Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/LB7y6hC1GjZaXuom0G2qmMV1DtM.roa
File: LB7y6hC1GjZaXuom0G2qmMV1DtM.roa (raw, json)
Hash identifier: ulHYMnaX+h/zx15oy+9MUL3Z7r1xpOQqTgZPkA64fdc=
Subject key identifier: 2C:1E:F2:EA:10:B5:1A:36:5A:5E:EA:26:D0:6D:AA:98:C5:75:0E:D3
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 01924E27DEFD8537B50617790B57C9927302
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/LB7y6hC1GjZaXuom0G2qmMV1DtM.roa
Signing time: Wed 02 Oct 2024 16:54:48 +0000
ROA not before: Wed 02 Oct 2024 16:54:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34918
IP address blocks: 46.38.137.0/24 maxlen: 24
46.38.138.0/24 maxlen: 24
46.38.139.0/24 maxlen: 24
46.38.148.0/24 maxlen: 24
109.94.164.0/24 maxlen: 24
185.29.222.0/24 maxlen: 24
212.80.9.0/24 maxlen: 24
212.80.11.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 27 Oct 2024 13:38:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:4e:27:de:fd:85:37:b5:06:17:79:0b:57:c9:92:73:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Oct 2 16:54:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2c1ef2ea10b51a365a5eea26d06daa98c5750ed3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:84:b7:18:25:a2:c6:6d:78:a0:b8:75:b8:b3:
5e:74:6f:b5:6a:52:41:bb:70:0e:3e:b6:f7:17:75:
84:c9:6b:4f:7e:10:38:17:08:24:6c:1d:bd:dd:ae:
a5:a0:ce:88:72:ab:c8:38:ff:71:b1:d7:3a:e0:30:
4e:d5:e2:eb:52:27:ff:13:35:10:84:5f:6c:64:ec:
90:0b:1f:72:18:f6:9d:bc:3d:53:4b:0f:6b:4a:5a:
45:e9:7d:00:ce:76:0e:21:15:63:f6:e0:5d:b1:78:
32:5f:c2:65:c6:c9:46:59:d0:b5:09:5b:d8:23:b7:
ea:ed:66:74:94:c8:8d:58:e3:e1:e6:22:50:d8:fb:
ee:3b:af:b9:3c:85:1d:7d:32:d2:f5:0d:d8:d8:8b:
ea:02:6a:ca:e1:d9:bd:62:43:c5:6d:a8:d5:ff:69:
29:ab:2c:da:8a:05:01:2b:7b:f6:f8:50:37:65:60:
2e:18:96:b7:0d:77:ca:bb:46:8f:61:dc:3f:65:c6:
89:71:cc:57:27:f2:28:16:9e:24:9b:96:22:d8:38:
62:06:42:b8:76:30:28:33:65:87:12:02:60:96:8a:
67:93:3c:4b:d9:ef:78:45:dc:52:37:56:0f:e4:34:
c5:59:be:95:cb:c7:7c:91:65:a8:73:8e:22:b6:79:
73:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:1E:F2:EA:10:B5:1A:36:5A:5E:EA:26:D0:6D:AA:98:C5:75:0E:D3
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/LB7y6hC1GjZaXuom0G2qmMV1DtM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.38.137.0-46.38.139.255
46.38.148.0/24
109.94.164.0/24
185.29.222.0/24
212.80.9.0/24
212.80.11.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:a1:5f:bc:fd:81:d7:7f:9b:24:49:75:ed:27:11:53:62:9d:
db:f2:0e:9a:a6:4f:ea:05:45:56:f9:4e:5d:48:25:21:20:d8:
17:c1:15:c0:12:bb:56:46:4c:35:94:b9:62:56:a4:29:33:5f:
02:29:f8:28:fa:5c:8e:90:9b:91:38:cf:9f:0a:1b:20:75:ce:
3f:94:34:8f:87:24:81:88:d0:41:ca:91:01:37:f2:9f:08:66:
ac:05:35:56:00:38:b8:c6:4b:25:a0:a3:64:68:01:9f:ad:7a:
21:26:c8:41:a9:8b:c8:5b:bf:38:89:d5:ff:65:05:de:b1:6c:
6b:57:4f:3f:a8:ae:f7:3f:24:eb:6b:d8:9b:95:a6:4f:59:aa:
97:af:29:06:dd:de:21:56:6e:46:7d:ab:ed:67:ce:27:84:bb:
43:78:f8:7d:bd:b1:fc:78:83:37:99:1d:75:5c:95:1d:53:09:
5a:fb:50:23:f1:40:3d:94:3e:18:ea:02:1e:52:f1:fb:f9:15:
dd:fd:e2:92:3f:64:38:7c:ec:b2:76:56:2e:e1:9e:e1:b4:f6:
fb:f1:a3:49:50:19:9d:fa:31:6c:76:cf:10:0a:4c:c4:e5:b1:
70:59:55:64:8c:38:5d:99:ec:85:10:3b:1c:4b:55:fe:c9:53:
3e:1e:66:b0
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZJOJ979hTe1Bhd5C1fJknMCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjQxMDAyMTY1NDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzFlZjJlYTEwYjUxYTM2NWE1ZWVhMjZkMDZkYWE5OGM1NzUwZWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnYS3GCWixm14oLh1uLNedG+1alJB
u3AOPrb3F3WEyWtPfhA4FwgkbB293a6loM6IcqvIOP9xsdc64DBO1eLrUif/EzUQ
hF9sZOyQCx9yGPadvD1TSw9rSlpF6X0AznYOIRVj9uBdsXgyX8JlxslGWdC1CVvY
I7fq7WZ0lMiNWOPh5iJQ2PvuO6+5PIUdfTLS9Q3Y2IvqAmrK4dm9YkPFbajV/2kp
qyzaigUBK3v2+FA3ZWAuGJa3DXfKu0aPYdw/ZcaJccxXJ/IoFp4km5Yi2DhiBkK4
djAoM2WHEgJglopnkzxL2e94RdxSN1YP5DTFWb6Vy8d8kWWoc44itnlzaQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFCwe8uoQtRo2Wl7qJtBtqpjFdQ7TMB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvTEI3eTZoQzFHalphWHVvbTBHMnFtTVYxRHRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsMAwDBAAuJokD
BAIuJogDBAAuJpQDBABtXqQDBAC5Hd4DBADUUAkDBADUUAswDQYJKoZIhvcNAQEL
BQADggEBAF6hX7z9gdd/myRJde0nEVNindvyDpqmT+oFRVb5Tl1IJSEg2BfBFcAS
u1ZGTDWUuWJWpCkzXwIp+Cj6XI6Qm5E4z58KGyB1zj+UNI+HJIGI0EHKkQE38p8I
ZqwFNVYAOLjGSyWgo2RoAZ+teiEmyEGpi8hbvziJ1f9lBd6xbGtXTz+orvc/JOtr
2JuVpk9ZqpevKQbd3iFWbkZ9q+1nzieEu0N4+H29sfx4gzeZHXVclR1TCVr7UCPx
QD2UPhjqAh5S8fv5Fd394pI/ZDh87LJ2Vi7hnuG09vvxo0lQGZ36MWx2zxAKTMTl
sXBZVWSMOF2Z7IUQOxxLVf7JUz4eZrA=
-----END CERTIFICATE-----
Generated at Sun Oct 27 15:59:45 2024 by rpki-client on console-fra.rpki-client.org