Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/MJ3zljmZoooaE6OmOaPfoFk1qwk.roa
File: MJ3zljmZoooaE6OmOaPfoFk1qwk.roa (raw, json)
Hash identifier: 91IuiXTGkLQcj8o3jI9aGQQr3FO47uccain1iohmBy0=
Subject key identifier: 30:9D:F3:96:39:99:A2:8A:1A:13:A3:A6:39:A3:DF:A0:59:35:AB:09
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 018D7D9F1AC2DCFDD1C091462B298DEE69C1
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/MJ3zljmZoooaE6OmOaPfoFk1qwk.roa
Signing time: Tue 06 Feb 2024 08:53:15 +0000
ROA not before: Tue 06 Feb 2024 08:53:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44889
IP address blocks: 46.38.129.0/24 maxlen: 24
46.38.131.0/24 maxlen: 24
46.38.132.0/24 maxlen: 24
46.38.133.0/24 maxlen: 24
46.38.134.0/24 maxlen: 24
46.38.135.0/24 maxlen: 24
46.38.136.0/24 maxlen: 24
46.38.137.0/24 maxlen: 24
46.38.138.0/24 maxlen: 24
46.38.139.0/24 maxlen: 24
46.38.140.0/24 maxlen: 24
46.38.141.0/24 maxlen: 24
46.38.144.0/21 maxlen: 21
46.38.144.0/23 maxlen: 23
46.38.150.0/24 maxlen: 24
46.38.152.0/22 maxlen: 22
46.38.156.0/23 maxlen: 23
46.38.158.0/24 maxlen: 24
109.94.164.0/24 maxlen: 24
109.94.165.0/24 maxlen: 24
185.24.148.0/24 maxlen: 24
185.24.149.0/24 maxlen: 24
185.24.150.0/24 maxlen: 24
185.24.151.0/24 maxlen: 24
185.29.220.0/24 maxlen: 24
185.29.221.0/24 maxlen: 24
185.29.222.0/24 maxlen: 24
185.29.223.0/24 maxlen: 24
185.143.72.0/24 maxlen: 24
185.143.73.0/24 maxlen: 24
185.143.74.0/24 maxlen: 24
185.143.75.0/24 maxlen: 24
212.16.64.0/19 maxlen: 24
212.16.71.0/24 maxlen: 24
212.16.72.0/24 maxlen: 25
212.16.78.0/24 maxlen: 24
212.16.79.0/24 maxlen: 24
212.16.85.0/24 maxlen: 24
212.16.86.0/23 maxlen: 23
212.16.89.0/24 maxlen: 24
212.16.92.0/23 maxlen: 23
212.16.94.0/24 maxlen: 24
212.80.0.0/19 maxlen: 24
212.80.0.0/24 maxlen: 24
212.80.2.0/24 maxlen: 24
212.80.6.0/24 maxlen: 24
212.80.7.0/24 maxlen: 24
212.80.29.0/24 maxlen: 24
2a00:7d80::/29 maxlen: 64
Validation: Failed, certificate revoked on Tue 06 Feb 2024 10:50:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7d:9f:1a:c2:dc:fd:d1:c0:91:46:2b:29:8d:ee:69:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Feb 6 08:53:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=309df3963999a28a1a13a3a639a3dfa05935ab09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:8a:9b:2f:c3:ee:f9:2e:32:4e:f7:16:53:c2:
55:f6:7a:16:8f:b1:0e:27:89:4c:f1:ff:ef:e7:4b:
3b:92:4e:36:36:4e:44:6c:54:a5:b8:0b:04:cf:1e:
0b:9f:62:06:2b:94:87:5b:f1:1e:cc:e9:e9:f0:e7:
92:d2:0e:01:d7:9f:7a:43:d7:53:3b:bf:e3:26:00:
99:eb:d0:cc:a2:4f:ab:42:05:84:20:c0:f8:65:73:
e0:d1:c0:f7:b7:e6:55:90:55:d4:ca:e5:0b:72:71:
20:09:5c:a4:f7:ef:3b:27:5b:9d:54:83:8c:f3:26:
4c:7a:0b:48:0f:fe:1b:f5:92:c0:57:5b:73:c0:d8:
39:42:ce:ad:e9:9f:98:34:08:02:0f:04:72:ed:6d:
0c:3b:95:ef:a6:0b:82:56:7b:17:d0:03:79:0a:a7:
49:f1:9c:cc:71:29:db:6e:00:8e:f4:9f:e2:fd:6c:
b1:a5:af:c3:0e:8e:ad:e4:07:58:5d:32:2c:aa:58:
08:e2:32:48:6e:88:bc:62:31:75:59:c2:b1:48:f1:
