Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/5xQTxbf9uYcxbkx1DnCttsFjhu8.roa
File: 5xQTxbf9uYcxbkx1DnCttsFjhu8.roa (raw, json)
Hash identifier: SjR5358eSLZwhx33cxsoA3jeo+9b3HWKR+CnHweKYXM=
Subject key identifier: E7:14:13:C5:B7:FD:B9:87:31:6E:4C:75:0E:70:AD:B6:C1:63:86:EF
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 018BAFDA78565C6474F25D25FEE89DCF571B
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/5xQTxbf9uYcxbkx1DnCttsFjhu8.roa
Signing time: Wed 08 Nov 2023 16:53:32 +0000
ROA not before: Wed 08 Nov 2023 16:53:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44889
IP address blocks: 212.16.64.0/19 maxlen: 24
212.16.72.0/24 maxlen: 25
212.80.0.0/19 maxlen: 24
212.80.2.0/24 maxlen: 24
212.80.20.0/23 maxlen: 23
46.38.140.0/24 maxlen: 24
46.38.144.0/21 maxlen: 21
46.38.144.0/23 maxlen: 23
46.38.150.0/24 maxlen: 24
46.38.129.0/24 maxlen: 24
46.38.131.0/24 maxlen: 24
46.38.132.0/22 maxlen: 22
2a00:7d80::/29 maxlen: 64
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:af:da:78:56:5c:64:74:f2:5d:25:fe:e8:9d:cf:57:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Nov 8 16:53:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e71413c5b7fdb987316e4c750e70adb6c16386ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:a6:a1:ef:9c:33:92:2e:1b:90:4c:f9:e6:ef:
46:56:3f:6f:36:ef:ed:ed:9a:a5:fb:9b:ec:11:eb:
50:a4:ba:e6:37:b3:d5:74:75:76:e4:26:f0:dc:67:
54:25:98:6f:00:61:90:d9:34:44:56:99:3f:a2:88:
39:a7:e3:18:14:4b:94:db:05:d7:f1:ea:60:b7:13:
05:d3:f8:92:06:90:7e:16:d7:a2:c1:05:5e:66:2c:
39:fe:d2:d9:b7:b0:89:ff:0e:b2:ca:d1:c0:87:2e:
9a:60:df:55:23:b6:3c:62:d2:e6:a0:54:ae:b9:41:
d3:7a:df:f8:6e:a0:44:70:f9:06:bd:b5:8e:91:83:
f7:ef:bb:52:91:4a:92:99:16:94:f0:90:83:c0:dc:
f9:b1:35:ae:fa:49:f4:8e:c5:ca:a8:ba:ff:9b:3f:
77:bb:67:94:31:46:a7:84:05:3d:12:d5:90:3e:f1:
48:7d:d7:8a:59:27:2b:d8:2d:d0:6c:0c:52:c4:81:
8c:44:19:c1:81:26:81:8c:5b:34:da:01:4e:b9:52:
15:50:ff:3c:66:2f:c9:60:c0:aa:bb:2c:24:11:4b:
07:1e:3e:07:fe:a4:49:a0:bc:4c:62:db:82:f7:06:
a0:2d:93:c8:a3:a0:73:c2:a0:01:7e:dc:96:e4:ea:
08:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:14:13:C5:B7:FD:B9:87:31:6E:4C:75:0E:70:AD:B6:C1:63:86:EF
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/5xQTxbf9uYcxbkx1DnCttsFjhu8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.38.129.0/24
46.38.131.0-46.38.135.255
46.38.140.0/24
