Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/FM6zAm_tOXqKI3DeeieOZ3qpX9Q.roa
File: FM6zAm_tOXqKI3DeeieOZ3qpX9Q.roa (raw, json)
Hash identifier: 2njwAo6PtnuTn298wxvgGymelszzxQ6zowFauB5H4sQ=
Subject key identifier: 14:CE:B3:02:6F:ED:39:7A:8A:23:70:DE:7A:27:8E:67:7A:A9:5F:D4
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 01946FA2C9B671050D07F6A6F513945D1842
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/FM6zAm_tOXqKI3DeeieOZ3qpX9Q.roa
Signing time: Thu 16 Jan 2025 15:02:06 +0000
ROA not before: Thu 16 Jan 2025 15:02:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204104
IP address blocks: 46.38.136.0/24 maxlen: 24
46.38.137.0/24 maxlen: 24
46.38.138.0/24 maxlen: 24
46.38.139.0/24 maxlen: 24
46.38.143.0/24 maxlen: 24
109.94.164.0/24 maxlen: 24
185.29.222.0/24 maxlen: 24
212.80.8.0/24 maxlen: 24
212.80.9.0/24 maxlen: 24
212.80.10.0/24 maxlen: 24
212.80.11.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 08 Apr 2025 07:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:6f:a2:c9:b6:71:05:0d:07:f6:a6:f5:13:94:5d:18:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Jan 16 15:02:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=14ceb3026fed397a8a2370de7a278e677aa95fd4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:ef:a3:71:ae:57:11:07:fc:55:43:90:51:96:
28:f1:66:2f:bd:25:ed:be:0a:f1:24:61:c1:d9:9f:
6c:21:11:ac:14:e9:39:77:9d:c4:a9:b0:cc:7a:b0:
53:68:3d:fd:46:d3:d1:52:c8:99:1a:55:17:ea:b6:
c5:52:40:3a:93:6a:b1:b8:6a:e8:77:20:14:65:d4:
c6:e6:99:e3:fa:51:35:5c:fb:51:23:03:74:c0:2f:
76:ab:29:06:95:e8:f0:98:a7:a2:4a:4e:e2:bb:7e:
be:6c:88:6b:f3:14:d4:4b:79:8e:f0:8d:0d:09:9e:
24:ba:4b:d9:30:64:ae:ca:8d:47:f1:fc:95:db:13:
59:21:52:f7:50:69:39:6a:17:54:c4:e7:dc:5b:4b:
aa:86:b1:8b:e5:45:ce:05:88:4c:92:f3:1c:44:7d:
7e:ad:7c:ff:54:f2:85:ac:ca:72:6d:3e:ef:45:36:
2f:50:03:d6:67:4a:b8:71:90:ca:29:cf:bb:e5:f6:
3b:ea:64:28:68:81:9d:30:7e:a8:3a:ef:66:cb:af:
00:57:c2:d8:af:71:5e:a0:40:af:2c:a3:ac:55:b7:
12:f1:7b:0b:79:66:37:dd:4a:57:5a:43:cd:bd:cb:
f8:56:d4:10:28:c0:08:6e:1b:c7:f8:ec:45:85:db:
f9:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:CE:B3:02:6F:ED:39:7A:8A:23:70:DE:7A:27:8E:67:7A:A9:5F:D4
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/FM6zAm_tOXqKI3DeeieOZ3qpX9Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.38.136.0/22
46.38.143.0/24
109.94.164.0/24
185.29.222.0/24
212.80.8.0/22
Signature Algorithm: sha256WithRSAEncryption
46:f0:38:43:8d:0c:7c:d7:8c:67:34:84:b9:52:08:27:1e:0f:
a7:40:02:fb:7b:87:17:08:80:c8:e5:ca:d5:ad:10:26:ac:d2:
39:b0:c8:63:9c:1e:86:5f:8c:96:44:e3:99:f3:e2:44:bf:9e:
99:dd:54:ad:e2:08:b0:33:4b:9f:26:b1:b2:a2:53:aa:2a:cb:
89:38:c1:89:1c:18:4d:4a:d9:3c:a0:e0:ef:2e:3a:ec:13:11:
81:88:d3:25:2f:9f:f8:14:27:cc:fa:10:ad:22:f2:b8:7c:73:
52:37:70:de:36:33:f4:74:03:4e:f9:6e:99:57:cc:56:95:81:
93:20:5c:40:7a:00:c9:48:80:02:ef:13:f1:61:75:a9:d1:0d:
7a:1e:ab:61:16:88:e5:53:3e:b7:e7:b3:36:3b:ab:0c:fd:ca:
ab:13:51:4b:eb:aa:fc:0f:0c:c1:cc:be:9a:24:00:3c:81:0f:
e6:b0:5a:8c:4b:72:3d:d1:50:d2:f7:7e:66:46:0a:45:bc:dc:
4f:97:a8:74:36:5b:f9:5d:87:cc:73:30:fb:3c:75:e3:78:57:
24:7b:b0:0f:6b:9e:1e:3f:99:b5:55:f0:7b:94:64:55:94:14:
29:cd:e7:ed:53:dc:f8:3b:34:3a:95:a9:7f:c3:28:fd:11:13:
15:97:25:a6
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZRvosm2cQUNB/am9ROUXRhCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjUwMTE2MTUwMjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGNlYjMwMjZmZWQzOTdhOGEyMzcwZGU3YTI3OGU2NzdhYTk1ZmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6O+jca5XEQf8VUOQUZYo8WYvvSXt
vgrxJGHB2Z9sIRGsFOk5d53EqbDMerBTaD39RtPRUsiZGlUX6rbFUkA6k2qxuGro
dyAUZdTG5pnj+lE1XPtRIwN0wC92qykGlejwmKeiSk7iu36+bIhr8xTUS3mO8I0N
CZ4kukvZMGSuyo1H8fyV2xNZIVL3UGk5ahdUxOfcW0uqhrGL5UXOBYhMkvMcRH1+
rXz/VPKFrMpybT7vRTYvUAPWZ0q4cZDKKc+75fY76mQoaIGdMH6oOu9my68AV8LY
r3FeoECvLKOsVbcS8XsLeWY33UpXWkPNvcv4VtQQKMAIbhvH+OxFhdv5MwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBTOswJv7Tl6iiNw3nonjmd6qV/UMB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvRk02ekFtX3RPWHFLSTNEZWVpZU9aM3FwWDlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCLiaIAwQA
LiaPAwQAbV6kAwQAuR3eAwQC1FAIMA0GCSqGSIb3DQEBCwUAA4IBAQBG8DhDjQx8
14xnNIS5UggnHg+nQAL7e4cXCIDI5crVrRAmrNI5sMhjnB6GX4yWROOZ8+JEv56Z
3VSt4giwM0ufJrGyolOqKsuJOMGJHBhNStk8oODvLjrsExGBiNMlL5/4FCfM+hCt
IvK4fHNSN3DeNjP0dANO+W6ZV8xWlYGTIFxAegDJSIAC7xPxYXWp0Q16HqthFojl
Uz6357M2O6sM/cqrE1FL66r8DwzBzL6aJAA8gQ/msFqMS3I90VDS935mRgpFvNxP
l6h0Nlv5XYfMczD7PHXjeFcke7APa54eP5m1VfB7lGRVlBQpzeftU9z4OzQ6lal/
wyj9ERMVlyWm
-----END CERTIFICATE-----
Generated at Tue Apr 8 12:45:10 2025 by rpki-client