Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/OMoZl3M63K05f0gJSsYMOXqqlvY.roa
File: OMoZl3M63K05f0gJSsYMOXqqlvY.roa (raw, json)
Hash identifier: qaj2j+rTE72Vu3NpRmC73MZQjoqGuLgUaCyb83lZbEQ=
Subject key identifier: 38:CA:19:97:73:3A:DC:AD:39:7F:48:09:4A:C6:0C:39:7A:AA:96:F6
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 018B37CF7D4D5D15FFAD93EF2BE6A430E041
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/OMoZl3M63K05f0gJSsYMOXqqlvY.roa
Signing time: Mon 16 Oct 2023 09:27:06 +0000
ROA not before: Mon 16 Oct 2023 09:27:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44889
IP address blocks: 212.16.64.0/19 maxlen: 24
46.38.140.0/24 maxlen: 24
46.38.150.0/24 maxlen: 24
212.16.72.0/24 maxlen: 25
212.80.0.0/19 maxlen: 24
212.80.2.0/24 maxlen: 24
212.80.20.0/23 maxlen: 23
46.38.129.0/24 maxlen: 24
46.38.131.0/24 maxlen: 24
46.38.132.0/22 maxlen: 22
2a00:7d80::/29 maxlen: 64
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:37:cf:7d:4d:5d:15:ff:ad:93:ef:2b:e6:a4:30:e0:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Oct 16 09:27:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=38ca1997733adcad397f48094ac60c397aaa96f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:82:d5:12:ce:19:83:5a:c4:71:7d:e7:54:30:
e9:da:e8:7a:8b:d3:f9:d4:eb:59:90:1f:48:6c:8e:
5d:09:1f:cb:d3:ac:72:fc:16:84:a1:a7:a8:f8:cc:
52:d5:f2:9c:1e:e6:e7:b0:4a:9f:de:4c:4a:6f:65:
3b:f7:8c:f3:f9:19:93:f3:9a:17:4d:87:59:7c:61:
80:15:33:4e:d8:c6:ed:9d:d4:2c:b2:77:a0:d2:77:
aa:c8:fc:0d:97:96:6c:f2:6d:28:c4:bf:1f:ae:54:
95:69:11:ac:f6:b6:e5:f2:85:d6:74:e3:d3:96:25:
d5:79:cb:13:8d:66:67:7d:c5:21:61:21:38:55:b8:
1a:2c:5e:1f:a1:9e:53:c8:00:10:25:d2:e6:b9:01:
5e:b7:22:2c:58:b4:75:2d:8d:b8:ea:c8:9a:21:32:
27:71:83:5a:1e:c2:82:e5:97:d0:f6:8b:cf:d9:3a:
e1:ac:ff:1d:1e:55:71:bc:82:8d:e9:41:16:d5:96:
56:83:58:25:ac:0c:3a:ca:1d:a2:7b:10:67:41:f8:
72:69:3f:79:87:a7:fd:20:a3:58:da:4f:22:62:ae:
b6:16:1e:9e:6f:b1:5f:6a:93:dd:56:d0:ed:23:25:
9c:9a:b9:34:0d:70:d6:e6:8e:13:b9:d3:79:45:f2:
eb:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:CA:19:97:73:3A:DC:AD:39:7F:48:09:4A:C6:0C:39:7A:AA:96:F6
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/OMoZl3M63K05f0gJSsYMOXqqlvY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.38.129.0/24
46.38.131.0-46.38.135.255
46.38.140.0/24
46.38.150.0/24
