Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/TX2xkl0s9h26MFLz5cCG-ueXNic.roa
File: TX2xkl0s9h26MFLz5cCG-ueXNic.roa (raw, json)
Hash identifier: Tea8Tqc6s4x2fo7xbw7VtIOL35vMYHAAd/iYxRR6OeI=
Subject key identifier: 4D:7D:B1:92:5D:2C:F6:1D:BA:30:52:F3:E5:C0:86:FA:E7:97:36:27
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 019426B9348FFC4F11EA0C2CB514B614C3E8
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/TX2xkl0s9h26MFLz5cCG-ueXNic.roa
Signing time: Thu 02 Jan 2025 11:14:19 +0000
ROA not before: Thu 02 Jan 2025 11:14:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34918
IP address blocks: 46.38.139.0/24 maxlen: 24
46.38.148.0/24 maxlen: 24
185.29.222.0/24 maxlen: 24
212.16.71.0/24 maxlen: 24
212.80.11.0/24 maxlen: 24
212.80.29.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:09:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:b9:34:8f:fc:4f:11:ea:0c:2c:b5:14:b6:14:c3:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Jan 2 11:14:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4d7db1925d2cf61dba3052f3e5c086fae7973627
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:d0:93:3d:ae:27:cc:64:bf:8c:a1:38:9c:31:
93:4a:66:7f:94:6e:05:b0:fd:ae:29:b6:3e:03:dd:
fe:83:aa:1d:8b:be:ea:15:58:03:b9:be:8c:5f:b1:
f2:00:61:54:b2:f6:98:80:cd:cf:a5:4e:e9:78:ff:
92:88:16:7d:39:29:9f:c8:85:14:23:97:48:ee:41:
38:e0:b0:e8:4e:78:b3:04:99:d5:49:65:56:7a:43:
69:bb:a7:63:57:da:7e:a6:25:03:2e:b7:fe:5a:f0:
22:20:ac:39:00:92:d1:82:2f:28:7b:b9:1d:ec:46:
49:a6:77:57:a5:46:ca:23:6f:cf:59:d1:42:db:08:
b8:2b:aa:a3:9e:a6:6a:ad:50:4a:e8:bf:3f:29:f2:
71:12:75:94:28:10:dd:69:a6:1a:e9:0b:ef:02:51:
21:3c:84:9b:86:af:1c:0b:b6:1f:bc:ba:cb:a8:23:
91:b9:68:76:66:f4:be:1e:db:6a:62:16:1c:70:03:
9c:70:92:4b:8e:29:77:ad:44:66:b2:79:0b:b7:42:
08:76:51:f4:ed:d7:e7:7c:2b:75:c2:f2:50:05:87:
42:e7:5c:7d:ae:0d:91:57:4a:3d:ef:cb:a2:85:d3:
b9:46:b9:fc:33:6f:d5:a9:a4:1f:6a:a5:f3:7c:32:
1f:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:7D:B1:92:5D:2C:F6:1D:BA:30:52:F3:E5:C0:86:FA:E7:97:36:27
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/TX2xkl0s9h26MFLz5cCG-ueXNic.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.38.139.0/24
46.38.148.0/24
185.29.222.0/24
212.16.71.0/24
212.80.11.0/24
212.80.29.0/24
Signature Algorithm: sha256WithRSAEncryption
72:ae:67:05:52:55:7c:e9:f4:87:3c:68:41:dc:57:83:7b:35:
33:5b:a9:4f:95:39:9c:77:b8:75:d2:06:65:88:3f:b6:d7:59:
27:b4:aa:7e:93:e2:23:6e:0b:8c:50:9f:65:8a:9c:62:5d:59:
1e:7e:70:2c:09:11:9c:f1:72:4c:fb:01:f1:a1:4c:ea:ea:07:
03:5d:d1:ea:b7:53:ee:7e:fa:67:d5:bb:8d:38:fe:1b:73:d3:
d4:8a:e7:db:2a:11:c5:99:f7:2b:76:00:94:79:cb:5a:18:c5:
b1:63:a8:e3:5e:44:4c:67:b9:1d:fb:74:e4:0e:87:7a:34:b9:
f1:96:46:26:59:8f:14:d0:92:4a:38:c1:76:29:29:23:55:81:
c9:36:9e:a6:8d:e4:74:6f:74:d3:e2:1f:5d:9a:07:f1:c1:4f:
1f:a3:41:8c:4c:60:bf:bc:6e:45:11:54:72:a1:bf:6d:c3:c1:
8e:c1:66:03:72:28:11:ce:00:54:d8:72:a0:6d:72:4c:ca:96:
29:9c:f3:c1:da:3b:24:5a:84:b6:2f:47:5c:69:95:f1:1b:ba:
4b:1b:1b:01:77:f6:d8:a3:7d:e9:c6:3b:ec:ff:50:28:ae:46:
75:da:fb:71:0d:6a:46:de:ed:a9:e2:df:1e:07:e9:49:97:24:
d6:92:0e:d6
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQmuTSP/E8R6gwstRS2FMPoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjUwMTAyMTExNDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDdkYjE5MjVkMmNmNjFkYmEzMDUyZjNlNWMwODZmYWU3OTczNjI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA79CTPa4nzGS/jKE4nDGTSmZ/lG4F
sP2uKbY+A93+g6odi77qFVgDub6MX7HyAGFUsvaYgM3PpU7peP+SiBZ9OSmfyIUU
I5dI7kE44LDoTnizBJnVSWVWekNpu6djV9p+piUDLrf+WvAiIKw5AJLRgi8oe7kd
7EZJpndXpUbKI2/PWdFC2wi4K6qjnqZqrVBK6L8/KfJxEnWUKBDdaaYa6QvvAlEh
PISbhq8cC7YfvLrLqCORuWh2ZvS+HttqYhYccAOccJJLjil3rURmsnkLt0IIdlH0
7dfnfCt1wvJQBYdC51x9rg2RV0o978uihdO5Rrn8M2/VqaQfaqXzfDIfnQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFE19sZJdLPYdujBS8+XAhvrnlzYnMB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvVFgyeGtsMHM5aDI2TUZMejVjQ0ctdWVYTmljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALiaLAwQA
LiaUAwQAuR3eAwQA1BBHAwQA1FALAwQA1FAdMA0GCSqGSIb3DQEBCwUAA4IBAQBy
rmcFUlV86fSHPGhB3FeDezUzW6lPlTmcd7h10gZliD+211kntKp+k+IjbguMUJ9l
ipxiXVkefnAsCRGc8XJM+wHxoUzq6gcDXdHqt1Pufvpn1buNOP4bc9PUiufbKhHF
mfcrdgCUectaGMWxY6jjXkRMZ7kd+3TkDod6NLnxlkYmWY8U0JJKOMF2KSkjVYHJ
Np6mjeR0b3TT4h9dmgfxwU8fo0GMTGC/vG5FEVRyob9tw8GOwWYDcigRzgBU2HKg
bXJMypYpnPPB2jskWoS2L0dcaZXxG7pLGxsBd/bYo33pxjvs/1AorkZ12vtxDWpG
3u2p4t8eB+lJlyTWkg7W
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:42:33 2025 by rpki-client