Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/yzl3g9oa-TjjPjDz-N5_4HDzYQU.roa
File: yzl3g9oa-TjjPjDz-N5_4HDzYQU.roa (raw, json)
Hash identifier: SpXPj2JDPRU1UJM0UTN57Od03fiVpaq5Y0oPIFbUQmg=
Subject key identifier: CB:39:77:83:DA:1A:F9:38:E3:3E:30:F3:F8:DE:7F:E0:70:F3:61:05
Certificate issuer: /CN=5588f197f97e8900755544e810cddef9d90fbc41
Certificate serial: 018CC94E666B7DAC1F97A0D7716A768CE9B9
Authority key identifier: 55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/yzl3g9oa-TjjPjDz-N5_4HDzYQU.roa
Signing time: Tue 02 Jan 2024 08:33:27 +0000
ROA not before: Tue 02 Jan 2024 08:33:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1239
IP address blocks: 46.232.64.0/24 maxlen: 24
46.232.70.0/24 maxlen: 24
46.232.66.0/24 maxlen: 24
46.232.67.0/24 maxlen: 24
46.232.69.0/24 maxlen: 24
46.232.65.0/24 maxlen: 24
46.232.72.0/24 maxlen: 24
46.232.72.0/21 maxlen: 24
46.232.96.0/20 maxlen: 24
46.3.89.0/24 maxlen: 24
46.3.91.0/24 maxlen: 24
46.3.90.0/24 maxlen: 24
46.3.160.0/24 maxlen: 24
46.3.162.0/24 maxlen: 24
46.3.161.0/24 maxlen: 24
46.3.163.0/24 maxlen: 24
46.3.188.0/24 maxlen: 24
46.3.190.0/24 maxlen: 24
46.3.191.0/24 maxlen: 24
46.232.112.0/20 maxlen: 22
46.3.116.0/22 maxlen: 24
46.3.120.0/21 maxlen: 21
46.3.134.0/24 maxlen: 24
46.3.255.0/24 maxlen: 24
46.3.254.0/24 maxlen: 24
149.126.242.0/24 maxlen: 24
149.126.244.0/24 maxlen: 24
149.126.246.0/24 maxlen: 24
149.126.249.0/24 maxlen: 24
149.126.247.0/24 maxlen: 24
149.126.250.0/24 maxlen: 24
149.126.252.0/24 maxlen: 24
149.126.248.0/24 maxlen: 24
46.3.200.0/24 maxlen: 24
46.3.201.0/24 maxlen: 24
46.3.208.0/21 maxlen: 21
46.3.220.0/23 maxlen: 23
46.3.230.0/23 maxlen: 23
149.126.226.0/24 maxlen: 24
149.126.231.0/24 maxlen: 24
149.126.228.0/24 maxlen: 24
46.3.246.0/24 maxlen: 24
46.3.251.0/24 maxlen: 24
46.3.253.0/24 maxlen: 24
46.3.248.0/24 maxlen: 24
46.3.250.0/24 maxlen: 24
46.3.252.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 21 Mar 2024 20:49:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:66:6b:7d:ac:1f:97:a0:d7:71:6a:76:8c:e9:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5588f197f97e8900755544e810cddef9d90fbc41
Validity
Not Before: Jan 2 08:33:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cb397783da1af938e33e30f3f8de7fe070f36105
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:65:68:8c:90:df:79:b4:91:87:a8:1c:e8:6a:
d1:ac:24:42:32:df:26:f0:f8:28:c9:da:ff:a4:05:
2b:87:ae:7f:ab:ac:d8:d6:d3:0d:ee:a3:bf:6d:f4:
7b:a4:ce:81:2b:0e:ed:22:e9:51:12:13:df:4e:77:
b8:06:1a:16:e5:28:1e:3f:ce:1d:f2:36:7f:64:e3:
5c:e1:3a:cf:23:ce:9d:03:1a:4d:78:2b:eb:83:dd:
93:56:92:6d:c1:73:db:85:64:26:7f:45:e9:83:c5:
d9:d8:85:6c:e6:b9:9f:45:dd:b9:93:c3:4b:f8:14:
5d:fe:0b:62:dd:e8:97:6c:7f:c8:83:5b:09:3c:42:
6e:34:4d:e1:ca:39:4c:55:19:a3:77:cf:54:e6:3c:
3d:24:b0:48:11:0a:a5:80:f0:15:ca:7b:e6:bf:c3:
58:11:d2:80:29:44:74:d2:98:34:94:9c:c9:38:46:
8a:2a:e6:de:70:74:62:fb:4c:80:0a:1e:a0:0b:22:
6c:27:de:36:26:64:94:dd:5f:5f:75:a2:73:a3:bc:
e7:fb:8f:14:67:4c:c6:18:d7:fa:03:27:bb:25:cb:
27:ac:54:80:a8:b9:58:67:bc:c1:c2:27:ea:13:c4:
04:00:6f:82:1b:6b:2a:2c:a9:9c:28:b0:d3:72:7b:
61:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:39:77:83:DA:1A:F9:38:E3:3E:30:F3:F8:DE:7F:E0:70:F3:61:05
