Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/CUN3PYL0WHO9z3oyYKqm8Pmwb78.roa
File: CUN3PYL0WHO9z3oyYKqm8Pmwb78.roa (raw, json)
Hash identifier: 97ZURa6TxBXdOLwdPrt2vZLvFgs56NZmwc0hEWCfAvE=
Subject key identifier: 09:43:77:3D:82:F4:58:73:BD:CF:7A:32:60:AA:A6:F0:F9:B0:6F:BF
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 01921ED1F3BA1069BE4B9DD89DA5A442472C
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/CUN3PYL0WHO9z3oyYKqm8Pmwb78.roa
Signing time: Mon 23 Sep 2024 12:18:48 +0000
ROA not before: Mon 23 Sep 2024 12:18:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44889
IP address blocks: 46.38.129.0/24 maxlen: 24
46.38.131.0/24 maxlen: 24
46.38.140.0/24 maxlen: 24
46.38.150.0/24 maxlen: 24
46.38.151.0/24 maxlen: 24
185.24.150.0/24 maxlen: 24
185.29.220.0/24 maxlen: 24
185.29.221.0/24 maxlen: 24
185.143.74.0/24 maxlen: 24
185.143.75.0/24 maxlen: 24
212.16.64.0/19 maxlen: 24
212.16.71.0/24 maxlen: 24
212.16.72.0/24 maxlen: 25
212.16.81.0/24 maxlen: 24
212.16.86.0/23 maxlen: 23
212.16.89.0/24 maxlen: 24
212.80.0.0/19 maxlen: 24
212.80.2.0/24 maxlen: 24
212.80.12.0/24 maxlen: 24
212.80.13.0/24 maxlen: 24
212.80.14.0/24 maxlen: 24
212.80.15.0/24 maxlen: 24
2a00:7d80::/29 maxlen: 64
Validation: Failed, certificate revoked on Mon 11 Nov 2024 06:34:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:1e:d1:f3:ba:10:69:be:4b:9d:d8:9d:a5:a4:42:47:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Sep 23 12:18:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0943773d82f45873bdcf7a3260aaa6f0f9b06fbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:26:7b:02:1e:aa:11:e3:34:eb:e6:a4:c6:ee:
53:db:71:cb:e3:1c:86:56:44:40:5c:cd:92:87:c1:
ec:bb:87:f9:7e:55:46:bd:97:bc:ad:c5:cd:a7:36:
11:a0:0f:1d:50:62:c1:17:3a:71:bd:7f:4f:f1:c9:
d4:2b:af:98:f1:d8:c7:25:10:84:51:bd:9d:ed:13:
b3:d5:c7:5d:6b:9c:39:cb:6d:64:b6:e0:13:4b:fc:
7f:e3:ac:0d:c0:9e:87:6f:70:be:ae:38:cb:54:29:
97:f0:84:b0:e5:b8:16:4e:e0:0b:0e:ad:76:c9:12:
ec:f9:9c:5f:92:70:41:ec:b1:ec:16:f5:66:19:36:
27:b2:fb:93:65:2d:00:d8:3c:45:74:fe:79:df:de:
6d:f6:dd:af:d1:14:50:79:e2:69:54:92:a9:7c:36:
26:9c:6d:23:3f:c1:5f:cf:c6:64:29:ed:79:61:c1:
ad:73:00:90:e2:c7:45:88:36:40:ad:3d:e6:11:59:
ab:ec:92:60:bd:62:cc:ca:fd:24:04:6f:ce:e4:45:
c2:b0:da:0f:13:6e:06:56:15:54:ef:16:8a:46:b4:
8c:84:ad:8a:34:8c:a5:d6:26:60:83:cc:b0:f0:49:
79:51:06:70:b4:72:f0:8a:a2:de:3a:29:8f:db:03:
02:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:43:77:3D:82:F4:58:73:BD:CF:7A:32:60:AA:A6:F0:F9:B0:6F:BF
