROA not before: Thu 21 Mar 2024 20:56:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 399989
IP address blocks: 46.3.32.0/20 maxlen: 20
46.3.80.0/21 maxlen: 21
46.3.135.0/24 maxlen: 24
46.3.156.0/24 maxlen: 24
46.3.157.0/24 maxlen: 24
46.3.188.0/22 maxlen: 24
46.3.216.0/21 maxlen: 21
46.3.224.0/21 maxlen: 21
46.232.64.0/21 maxlen: 24
149.126.203.0/24 maxlen: 24
149.126.251.0/24 maxlen: 24
149.126.253.0/24 maxlen: 24
149.126.254.0/24 maxlen: 24
149.126.255.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 06 Apr 2024 14:20:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:62:cd:4e:71:2a:f9:af:07:c8:c3:1d:21:77:b7:fd:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5588f197f97e8900755544e810cddef9d90fbc41
Validity
Not Before: Mar 21 20:56:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=76f7955c8cf7682fb63268dfb3a7592abf2c2bb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:97:76:a5:e7:51:a4:c4:e5:a7:6c:9f:06:35:
71:0e:c9:40:16:3d:94:c3:ea:d4:56:b4:e1:b9:a3:
3c:31:0b:bb:91:79:04:f6:e7:ef:c5:9c:58:22:9f:
7b:7f:5b:f7:95:d1:34:f3:04:3b:04:50:74:63:ba:
e7:25:fb:52:38:52:16:50:06:8b:0b:2a:ad:67:2b:
9c:4e:e6:df:ee:1e:cd:47:0a:8a:fd:58:9c:59:da:
d8:30:7c:f6:64:34:de:5f:d1:a6:62:41:55:22:f7:
23:c8:2c:5b:38:1e:45:50:07:1b:f0:56:f4:88:3a:
24:7c:48:4f:8e:69:23:ad:da:fe:fd:a8:8a:55:e4:
7d:1c:0f:73:9f:d6:99:c4:fc:b5:0d:e1:57:c1:ee:
2d:e6:bd:13:a2:70:b2:a9:40:9d:11:3e:df:b3:4e:
d4:92:8f:da:5c:af:eb:38:d4:77:5d:02:77:12:66:
03:22:3c:39:da:43:79:15:9d:5d:ad:d9:c2:eb:b9:
63:85:ec:1f:ba:43:2b:1a:80:ef:7d:62:dc:2a:b6:
e7:c0:1d:fb:5c:e9:d0:28:9a:d4:93:02:16:e4:0f:
41:39:69:ad:14:ef:d4:d1:12:ec:3f:7e:bd:36:4f:
98:af:eb:70:cf:e5:7e:14:4f:d6:9b:d5:2f:0a:9f:
42:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:F7:95:5C:8C:F7:68:2F:B6:32:68:DF:B3:A7:59:2A:BF:2C:2B:B9
X509v3 Authority Key Identifier:
keyid:55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/dveVXIz3aC-2Mmjfs6dZKr8sK7k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.3.32.0/20
46.3.80.0/21
46.3.135.0/24
46.3.156.0/23
46.3.188.0/22
46.3.216.0-46.3.231.255
46.232.64.0/21
149.126.203.0/24
149.126.251.0/24
149.126.253.0-149.126.255.255
Signature Algorithm: sha256WithRSAEncryption
36:72:69:c3:ef:24:2f:1c:a8:27:23:51:1e:eb:aa:9c:66:44:
99:27:99:f6:3d:11:f5:27:e5:e4:c3:d4:07:df:9a:e7:e8:41:
