Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/oqAilTPMpFgRmbUZUgsjQnVcXF0.roa
File: oqAilTPMpFgRmbUZUgsjQnVcXF0.roa (raw, json)
Hash identifier: bqN2MRrEH3OGysBeIx3GVdZkwpX353LZIZcqjDU/XGA=
Subject key identifier: A2:A0:22:95:33:CC:A4:58:11:99:B5:19:52:0B:23:42:75:5C:5C:5D
Certificate issuer: /CN=5588f197f97e8900755544e810cddef9d90fbc41
Certificate serial: 018571955D7C51C5315116F64022FCB72231
Authority key identifier: 55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/oqAilTPMpFgRmbUZUgsjQnVcXF0.roa
Signing time: Mon 02 Jan 2023 08:24:52 +0000
ROA not before: Mon 02 Jan 2023 08:24:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49505
IP address blocks: 46.232.64.0/24 maxlen: 24
46.232.70.0/24 maxlen: 24
46.232.71.0/24 maxlen: 24
46.232.66.0/24 maxlen: 24
46.232.67.0/24 maxlen: 24
46.232.68.0/24 maxlen: 24
46.232.69.0/24 maxlen: 24
46.232.65.0/24 maxlen: 24
46.3.213.0/24 maxlen: 24
46.3.209.0/24 maxlen: 24
46.3.210.0/24 maxlen: 24
46.3.211.0/24 maxlen: 24
46.3.212.0/24 maxlen: 24
46.3.208.0/24 maxlen: 24
46.3.214.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:95:5d:7c:51:c5:31:51:16:f6:40:22:fc:b7:22:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5588f197f97e8900755544e810cddef9d90fbc41
Validity
Not Before: Jan 2 08:24:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a2a0229533cca4581199b519520b2342755c5c5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:35:a5:94:4b:5c:88:98:26:3e:91:63:06:1e:
53:c0:fc:69:d4:d4:5d:98:8d:5e:66:ce:ff:18:33:
14:58:42:e2:37:79:1b:2a:6b:a5:67:eb:9d:bc:36:
1e:55:8c:52:1a:82:06:ba:fa:f4:2d:8f:4f:b3:a1:
9b:16:e4:1c:70:1c:4f:00:23:68:53:53:c2:77:4c:
31:07:75:53:e0:e6:0b:9d:16:2b:da:51:2a:c5:b7:
09:07:28:a4:e9:21:c3:4b:4f:25:61:7e:57:82:22:
32:b5:5f:28:eb:4d:eb:9a:33:f3:1c:d6:90:b0:db:
dc:4e:52:cc:d3:8c:51:bc:79:5d:60:4f:b2:85:99:
c0:f9:a6:1a:a8:d7:34:48:a9:db:32:bf:ad:c1:31:
56:76:2c:89:a6:44:d5:58:7f:12:fd:aa:dd:f0:75:
2a:5a:3a:70:06:98:0f:ef:19:c7:ef:cd:7b:5b:2a:
24:b2:fc:5a:ed:fa:a3:35:5f:e4:a1:e4:6f:17:e8:
2a:52:e8:56:29:59:8f:33:3b:f2:89:c3:76:14:2f:
4a:0e:2e:12:9f:61:60:33:c8:77:7e:4c:52:08:15:
19:e8:73:7b:7b:61:30:0a:d5:6c:26:b4:10:24:b6:
d9:a8:7c:4a:09:b6:12:a5:4e:05:ee:93:b8:b9:db:
d3:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:A0:22:95:33:CC:A4:58:11:99:B5:19:52:0B:23:42:75:5C:5C:5D
X509v3 Authority Key Identifier:
keyid:55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/oqAilTPMpFgRmbUZUgsjQnVcXF0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.3.208.0-46.3.214.255
