Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/2fvhUM6N_GXAKYnWzacp5WG2lpQ.roa
File: 2fvhUM6N_GXAKYnWzacp5WG2lpQ.roa (raw, json)
Hash identifier: UXcZCaDx1AJzt0wgOtAJP+osw1a7U0bMCOEg185WawM=
Subject key identifier: D9:FB:E1:50:CE:8D:FC:65:C0:29:89:D6:CD:A7:29:E5:61:B6:96:94
Certificate issuer: /CN=5588f197f97e8900755544e810cddef9d90fbc41
Certificate serial: 018E1FA06AD0C3E74739E8E1E63BADE59361
Authority key identifier: 55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/2fvhUM6N_GXAKYnWzacp5WG2lpQ.roa
Signing time: Fri 08 Mar 2024 19:53:10 +0000
ROA not before: Fri 08 Mar 2024 19:53:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7029
IP address blocks: 46.3.8.0/22 maxlen: 22
46.3.28.0/23 maxlen: 24
46.3.89.0/24 maxlen: 24
46.3.90.0/24 maxlen: 24
46.3.91.0/24 maxlen: 24
46.3.120.0/21 maxlen: 24
46.3.134.0/24 maxlen: 24
46.3.160.0/24 maxlen: 24
46.3.161.0/24 maxlen: 24
46.3.162.0/24 maxlen: 24
46.3.163.0/24 maxlen: 24
46.3.184.0/22 maxlen: 24
46.3.188.0/24 maxlen: 24
46.3.201.0/24 maxlen: 24
46.3.206.0/23 maxlen: 24
46.3.208.0/22 maxlen: 24
46.3.212.0/22 maxlen: 24
46.3.228.0/23 maxlen: 24
46.3.236.0/23 maxlen: 24
46.3.243.0/24 maxlen: 24
46.3.244.0/24 maxlen: 24
46.3.246.0/24 maxlen: 24
46.3.248.0/24 maxlen: 24
46.3.249.0/24 maxlen: 24
46.3.251.0/24 maxlen: 24
46.3.253.0/24 maxlen: 24
46.3.254.0/24 maxlen: 24
46.3.255.0/24 maxlen: 24
46.232.0.0/22 maxlen: 24
46.232.16.0/23 maxlen: 24
46.232.18.0/23 maxlen: 24
46.232.64.0/24 maxlen: 24
46.232.65.0/24 maxlen: 24
46.232.66.0/24 maxlen: 24
46.232.68.0/24 maxlen: 24
46.232.116.0/23 maxlen: 24
46.232.118.0/23 maxlen: 24
46.232.124.0/23 maxlen: 24
46.232.126.0/23 maxlen: 24
149.126.193.0/24 maxlen: 24
149.126.196.0/24 maxlen: 24
149.126.226.0/24 maxlen: 24
149.126.228.0/24 maxlen: 24
149.126.231.0/24 maxlen: 24
149.126.242.0/24 maxlen: 24
149.126.244.0/24 maxlen: 24
149.126.245.0/24 maxlen: 24
149.126.247.0/24 maxlen: 24
149.126.248.0/24 maxlen: 24
149.126.249.0/24 maxlen: 24
149.126.250.0/24 maxlen: 24
149.126.252.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 14 Mar 2024 07:51:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:1f:a0:6a:d0:c3:e7:47:39:e8:e1:e6:3b:ad:e5:93:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5588f197f97e8900755544e810cddef9d90fbc41
