Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/XmfOK6SIfzaSUxSM51z8i8zBERw.roa
File: XmfOK6SIfzaSUxSM51z8i8zBERw.roa (raw, json)
Hash identifier: 4cfDuzn6XRHqZvHNBMMxgUo+FcZoGPMVeMNE97f4fKw=
Subject key identifier: 5E:67:CE:2B:A4:88:7F:36:92:53:14:8C:E7:5C:FC:8B:CC:C1:11:1C
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 018FE70AADB5C90A69D10F4D24490A35A8BC
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/XmfOK6SIfzaSUxSM51z8i8zBERw.roa
Signing time: Wed 05 Jun 2024 06:16:27 +0000
ROA not before: Wed 05 Jun 2024 06:16:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44889
IP address blocks: 46.38.129.0/24 maxlen: 24
46.38.131.0/24 maxlen: 24
46.38.136.0/24 maxlen: 24
46.38.137.0/24 maxlen: 24
46.38.138.0/24 maxlen: 24
46.38.139.0/24 maxlen: 24
46.38.140.0/24 maxlen: 24
46.38.144.0/23 maxlen: 23
46.38.150.0/24 maxlen: 24
109.94.164.0/24 maxlen: 24
109.94.165.0/24 maxlen: 24
185.24.149.0/24 maxlen: 24
185.24.150.0/24 maxlen: 24
185.24.151.0/24 maxlen: 24
185.29.220.0/24 maxlen: 24
185.29.221.0/24 maxlen: 24
185.29.222.0/24 maxlen: 24
185.29.223.0/24 maxlen: 24
185.143.74.0/24 maxlen: 24
185.143.75.0/24 maxlen: 24
212.16.64.0/19 maxlen: 24
212.16.71.0/24 maxlen: 24
212.16.72.0/24 maxlen: 25
212.16.86.0/23 maxlen: 23
212.16.89.0/24 maxlen: 24
212.80.0.0/19 maxlen: 24
212.80.2.0/24 maxlen: 24
2a00:7d80::/29 maxlen: 64
Validation: Failed, certificate revoked on Mon 24 Jun 2024 10:24:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e7:0a:ad:b5:c9:0a:69:d1:0f:4d:24:49:0a:35:a8:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Jun 5 06:16:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5e67ce2ba4887f369253148ce75cfc8bccc1111c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:d8:e0:28:a2:98:4a:92:eb:e6:ef:0d:8d:6f:
1c:a9:32:ba:ec:6e:23:f5:3c:90:c9:90:aa:20:16:
29:15:1f:85:d9:e6:77:61:3b:f9:4a:6e:ac:db:f8:
fd:aa:3c:15:72:11:41:20:50:a2:6f:82:09:93:e0:
45:9c:c9:ef:1c:5b:79:53:a1:b0:c4:69:b7:70:de:
3c:05:7a:88:73:4a:d8:4c:b4:e0:7f:91:15:3f:68:
2b:75:1d:c7:72:bb:c1:bf:b1:97:b3:d4:45:e1:ac:
b8:1a:7c:bc:92:83:1c:38:a1:45:65:9d:3d:8e:6d:
2f:55:e9:5e:d5:ee:11:9d:7a:0c:65:ba:f3:51:94:
88:4b:0f:67:60:05:ab:08:2c:6b:4a:b5:b8:01:4f:
6c:b5:68:b9:68:a0:7d:6c:b0:10:37:80:2a:20:f5:
ea:e4:85:f5:98:3d:f7:bf:a1:b9:78:3a:32:22:8a:
a9:c4:ba:d8:59:08:ed:2c:13:cf:2f:38:63:31:8b:
f0:06:76:a8:95:2f:7e:3b:09:e0:89:a2:4b:b7:6c:
1e:0b:ba:1d:c3:82:11:24:a5:e0:be:5a:91:98:43:
a6:ac:ae:da:d0:c3:2b:3f:25:1e:01:7f:f1:34:d4:
8d:8a:68:e3:d6:bf:31:43:8b:c8:04:2c:16:8d:18:
e4:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:67:CE:2B:A4:88:7F:36:92:53:14:8C:E7:5C:FC:8B:CC:C1:11:1C
