Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/2tnIY8c0sG1ND4a4k5p2aKp71kE.roa
File: 2tnIY8c0sG1ND4a4k5p2aKp71kE.roa (raw, json)
Hash identifier: sySvJGaJZnehq44QLJKT9fmQJyqIvOhiOP3ol9yPxag=
Subject key identifier: DA:D9:C8:63:C7:34:B0:6D:4D:0F:86:B8:93:9A:76:68:AA:7B:D6:41
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 018F0AFB3E01A666982D516FB6FB1019C161
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/2tnIY8c0sG1ND4a4k5p2aKp71kE.roa
Signing time: Tue 23 Apr 2024 12:43:08 +0000
ROA not before: Tue 23 Apr 2024 12:43:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44889
IP address blocks: 46.38.129.0/24 maxlen: 24
46.38.131.0/24 maxlen: 24
46.38.136.0/24 maxlen: 24
46.38.137.0/24 maxlen: 24
46.38.138.0/24 maxlen: 24
46.38.139.0/24 maxlen: 24
46.38.140.0/24 maxlen: 24
46.38.144.0/23 maxlen: 23
46.38.150.0/24 maxlen: 24
109.94.164.0/24 maxlen: 24
109.94.165.0/24 maxlen: 24
185.24.148.0/24 maxlen: 24
185.24.149.0/24 maxlen: 24
185.24.150.0/24 maxlen: 24
185.24.151.0/24 maxlen: 24
185.29.220.0/24 maxlen: 24
185.29.221.0/24 maxlen: 24
185.29.222.0/24 maxlen: 24
185.29.223.0/24 maxlen: 24
185.143.74.0/24 maxlen: 24
185.143.75.0/24 maxlen: 24
212.16.64.0/19 maxlen: 24
212.16.71.0/24 maxlen: 24
212.16.72.0/24 maxlen: 25
212.16.86.0/23 maxlen: 23
212.16.87.0/24 maxlen: 24
212.16.89.0/24 maxlen: 24
212.80.0.0/19 maxlen: 24
212.80.2.0/24 maxlen: 24
2a00:7d80::/29 maxlen: 64
Validation: Failed, certificate revoked on Wed 08 May 2024 18:27:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:0a:fb:3e:01:a6:66:98:2d:51:6f:b6:fb:10:19:c1:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Apr 23 12:43:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dad9c863c734b06d4d0f86b8939a7668aa7bd641
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:82:df:0a:9e:62:d8:c6:20:26:6c:0e:ce:c8:
d5:d6:1c:6e:73:bf:59:6f:0d:a6:3e:63:17:ee:4e:
71:c9:eb:08:83:00:a8:79:ac:0d:18:8d:43:d0:99:
e8:8d:f5:b8:1d:ea:df:c4:40:c5:fb:34:31:59:48:
69:38:58:4b:f2:52:46:6d:0a:53:46:ab:12:a8:3d:
d5:83:0b:a9:b9:bc:60:55:39:40:3f:f9:15:c0:1e:
ca:27:df:40:50:48:e1:f8:c7:b3:27:ad:79:14:a2:
88:ea:7c:b7:3c:66:03:3d:c1:38:0f:43:2f:6a:96:
61:43:e5:33:df:d1:96:23:07:42:c3:85:f2:2e:35:
12:6e:7e:11:9d:6b:f8:ce:3e:32:3c:0b:1b:3c:ea:
1f:f2:79:82:c5:a0:6a:08:71:05:89:82:d3:a7:6d:
cd:4e:d9:03:bb:54:93:21:c4:f8:88:ac:f8:27:44:
2b:b9:51:bd:ea:1c:96:a8:9c:f3:22:ba:35:9a:50:
66:16:e7:f7:d4:85:aa:b4:73:49:dc:ad:13:9e:31:
5a:a4:b8:d3:f6:20:77:c1:46:95:0a:45:b9:a2:83:
85:11:73:93:7e:5c:27:34:cf:c5:1b:24:68:8d:82:
c8:17:6a:6d:32:75:f3:8c:a5:61:68:4b:ba:5b:77:
cd:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:D9:C8:63:C7:34:B0:6D:4D:0F:86:B8:93:9A:76:68:AA:7B:D6:41
