Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/QdAYiz2c3WY7LaN2zbasscRJR9o.roa
File: QdAYiz2c3WY7LaN2zbasscRJR9o.roa (raw, json)
Hash identifier: r9fekBerXPWJAI2VPG7wkKeCpfdEjl+qa3Up2/r6+ps=
Subject key identifier: 41:D0:18:8B:3D:9C:DD:66:3B:2D:A3:76:CD:B6:AC:B1:C4:49:47:DA
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 0194221FFC4F175600D4D8AAA17D72BB6062
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/QdAYiz2c3WY7LaN2zbasscRJR9o.roa
Signing time: Wed 01 Jan 2025 13:48:29 +0000
ROA not before: Wed 01 Jan 2025 13:48:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34837
IP address blocks: 46.38.129.0/24 maxlen: 24
46.38.131.0/24 maxlen: 24
46.38.140.0/24 maxlen: 24
212.16.64.0/24 maxlen: 24
212.16.65.0/24 maxlen: 24
212.16.67.0/24 maxlen: 24
212.16.75.0/24 maxlen: 24
212.16.82.0/24 maxlen: 24
212.16.83.0/24 maxlen: 24
212.16.88.0/24 maxlen: 24
212.16.90.0/24 maxlen: 24
212.16.91.0/24 maxlen: 24
212.80.0.0/19 maxlen: 19
212.80.1.0/24 maxlen: 24
212.80.3.0/24 maxlen: 24
212.80.5.0/24 maxlen: 24
212.80.11.0/24 maxlen: 24
212.80.12.0/24 maxlen: 24
212.80.13.0/24 maxlen: 24
212.80.14.0/24 maxlen: 24
212.80.15.0/24 maxlen: 24
212.80.16.0/24 maxlen: 24
212.80.28.0/24 maxlen: 24
212.80.30.0/24 maxlen: 24
212.80.31.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:17:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:fc:4f:17:56:00:d4:d8:aa:a1:7d:72:bb:60:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Jan 1 13:48:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=41d0188b3d9cdd663b2da376cdb6acb1c44947da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:05:2f:0b:b2:4f:a2:cc:13:32:af:23:4f:e8:
34:4f:00:00:99:6e:d0:13:2b:cd:25:a3:a0:bc:a0:
b5:9d:94:45:3a:40:55:2e:ff:b7:23:12:d6:05:2a:
53:df:46:11:f8:d3:22:4e:25:af:e1:20:fe:d8:b6:
c6:0a:e4:8d:fd:40:c5:ea:8b:7f:ec:25:2c:c5:51:
70:16:b6:3e:f9:10:6e:f2:8f:a0:81:fc:6f:62:79:
6c:24:8a:4d:68:79:75:5f:03:d7:fe:d7:9c:11:30:
f8:f2:98:25:10:1d:15:f8:45:fb:e9:a3:6d:d0:13:
38:c8:76:b6:6c:38:84:20:a6:d1:ee:17:c5:3c:cd:
e0:ed:41:b9:95:7b:04:c7:a9:11:2d:c4:96:fe:0f:
0d:37:76:19:dc:db:7b:04:2e:82:9d:3f:1c:31:33:
2c:8f:4c:85:8e:53:82:37:a1:f6:39:36:61:86:a0:
8f:ba:76:91:7f:75:73:0a:eb:6f:26:0c:fa:1a:c9:
3f:1b:f7:04:1e:1b:7f:2d:5a:df:9d:cb:a6:4b:83:
24:70:a2:b4:bf:4d:54:ad:6f:83:95:87:a6:71:cc:
39:02:16:00:2b:c4:e3:52:dc:7f:af:ee:2a:57:31:
d0:80:75:9e:7c:c2:a7:ae:52:c4:a3:96:47:ec:82:
4c:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:D0:18:8B:3D:9C:DD:66:3B:2D:A3:76:CD:B6:AC:B1:C4:49:47:DA
