Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/08f9b4-115c-4488-b567-5cf7c0621065/1/2P6VpjHGhQapzoh9YHsR7SBxQ8k.roa
File: 2P6VpjHGhQapzoh9YHsR7SBxQ8k.roa (raw, json)
Hash identifier: ILwMTYh+63KIYmH6cbcHKmdgxjswrQiOkzv0kWzi/jA=
Subject key identifier: D8:FE:95:A6:31:C6:85:06:A9:CE:88:7D:60:7B:11:ED:20:71:43:C9
Certificate issuer: /CN=f3751cf8c3a2d36c9744c96519899945ac607820
Certificate serial: 018636738E8038B3C73CFA329A97834F27EB
Authority key identifier: F3:75:1C:F8:C3:A2:D3:6C:97:44:C9:65:19:89:99:45:AC:60:78:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/83Uc-MOi02yXRMllGYmZRaxgeCA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/08f9b4-115c-4488-b567-5cf7c0621065/1/2P6VpjHGhQapzoh9YHsR7SBxQ8k.roa
Signing time: Thu 09 Feb 2023 13:53:08 +0000
ROA not before: Thu 09 Feb 2023 13:53:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48956
IP address blocks: 91.230.42.0/23 maxlen: 23
45.90.0.0/23 maxlen: 23
195.88.114.0/23 maxlen: 23
91.207.52.0/23 maxlen: 23
91.246.104.0/21 maxlen: 21
37.46.15.0/24 maxlen: 24
37.46.13.0/24 maxlen: 24
37.46.14.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:36:73:8e:80:38:b3:c7:3c:fa:32:9a:97:83:4f:27:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f3751cf8c3a2d36c9744c96519899945ac607820
Validity
Not Before: Feb 9 13:53:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d8fe95a631c68506a9ce887d607b11ed207143c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:a5:d8:ec:e0:54:66:6a:6b:e3:12:b4:3e:f7:
c7:7d:d5:ce:82:1c:df:82:9e:67:69:bc:18:81:41:
b0:76:f5:64:ba:1c:3f:36:0d:2c:85:9b:78:97:b2:
13:db:99:9f:92:82:cb:86:f7:43:de:7b:82:8e:e2:
f6:82:29:8d:f0:b6:b2:00:28:90:cd:f9:15:15:5b:
de:3a:58:52:70:e0:cd:a7:8b:6b:91:90:ad:80:8f:
90:90:5c:ba:35:32:91:25:8c:f7:c3:0d:de:6f:2a:
71:58:81:12:90:17:24:57:b2:ad:99:25:8e:ac:7b:
7e:bc:5e:09:6a:dc:68:72:c9:ce:8d:bc:3d:ba:eb:
b0:9d:68:9c:29:83:83:a9:4a:75:9b:db:3a:29:d6:
30:32:16:8f:6c:c4:77:b7:3f:9b:7c:37:1d:32:d0:
0d:69:f8:35:38:46:75:6e:b9:c4:e7:ca:6b:5c:4e:
bb:a4:1d:e6:0e:3c:70:62:79:f3:f5:06:d2:ab:b2:
dd:99:9e:07:e0:5f:00:25:d5:e3:01:fe:dd:38:60:
17:f7:bb:d5:75:d4:3b:62:60:34:64:74:b2:39:3d:
dd:ec:a7:e6:b0:ff:c1:44:d2:97:d3:f0:d8:90:7e:
a2:af:cb:b4:62:9a:74:51:83:21:25:9a:f7:16:f3:
16:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:FE:95:A6:31:C6:85:06:A9:CE:88:7D:60:7B:11:ED:20:71:43:C9
X509v3 Authority Key Identifier:
keyid:F3:75:1C:F8:C3:A2:D3:6C:97:44:C9:65:19:89:99:45:AC:60:78:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/83Uc-MOi02yXRMllGYmZRaxgeCA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/08f9b4-115c-4488-b567-5cf7c0621065/1/2P6VpjHGhQapzoh9YHsR7SBxQ8k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/08f9b4-115c-4488-b567-5cf7c0621065/1/83Uc-MOi02yXRMllGYmZRaxgeCA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.46.13.0-37.46.15.255