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/2tnIY8c0sG1ND4a4k5p2aKp71kE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.38.129.0/24
46.38.131.0/24
46.38.136.0-46.38.140.255
46.38.144.0/23
46.38.150.0/24
109.94.164.0/23
185.24.148.0/22
185.29.220.0/22
185.143.74.0/23
212.16.64.0/19
212.80.0.0/19
IPv6:
2a00:7d80::/29
Signature Algorithm: sha256WithRSAEncryption
7f:c9:79:32:37:1d:d8:96:fa:f6:0a:44:52:11:6e:31:8d:32:
f3:37:67:a2:d6:15:66:2a:92:9a:aa:21:21:04:9c:f9:1c:23:
da:69:de:af:f2:ad:60:25:31:5b:9d:f4:5f:98:f5:23:bf:d0:
e5:fd:b3:1e:95:d1:0a:41:d4:f0:7b:76:7c:57:b0:3f:c4:70:
7b:56:26:1e:86:dd:80:2e:5a:d3:93:25:ad:dc:f4:d7:cc:47:
97:5c:02:3c:c4:b2:31:77:c7:06:49:59:0f:0b:c9:75:c6:66:
83:eb:4a:1f:1c:63:f6:26:15:1a:d4:1c:fd:9a:08:17:39:de:
f1:8e:ac:7c:85:f5:04:33:cf:40:e8:ed:77:ad:30:91:31:f3:
66:8b:ec:1d:26:6d:4e:36:bc:fd:92:f6:e9:bc:3b:4d:23:50:
6f:fd:b9:cf:1d:67:08:e3:0d:3f:9e:c1:20:ee:69:a0:2f:51:
fd:16:84:1f:f4:7e:8b:ff:85:e7:be:0f:dd:df:f8:c6:74:90:
f6:a5:fe:5d:5e:bd:29:fb:56:9c:d0:81:dd:fd:a7:c9:40:35:
71:81:03:a5:42:9e:2c:56:1d:ae:e5:a0:ab:16:59:23:9f:11:
d1:75:64:b0:82:0d:64:ab:95:b7:70:51:e1:39:bf:c3:7c:0e:
91:8a:7f:15
-----BEGIN CERTIFICATE-----
MIIFUDCCBDigAwIBAgISAY8K+z4BpmaYLVFvtvsQGcFhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjQwNDIzMTI0MzA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWQ5Yzg2M2M3MzRiMDZkNGQwZjg2Yjg5MzlhNzY2OGFhN2JkNjQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlILfCp5i2MYgJmwOzsjV1hxuc79Z
bw2mPmMX7k5xyesIgwCoeawNGI1D0JnojfW4HerfxEDF+zQxWUhpOFhL8lJGbQpT
RqsSqD3VgwupubxgVTlAP/kVwB7KJ99AUEjh+MezJ615FKKI6ny3PGYDPcE4D0Mv
apZhQ+Uz39GWIwdCw4XyLjUSbn4RnWv4zj4yPAsbPOof8nmCxaBqCHEFiYLTp23N
TtkDu1STIcT4iKz4J0QruVG96hyWqJzzIro1mlBmFuf31IWqtHNJ3K0TnjFapLjT
9iB3wUaVCkW5ooOFEXOTflwnNM/FGyRojYLIF2ptMnXzjKVhaEu6W3fN/wIDAQAB
o4ICXDCCAlgwHQYDVR0OBBYEFNrZyGPHNLBtTQ+GuJOadmiqe9ZBMB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvMnRuSVk4YzBzRzFORDRhNGs1cDJhS3A3MWtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHIGCCsGAQUFBwEHAQH/BGMwYTBQBAIAATBKAwQALiaBAwQA
LiaDMAwDBAMuJogDBAAuJowDBAEuJpADBAAuJpYDBAFtXqQDBAK5GJQDBAK5HdwD
BAG5j0oDBAXUEEADBAXUUAAwDQQCAAIwBwMFAyoAfYAwDQYJKoZIhvcNAQELBQAD
ggEBAH/JeTI3HdiW+vYKRFIRbjGNMvM3Z6LWFWYqkpqqISEEnPkcI9pp3q/yrWAl
MVud9F+Y9SO/0OX9sx6V0QpB1PB7dnxXsD/EcHtWJh6G3YAuWtOTJa3c9NfMR5dc
AjzEsjF3xwZJWQ8LyXXGZoPrSh8cY/YmFRrUHP2aCBc53vGOrHyF9QQzz0Do7Xet
MJEx82aL7B0mbU42vP2S9um8O00jUG/9uc8dZwjjDT+ewSDuaaAvUf0WhB/0fov/
hee+D93f+MZ0kPal/l1evSn7VpzQgd39p8lANXGBA6VCnixWHa7loKsWWSOfEdF1
ZLCCDWSrlbdwUeE5v8N8DpGKfxU=
-----END CERTIFICATE-----
Generated at Wed May 8 22:02:27 2024 by rpki-client on console-ams.rpki-client.org