b0:19:ae:98:6e:7c:be:61:e1:87:8e:72:a1:b0:40:08:61:88:
e6:97:1a:ae:48:b6:79:2c:39:ac:55:fa:fb:14:8c:3d:a7:55:
51:42:20:36:af:b3:5d:74:6b:9c:27:ab:3e:72:6f:ce:0b:78:
18:d3:ae:e5:78:09:11:ba:5f:c4:ec:31:ae:9e:62:50:b0:2c:
0a:ed:40:27:0d:f6:2f:67:13:6f:eb:6e:72:e6:4a:5f:34:23:
4c:6b:99:42:10:82:ec:06:62:b7:d3:14:e2:52:fa:d2:0d:42:
44:03:c3:91:6f:32:68:64:7a:b5:cc:01:b9:cd:98:16:a1:8f:
c8:e4:8d:d4:91:17:ab:37:92:02:ed:8e:d3:46:6b:b2:19:49:
83:ea:1a:fa:6d:c2:9f:2a:8d:35:9b:32:52:f1:31:79:cc:3e:
1e:30:ea:99:41:3c:f9:41:96:12:b9:6f:4f:19:94:f9:7c:37:
d2:8c:ec:f5:cd:d7:1e:b6:10:c7:6a:a8:bf:1f:aa:37:42:ea:
02:47:aa:81:19:93:fc:ef:70:8d:0c:97:97:07:54:f7:cf:9d:
9e:5e:89:a3
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAY5izU5xKvmvB8jDHSF3t/18MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1ODhmMTk3Zjk3ZTg5MDA3NTU1NDRlODEwY2RkZWY5ZDkw
ZmJjNDEwHhcNMjQwMzIxMjA1NjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmY3OTU1YzhjZjc2ODJmYjYzMjY4ZGZiM2E3NTkyYWJmMmMyYmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh5d2pedRpMTlp2yfBjVxDslAFj2U
w+rUVrThuaM8MQu7kXkE9ufvxZxYIp97f1v3ldE08wQ7BFB0Y7rnJftSOFIWUAaL
CyqtZyucTubf7h7NRwqK/VicWdrYMHz2ZDTeX9GmYkFVIvcjyCxbOB5FUAcb8Fb0
iDokfEhPjmkjrdr+/aiKVeR9HA9zn9aZxPy1DeFXwe4t5r0TonCyqUCdET7fs07U
ko/aXK/rONR3XQJ3EmYDIjw52kN5FZ1drdnC67ljhewfukMrGoDvfWLcKrbnwB37
XOnQKJrUkwIW5A9BOWmtFO/U0RLsP369Nk+Yr+twz+V+FE/Wm9UvCp9CMwIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFHb3lVyM92gvtjJo37OnWSq/LCu5MB8GA1UdIwQY
MBaAFFWI8Zf5fokAdVVE6BDN3vnZD7xBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2Et
N2NmZWY0Mjc2YTBmLzEvZHZlVlhJejNhQy0yTW1qZnM2ZFpLcjhzSzdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2EtN2NmZWY0Mjc2YTBm
LzEvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBRBAIAATBLAwQELgMgAwQD
LgNQAwQALgOHAwQBLgOcAwQCLgO8MAwDBAMuA9gDBAMuA+ADBAMu6EADBACVfssD
BACVfvswCwMEAJV+/QMDAJV+MA0GCSqGSIb3DQEBCwUAA4IBAQA2cmnD7yQvHKgn
I1Ee66qcZkSZJ5n2PRH1J+Xkw9QH35rn6EGwGa6Ybny+YeGHjnKhsEAIYYjmlxqu
SLZ5LDmsVfr7FIw9p1VRQiA2r7NddGucJ6s+cm/OC3gY067leAkRul/E7DGunmJQ
sCwK7UAnDfYvZxNv625y5kpfNCNMa5lCEILsBmK30xTiUvrSDUJEA8ORbzJoZHq1
zAG5zZgWoY/I5I3UkRerN5IC7Y7TRmuyGUmD6hr6bcKfKo01mzJS8TF5zD4eMOqZ
QTz5QZYSuW9PGZT5fDfSjOz1zdcethDHaqi/H6o3QuoCR6qBGZP873CNDJeXB1T3
z52eXomj
-----END CERTIFICATE-----
Generated at Sat Apr 6 17:00:29 2024 by rpki-client on console-ams.rpki-client.org