Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/OhUmqew1oiPiRoOwNBKwb5HWiv8.roa
File: OhUmqew1oiPiRoOwNBKwb5HWiv8.roa (raw, json)
Hash identifier: +fmHDea1p7/UiCx+WJgZ/oJOry6VsNXb+rPBY9HHTV8=
Subject key identifier: 3A:15:26:A9:EC:35:A2:23:E2:46:83:B0:34:12:B0:6F:91:D6:8A:FF
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 0190A862EFFB1D436176A2F432E67B2C976A
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/OhUmqew1oiPiRoOwNBKwb5HWiv8.roa
Signing time: Fri 12 Jul 2024 19:19:34 +0000
ROA not before: Fri 12 Jul 2024 19:19:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57043
IP address blocks: 46.38.152.0/24 maxlen: 24
185.24.150.0/24 maxlen: 24
212.16.94.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 29 Jul 2024 12:24:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:a8:62:ef:fb:1d:43:61:76:a2:f4:32:e6:7b:2c:97:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Jul 12 19:19:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3a1526a9ec35a223e24683b03412b06f91d68aff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:22:70:48:05:ea:2e:47:51:50:24:51:d2:28:
7d:3b:aa:ff:6b:8a:ba:72:a8:49:ad:ed:12:85:af:
c3:5d:b0:0a:d9:9d:6c:ae:29:e5:d9:d8:f8:b0:21:
99:95:58:4f:64:25:9b:7e:e7:ae:71:79:b1:c7:10:
f4:a3:01:74:12:ee:e7:66:df:7c:46:38:d4:d5:6b:
78:ff:43:30:26:2c:3a:de:1a:af:84:67:d2:33:ff:
4d:c8:09:6e:dd:f8:f9:6e:72:3f:60:c1:29:8c:17:
49:f2:84:21:43:6a:f5:9e:f5:69:b1:47:43:7c:76:
48:a6:71:a2:dc:0f:09:36:4a:87:48:92:96:19:d2:
c7:52:65:3f:7d:62:be:45:15:22:2c:92:2f:bd:90:
b9:ae:69:9b:9c:8c:a9:f6:b6:09:77:c7:71:dc:ee:
cc:49:d9:19:3a:3e:ad:73:c9:52:f6:a6:9a:b1:8a:
6d:ee:3d:40:de:a6:62:38:9d:0b:75:d5:e8:c8:cb:
2b:57:7e:5e:e6:9d:ed:c5:dc:d8:14:2f:7f:16:6a:
7c:fa:6d:39:72:5e:ae:89:72:6c:b4:bf:77:86:34:
45:72:df:8f:46:8e:4a:dc:9d:1b:f8:f7:f5:c4:08:
83:75:5d:70:51:01:97:e4:7d:08:50:49:2c:14:7e:
f1:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:15:26:A9:EC:35:A2:23:E2:46:83:B0:34:12:B0:6F:91:D6:8A:FF
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/OhUmqew1oiPiRoOwNBKwb5HWiv8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.38.152.0/24
185.24.150.0/24
212.16.94.0/24
Signature Algorithm: sha256WithRSAEncryption
86:a3:6d:ad:d9:83:5b:8c:ec:a4:5c:35:a9:11:ce:2d:79:8b:
e3:2e:c3:ab:43:16:3f:c5:db:36:1f:8b:a9:04:78:d1:35:6b:
5e:97:e3:54:27:a6:39:d3:2b:c7:ff:ac:38:8e:2a:69:ca:0b:
63:3e:12:9a:6c:07:2d:f9:0b:9c:d2:0f:be:ad:93:96:4a:0c:
b6:e5:94:b5:8e:10:88:6b:5c:25:49:f8:f1:01:ef:2d:21:ab:
c5:b6:2b:07:0c:96:7b:79:00:ac:65:d0:60:f1:22:13:32:06:
35:00:7d:9b:2f:8d:f1:35:25:87:61:4e:52:6a:e5:8e:71:e7:
58:0a:1e:2c:a1:b3:d6:97:12:e3:77:ce:ba:91:7a:ac:55:ae:
9b:98:b8:9d:cf:80:83:9c:af:9c:ad:85:cc:fc:c8:e7:b2:79:
0b:61:4a:4f:d3:7c:95:94:51:61:43:ff:3c:19:df:b9:0b:a7:
0f:80:75:1f:ba:35:f6:98:ce:ce:f1:3c:f3:93:2b:d6:75:70:
53:7c:62:a4:4b:b2:be:10:d0:9d:fc:51:98:ec:72:28:ad:fb:
10:45:f8:cf:ce:b4:2e:18:e3:d8:69:dc:0c:f2:bf:7d:55:99:
0e:be:da:c2:a5:a7:df:6e:cc:46:fa:6b:4a:17:ef:61:a2:f6:
a8:95:c9:c6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZCoYu/7HUNhdqL0MuZ7LJdqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjQwNzEyMTkxOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTE1MjZhOWVjMzVhMjIzZTI0NjgzYjAzNDEyYjA2ZjkxZDY4YWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2iJwSAXqLkdRUCRR0ih9O6r/a4q6
cqhJre0Sha/DXbAK2Z1srinl2dj4sCGZlVhPZCWbfueucXmxxxD0owF0Eu7nZt98
RjjU1Wt4/0MwJiw63hqvhGfSM/9NyAlu3fj5bnI/YMEpjBdJ8oQhQ2r1nvVpsUdD
fHZIpnGi3A8JNkqHSJKWGdLHUmU/fWK+RRUiLJIvvZC5rmmbnIyp9rYJd8dx3O7M
SdkZOj6tc8lS9qaasYpt7j1A3qZiOJ0LddXoyMsrV35e5p3txdzYFC9/Fmp8+m05
cl6uiXJstL93hjRFct+PRo5K3J0b+Pf1xAiDdV1wUQGX5H0IUEksFH7xHwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDoVJqnsNaIj4kaDsDQSsG+R1or/MB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvT2hVbXFldzFvaVBpUm9Pd05CS3diNUhXaXY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALiaYAwQA
uRiWAwQA1BBeMA0GCSqGSIb3DQEBCwUAA4IBAQCGo22t2YNbjOykXDWpEc4teYvj
LsOrQxY/xds2H4upBHjRNWtel+NUJ6Y50yvH/6w4jippygtjPhKabAct+Quc0g++
rZOWSgy25ZS1jhCIa1wlSfjxAe8tIavFtisHDJZ7eQCsZdBg8SITMgY1AH2bL43x
NSWHYU5SauWOcedYCh4sobPWlxLjd866kXqsVa6bmLidz4CDnK+crYXM/MjnsnkL
YUpP03yVlFFhQ/88Gd+5C6cPgHUfujX2mM7O8TzzkyvWdXBTfGKkS7K+ENCd/FGY
7HIorfsQRfjPzrQuGOPYadwM8r99VZkOvtrCpaffbsxG+mtKF+9hovaolcnG
-----END CERTIFICATE-----
Generated at Mon Jul 29 13:52:11 2024 by rpki-client on console-fra.rpki-client.org