Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/ZaN6AGPOF6c5NpvdhjwV5GW-5Fk.roa
File: ZaN6AGPOF6c5NpvdhjwV5GW-5Fk.roa (raw, json)
Hash identifier: n9jkIcWnZ/1Bmq77NnWvZKB8WxcPdAPwmpKuruMJcEU=
Subject key identifier: 65:A3:7A:00:63:CE:17:A7:39:36:9B:DD:86:3C:15:E4:65:BE:E4:59
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 018B96683E3D353012FA71F7CE09CE24C10F
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/ZaN6AGPOF6c5NpvdhjwV5GW-5Fk.roa
Signing time: Fri 03 Nov 2023 18:18:15 +0000
ROA not before: Fri 03 Nov 2023 18:18:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44889
IP address blocks: 212.16.64.0/19 maxlen: 24
212.16.72.0/24 maxlen: 25
212.80.0.0/19 maxlen: 24
212.80.2.0/24 maxlen: 24
212.80.8.0/22 maxlen: 22
212.80.20.0/23 maxlen: 23
46.38.140.0/24 maxlen: 24
46.38.144.0/21 maxlen: 21
46.38.144.0/23 maxlen: 23
46.38.150.0/24 maxlen: 24
46.38.129.0/24 maxlen: 24
46.38.131.0/24 maxlen: 24
46.38.132.0/22 maxlen: 22
2a00:7d80::/29 maxlen: 64
Validation: Failed, certificate revoked on Wed 08 Nov 2023 16:53:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:96:68:3e:3d:35:30:12:fa:71:f7:ce:09:ce:24:c1:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Nov 3 18:18:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=65a37a0063ce17a739369bdd863c15e465bee459
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:0b:7f:b9:c2:10:60:a1:86:23:32:ed:e1:ae:
3d:25:fb:0a:f3:cc:a2:0f:cd:55:55:41:fb:ff:f8:
da:ca:37:c0:e1:a9:9a:a6:e2:37:2e:7b:77:34:be:
78:7b:08:1a:b4:61:72:e3:d0:17:c9:79:bb:c6:d1:
4d:83:f0:76:1b:f9:88:cc:fa:71:70:3f:77:ae:e0:
b4:a8:a9:c6:21:e4:57:35:fd:57:b9:9b:78:85:7e:
01:83:b2:80:9b:19:54:c4:78:64:47:71:b5:d1:52:
8c:ec:2e:4f:fa:9d:7f:7e:b2:84:e2:b7:87:f7:42:
e9:c7:5c:b2:60:9d:a2:40:47:8d:c4:2e:f3:44:95:
fa:05:18:aa:29:5d:5b:aa:68:47:c8:9d:e8:92:12:
25:e3:f2:19:2b:35:4d:55:a5:66:0b:65:fb:e4:ab:
7a:b0:8e:b4:c9:d0:d7:1b:d1:ef:a7:a9:e9:eb:41:
6b:27:2b:28:70:0d:19:30:35:3b:ad:8b:7d:ba:ac:
56:0b:93:9f:88:cf:94:35:dd:ab:3e:b5:6e:39:9e:
79:77:ed:72:e4:38:7e:a1:de:a4:78:a6:03:3c:68:
55:4e:ad:43:5f:59:91:b5:70:ce:df:64:ed:8b:7e:
0b:aa:9e:f0:92:82:29:55:fc:e4:a0:bc:67:c8:39:
73:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:A3:7A:00:63:CE:17:A7:39:36:9B:DD:86:3C:15:E4:65:BE:E4:59
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/ZaN6AGPOF6c5NpvdhjwV5GW-5Fk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.38.129.0/24
