Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/4cea79-2a09-4ae7-a50c-f8a836f01b21/1/2wzcrh9AoPFRK2wsNvYUPREArp4.roa
File: 2wzcrh9AoPFRK2wsNvYUPREArp4.roa (raw, json)
Hash identifier: uQHjh7Fl4q5lu2nCgLqj7DaG31F2RcNuapo2FSqXs3A=
Subject key identifier: DB:0C:DC:AE:1F:40:A0:F1:51:2B:6C:2C:36:F6:14:3D:11:00:AE:9E
Certificate issuer: /CN=8a5d86aab4c0974f0c27f43d968df426f53df5d2
Certificate serial: 01856F6FEFE9A955E7F9B362BF8ADDDBC357
Authority key identifier: 8A:5D:86:AA:B4:C0:97:4F:0C:27:F4:3D:96:8D:F4:26:F5:3D:F5:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/il2GqrTAl08MJ_Q9lo30JvU99dI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/4cea79-2a09-4ae7-a50c-f8a836f01b21/1/2wzcrh9AoPFRK2wsNvYUPREArp4.roa
Signing time: Sun 01 Jan 2023 22:24:44 +0000
ROA not before: Sun 01 Jan 2023 22:24:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12637
IP address blocks: 46.174.138.0/24 maxlen: 24
46.174.137.0/24 maxlen: 24
46.174.136.0/24 maxlen: 24
2a09:dd81::/32 maxlen: 32
2a09:dd82::/32 maxlen: 32
2a09:dd80::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:6f:ef:e9:a9:55:e7:f9:b3:62:bf:8a:dd:db:c3:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a5d86aab4c0974f0c27f43d968df426f53df5d2
Validity
Not Before: Jan 1 22:24:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=db0cdcae1f40a0f1512b6c2c36f6143d1100ae9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:d6:99:44:f9:94:01:cf:9e:6a:fd:46:23:da:
0a:df:88:b2:c8:f0:a0:70:6e:bd:5f:ea:52:b1:46:
ea:ec:7a:a6:3d:4e:89:23:3a:1d:4a:d7:b5:13:2b:
e4:d5:cc:7c:df:68:7f:b5:a0:62:d5:d4:0e:2e:80:
3f:ad:c5:f8:d7:b7:18:b1:e9:63:5d:a4:eb:af:d8:
ff:ae:41:35:6c:24:18:1a:31:27:c0:41:60:f5:c1:
f1:61:e0:7d:b9:67:79:96:dd:0c:12:2d:87:c9:30:
94:e9:37:c6:59:0d:b7:7b:be:47:0a:3a:3b:87:ea:
0c:bc:71:98:f8:c8:34:f7:05:c8:36:6e:ff:d1:2a:
b0:4e:18:93:62:86:4e:c2:3f:c2:fd:ce:f8:ad:46:
d5:0f:06:a0:25:7c:ce:3c:b9:93:1c:1f:a5:78:7d:
1c:e1:1f:67:9b:a6:ff:64:a2:7b:d8:e2:b6:67:a2:
32:f1:a8:16:17:65:6b:18:91:e3:ac:99:06:dd:cd:
32:7a:da:90:c7:51:a2:87:0c:32:71:09:a4:d7:fb:
87:e6:97:de:48:22:09:c1:15:bc:e3:04:a8:b0:15:
dd:16:d2:37:f9:17:8d:d7:90:f3:be:fc:d5:d8:d1:
2e:a7:f3:92:ee:30:c6:59:8d:cd:bf:7d:cc:3b:2f:
d6:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:0C:DC:AE:1F:40:A0:F1:51:2B:6C:2C:36:F6:14:3D:11:00:AE:9E
X509v3 Authority Key Identifier:
keyid:8A:5D:86:AA:B4:C0:97:4F:0C:27:F4:3D:96:8D:F4:26:F5:3D:F5:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/il2GqrTAl08MJ_Q9lo30JvU99dI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/4cea79-2a09-4ae7-a50c-f8a836f01b21/1/2wzcrh9AoPFRK2wsNvYUPREArp4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/4cea79-2a09-4ae7-a50c-f8a836f01b21/1/il2GqrTAl08MJ_Q9lo30JvU99dI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.174.136.0-46.174.138.255