Validity
Not Before: Mar 8 19:53:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d9fbe150ce8dfc65c02989d6cda729e561b69694
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:b2:9a:17:90:f8:7f:6c:88:b1:45:37:e2:76:
01:e9:d8:9a:f6:0e:c7:8d:47:ac:38:33:01:34:aa:
5c:82:c2:62:65:8e:58:c6:82:2d:2b:38:48:e4:00:
ad:5c:1b:80:1f:8b:79:4e:90:5f:f9:cf:3b:92:cd:
bb:19:63:b2:46:dc:df:86:9e:0e:3b:3f:eb:a5:e3:
8e:60:96:b4:2d:d7:43:25:0c:73:c6:14:cc:82:ea:
c3:f9:e9:b6:6a:3f:5e:50:69:04:3c:dd:ea:13:b2:
39:88:e8:b6:ab:2e:66:04:64:34:47:e0:25:55:8b:
bd:45:e0:91:ee:a2:f3:0e:79:f3:f7:68:40:45:37:
27:4c:0b:55:34:b1:0a:5f:f0:5b:f5:20:6c:9f:de:
25:71:65:87:b4:94:ae:e8:c5:fc:25:bf:b6:f5:44:
00:f7:df:75:b2:f7:94:d4:60:17:d0:b1:6a:b2:b7:
e6:d1:a3:d2:7b:64:96:a0:e4:eb:43:5d:2d:a1:cb:
4b:6d:06:50:5c:fc:8d:28:9f:bd:22:1b:a0:b5:6d:
82:8d:33:6a:4b:78:64:05:20:5b:f0:2a:cd:9e:39:
98:ca:f0:c7:58:ca:44:1d:d9:e7:93:02:72:6f:95:
5d:68:b4:a7:c1:bf:98:90:5b:ad:36:c4:8d:33:a1:
a1:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:FB:E1:50:CE:8D:FC:65:C0:29:89:D6:CD:A7:29:E5:61:B6:96:94
X509v3 Authority Key Identifier:
keyid:55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/2fvhUM6N_GXAKYnWzacp5WG2lpQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.3.8.0/22
46.3.28.0/23
46.3.89.0-46.3.91.255
46.3.120.0/21
46.3.134.0/24
46.3.160.0/22
46.3.184.0-46.3.188.255
46.3.201.0/24
46.3.206.0-46.3.215.255
46.3.228.0/23
46.3.236.0/23
46.3.243.0-46.3.244.255
46.3.246.0/24
46.3.248.0/23
46.3.251.0/24
46.3.253.0-46.3.255.255
46.232.0.0/22
46.232.16.0/22
46.232.64.0-46.232.66.255
46.232.68.0/24
46.232.116.0/22
46.232.124.0/22
149.126.193.0/24
149.126.196.0/24
149.126.226.0/24
149.126.228.0/24
149.126.231.0/24
149.126.242.0/24
149.126.244.0/23
149.126.247.0-149.126.250.255
149.126.252.0/24
Signature Algorithm: sha256WithRSAEncryption
18:d9:98:e5:e5:9e:41:97:d5:ae:39:96:e3:66:24:9e:ca:e9:
ed:4a:ee:4a:73:0d:c6:f1:d3:4b:d3:eb:ad:84:c8:87:ee:24:
e0:04:65:78:d9:5e:0f:d9:79:9a:20:12:66:84:62:12:09:17:
d0:04:f1:1c:e7:4f:f7:ea:fc:26:9a:81:4f:eb:b4:b5:ff:e3:
ed:aa:bc:5e:a2:99:f6:ae:e6:2f:8c:15:83:31:33:c7:10:b2:
91:92:13:97:f3:e3:d0:c7:80:45:33:b7:14:da:ca:e0:a5:9f:
61:ac:95:5b:b9:3c:7f:14:88:93:8b:5d:1a:f5:e0:5d:3b:9f:
c8:be:3d:27:fa:7f:9d:63:2d:59:83:3e:ef:d6:83:d7:f9:dc:
e8:6d:92:db:61:93:2b:ba:3e:15:21:33:4e:d2:f8:b4:8c:2a:
08:37:f4:82:75:f2:02:d2:d6:b0:3d:46:49:b3:8e:6a:57:da:
c1:cc:dc:99:ed:6e:38:5d:e8:56:0b:e8:f9:fd:9e:1f:51:f7:
4f:9a:dd:1c:3f:58:e3:b4:2c:87:d0:1b:ac:23:2a:18:88:30:
52:de:7b:cf:80:65:79:15:97:9e:5e:48:6c:26:cf:0b:3f:ac:
0a:6b:23:aa:86:a4:87:b5:e5:39:a9:2b:b9:75:54:36:38:56:
64:d9:60:36
-----BEGIN CERTIFICATE-----
MIIF7jCCBNagAwIBAgISAY4foGrQw+dHOejh5jut5ZNhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1ODhmMTk3Zjk3ZTg5MDA3NTU1NDRlODEwY2RkZWY5ZDkw
ZmJjNDEwHhcNMjQwMzA4MTk1MzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWZiZTE1MGNlOGRmYzY1YzAyOTg5ZDZjZGE3MjllNTYxYjY5Njk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAprKaF5D4f2yIsUU34nYB6dia9g7H
jUesODMBNKpcgsJiZY5YxoItKzhI5ACtXBuAH4t5TpBf+c87ks27GWOyRtzfhp4O
Oz/rpeOOYJa0LddDJQxzxhTMgurD+em2aj9eUGkEPN3qE7I5iOi2qy5mBGQ0R+Al
VYu9ReCR7qLzDnnz92hARTcnTAtVNLEKX/Bb9SBsn94lcWWHtJSu6MX8Jb+29UQA
9991sveU1GAX0LFqsrfm0aPSe2SWoOTrQ10toctLbQZQXPyNKJ+9IhugtW2CjTNq
S3hkBSBb8CrNnjmYyvDHWMpEHdnnkwJyb5VdaLSnwb+YkFutNsSNM6GhfwIDAQAB
o4IC+jCCAvYwHQYDVR0OBBYEFNn74VDOjfxlwCmJ1s2nKeVhtpaUMB8GA1UdIwQY
MBaAFFWI8Zf5fokAdVVE6BDN3vnZD7xBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2Et
N2NmZWY0Mjc2YTBmLzEvMmZ2aFVNNk5fR1hBS1luV3phY3A1V0cybHBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2EtN2NmZWY0Mjc2YTBm
LzEvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBDgYIKwYBBQUHAQcBAf8Egf4wgfswgfgEAgABMIHxAwQC
LgMIAwQBLgMcMAwDBAAuA1kDBAIuA1gDBAMuA3gDBAAuA4YDBAIuA6AwDAMEAy4D
uAMEAC4DvAMEAC4DyTAMAwQBLgPOAwQDLgPQAwQBLgPkAwQBLgPsMAwDBAAuA/MD
BAAuA/QDBAAuA/YDBAEuA/gDBAAuA/swCwMEAC4D/QMDAi4AAwQCLugAAwQCLugQ
MAwDBAYu6EADBAAu6EIDBAAu6EQDBAIu6HQDBAIu6HwDBACVfsEDBACVfsQDBACV
fuIDBACVfuQDBACVfucDBACVfvIDBAGVfvQwDAMEAJV+9wMEAJV++gMEAJV+/DAN
BgkqhkiG9w0BAQsFAAOCAQEAGNmY5eWeQZfVrjmW42Yknsrp7UruSnMNxvHTS9Pr
rYTIh+4k4ARleNleD9l5miASZoRiEgkX0ATxHOdP9+r8JpqBT+u0tf/j7aq8XqKZ
9q7mL4wVgzEzxxCykZITl/Pj0MeARTO3FNrK4KWfYayVW7k8fxSIk4tdGvXgXTuf
yL49J/p/nWMtWYM+79aD1/nc6G2S22GTK7o+FSEzTtL4tIwqCDf0gnXyAtLWsD1G
SbOOalfawczcme1uOF3oVgvo+f2eH1H3T5rdHD9Y47Qsh9AbrCMqGIgwUt57z4Bl
eRWXnl5IbCbPCz+sCmsjqoakh7XlOakruXVUNjhWZNlgNg==
-----END CERTIFICATE-----
Generated at Thu Mar 14 11:37:09 2024 by rpki-client on console-fra.rpki-client.org