Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/nGxpm1A7XAXnL2LX2PF22Hhc008.roa
File: nGxpm1A7XAXnL2LX2PF22Hhc008.roa (raw, json)
Hash identifier: PjjCXlz4Ow+UVxD/hbLv2lRccD7e/QAroDvXDLgQfiU=
Subject key identifier: 9C:6C:69:9B:50:3B:5C:05:E7:2F:62:D7:D8:F1:76:D8:78:5C:D3:4F
Certificate issuer: /CN=5588f197f97e8900755544e810cddef9d90fbc41
Certificate serial: 018E413D1257885B2B07E798EE7501C68396
Authority key identifier: 55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/nGxpm1A7XAXnL2LX2PF22Hhc008.roa
Signing time: Fri 15 Mar 2024 08:31:45 +0000
ROA not before: Fri 15 Mar 2024 08:31:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 393427
IP address blocks: 46.3.89.0/24 maxlen: 24
46.3.90.0/24 maxlen: 24
46.3.91.0/24 maxlen: 24
46.3.160.0/24 maxlen: 24
46.3.161.0/24 maxlen: 24
46.3.162.0/24 maxlen: 24
46.3.163.0/24 maxlen: 24
46.3.188.0/24 maxlen: 24
46.3.190.0/24 maxlen: 24
46.3.191.0/24 maxlen: 24
46.3.200.0/24 maxlen: 24
46.3.246.0/24 maxlen: 24
46.3.250.0/24 maxlen: 24
46.3.252.0/24 maxlen: 24
46.232.64.0/24 maxlen: 24
46.232.65.0/24 maxlen: 24
46.232.66.0/24 maxlen: 24
46.232.67.0/24 maxlen: 24
46.232.68.0/24 maxlen: 24
46.232.69.0/24 maxlen: 24
46.232.70.0/24 maxlen: 24
46.232.71.0/24 maxlen: 24
46.232.72.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 21 Mar 2024 20:49:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:41:3d:12:57:88:5b:2b:07:e7:98:ee:75:01:c6:83:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5588f197f97e8900755544e810cddef9d90fbc41
Validity
Not Before: Mar 15 08:31:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9c6c699b503b5c05e72f62d7d8f176d8785cd34f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:52:b1:48:a3:38:66:ad:71:df:fb:1a:84:35:
c8:a8:6b:11:46:68:83:b5:ce:ba:3e:1d:96:cf:35:
3d:8b:0f:ae:77:11:c3:e9:7a:cb:5f:fa:b5:f2:29:
75:6b:b2:3d:e3:ae:28:7b:f9:a4:3d:93:9a:27:26:
63:04:e8:cf:8a:67:1c:f7:ca:cd:f6:98:2e:5b:4e:
14:85:6e:84:cd:6e:78:fb:16:b2:f0:c3:42:40:da:
b9:40:e9:27:19:cc:3b:49:ca:5c:bd:e6:59:89:87:
10:03:0e:b6:fc:78:08:54:7e:b4:33:4b:ec:ec:6c:
a9:ba:cd:16:cb:b0:6c:0f:ba:99:c5:e0:76:42:3b:
f1:08:b5:91:08:30:60:16:77:eb:b3:d8:f4:30:ed:
e1:79:29:64:f9:64:08:aa:0c:4f:ba:8e:67:44:28:
17:83:9f:72:f1:5c:16:71:f7:60:87:b7:a0:8e:e2:
4e:ae:ed:d0:bf:d7:0e:54:fd:07:16:69:a7:7e:2f:
66:a2:ce:a2:de:01:f8:ed:09:d5:5a:ee:d5:3b:f7:
6d:1e:3a:02:ca:93:f8:6a:0e:59:86:25:50:a4:bf:
a7:91:0d:61:29:56:22:60:eb:54:3b:91:fe:bb:ea:
dd:18:61:d4:0f:aa:60:7b:37:36:17:ae:9b:a3:a7:
99:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:6C:69:9B:50:3B:5C:05:E7:2F:62:D7:D8:F1:76:D8:78:5C:D3:4F
X509v3 Authority Key Identifier:
