Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/n8H4GH_6jd7JIE_pUL-wX5Ly650.roa
File: n8H4GH_6jd7JIE_pUL-wX5Ly650.roa (raw, json)
Hash identifier: pkVOZleQ/vpob9qBGhoicki/HZTX4EpJfznIRLypXow=
Subject key identifier: 9F:C1:F8:18:7F:FA:8D:DE:C9:20:4F:E9:50:BF:B0:5F:92:F2:EB:9D
Certificate issuer: /CN=5588f197f97e8900755544e810cddef9d90fbc41
Certificate serial: 018E413D128A3DC0131D43CFB62F33DFF062
Authority key identifier: 55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/n8H4GH_6jd7JIE_pUL-wX5Ly650.roa
Signing time: Fri 15 Mar 2024 08:31:45 +0000
ROA not before: Fri 15 Mar 2024 08:31:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 398465
IP address blocks: 46.3.89.0/24 maxlen: 24
46.3.90.0/24 maxlen: 24
46.3.91.0/24 maxlen: 24
46.3.116.0/22 maxlen: 24
46.3.120.0/21 maxlen: 21
46.3.134.0/24 maxlen: 24
46.3.160.0/24 maxlen: 24
46.3.161.0/24 maxlen: 24
46.3.162.0/24 maxlen: 24
46.3.163.0/24 maxlen: 24
46.3.188.0/24 maxlen: 24
46.3.190.0/24 maxlen: 24
46.3.191.0/24 maxlen: 24
46.3.200.0/24 maxlen: 24
46.3.201.0/24 maxlen: 24
46.3.220.0/23 maxlen: 23
46.3.230.0/23 maxlen: 23
46.3.246.0/24 maxlen: 24
46.3.248.0/24 maxlen: 24
46.3.250.0/24 maxlen: 24
46.3.251.0/24 maxlen: 24
46.3.252.0/24 maxlen: 24
46.3.253.0/24 maxlen: 24
46.3.254.0/24 maxlen: 24
46.3.255.0/24 maxlen: 24
46.232.64.0/24 maxlen: 24
46.232.65.0/24 maxlen: 24
46.232.66.0/24 maxlen: 24
46.232.67.0/24 maxlen: 24
46.232.68.0/24 maxlen: 24
46.232.69.0/24 maxlen: 24
46.232.70.0/24 maxlen: 24
46.232.71.0/24 maxlen: 24
46.232.72.0/21 maxlen: 24
46.232.72.0/24 maxlen: 24
149.126.226.0/24 maxlen: 24
149.126.228.0/24 maxlen: 24
149.126.231.0/24 maxlen: 24
149.126.242.0/24 maxlen: 24
149.126.244.0/24 maxlen: 24
149.126.245.0/24 maxlen: 24
149.126.247.0/24 maxlen: 24
149.126.248.0/24 maxlen: 24
149.126.249.0/24 maxlen: 24
149.126.250.0/24 maxlen: 24
149.126.252.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 21 Mar 2024 20:49:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:41:3d:12:8a:3d:c0:13:1d:43:cf:b6:2f:33:df:f0:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5588f197f97e8900755544e810cddef9d90fbc41
Validity
Not Before: Mar 15 08:31:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9fc1f8187ffa8ddec9204fe950bfb05f92f2eb9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:7c:0e:b2:98:21:e6:94:77:12:18:bb:85:8f:
25:b9:16:f0:3e:76:f2:48:ec:ea:9e:9d:0b:61:05:
1b:2a:e7:15:e1:d3:b3:a3:cf:fb:f5:da:49:eb:62:
bd:2f:ea:0d:0c:4c:5a:14:7f:08:7f:68:16:2b:cf:
79:d8:ba:94:ab:53:03:f4:a3:04:eb:79:1c:b3:3c:
58:f6:a8:50:18:57:80:72:83:7c:14:e9:a2:de:18:
cf:9d:27:10:f6:09:fb:fb:ef:4c:c3:f0:cf:65:10:
b8:5f:95:35:7d:85:64:0e:64:84:d2:9c:92:5f:45:
d7:72:f1:ad:be:19:77:f2:20:d8:a2:6c:87:08:84:
ab:17:4d:79:a1:ed:08:dd:c2:b6:46:af:da:2e:2a:
bd:25:ec:22:f1:da:81:44:28:db:d3:0a:e7:b6:8b:
74:17:8f:fb:e9:29:c5:1a:54:68:cb:9e:aa:cb:63:
ea:6f:22:f6:b0:14:2a:cd:c1:77:71:cb:d7:14:d9:
44:79:67:34:f1:90:d8:9d:d2:69:2c:3e:31:51:a8:
a6:5f:e7:27:56:cf:ac:3e:7f:c4:96:9e:44:40:3e:
bb:74:0e:17:67:dd:b3:cd:81:c1:69:5b:30:1b:e2:
f4:0a:9d:a4:a0:98:ca:18:a0:f1:34:96:39:59:b2:
cc:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:C1:F8:18:7F:FA:8D:DE:C9:20:4F:E9:50:BF:B0:5F:92:F2:EB:9D