IPv6:
2a09:dd80::-2a09:dd82:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
1f:2a:be:77:de:f9:e9:0c:74:41:0e:16:4f:8c:e5:17:5e:60:
9d:86:1b:75:70:8e:c5:85:33:b0:76:e2:d5:a7:5b:99:df:6c:
7b:a9:5f:ca:0e:2b:5f:d5:92:79:f4:e1:21:3f:bd:dd:00:80:
cb:5b:99:f0:e5:3f:c8:e0:59:85:b6:79:96:71:69:ed:a0:59:
6b:7e:d9:5d:26:a6:1f:92:8b:4f:d9:81:50:64:dc:49:70:8c:
ff:d8:9e:6e:aa:0b:52:d1:90:e0:e4:3f:85:86:f7:86:bf:32:
17:25:12:a2:44:34:03:58:53:86:33:cd:0f:90:14:b1:08:38:
dc:32:14:d1:5e:4c:95:ac:a1:41:bb:e0:12:1e:99:9c:15:d4:
33:09:c1:5f:99:25:f4:bd:e9:a4:87:bc:81:96:25:d8:0f:9c:
4d:bd:87:0d:b6:35:30:1c:b8:08:3f:06:a8:85:ba:1a:94:5a:
26:d7:4f:90:8a:fa:ad:55:b7:03:6e:9f:fb:30:9a:70:bc:2b:
92:4a:de:2c:97:f2:5c:39:9a:2a:02:95:e1:6e:89:07:4b:a9:
37:6b:36:8f:51:22:8c:0c:e7:5d:88:86:63:47:3f:0e:c6:93:
1b:7b:b7:e1:be:98:67:64:e8:56:ed:b6:28:74:63:27:e8:2f:
a1:a8:f9:ea
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYVvb+/pqVXn+bNiv4rd28NXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhNWQ4NmFhYjRjMDk3NGYwYzI3ZjQzZDk2OGRmNDI2ZjUz
ZGY1ZDIwHhcNMjMwMTAxMjIyNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjBjZGNhZTFmNDBhMGYxNTEyYjZjMmMzNmY2MTQzZDExMDBhZTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkdaZRPmUAc+eav1GI9oK34iyyPCg
cG69X+pSsUbq7HqmPU6JIzodSte1Eyvk1cx832h/taBi1dQOLoA/rcX417cYselj
XaTrr9j/rkE1bCQYGjEnwEFg9cHxYeB9uWd5lt0MEi2HyTCU6TfGWQ23e75HCjo7
h+oMvHGY+Mg09wXINm7/0SqwThiTYoZOwj/C/c74rUbVDwagJXzOPLmTHB+leH0c
4R9nm6b/ZKJ72OK2Z6Iy8agWF2VrGJHjrJkG3c0yetqQx1GihwwycQmk1/uH5pfe
SCIJwRW84wSosBXdFtI3+ReN15DzvvzV2NEup/OS7jDGWY3Nv33MOy/WUwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFNsM3K4fQKDxUStsLDb2FD0RAK6eMB8GA1UdIwQY
MBaAFIpdhqq0wJdPDCf0PZaN9Cb1PfXSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWwyR3FyVEFsMDhNSl9ROWxvMzBKdlU5OWRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi80Y2VhNzktMmEwOS00YWU3LWE1MGMt
ZjhhODM2ZjAxYjIxLzEvMnd6Y3JoOUFvUEZSSzJ3c052WVVQUkVBcnA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi80Y2VhNzktMmEwOS00YWU3LWE1MGMtZjhhODM2ZjAxYjIx
LzEvaWwyR3FyVEFsMDhNSl9ROWxvMzBKdlU5OWRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAUBAIAATAOMAwDBAMurogD
BAAuroowFgQCAAIwEDAOAwUHKgndgAMFACoJ3YIwDQYJKoZIhvcNAQELBQADggEB
AB8qvnfe+ekMdEEOFk+M5RdeYJ2GG3VwjsWFM7B24tWnW5nfbHupX8oOK1/Vknn0
4SE/vd0AgMtbmfDlP8jgWYW2eZZxae2gWWt+2V0mph+Si0/ZgVBk3ElwjP/Ynm6q
C1LRkODkP4WG94a/MhclEqJENANYU4YzzQ+QFLEIONwyFNFeTJWsoUG74BIemZwV
1DMJwV+ZJfS96aSHvIGWJdgPnE29hw22NTAcuAg/BqiFuhqUWibXT5CK+q1VtwNu
n/swmnC8K5JK3iyX8lw5mioCleFuiQdLqTdrNo9RIowM512IhmNHPw7Gkxt7t+G+
mGdk6Fbttih0YyfoL6Go+eo=
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:19:49 2024 by rpki-client on console-fra.rpki-client.org