Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/9FjmQvYLZaN7BX_lGmjCuYqE4Uw.roa
File: 9FjmQvYLZaN7BX_lGmjCuYqE4Uw.roa (raw, json)
Hash identifier: d714jOil/2Fw3xxXq1pyL+YUY2AiXWhjVf9sJTdYFf8=
Subject key identifier: F4:58:E6:42:F6:0B:65:A3:7B:05:7F:E5:1A:68:C2:B9:8A:84:E1:4C
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 018DA7A58FD696248F0282B64EFE263DB942
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/9FjmQvYLZaN7BX_lGmjCuYqE4Uw.roa
Signing time: Wed 14 Feb 2024 12:44:21 +0000
ROA not before: Wed 14 Feb 2024 12:44:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 46.38.132.0/22 maxlen: 22
46.38.132.0/24 maxlen: 24
46.38.133.0/24 maxlen: 24
46.38.134.0/24 maxlen: 24
46.38.135.0/24 maxlen: 24
46.38.136.0/22 maxlen: 22
46.38.136.0/24 maxlen: 24
46.38.137.0/24 maxlen: 24
46.38.138.0/24 maxlen: 24
46.38.139.0/24 maxlen: 24
46.38.142.0/23 maxlen: 23
46.38.142.0/24 maxlen: 24
46.38.143.0/24 maxlen: 24
46.38.144.0/21 maxlen: 21
46.38.144.0/24 maxlen: 24
46.38.145.0/24 maxlen: 24
46.38.146.0/24 maxlen: 24
46.38.147.0/24 maxlen: 24
46.38.148.0/24 maxlen: 24
46.38.149.0/24 maxlen: 24
46.38.150.0/24 maxlen: 24
46.38.151.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 19 Feb 2024 06:23:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a7:a5:8f:d6:96:24:8f:02:82:b6:4e:fe:26:3d:b9:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Feb 14 12:44:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f458e642f60b65a37b057fe51a68c2b98a84e14c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:69:37:23:3a:23:b5:5a:93:08:13:b6:1e:ab:
f3:13:e7:f2:c4:0c:ff:43:87:d2:7b:a9:78:ad:1e:
9d:58:32:56:06:38:c4:4a:ba:c5:e4:45:85:ee:27:
fe:24:35:b2:ed:de:14:da:62:86:7e:0e:80:77:c8:
ca:60:ce:b3:ec:6e:27:a3:46:9a:ea:fd:42:5f:21:
48:63:50:2f:94:f6:9b:70:20:48:76:c1:83:a3:6a:
89:2c:62:90:4a:46:3e:16:1b:27:f2:d8:8c:5b:be:
78:43:a5:37:11:89:5c:bf:20:7e:62:c9:94:73:1f:
58:a4:d2:41:70:3e:0f:85:81:a8:88:b1:ea:15:02:
90:40:8f:f1:07:d7:27:aa:4d:d2:dd:7b:ab:97:d9:
76:9b:98:7a:d3:02:ad:84:34:20:00:27:68:23:e4:
db:2e:90:7e:9e:94:c5:65:9e:dc:4a:3c:e2:87:82:
cb:21:8c:ab:65:e4:d0:c1:10:23:06:e2:71:ee:2e:
2e:99:99:0e:c4:c7:f9:b9:3c:75:23:36:4c:e2:d8:
bc:f7:d4:25:34:4c:41:1f:25:7d:7b:58:a6:8e:e2:
1e:4f:60:94:39:13:58:e3:70:7f:43:44:32:a6:83:
c8:cf:22:a3:42:4a:e9:ce:c1:95:5d:d7:17:f3:fd:
a7:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:58:E6:42:F6:0B:65:A3:7B:05:7F:E5:1A:68:C2:B9:8A:84:E1:4C