X509v3 Authority Key Identifier:
keyid:55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/n8H4GH_6jd7JIE_pUL-wX5Ly650.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.3.89.0-46.3.91.255
46.3.116.0-46.3.127.255
46.3.134.0/24
46.3.160.0/22
46.3.188.0/24
46.3.190.0/23
46.3.200.0/23
46.3.220.0/23
46.3.230.0/23
46.3.246.0/24
46.3.248.0/24
46.3.250.0-46.3.255.255
46.232.64.0/20
149.126.226.0/24
149.126.228.0/24
149.126.231.0/24
149.126.242.0/24
149.126.244.0/23
149.126.247.0-149.126.250.255
149.126.252.0/24
Signature Algorithm: sha256WithRSAEncryption
56:c3:f9:b6:45:af:6c:3c:f0:27:c1:ed:0e:ac:e8:9f:5b:06:
48:77:7d:1c:a6:ad:36:80:89:ea:4a:38:80:99:bd:3f:4c:ee:
72:05:c1:00:2f:b6:20:e3:fc:c4:d7:38:2c:36:d6:01:f4:23:
c4:93:2a:e2:35:29:8e:a6:0f:6e:06:ac:c0:8f:99:a1:c7:f4:
3c:d6:9e:a9:b4:80:11:29:7a:73:bd:2c:c4:d7:9a:e0:b7:aa:
ff:60:15:1b:87:53:c7:33:83:1c:b7:29:43:b5:02:6a:aa:97:
1c:6a:6f:23:95:71:5a:7c:3c:d0:3f:35:d8:3b:8f:6b:8b:0d:
e2:8f:17:07:a8:d6:a2:57:62:0e:25:c7:72:0a:03:a1:4a:4a:
c4:3c:18:4a:72:c8:1d:2a:a0:b5:56:62:92:bf:ab:de:8c:6d:
ba:af:9c:22:b3:6a:f4:4a:41:96:8a:d7:b8:0b:dd:2b:bc:28:
da:ff:46:e8:8a:83:2b:a1:00:2a:cf:c3:a8:44:26:08:8d:36:
77:fd:d7:52:0b:e1:01:bc:e8:f8:75:3e:e7:98:ce:4d:6c:ef:
45:7e:bf:29:f0:3d:79:42:3d:c0:a0:66:43:5c:c3:8f:59:fa:
ba:15:3b:f0:8f:7f:ff:16:e7:50:0b:b9:22:b2:ff:10:e1:d1:
79:1d:7f:71
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgISAY5BPRKKPcATHUPPti8z3/BiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1ODhmMTk3Zjk3ZTg5MDA3NTU1NDRlODEwY2RkZWY5ZDkw
ZmJjNDEwHhcNMjQwMzE1MDgzMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmMxZjgxODdmZmE4ZGRlYzkyMDRmZTk1MGJmYjA1ZjkyZjJlYjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs3wOspgh5pR3Ehi7hY8luRbwPnby
SOzqnp0LYQUbKucV4dOzo8/79dpJ62K9L+oNDExaFH8If2gWK8952LqUq1MD9KME
63kcszxY9qhQGFeAcoN8FOmi3hjPnScQ9gn7++9Mw/DPZRC4X5U1fYVkDmSE0pyS
X0XXcvGtvhl38iDYomyHCISrF015oe0I3cK2Rq/aLiq9Jewi8dqBRCjb0wrntot0
F4/76SnFGlRoy56qy2PqbyL2sBQqzcF3ccvXFNlEeWc08ZDYndJpLD4xUaimX+cn
Vs+sPn/Elp5EQD67dA4XZ92zzYHBaVswG+L0Cp2koJjKGKDxNJY5WbLMmwIDAQAB
o4ICnzCCApswHQYDVR0OBBYEFJ/B+Bh/+o3eySBP6VC/sF+S8uudMB8GA1UdIwQY
MBaAFFWI8Zf5fokAdVVE6BDN3vnZD7xBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2Et
N2NmZWY0Mjc2YTBmLzEvbjhINEdIXzZqZDdKSUVfcFVMLXdYNUx5NjUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2EtN2NmZWY0Mjc2YTBm
LzEvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG0BggrBgEFBQcBBwEB/wSBpDCBoTCBngQCAAEwgZcwDAME
AC4DWQMEAi4DWDAMAwQCLgN0AwQHLgMAAwQALgOGAwQCLgOgAwQALgO8AwQBLgO+
AwQBLgPIAwQBLgPcAwQBLgPmAwQALgP2AwQALgP4MAsDBAEuA/oDAwIuAAMEBC7o
QAMEAJV+4gMEAJV+5AMEAJV+5wMEAJV+8gMEAZV+9DAMAwQAlX73AwQAlX76AwQA
lX78MA0GCSqGSIb3DQEBCwUAA4IBAQBWw/m2Ra9sPPAnwe0OrOifWwZId30cpq02
gInqSjiAmb0/TO5yBcEAL7Yg4/zE1zgsNtYB9CPEkyriNSmOpg9uBqzAj5mhx/Q8
1p6ptIARKXpzvSzE15rgt6r/YBUbh1PHM4MctylDtQJqqpccam8jlXFafDzQPzXY
O49riw3ijxcHqNaiV2IOJcdyCgOhSkrEPBhKcsgdKqC1VmKSv6vejG26r5wis2r0
SkGWite4C90rvCja/0boioMroQAqz8OoRCYIjTZ3/ddSC+EBvOj4dT7nmM5NbO9F
fr8p8D15Qj3AoGZDXMOPWfq6FTvwj3//FudQC7kisv8Q4dF5HX9x
-----END CERTIFICATE-----
Generated at Thu Mar 21 23:46:24 2024 by rpki-client on console-ams.rpki-client.org