212.16.64.0/19
212.80.0.0/19
IPv6:
2a00:7d80::/29
Signature Algorithm: sha256WithRSAEncryption
7b:f5:5b:0a:f4:1c:70:89:21:bf:08:36:a3:e7:10:94:78:26:
e7:e0:cd:43:6a:1b:0b:9e:53:98:6c:ce:30:3d:9b:5d:1c:5b:
6f:c4:c6:c0:98:5a:8d:24:71:54:b9:0e:3d:11:e5:a2:4d:b2:
7f:f3:6b:55:61:dd:51:9b:6f:7d:1d:11:7f:3a:0b:c2:ce:29:
a1:34:b5:a5:ce:00:9a:6a:3e:90:29:0b:7d:92:00:c2:a4:7c:
06:e1:cf:bc:6a:c6:1f:78:6d:3f:c1:fe:4a:62:21:91:d7:a3:
3f:ad:35:e6:36:da:34:e8:ed:93:d7:7c:ca:58:2e:44:56:df:
ce:63:b5:5e:12:78:3f:f9:48:54:28:56:43:22:03:da:98:49:
59:ef:fd:a4:83:e3:90:2e:b7:2d:c5:f2:a3:94:ab:da:c7:87:
31:ca:fa:92:eb:12:60:76:3d:28:66:68:c6:bd:a0:e5:68:65:
91:31:23:09:bc:64:9b:76:ca:f0:df:20:d9:77:0c:d4:68:79:
65:82:4f:2d:3e:1d:05:38:d7:45:37:2b:0d:35:8a:60:70:07:
88:e3:29:8c:58:80:5a:34:fd:32:31:47:f0:cd:d6:22:09:24:
9d:64:ac:fe:39:81:b3:fb:86:29:9e:9c:4c:fa:0b:aa:67:5d:
d1:34:13:20
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAYs3z31NXRX/rZPvK+akMOBBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjMxMDE2MDkyNzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGNhMTk5NzczM2FkY2FkMzk3ZjQ4MDk0YWM2MGMzOTdhYWE5NmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlILVEs4Zg1rEcX3nVDDp2uh6i9P5
1OtZkB9IbI5dCR/L06xy/BaEoaeo+MxS1fKcHubnsEqf3kxKb2U794zz+RmT85oX
TYdZfGGAFTNO2MbtndQssneg0neqyPwNl5Zs8m0oxL8frlSVaRGs9rbl8oXWdOPT
liXVecsTjWZnfcUhYSE4VbgaLF4foZ5TyAAQJdLmuQFetyIsWLR1LY246siaITIn
cYNaHsKC5ZfQ9ovP2TrhrP8dHlVxvIKN6UEW1ZZWg1glrAw6yh2iexBnQfhyaT95
h6f9IKNY2k8iYq62Fh6eb7FfapPdVtDtIyWcmrk0DXDW5o4TudN5RfLrvwIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFDjKGZdzOtytOX9ICUrGDDl6qpb2MB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvT01vWmwzTTYzSzA1ZjBnSlNzWU1PWHFxbHZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAyBAIAATAsAwQALiaBMAwD
BAAuJoMDBAMuJoADBAAuJowDBAAuJpYDBAXUEEADBAXUUAAwDQQCAAIwBwMFAyoA
fYAwDQYJKoZIhvcNAQELBQADggEBAHv1Wwr0HHCJIb8INqPnEJR4JufgzUNqGwue
U5hszjA9m10cW2/ExsCYWo0kcVS5Dj0R5aJNsn/za1Vh3VGbb30dEX86C8LOKaE0
taXOAJpqPpApC32SAMKkfAbhz7xqxh94bT/B/kpiIZHXoz+tNeY22jTo7ZPXfMpY
LkRW385jtV4SeD/5SFQoVkMiA9qYSVnv/aSD45Auty3F8qOUq9rHhzHK+pLrEmB2
PShmaMa9oOVoZZExIwm8ZJt2yvDfINl3DNRoeWWCTy0+HQU410U3Kw01imBwB4jj
KYxYgFo0/TIxR/DN1iIJJJ1krP45gbP7himenEz6C6pnXdE0EyA=
-----END CERTIFICATE-----
Generated at Mon Oct 16 10:56:46 2023 by rpki-client on console-fra.rpki-client.org