46.232.64.0/21
Signature Algorithm: sha256WithRSAEncryption
97:c2:37:75:41:d6:f3:c4:e6:c0:45:a1:b9:9f:8d:13:c6:22:
63:f8:12:00:6a:9d:30:97:dc:c6:33:56:99:b8:0e:50:eb:b3:
25:8f:49:f9:82:cb:9b:09:e2:f4:eb:10:53:41:7a:cc:6e:c8:
22:a6:b6:e6:59:3c:a7:67:15:41:bd:8e:47:40:d3:f6:a5:76:
31:52:4e:40:f8:8f:ad:e7:3a:4c:b3:97:63:13:85:38:11:3c:
1a:d8:80:8a:a7:11:8f:71:d3:30:35:ea:61:5e:b4:8b:b6:1a:
41:7b:7b:80:7f:e5:d2:68:1c:a8:76:1f:dc:5e:e2:52:d2:49:
5d:35:b1:80:46:91:74:0a:90:51:f9:ec:0b:81:a1:a5:b2:7c:
f6:97:81:5f:8c:1d:b6:50:ac:16:b1:8f:be:95:29:44:99:5e:
8b:95:d8:72:76:9d:b8:af:40:04:7a:ea:32:ac:1d:a0:65:7d:
97:19:01:ed:ce:01:84:d4:92:f3:76:ee:4b:c7:c3:2f:63:8b:
99:4a:b5:61:d6:be:0f:a9:b5:88:7d:94:1a:31:3e:56:a6:e4:
a6:2c:30:0a:fc:fa:57:8c:78:63:57:0a:0a:62:46:27:8b:c2:
d9:71:64:3e:03:b7:e4:00:63:87:f7:06:81:96:50:16:cc:43:
83:d0:0c:bd
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVxlV18UcUxURb2QCL8tyIxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1ODhmMTk3Zjk3ZTg5MDA3NTU1NDRlODEwY2RkZWY5ZDkw
ZmJjNDEwHhcNMjMwMTAyMDgyNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmEwMjI5NTMzY2NhNDU4MTE5OWI1MTk1MjBiMjM0Mjc1NWM1YzVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzTWllEtciJgmPpFjBh5TwPxp1NRd
mI1eZs7/GDMUWELiN3kbKmulZ+udvDYeVYxSGoIGuvr0LY9Ps6GbFuQccBxPACNo
U1PCd0wxB3VT4OYLnRYr2lEqxbcJByik6SHDS08lYX5XgiIytV8o603rmjPzHNaQ
sNvcTlLM04xRvHldYE+yhZnA+aYaqNc0SKnbMr+twTFWdiyJpkTVWH8S/ard8HUq
WjpwBpgP7xnH7817Wyoksvxa7fqjNV/koeRvF+gqUuhWKVmPMzvyicN2FC9KDi4S
n2FgM8h3fkxSCBUZ6HN7e2EwCtVsJrQQJLbZqHxKCbYSpU4F7pO4udvTjwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFKKgIpUzzKRYEZm1GVILI0J1XFxdMB8GA1UdIwQY
MBaAFFWI8Zf5fokAdVVE6BDN3vnZD7xBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2Et
N2NmZWY0Mjc2YTBmLzEvb3FBaWxUUE1wRmdSbWJVWlVnc2pRblZjWEYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2EtN2NmZWY0Mjc2YTBm
LzEvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAQuA9AD
BAAuA9YDBAMu6EAwDQYJKoZIhvcNAQELBQADggEBAJfCN3VB1vPE5sBFobmfjRPG
ImP4EgBqnTCX3MYzVpm4DlDrsyWPSfmCy5sJ4vTrEFNBesxuyCKmtuZZPKdnFUG9
jkdA0/aldjFSTkD4j63nOkyzl2MThTgRPBrYgIqnEY9x0zA16mFetIu2GkF7e4B/
5dJoHKh2H9xe4lLSSV01sYBGkXQKkFH57AuBoaWyfPaXgV+MHbZQrBaxj76VKUSZ
XouV2HJ2nbivQAR66jKsHaBlfZcZAe3OAYTUkvN27kvHwy9ji5lKtWHWvg+ptYh9
lBoxPlam5KYsMAr8+leMeGNXCgpiRieLwtlxZD4Dt+QAY4f3BoGWUBbMQ4PQDL0=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:36 2023 by rpki-client on console-fra.rpki-client.org