keyid:55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/nGxpm1A7XAXnL2LX2PF22Hhc008.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.3.89.0-46.3.91.255
46.3.160.0/22
46.3.188.0/24
46.3.190.0/23
46.3.200.0/24
46.3.246.0/24
46.3.250.0/24
46.3.252.0/24
46.232.64.0-46.232.72.255
Signature Algorithm: sha256WithRSAEncryption
71:51:81:90:ee:00:c1:62:68:d6:56:2a:7c:20:44:a3:e9:f4:
c3:c7:a5:21:7e:53:a9:1e:3a:bc:2e:f4:65:c6:36:e1:ed:0d:
c4:c0:99:8e:8e:73:23:58:97:ba:18:c0:49:ef:82:1a:ba:fe:
21:3b:d5:df:36:6e:a1:b4:0b:bf:01:75:5d:f6:a9:d2:2c:fc:
6d:83:6b:ea:0f:6e:7b:58:fe:5b:0b:55:71:89:b2:bd:5c:50:
e7:95:ce:65:c7:2c:e7:d2:52:bd:16:10:d3:c5:50:6f:30:48:
db:e7:24:d4:4d:12:25:9c:09:54:38:e5:14:fc:c1:1a:ae:b2:
62:c9:e5:47:dd:80:f7:f9:96:b1:bc:2a:13:8f:02:5a:c2:6b:
71:b4:43:89:99:41:15:91:8d:c3:9d:2d:08:c2:a2:cd:af:c5:
90:3e:9e:61:d1:a6:f4:9f:79:2d:97:53:52:7a:cd:be:18:9a:
b5:2b:92:80:28:ee:d5:e8:ea:f7:16:31:a9:13:96:2c:bd:6f:
ae:65:cf:54:62:1e:a6:36:9e:ec:4d:ec:7a:d1:e8:58:a5:57:
35:e9:0f:74:2a:0d:c9:23:2e:69:7b:23:e6:d2:14:5f:5d:ca:
33:b1:83:5b:58:a5:9a:1d:5a:22:76:d2:42:a5:ca:65:e8:f4:
59:e3:45:25
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAY5BPRJXiFsrB+eY7nUBxoOWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1ODhmMTk3Zjk3ZTg5MDA3NTU1NDRlODEwY2RkZWY5ZDkw
ZmJjNDEwHhcNMjQwMzE1MDgzMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzZjNjk5YjUwM2I1YzA1ZTcyZjYyZDdkOGYxNzZkODc4NWNkMzRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnFKxSKM4Zq1x3/sahDXIqGsRRmiD
tc66Ph2WzzU9iw+udxHD6XrLX/q18il1a7I9464oe/mkPZOaJyZjBOjPimcc98rN
9pguW04UhW6EzW54+xay8MNCQNq5QOknGcw7ScpcveZZiYcQAw62/HgIVH60M0vs
7Gypus0Wy7BsD7qZxeB2QjvxCLWRCDBgFnfrs9j0MO3heSlk+WQIqgxPuo5nRCgX
g59y8VwWcfdgh7egjuJOru3Qv9cOVP0HFmmnfi9mos6i3gH47QnVWu7VO/dtHjoC
ypP4ag5ZhiVQpL+nkQ1hKVYiYOtUO5H+u+rdGGHUD6pgezc2F66bo6eZKwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFJxsaZtQO1wF5y9i19jxdth4XNNPMB8GA1UdIwQY
MBaAFFWI8Zf5fokAdVVE6BDN3vnZD7xBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2Et
N2NmZWY0Mjc2YTBmLzEvbkd4cG0xQTdYQVhuTDJMWDJQRjIySGhjMDA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2EtN2NmZWY0Mjc2YTBm
LzEvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAATBGMAwDBAAuA1kD
BAIuA1gDBAIuA6ADBAAuA7wDBAEuA74DBAAuA8gDBAAuA/YDBAAuA/oDBAAuA/ww
DAMEBi7oQAMEAC7oSDANBgkqhkiG9w0BAQsFAAOCAQEAcVGBkO4AwWJo1lYqfCBE
o+n0w8elIX5TqR46vC70ZcY24e0NxMCZjo5zI1iXuhjASe+CGrr+ITvV3zZuobQL
vwF1Xfap0iz8bYNr6g9ue1j+WwtVcYmyvVxQ55XOZccs59JSvRYQ08VQbzBI2+ck
1E0SJZwJVDjlFPzBGq6yYsnlR92A9/mWsbwqE48CWsJrcbRDiZlBFZGNw50tCMKi
za/FkD6eYdGm9J95LZdTUnrNvhiatSuSgCju1ejq9xYxqROWLL1vrmXPVGIepjae
7E3setHoWKVXNekPdCoNySMuaXsj5tIUX13KM7GDW1ilmh1aInbSQqXKZej0WeNF
JQ==
-----END CERTIFICATE-----
Generated at Fri Mar 22 00:01:54 2024 by rpki-client on console-fra.rpki-client.org