f0:38:91:4e:29:7c:93:c3:da:e1:86:8d:f4:4c:5d:
83:28:53:b4:88:43:b8:94:89:38:74:8f:cc:4a:e4:
03:2d:1e:8d:40:6a:88:22:fc:88:a2:af:11:59:9d:
0b:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:9D:F3:96:39:99:A2:8A:1A:13:A3:A6:39:A3:DF:A0:59:35:AB:09
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/MJ3zljmZoooaE6OmOaPfoFk1qwk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.38.129.0/24
46.38.131.0-46.38.141.255
46.38.144.0-46.38.158.255
109.94.164.0/23
185.24.148.0/22
185.29.220.0/22
185.143.72.0/22
212.16.64.0/19
212.80.0.0/19
IPv6:
2a00:7d80::/29
Signature Algorithm: sha256WithRSAEncryption
29:51:4c:16:ce:78:bd:4d:7b:63:19:48:03:6c:71:20:25:33:
79:d2:d3:b2:1b:30:41:0e:45:73:1f:9c:e8:6e:9c:82:93:aa:
fd:4d:fd:90:b4:1c:ea:c8:be:bd:60:1a:c4:04:81:26:93:e0:
74:f0:13:99:e6:30:d3:b0:b0:7a:42:fa:08:2f:7c:88:28:2b:
f2:1e:45:c1:4d:6f:86:98:02:1d:06:de:f5:54:4c:db:62:d5:
bb:b2:04:7e:ba:d5:13:9d:17:b2:a5:a4:85:bf:a1:9b:42:7f:
b5:0e:5b:92:29:b1:66:fd:b8:f7:de:d8:b1:e7:e1:15:7e:d1:
7f:b8:60:c6:d6:b9:77:61:2d:be:e4:d7:ab:5c:3e:7c:ff:b3:
28:d0:95:9f:a0:db:cd:2f:e0:cd:73:79:57:00:ef:23:dc:42:
2f:f7:1f:7b:48:43:c5:f7:e2:b3:ac:43:43:93:9f:58:cf:2a:
c7:2c:18:ba:fd:fa:8d:63:12:e5:d6:ca:0d:b3:b4:96:24:c0:
79:58:e4:87:c3:af:98:97:6b:34:e9:75:65:07:30:5b:62:f1:
57:6f:c9:1a:44:7f:3e:20:9b:40:fa:65:d0:4e:9b:34:e7:be:
32:05:c2:ab:53:0a:23:63:90:61:72:c6:d4:02:c4:10:42:fb:
9d:8e:fe:41
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgISAY19nxrC3P3RwJFGKymN7mnBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjQwMjA2MDg1MzE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDlkZjM5NjM5OTlhMjhhMWExM2EzYTYzOWEzZGZhMDU5MzVhYjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvYqbL8Pu+S4yTvcWU8JV9noWj7EO
J4lM8f/v50s7kk42Nk5EbFSluAsEzx4Ln2IGK5SHW/EezOnp8OeS0g4B1596Q9dT
O7/jJgCZ69DMok+rQgWEIMD4ZXPg0cD3t+ZVkFXUyuULcnEgCVyk9+87J1udVIOM
8yZMegtID/4b9ZLAV1tzwNg5Qs6t6Z+YNAgCDwRy7W0MO5XvpguCVnsX0AN5CqdJ
8ZzMcSnbbgCO9J/i/Wyxpa/DDo6t5AdYXTIsqlgI4jJIboi8YjF1WcKxSPHwOJFO
KXyTw9rhho30TF2DKFO0iEO4lIk4dI/MSuQDLR6NQGqIIvyIoq8RWZ0LRQIDAQAB
o4ICWDCCAlQwHQYDVR0OBBYEFDCd85Y5maKKGhOjpjmj36BZNasJMB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvTUozemxqbVpvb29hRTZPbU9hUGZvRmsxcXdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG4GCCsGAQUFBwEHAQH/BF8wXTBMBAIAATBGAwQALiaBMAwD
BAAuJoMDBAEuJowwDAMEBC4mkAMEAC4mngMEAW1epAMEArkYlAMEArkd3AMEArmP
SAMEBdQQQAMEBdRQADANBAIAAjAHAwUDKgB9gDANBgkqhkiG9w0BAQsFAAOCAQEA
KVFMFs54vU17YxlIA2xxICUzedLTshswQQ5Fcx+c6G6cgpOq/U39kLQc6si+vWAa
xASBJpPgdPATmeYw07CwekL6CC98iCgr8h5FwU1vhpgCHQbe9VRM22LVu7IEfrrV
E50XsqWkhb+hm0J/tQ5bkimxZv24997YsefhFX7Rf7hgxta5d2EtvuTXq1w+fP+z
KNCVn6DbzS/gzXN5VwDvI9xCL/cfe0hDxffis6xDQ5OfWM8qxywYuv36jWMS5dbK
DbO0liTAeVjkh8OvmJdrNOl1ZQcwW2LxV2/JGkR/PiCbQPpl0E6bNOe+MgXCq1MK
I2OQYXLG1ALEEEL7nY7+QQ==
-----END CERTIFICATE-----
Generated at Tue Feb 6 15:04:17 2024 by rpki-client on console-ams.rpki-client.org