46.38.131.0-46.38.135.255
46.38.140.0/24
46.38.144.0/21
212.16.64.0/19
212.80.0.0/19
IPv6:
2a00:7d80::/29
Signature Algorithm: sha256WithRSAEncryption
a7:fb:f2:09:88:9a:b0:d0:ec:cc:2a:7b:a1:9f:05:84:94:c9:
d8:16:04:e7:7f:00:9e:35:7f:bb:7f:a9:93:d8:2a:e0:44:d4:
fb:6e:c0:00:0d:cc:3c:ff:c3:96:91:8a:61:a7:c0:cb:0c:7a:
a2:2c:cf:72:df:0f:8e:38:91:f2:0d:8e:0a:e7:ce:09:e0:5b:
8d:58:ea:54:e9:de:6f:6a:01:43:62:97:e7:f9:37:9f:bc:db:
57:3c:d3:3f:5a:67:72:5a:1d:0e:cc:5d:51:61:00:65:cd:0e:
3c:9f:28:71:7f:3a:45:05:a3:e4:42:2b:26:a7:d5:cd:ac:47:
64:58:e0:ea:23:a0:9b:a7:e1:d4:ed:21:a3:f3:af:5e:5d:0f:
da:29:03:db:41:02:67:b3:9b:71:9f:89:e8:16:6f:f5:2e:79:
0f:fb:af:f4:62:0c:8e:59:ba:df:ba:cf:00:9a:a0:52:b0:c2:
dd:c9:e8:0a:8d:19:c2:98:60:77:ba:14:1c:41:bd:2e:83:69:
f9:d8:6d:84:ce:ad:5f:1a:27:4b:5d:ca:03:66:38:b2:c1:70:
d7:45:83:43:b0:7f:ca:c0:93:dc:1e:14:ce:f9:0b:6d:91:60:
6e:3d:61:a4:eb:79:ca:e4:b6:85:e3:ed:89:b3:9e:76:d3:ca:
8f:cf:70:ab
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAYuWaD49NTAS+nH3zgnOJMEPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjMxMTAzMTgxODE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWEzN2EwMDYzY2UxN2E3MzkzNjliZGQ4NjNjMTVlNDY1YmVlNDU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhAt/ucIQYKGGIzLt4a49JfsK88yi
D81VVUH7//jayjfA4amapuI3Lnt3NL54ewgatGFy49AXyXm7xtFNg/B2G/mIzPpx
cD93ruC0qKnGIeRXNf1XuZt4hX4Bg7KAmxlUxHhkR3G10VKM7C5P+p1/frKE4reH
90Lpx1yyYJ2iQEeNxC7zRJX6BRiqKV1bqmhHyJ3okhIl4/IZKzVNVaVmC2X75Kt6
sI60ydDXG9Hvp6np60FrJysocA0ZMDU7rYt9uqxWC5OfiM+UNd2rPrVuOZ55d+1y
5Dh+od6keKYDPGhVTq1DX1mRtXDO32Tti34Lqp7wkoIpVfzkoLxnyDlzzQIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFGWjegBjzhenOTab3YY8FeRlvuRZMB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvWmFONkFHUE9GNmM1TnB2ZGhqd1Y1R1ctNUZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAyBAIAATAsAwQALiaBMAwD
BAAuJoMDBAMuJoADBAAuJowDBAMuJpADBAXUEEADBAXUUAAwDQQCAAIwBwMFAyoA
fYAwDQYJKoZIhvcNAQELBQADggEBAKf78gmImrDQ7Mwqe6GfBYSUydgWBOd/AJ41
f7t/qZPYKuBE1PtuwAANzDz/w5aRimGnwMsMeqIsz3LfD444kfINjgrnzgngW41Y
6lTp3m9qAUNil+f5N5+821c80z9aZ3JaHQ7MXVFhAGXNDjyfKHF/OkUFo+RCKyan
1c2sR2RY4OojoJun4dTtIaPzr15dD9opA9tBAmezm3GfiegWb/UueQ/7r/RiDI5Z
ut+6zwCaoFKwwt3J6AqNGcKYYHe6FBxBvS6DafnYbYTOrV8aJ0tdygNmOLLBcNdF
g0Owf8rAk9weFM75C22RYG49YaTrecrktoXj7YmznnbTyo/PcKs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:24 2024 by rpki-client on console-fra.rpki-client.org