46.38.144.0/21
212.16.64.0/19
212.80.0.0/19
IPv6:
2a00:7d80::/29
Signature Algorithm: sha256WithRSAEncryption
13:ef:2d:a5:82:28:19:a2:f3:ea:8c:e8:6e:f3:4d:a7:e5:d1:
f3:5e:f7:5d:7d:bc:77:74:46:9e:4e:8e:de:03:9b:07:20:ce:
ec:c8:be:d0:a8:c0:4e:e3:3c:3b:e5:ca:76:3b:cd:c6:81:03:
40:e7:12:8f:e0:69:54:48:9f:95:5f:20:1a:33:c4:f7:7a:5a:
db:18:4b:94:78:07:ce:00:ec:74:e0:23:8b:4f:41:02:a8:44:
61:40:ad:e9:da:d8:e1:a0:17:a6:46:d0:59:3d:48:cb:fb:29:
c0:6e:cd:3e:59:59:c0:1e:eb:2e:07:96:9f:a6:63:a4:bc:4e:
24:a7:cd:54:92:97:8d:6e:3d:e6:3c:9d:c9:7c:c2:6c:77:5e:
17:c3:bb:47:03:b4:41:10:f7:10:ca:f2:ce:ca:0a:e9:95:7f:
cb:b8:45:2a:d4:50:da:8f:fb:67:9a:4c:88:df:39:4e:5a:ef:
ac:33:a7:fe:e8:c1:a8:cf:33:a1:78:6c:03:42:87:d5:56:a4:
e4:c4:d2:71:79:07:aa:1b:fb:00:0c:2f:3c:65:ab:9a:bc:83:
32:67:1b:c1:0e:26:13:b6:30:bf:79:01:88:b0:74:ff:0d:c4:
22:bf:67:d9:38:f9:b9:29:1c:a9:d0:65:74:2e:54:d0:b4:2c:
47:06:33:7d
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAYuv2nhWXGR08l0l/uidz1cbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjMxMTA4MTY1MzMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzE0MTNjNWI3ZmRiOTg3MzE2ZTRjNzUwZTcwYWRiNmMxNjM4NmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoqah75wzki4bkEz55u9GVj9vNu/t
7Zql+5vsEetQpLrmN7PVdHV25Cbw3GdUJZhvAGGQ2TREVpk/oog5p+MYFEuU2wXX
8epgtxMF0/iSBpB+FteiwQVeZiw5/tLZt7CJ/w6yytHAhy6aYN9VI7Y8YtLmoFSu
uUHTet/4bqBEcPkGvbWOkYP377tSkUqSmRaU8JCDwNz5sTWu+kn0jsXKqLr/mz93
u2eUMUanhAU9EtWQPvFIfdeKWScr2C3QbAxSxIGMRBnBgSaBjFs02gFOuVIVUP88
Zi/JYMCquywkEUsHHj4H/qRJoLxMYtuC9wagLZPIo6BzwqABftyW5OoIxwIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFOcUE8W3/bmHMW5MdQ5wrbbBY4bvMB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvNXhRVHhiZjl1WWN4Ymt4MURuQ3R0c0ZqaHU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAyBAIAATAsAwQALiaBMAwD
BAAuJoMDBAMuJoADBAAuJowDBAMuJpADBAXUEEADBAXUUAAwDQQCAAIwBwMFAyoA
fYAwDQYJKoZIhvcNAQELBQADggEBABPvLaWCKBmi8+qM6G7zTafl0fNe9119vHd0
Rp5Ojt4DmwcgzuzIvtCowE7jPDvlynY7zcaBA0DnEo/gaVRIn5VfIBozxPd6WtsY
S5R4B84A7HTgI4tPQQKoRGFArena2OGgF6ZG0Fk9SMv7KcBuzT5ZWcAe6y4Hlp+m
Y6S8TiSnzVSSl41uPeY8ncl8wmx3XhfDu0cDtEEQ9xDK8s7KCumVf8u4RSrUUNqP
+2eaTIjfOU5a76wzp/7owajPM6F4bANCh9VWpOTE0nF5B6ob+wAMLzxlq5q8gzJn
G8EOJhO2ML95AYiwdP8NxCK/Z9k4+bkpHKnQZXQuVNC0LEcGM30=
-----END CERTIFICATE-----
Generated at Mon Nov 13 08:16:30 2023 by rpki-client on console-fra.rpki-client.org