X509v3 Authority Key Identifier:
keyid:55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/yzl3g9oa-TjjPjDz-N5_4HDzYQU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.3.89.0-46.3.91.255
46.3.116.0-46.3.127.255
46.3.134.0/24
46.3.160.0/22
46.3.188.0/24
46.3.190.0/23
46.3.200.0/23
46.3.208.0/21
46.3.220.0/23
46.3.230.0/23
46.3.246.0/24
46.3.248.0/24
46.3.250.0-46.3.255.255
46.232.64.0/22
46.232.69.0-46.232.70.255
46.232.72.0/21
46.232.96.0/19
149.126.226.0/24
149.126.228.0/24
149.126.231.0/24
149.126.242.0/24
149.126.244.0/24
149.126.246.0-149.126.250.255
149.126.252.0/24
Signature Algorithm: sha256WithRSAEncryption
25:a3:3e:7a:eb:94:c9:1c:79:a4:c1:7c:5a:fd:e6:de:3f:81:
fc:40:e0:78:ca:b3:96:aa:bb:90:21:41:ab:37:64:a4:9e:95:
a9:1f:46:29:d1:ea:e6:91:79:fa:7c:0e:3c:cd:fc:e0:b5:1a:
dc:f5:eb:22:b2:a1:69:8b:2b:79:1c:e2:50:aa:ae:78:dc:42:
fa:e2:4f:4c:f5:50:d2:06:e2:98:7f:2c:96:c2:e5:ae:5e:2d:
9f:0e:ea:fc:be:d3:22:ef:5d:e7:ea:7e:a5:95:0c:89:0d:ed:
62:88:69:75:1e:b6:da:da:f5:c6:69:7f:4f:84:82:7b:a2:7a:
90:b3:b4:a2:a1:7e:84:d6:9f:07:ff:a8:88:59:44:65:42:58:
4c:7e:97:f8:6d:f9:6f:5d:35:5f:98:f6:a6:c4:b1:23:68:88:
1b:e7:f8:b7:45:88:8a:02:ac:69:07:76:74:e1:16:fb:b6:c9:
47:7f:94:be:67:a2:4b:3f:5e:d2:40:0a:69:5b:3a:70:06:12:
c4:c1:8c:c5:f7:ce:07:fe:2f:e0:bd:32:83:cd:5e:2c:8b:40:
54:7b:c1:4c:f8:92:78:08:69:53:b7:a8:e6:c4:07:83:61:5b:
5d:62:51:6a:20:6f:a9:95:11:06:90:be:5f:ed:b7:c1:e3:de:
2c:0e:32:79
-----BEGIN CERTIFICATE-----
MIIFszCCBJugAwIBAgISAYzJTmZrfawfl6DXcWp2jOm5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1ODhmMTk3Zjk3ZTg5MDA3NTU1NDRlODEwY2RkZWY5ZDkw
ZmJjNDEwHhcNMjQwMTAyMDgzMzI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjM5Nzc4M2RhMWFmOTM4ZTMzZTMwZjNmOGRlN2ZlMDcwZjM2MTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAimVojJDfebSRh6gc6GrRrCRCMt8m
8Pgoydr/pAUrh65/q6zY1tMN7qO/bfR7pM6BKw7tIulREhPfTne4BhoW5SgeP84d
8jZ/ZONc4TrPI86dAxpNeCvrg92TVpJtwXPbhWQmf0Xpg8XZ2IVs5rmfRd25k8NL
+BRd/gti3eiXbH/Ig1sJPEJuNE3hyjlMVRmjd89U5jw9JLBIEQqlgPAVynvmv8NY
EdKAKUR00pg0lJzJOEaKKubecHRi+0yACh6gCyJsJ942JmSU3V9fdaJzo7zn+48U
Z0zGGNf6Aye7JcsnrFSAqLlYZ7zBwifqE8QEAG+CG2sqLKmcKLDTcnthjQIDAQAB
o4ICvzCCArswHQYDVR0OBBYEFMs5d4PaGvk44z4w8/jef+Bw82EFMB8GA1UdIwQY
MBaAFFWI8Zf5fokAdVVE6BDN3vnZD7xBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2Et
N2NmZWY0Mjc2YTBmLzEveXpsM2c5b2EtVGpqUGpEei1ONV80SER6WVFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2EtN2NmZWY0Mjc2YTBm
LzEvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHUBggrBgEFBQcBBwEB/wSBxDCBwTCBvgQCAAEwgbcwDAME
AC4DWQMEAi4DWDAMAwQCLgN0AwQHLgMAAwQALgOGAwQCLgOgAwQALgO8AwQBLgO+
AwQBLgPIAwQDLgPQAwQBLgPcAwQBLgPmAwQALgP2AwQALgP4MAsDBAEuA/oDAwIu
AAMEAi7oQDAMAwQALuhFAwQALuhGAwQDLuhIAwQFLuhgAwQAlX7iAwQAlX7kAwQA
lX7nAwQAlX7yAwQAlX70MAwDBAGVfvYDBACVfvoDBACVfvwwDQYJKoZIhvcNAQEL
BQADggEBACWjPnrrlMkceaTBfFr95t4/gfxA4HjKs5aqu5AhQas3ZKSelakfRinR
6uaRefp8DjzN/OC1Gtz16yKyoWmLK3kc4lCqrnjcQvriT0z1UNIG4ph/LJbC5a5e
LZ8O6vy+0yLvXefqfqWVDIkN7WKIaXUettra9cZpf0+EgnuiepCztKKhfoTWnwf/
qIhZRGVCWEx+l/ht+W9dNV+Y9qbEsSNoiBvn+LdFiIoCrGkHdnThFvu2yUd/lL5n
oks/XtJACmlbOnAGEsTBjMX3zgf+L+C9MoPNXiyLQFR7wUz4kngIaVO3qObEB4Nh
W11iUWogb6mVEQaQvl/tt8Hj3iwOMnk=
-----END CERTIFICATE-----
Generated at Thu Mar 21 23:46:24 2024 by rpki-client on console-ams.rpki-client.org