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/9FjmQvYLZaN7BX_lGmjCuYqE4Uw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.38.132.0-46.38.139.255
46.38.142.0-46.38.151.255
Signature Algorithm: sha256WithRSAEncryption
31:06:5d:02:83:c1:55:5c:f9:41:af:77:5e:55:d5:6f:05:f4:
20:64:31:54:1d:15:b5:e9:70:e1:77:2c:85:33:c8:a6:7e:d3:
77:85:2f:b2:01:a9:3a:5b:39:f3:c5:a0:7b:7c:e5:7a:b0:3a:
a3:16:9f:22:78:66:64:9a:a7:67:37:f6:c5:f5:86:df:f6:cb:
c2:b8:8d:1d:c7:ff:7b:07:4f:98:04:ec:b0:b3:eb:15:2d:ea:
80:a6:03:43:63:47:ba:e0:e5:f3:9a:c1:db:6a:d9:2b:3f:c0:
7d:bc:28:c4:a3:99:25:2a:12:cd:b0:5e:27:61:4a:ec:66:c7:
ab:f7:fd:0a:0e:4e:e6:56:9f:d0:81:31:cf:85:9e:e9:44:f7:
b9:b7:ef:fc:13:22:1d:ef:7a:11:a6:bb:f7:8a:79:2c:a4:65:
36:27:59:c4:2f:09:98:d8:de:35:2a:35:4d:19:c8:b4:b0:c1:
33:e6:df:0b:c3:a7:79:99:6d:e7:f7:d3:55:3a:1e:0a:ec:58:
0d:41:85:ea:e1:09:4a:8c:e5:44:f9:50:3d:ee:52:84:8a:1e:
39:30:f7:38:80:6d:92:d6:97:29:ff:8d:3a:2b:30:0c:66:36:
d2:3e:b2:43:cb:ba:21:43:cc:2d:6a:d8:e6:21:a1:ce:cd:2f:
c5:0b:65:85
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAY2npY/WliSPAoK2Tv4mPblCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjQwMjE0MTI0NDIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDU4ZTY0MmY2MGI2NWEzN2IwNTdmZTUxYTY4YzJiOThhODRlMTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgGk3IzojtVqTCBO2HqvzE+fyxAz/
Q4fSe6l4rR6dWDJWBjjESrrF5EWF7if+JDWy7d4U2mKGfg6Ad8jKYM6z7G4no0aa
6v1CXyFIY1AvlPabcCBIdsGDo2qJLGKQSkY+Fhsn8tiMW754Q6U3EYlcvyB+YsmU
cx9YpNJBcD4PhYGoiLHqFQKQQI/xB9cnqk3S3Xurl9l2m5h60wKthDQgACdoI+Tb
LpB+npTFZZ7cSjzih4LLIYyrZeTQwRAjBuJx7i4umZkOxMf5uTx1IzZM4ti899Ql
NExBHyV9e1imjuIeT2CUORNY43B/Q0QypoPIzyKjQkrpzsGVXdcX8/2nTQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFPRY5kL2C2WjewV/5RpowrmKhOFMMB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvOUZqbVF2WUxaYU43QlhfbEdtakN1WXFFNFV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBAIuJoQD
BAIuJogwDAMEAS4mjgMEAy4mkDANBgkqhkiG9w0BAQsFAAOCAQEAMQZdAoPBVVz5
Qa93XlXVbwX0IGQxVB0Vtelw4XcshTPIpn7Td4UvsgGpOls588Wge3zlerA6oxaf
InhmZJqnZzf2xfWG3/bLwriNHcf/ewdPmATssLPrFS3qgKYDQ2NHuuDl85rB22rZ
Kz/AfbwoxKOZJSoSzbBeJ2FK7GbHq/f9Cg5O5laf0IExz4We6UT3ubfv/BMiHe96
Eaa794p5LKRlNidZxC8JmNjeNSo1TRnItLDBM+bfC8OneZlt5/fTVToeCuxYDUGF
6uEJSozlRPlQPe5ShIoeOTD3OIBtktaXKf+NOiswDGY20j6yQ8u6IUPMLWrY5iGh
zs0vxQtlhQ==
-----END CERTIFICATE-----
Generated at Mon Feb 19 09:51:19 2024 by rpki-client on console-fra.rpki-client.org