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/QdAYiz2c3WY7LaN2zbasscRJR9o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.38.129.0/24
46.38.131.0/24
46.38.140.0/24
212.16.64.0/23
212.16.67.0/24
212.16.75.0/24
212.16.82.0/23
212.16.88.0/24
212.16.90.0/23
212.80.0.0/19
Signature Algorithm: sha256WithRSAEncryption
72:e8:f7:12:c8:04:c7:a8:20:e8:f2:5c:a0:87:d0:d9:6b:a2:
1a:32:87:36:5f:87:3d:8a:b0:bc:2d:b1:61:92:ad:a8:46:c7:
20:d6:b5:6b:e4:e9:18:df:38:67:1f:00:ad:b8:cd:d6:34:64:
52:04:7f:0b:49:17:b6:8f:d7:87:83:ed:46:43:f0:c5:de:3c:
09:c2:1c:f5:61:14:6b:c9:54:ed:be:be:ff:26:5b:22:8a:ce:
56:d3:b7:24:ef:d0:df:18:94:85:7b:ed:94:19:67:d1:44:62:
54:9f:2e:87:45:86:8c:1f:8e:35:0c:88:dc:50:6b:ea:16:46:
8d:07:7b:24:53:e5:e2:0b:b0:2e:a7:a2:fa:4a:94:db:95:10:
71:35:ba:9e:12:fb:4f:67:64:19:52:40:8e:e2:17:06:bd:84:
7a:26:71:3a:f4:d1:4f:32:ac:59:f5:0f:f0:03:16:3d:9f:51:
62:84:50:be:18:96:a4:30:97:fb:d5:78:47:56:19:9a:aa:96:
1b:fc:60:bd:88:37:b1:ac:b9:92:58:86:72:ef:e2:14:e2:58:
40:ae:97:75:1f:df:e2:a6:48:d2:fa:82:a6:db:b3:ce:03:39:
60:a7:1f:87:f4:00:fc:74:2e:9e:11:0b:01:c9:05:f0:02:cd:
78:b2:2d:44
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZQiH/xPF1YA1NiqoX1yu2BiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjUwMTAxMTM0ODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWQwMTg4YjNkOWNkZDY2M2IyZGEzNzZjZGI2YWNiMWM0NDk0N2RhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsQUvC7JPoswTMq8jT+g0TwAAmW7Q
EyvNJaOgvKC1nZRFOkBVLv+3IxLWBSpT30YR+NMiTiWv4SD+2LbGCuSN/UDF6ot/
7CUsxVFwFrY++RBu8o+ggfxvYnlsJIpNaHl1XwPX/tecETD48pglEB0V+EX76aNt
0BM4yHa2bDiEIKbR7hfFPM3g7UG5lXsEx6kRLcSW/g8NN3YZ3Nt7BC6CnT8cMTMs
j0yFjlOCN6H2OTZhhqCPunaRf3VzCutvJgz6Gsk/G/cEHht/LVrfncumS4MkcKK0
v01UrW+DlYemccw5AhYAK8TjUtx/r+4qVzHQgHWefMKnrlLEo5ZH7IJMKwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFEHQGIs9nN1mOy2jds22rLHESUfaMB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvUWRBWWl6MmMzV1k3TGFOMnpiYXNzY1JKUjlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQALiaBAwQA
LiaDAwQALiaMAwQB1BBAAwQA1BBDAwQA1BBLAwQB1BBSAwQA1BBYAwQB1BBaAwQF
1FAAMA0GCSqGSIb3DQEBCwUAA4IBAQBy6PcSyATHqCDo8lygh9DZa6IaMoc2X4c9
irC8LbFhkq2oRscg1rVr5OkY3zhnHwCtuM3WNGRSBH8LSRe2j9eHg+1GQ/DF3jwJ
whz1YRRryVTtvr7/Jlsiis5W07ck79DfGJSFe+2UGWfRRGJUny6HRYaMH441DIjc
UGvqFkaNB3skU+XiC7Aup6L6SpTblRBxNbqeEvtPZ2QZUkCO4hcGvYR6JnE69NFP
MqxZ9Q/wAxY9n1FihFC+GJakMJf71XhHVhmaqpYb/GC9iDexrLmSWIZy7+IU4lhA
rpd1H9/ipkjS+oKm27POAzlgpx+H9AD8dC6eEQsByQXwAs14si1E
-----END CERTIFICATE-----
Generated at Thu Apr 17 08:46:37 2025 by rpki-client