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/XmfOK6SIfzaSUxSM51z8i8zBERw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.38.129.0/24
46.38.131.0/24
46.38.136.0-46.38.140.255
46.38.144.0/23
46.38.150.0/24
109.94.164.0/23
185.24.149.0-185.24.151.255
185.29.220.0/22
185.143.74.0/23
212.16.64.0/19
212.80.0.0/19
IPv6:
2a00:7d80::/29
Signature Algorithm: sha256WithRSAEncryption
5a:b0:52:7c:0c:fd:e3:f7:e8:27:37:5e:33:5e:bd:cf:19:30:
92:13:8e:b4:f0:38:7c:8d:5b:5c:20:57:94:4c:c1:e4:44:33:
3a:65:e2:9f:8b:fd:3c:7d:73:2f:d0:74:53:d9:83:cf:42:35:
11:aa:73:26:06:2f:1f:af:19:bf:5e:4b:7b:9a:a9:b6:b1:be:
20:64:71:b6:ff:7d:c4:d5:35:66:aa:97:dc:32:3d:ca:80:7c:
1e:bf:70:80:ff:8b:6b:34:6b:95:f1:87:e1:d7:48:b3:96:34:
08:73:53:f5:a8:39:c8:44:8d:12:4f:0d:85:65:1b:ad:c1:e0:
d8:7f:54:83:aa:19:ba:d8:ad:82:52:61:e7:9f:1e:7c:ef:a0:
f6:b8:fb:24:bc:39:1b:04:d7:8e:26:9e:b2:5e:bd:e1:8b:3a:
df:a5:72:59:b1:26:96:d5:47:9c:33:4e:d3:ce:83:41:44:38:
e6:5c:e9:a3:74:ec:c6:b3:00:fc:46:af:27:3d:75:3f:d7:9a:
b9:a2:17:aa:67:08:20:83:f1:2a:92:15:c4:6e:4a:86:d4:fa:
bb:d1:63:73:af:77:e6:8e:36:b9:e0:66:41:37:70:ee:38:54:
a4:12:b6:63:7f:8a:82:47:f2:00:38:5d:38:c3:2a:eb:12:50:
66:11:9a:81
-----BEGIN CERTIFICATE-----
MIIFWDCCBECgAwIBAgISAY/nCq21yQpp0Q9NJEkKNai8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjQwNjA1MDYxNjI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTY3Y2UyYmE0ODg3ZjM2OTI1MzE0OGNlNzVjZmM4YmNjYzExMTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvNjgKKKYSpLr5u8NjW8cqTK67G4j
9TyQyZCqIBYpFR+F2eZ3YTv5Sm6s2/j9qjwVchFBIFCib4IJk+BFnMnvHFt5U6Gw
xGm3cN48BXqIc0rYTLTgf5EVP2grdR3HcrvBv7GXs9RF4ay4Gny8koMcOKFFZZ09
jm0vVele1e4RnXoMZbrzUZSISw9nYAWrCCxrSrW4AU9stWi5aKB9bLAQN4AqIPXq
5IX1mD33v6G5eDoyIoqpxLrYWQjtLBPPLzhjMYvwBnaolS9+OwngiaJLt2weC7od
w4IRJKXgvlqRmEOmrK7a0MMrPyUeAX/xNNSNimjj1r8xQ4vIBCwWjRjkdwIDAQAB
o4ICZDCCAmAwHQYDVR0OBBYEFF5nziukiH82klMUjOdc/IvMwREcMB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvWG1mT0s2U0lmemFTVXhTTTUxejhpOHpCRVJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHoGCCsGAQUFBwEHAQH/BGswaTBYBAIAATBSAwQALiaBAwQA
LiaDMAwDBAMuJogDBAAuJowDBAEuJpADBAAuJpYDBAFtXqQwDAMEALkYlQMEA7kY
kAMEArkd3AMEAbmPSgMEBdQQQAMEBdRQADANBAIAAjAHAwUDKgB9gDANBgkqhkiG
9w0BAQsFAAOCAQEAWrBSfAz94/foJzdeM169zxkwkhOOtPA4fI1bXCBXlEzB5EQz
OmXin4v9PH1zL9B0U9mDz0I1EapzJgYvH68Zv15Le5qptrG+IGRxtv99xNU1ZqqX
3DI9yoB8Hr9wgP+LazRrlfGH4ddIs5Y0CHNT9ag5yESNEk8NhWUbrcHg2H9Ug6oZ
utitglJh558efO+g9rj7JLw5GwTXjiaesl694Ys636VyWbEmltVHnDNO086DQUQ4
5lzpo3TsxrMA/EavJz11P9eauaIXqmcIIIPxKpIVxG5KhtT6u9Fjc6935o42ueBm
QTdw7jhUpBK2Y3+KgkfyADhdOMMq6xJQZhGagQ==
-----END CERTIFICATE-----
Generated at Mon Jun 24 16:22:18 2024 by rpki-client on console-ams.rpki-client.org