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/CUN3PYL0WHO9z3oyYKqm8Pmwb78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.38.129.0/24
46.38.131.0/24
46.38.140.0/24
46.38.150.0/23
185.24.150.0/24
185.29.220.0/23
185.143.74.0/23
212.16.64.0/19
212.80.0.0/19
IPv6:
2a00:7d80::/29
Signature Algorithm: sha256WithRSAEncryption
70:ce:0c:89:51:7b:f2:21:cf:5f:13:cd:bd:df:35:c9:6d:4d:
7a:0e:b2:a8:35:a7:7d:47:04:dd:86:a8:51:a3:30:94:e3:62:
76:44:ff:34:6b:0d:19:9c:d8:67:e8:7d:f0:4a:88:97:62:13:
0b:81:ce:d1:54:da:61:14:4e:a7:7c:45:3d:97:13:f7:8b:48:
1f:0f:ed:27:ad:51:86:84:33:80:60:43:95:a6:ae:97:0c:ac:
a2:b2:41:ed:e2:16:7e:5e:94:4f:bc:ae:9f:92:68:0e:fc:36:
c8:f1:d0:ce:d1:66:f1:ef:0e:72:49:70:f1:14:26:32:6a:d9:
ac:3f:2d:d4:a1:13:bc:57:94:c7:d8:07:94:61:08:a4:50:82:
6c:f0:b2:a8:69:c9:de:66:0c:48:25:83:5b:7c:c7:68:e4:cd:
8b:e1:4a:83:89:b0:09:0f:fe:f0:5c:b6:54:4a:e4:bf:7b:79:
44:9d:ca:be:2c:70:04:f3:aa:aa:41:12:9a:8d:7b:1f:bd:f0:
48:eb:90:bd:12:c6:d0:d6:97:94:87:04:0f:4c:c3:1b:e1:d9:
03:7a:3c:15:24:79:00:5e:c9:ec:38:8b:26:16:4d:9d:7b:9f:
68:9b:9d:bd:33:68:0b:15:aa:8b:1c:01:36:b0:e8:3b:13:49:
3b:31:44:c8
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAZIe0fO6EGm+S53YnaWkQkcsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjQwOTIzMTIxODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTQzNzczZDgyZjQ1ODczYmRjZjdhMzI2MGFhYTZmMGY5YjA2ZmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvyZ7Ah6qEeM06+akxu5T23HL4xyG
VkRAXM2Sh8Hsu4f5flVGvZe8rcXNpzYRoA8dUGLBFzpxvX9P8cnUK6+Y8djHJRCE
Ub2d7ROz1cdda5w5y21ktuATS/x/46wNwJ6Hb3C+rjjLVCmX8ISw5bgWTuALDq12
yRLs+ZxfknBB7LHsFvVmGTYnsvuTZS0A2DxFdP55395t9t2v0RRQeeJpVJKpfDYm
nG0jP8Ffz8ZkKe15YcGtcwCQ4sdFiDZArT3mEVmr7JJgvWLMyv0kBG/O5EXCsNoP
E24GVhVU7xaKRrSMhK2KNIyl1iZgg8yw8El5UQZwtHLwiqLeOimP2wMCgwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFAlDdz2C9Fhzvc96MmCqpvD5sG+/MB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvQ1VOM1BZTDBXSE85ejNveVlLcW04UG13Yjc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQALiaBAwQA
LiaDAwQALiaMAwQBLiaWAwQAuRiWAwQBuR3cAwQBuY9KAwQF1BBAAwQF1FAAMA0E
AgACMAcDBQMqAH2AMA0GCSqGSIb3DQEBCwUAA4IBAQBwzgyJUXvyIc9fE8293zXJ
bU16DrKoNad9RwTdhqhRozCU42J2RP80aw0ZnNhn6H3wSoiXYhMLgc7RVNphFE6n
fEU9lxP3i0gfD+0nrVGGhDOAYEOVpq6XDKyiskHt4hZ+XpRPvK6fkmgO/DbI8dDO
0Wbx7w5ySXDxFCYyatmsPy3UoRO8V5TH2AeUYQikUIJs8LKoacneZgxIJYNbfMdo
5M2L4UqDibAJD/7wXLZUSuS/e3lEncq+LHAE86qqQRKajXsfvfBI65C9EsbQ1peU
hwQPTMMb4dkDejwVJHkAXsnsOIsmFk2de59om529M2gLFaqLHAE2sOg7E0k7MUTI
-----END CERTIFICATE-----
Generated at Mon Nov 11 08:15:42 2024 by rpki-client on console-fra.rpki-client.org