Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/gkWhqZSJL0IVOqUZopD_XyA0uf4.roa
File: gkWhqZSJL0IVOqUZopD_XyA0uf4.roa (raw, json)
Hash identifier: 1UnfrPon/SBj9UYr2MMEdXBkc4pAXdDuH92vLvii7/o=
Subject key identifier: 82:45:A1:A9:94:89:2F:42:15:3A:A5:19:A2:90:FF:5F:20:34:B9:FE
Certificate issuer: /CN=5588f197f97e8900755544e810cddef9d90fbc41
Certificate serial: 0188FC925F26F98FC29112AD19CE4C4EDB98
Authority key identifier: 55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/gkWhqZSJL0IVOqUZopD_XyA0uf4.roa
Signing time: Tue 27 Jun 2023 11:17:10 +0000
ROA not before: Tue 27 Jun 2023 11:17:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 996
IP address blocks: 46.3.86.0/23 maxlen: 23
46.3.160.0/22 maxlen: 22
46.3.134.0/24 maxlen: 24
46.3.255.0/24 maxlen: 24
149.126.243.0/24 maxlen: 24
149.126.245.0/24 maxlen: 24
46.3.254.0/24 maxlen: 24
149.126.246.0/24 maxlen: 24
149.126.244.0/24 maxlen: 24
149.126.242.0/24 maxlen: 24
149.126.247.0/24 maxlen: 24
149.126.249.0/24 maxlen: 24
149.126.250.0/24 maxlen: 24
149.126.252.0/24 maxlen: 24
149.126.248.0/24 maxlen: 24
46.3.205.0/24 maxlen: 24
46.3.201.0/24 maxlen: 24
149.126.198.0/24 maxlen: 24
149.126.196.0/24 maxlen: 24
149.126.195.0/24 maxlen: 24
149.126.193.0/24 maxlen: 24
46.3.216.0/22 maxlen: 22
149.126.204.0/24 maxlen: 24
149.126.206.0/24 maxlen: 24
149.126.202.0/24 maxlen: 24
149.126.205.0/24 maxlen: 24
149.126.201.0/24 maxlen: 24
46.3.222.0/24 maxlen: 24
149.126.208.0/24 maxlen: 24
149.126.210.0/24 maxlen: 24
149.126.214.0/24 maxlen: 24
149.126.226.0/24 maxlen: 24
149.126.224.0/24 maxlen: 24
149.126.225.0/24 maxlen: 24
149.126.229.0/24 maxlen: 24
149.126.231.0/24 maxlen: 24
149.126.228.0/24 maxlen: 24
149.126.230.0/24 maxlen: 24
46.3.253.0/24 maxlen: 24
46.3.249.0/24 maxlen: 24
46.3.251.0/24 maxlen: 24
46.3.248.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:fc:92:5f:26:f9:8f:c2:91:12:ad:19:ce:4c:4e:db:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5588f197f97e8900755544e810cddef9d90fbc41
Validity
Not Before: Jun 27 11:17:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8245a1a994892f42153aa519a290ff5f2034b9fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:1f:19:e0:a6:31:31:ea:22:2f:c0:2d:4f:c9:
eb:28:e6:dc:d6:8d:21:12:4c:0f:8a:35:18:8c:fc:
d7:bc:b0:49:30:a7:b3:79:77:97:95:f6:58:8c:d3:
d0:aa:05:8f:91:3e:97:b9:a0:54:3a:48:04:ff:c9:
ba:68:69:17:f4:9e:59:91:ac:be:3a:8f:ac:a4:96:
91:30:11:11:4a:0d:1a:94:ec:58:f7:f3:bf:17:d1:
0c:75:70:dd:3c:17:ea:b1:b4:3c:ca:13:13:83:4e:
e3:20:2c:e5:12:e4:d9:18:e9:4f:9f:f3:47:32:29:
1f:81:98:38:fd:22:ca:30:6d:bd:c1:5d:87:60:c4:
89:55:13:02:67:0f:94:e1:96:cb:88:9f:b0:d3:d1:
82:52:d5:8a:ae:3b:e4:ca:4f:a2:93:17:e8:df:e4:
e3:73:53:e4:de:37:2d:fc:1f:7b:9b:8d:9e:4e:9a:
a1:b5:16:83:55:8d:73:ca:e3:6a:d3:42:19:5a:0d:
66:2f:9b:42:47:93:73:10:66:d0:34:4b:a0:2a:d1:
b6:2f:5f:d7:e0:8e:ea:81:33:af:ba:3d:12:c9:47:
08:af:82:b0:ac:a2:08:99:da:ef:eb:8d:b8:15:40:
7c:dc:70:c1:f9:05:52:fd:e5:4a:c6:0f:60:b4:53:
a4:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:45:A1:A9:94:89:2F:42:15:3A:A5:19:A2:90:FF:5F:20:34:B9:FE
X509v3 Authority Key Identifier:
keyid:55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/gkWhqZSJL0IVOqUZopD_XyA0uf4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.3.86.0/23
46.3.134.0/24
46.3.160.0/22
46.3.201.0/24
46.3.205.0/24
46.3.216.0/22
46.3.222.0/24
46.3.248.0/23
46.3.251.0/24
46.3.253.0-46.3.255.255
149.126.193.0/24
149.126.195.0-149.126.196.255
149.126.198.0/24
149.126.201.0-149.126.202.255
149.126.204.0-149.126.206.255
149.126.208.0/24
149.126.210.0/24
149.126.214.0/24
149.126.224.0-149.126.226.255
149.126.228.0/22
149.126.242.0-149.126.250.255
149.126.252.0/24
Signature Algorithm: sha256WithRSAEncryption
43:52:8a:19:77:30:dd:58:a7:b4:9f:f5:99:a2:21:d8:11:6e:
ec:a9:0f:ab:91:8a:90:9f:56:30:f1:13:12:d9:cf:be:3f:a9:
19:cc:0e:de:a3:da:61:73:1f:42:6e:e7:f0:00:32:55:0c:0b:
91:d1:64:da:ef:7c:f9:63:98:6c:c2:b9:cb:07:96:0f:64:42:
95:a8:a1:c2:64:50:23:6b:4f:51:0c:8a:fa:04:59:e3:b1:ef:
7c:69:d1:08:97:b7:a1:f8:ef:0f:78:ff:0d:57:46:b3:c0:f9:
37:8f:a6:88:ea:ee:2f:8f:80:17:41:cf:cb:42:b8:f7:76:e8:
93:d1:52:71:39:a6:7f:5b:7b:77:f1:ec:bc:16:34:76:8a:c6:
4a:95:b3:b0:d5:85:bb:4a:37:09:44:53:25:bd:7a:85:af:6f:
01:71:ff:64:5b:9e:88:65:2f:8d:82:19:66:03:a3:96:c0:2b:
6e:b9:82:9a:78:10:3b:f7:91:1c:ac:46:2c:56:9a:01:65:33:
c3:7d:a9:72:1e:e4:b7:67:55:99:6c:a6:14:eb:9b:e5:37:2f:
88:98:5c:a3:f9:fa:b0:4f:58:86:55:b2:27:16:81:a2:52:63:
d2:c5:51:a6:84:fa:f9:07:72:b4:e9:b2:38:19:18:9d:10:b8:
ff:06:9e:24
-----BEGIN CERTIFICATE-----
MIIFrzCCBJegAwIBAgISAYj8kl8m+Y/CkRKtGc5MTtuYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1ODhmMTk3Zjk3ZTg5MDA3NTU1NDRlODEwY2RkZWY5ZDkw
ZmJjNDEwHhcNMjMwNjI3MTExNzEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjQ1YTFhOTk0ODkyZjQyMTUzYWE1MTlhMjkwZmY1ZjIwMzRiOWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtx8Z4KYxMeoiL8AtT8nrKObc1o0h
EkwPijUYjPzXvLBJMKezeXeXlfZYjNPQqgWPkT6XuaBUOkgE/8m6aGkX9J5Zkay+
Oo+spJaRMBERSg0alOxY9/O/F9EMdXDdPBfqsbQ8yhMTg07jICzlEuTZGOlPn/NH
MikfgZg4/SLKMG29wV2HYMSJVRMCZw+U4ZbLiJ+w09GCUtWKrjvkyk+ikxfo3+Tj
c1Pk3jct/B97m42eTpqhtRaDVY1zyuNq00IZWg1mL5tCR5NzEGbQNEugKtG2L1/X
4I7qgTOvuj0SyUcIr4KwrKIImdrv6424FUB83HDB+QVS/eVKxg9gtFOkgwIDAQAB
o4ICuzCCArcwHQYDVR0OBBYEFIJFoamUiS9CFTqlGaKQ/18gNLn+MB8GA1UdIwQY
MBaAFFWI8Zf5fokAdVVE6BDN3vnZD7xBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2Et
N2NmZWY0Mjc2YTBmLzEvZ2tXaHFaU0pMMElWT3FVWm9wRF9YeUEwdWY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2EtN2NmZWY0Mjc2YTBm
LzEvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHQBggrBgEFBQcBBwEB/wSBwDCBvTCBugQCAAEwgbMDBAEu
A1YDBAAuA4YDBAIuA6ADBAAuA8kDBAAuA80DBAIuA9gDBAAuA94DBAEuA/gDBAAu
A/swCwMEAC4D/QMDAi4AAwQAlX7BMAwDBACVfsMDBACVfsQDBACVfsYwDAMEAJV+
yQMEAJV+yjAMAwQClX7MAwQAlX7OAwQAlX7QAwQAlX7SAwQAlX7WMAwDBAWVfuAD
BACVfuIDBAKVfuQwDAMEAZV+8gMEAJV++gMEAJV+/DANBgkqhkiG9w0BAQsFAAOC
AQEAQ1KKGXcw3VintJ/1maIh2BFu7KkPq5GKkJ9WMPETEtnPvj+pGcwO3qPaYXMf
Qm7n8AAyVQwLkdFk2u98+WOYbMK5yweWD2RClaihwmRQI2tPUQyK+gRZ47HvfGnR
CJe3ofjvD3j/DVdGs8D5N4+miOruL4+AF0HPy0K493bok9FScTmmf1t7d/HsvBY0
dorGSpWzsNWFu0o3CURTJb16ha9vAXH/ZFueiGUvjYIZZgOjlsArbrmCmngQO/eR
HKxGLFaaAWUzw32pch7kt2dVmWymFOub5TcviJhco/n6sE9YhlWyJxaBolJj0sVR
poT6+QdytOmyOBkYnRC4/waeJA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:36 2023 by rpki-client on console-fra.rpki-client.org