45.90.0.0/23
91.207.52.0/23
91.230.42.0/23
91.246.104.0/21
195.88.114.0/23
Signature Algorithm: sha256WithRSAEncryption
94:2f:fc:63:2f:2d:a5:30:85:99:04:1b:81:c9:8e:11:14:7d:
3a:47:05:03:75:31:c7:ff:9f:dd:27:5a:37:59:64:44:53:5a:
70:70:88:cb:21:6d:ba:37:d3:75:fc:3a:69:fc:01:7c:65:7b:
bc:49:42:48:9e:d8:7e:a4:4a:16:c6:63:15:fd:c1:d4:5b:f0:
7e:05:80:2b:f9:e9:2f:4f:16:94:73:e3:1d:6a:9c:74:5b:b1:
26:6e:a5:52:04:29:b4:75:94:47:dc:2c:65:fe:f4:94:90:c3:
1e:3b:75:4f:03:12:f0:1e:6e:48:18:4a:4d:c2:72:c8:68:f8:
76:1f:43:f0:83:cc:4f:d6:d7:b4:56:55:f8:f7:47:44:17:e7:
b6:32:9a:c1:07:d8:23:da:4b:1e:bb:d5:a3:c7:c5:ff:13:2c:
83:9b:5a:75:09:69:d5:86:b1:1b:2d:6d:54:90:5d:fc:57:fe:
8f:27:66:27:4c:fc:d9:64:75:97:9e:73:ec:c7:25:1c:20:5d:
30:9b:cb:4d:2a:b4:6a:1c:8b:41:ac:ec:c0:dd:0c:eb:63:e4:
d3:ed:c9:78:2a:93:f8:2a:d4:29:5f:06:be:06:5f:db:37:b9:
df:13:ef:b5:27:e3:05:22:d4:ba:1b:ae:2d:19:f0:a2:15:73:
dd:40:ed:d0
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYY2c46AOLPHPPoympeDTyfrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzNzUxY2Y4YzNhMmQzNmM5NzQ0Yzk2NTE5ODk5OTQ1YWM2
MDc4MjAwHhcNMjMwMjA5MTM1MzA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGZlOTVhNjMxYzY4NTA2YTljZTg4N2Q2MDdiMTFlZDIwNzE0M2M5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0aXY7OBUZmpr4xK0PvfHfdXOghzf
gp5nabwYgUGwdvVkuhw/Ng0shZt4l7IT25mfkoLLhvdD3nuCjuL2gimN8LayACiQ
zfkVFVveOlhScODNp4trkZCtgI+QkFy6NTKRJYz3ww3ebypxWIESkBckV7KtmSWO
rHt+vF4JatxocsnOjbw9uuuwnWicKYODqUp1m9s6KdYwMhaPbMR3tz+bfDcdMtAN
afg1OEZ1brnE58prXE67pB3mDjxwYnnz9QbSq7LdmZ4H4F8AJdXjAf7dOGAX97vV
ddQ7YmA0ZHSyOT3d7KfmsP/BRNKX0/DYkH6ir8u0Ypp0UYMhJZr3FvMWlwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFNj+laYxxoUGqc6IfWB7Ee0gcUPJMB8GA1UdIwQY
MBaAFPN1HPjDotNsl0TJZRmJmUWsYHggMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODNVYy1NT2kwMnlYUk1sbEdZbVpSYXhnZUNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi8wOGY5YjQtMTE1Yy00NDg4LWI1Njct
NWNmN2MwNjIxMDY1LzEvMlA2VnBqSEdoUWFwem9oOVlIc1I3U0J4UThrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi8wOGY5YjQtMTE1Yy00NDg4LWI1NjctNWNmN2MwNjIxMDY1
LzEvODNVYy1NT2kwMnlYUk1sbEdZbVpSYXhnZUNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsMAwDBAAlLg0D
BAQlLgADBAEtWgADBAFbzzQDBAFb5ioDBANb9mgDBAHDWHIwDQYJKoZIhvcNAQEL
BQADggEBAJQv/GMvLaUwhZkEG4HJjhEUfTpHBQN1Mcf/n90nWjdZZERTWnBwiMsh
bbo303X8Omn8AXxle7xJQkie2H6kShbGYxX9wdRb8H4FgCv56S9PFpRz4x1qnHRb
sSZupVIEKbR1lEfcLGX+9JSQwx47dU8DEvAebkgYSk3Ccsho+HYfQ/CDzE/W17RW
Vfj3R0QX57YymsEH2CPaSx671aPHxf8TLIObWnUJadWGsRstbVSQXfxX/o8nZidM
/NlkdZeec+zHJRwgXTCby00qtGoci0Gs7MDdDOtj5NPtyXgqk/gq1ClfBr4GX9s3
ud8T77Un4wUi1Lobri0Z8KIVc91A7dA=
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:36:22 2024 by rpki-client on console-fra.rpki-client.org