Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/Zpq2CE5qzrfBC6XDRJhzJsl8ghQ.roa
File: Zpq2CE5qzrfBC6XDRJhzJsl8ghQ.roa (raw, json)
Hash identifier: lUr+s2cRHKrWY7KOBAOvgQGw02w6FdqZaEkiX26OQIM=
Subject key identifier: 66:9A:B6:08:4E:6A:CE:B7:C1:0B:A5:C3:44:98:73:26:C9:7C:82:14
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 018DAD63E60AF31C64053061387908CD84FA
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/Zpq2CE5qzrfBC6XDRJhzJsl8ghQ.roa
Signing time: Thu 15 Feb 2024 15:30:21 +0000
ROA not before: Thu 15 Feb 2024 15:30:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44889
IP address blocks: 46.38.129.0/24 maxlen: 24
46.38.131.0/24 maxlen: 24
46.38.136.0/24 maxlen: 24
46.38.137.0/24 maxlen: 24
46.38.138.0/24 maxlen: 24
46.38.139.0/24 maxlen: 24
46.38.140.0/24 maxlen: 24
46.38.144.0/23 maxlen: 23
46.38.150.0/24 maxlen: 24
46.38.152.0/22 maxlen: 22
46.38.156.0/23 maxlen: 23
109.94.164.0/24 maxlen: 24
109.94.165.0/24 maxlen: 24
185.24.148.0/24 maxlen: 24
185.24.149.0/24 maxlen: 24
185.24.150.0/24 maxlen: 24
185.24.151.0/24 maxlen: 24
185.29.220.0/24 maxlen: 24
185.29.221.0/24 maxlen: 24
185.29.222.0/24 maxlen: 24
185.29.223.0/24 maxlen: 24
185.143.73.0/24 maxlen: 24
185.143.74.0/24 maxlen: 24
185.143.75.0/24 maxlen: 24
212.16.64.0/19 maxlen: 24
212.16.71.0/24 maxlen: 24
212.16.72.0/24 maxlen: 25
212.16.78.0/24 maxlen: 24
212.16.79.0/24 maxlen: 24
212.16.86.0/23 maxlen: 23
212.16.89.0/24 maxlen: 24
212.80.0.0/19 maxlen: 24
212.80.2.0/24 maxlen: 24
212.80.29.0/24 maxlen: 24
2a00:7d80::/29 maxlen: 64
Validation: Failed, certificate revoked on Fri 16 Feb 2024 15:41:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ad:63:e6:0a:f3:1c:64:05:30:61:38:79:08:cd:84:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Feb 15 15:30:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=669ab6084e6aceb7c10ba5c344987326c97c8214
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:f9:a8:50:b2:58:1c:bc:8a:85:fe:25:5b:7c:
5d:1e:81:34:d5:10:e0:ba:46:15:8b:30:9f:fe:42:
9a:87:67:dc:cd:50:21:80:17:63:da:28:c4:6b:0e:
5a:fb:e8:60:64:b1:8a:8a:c4:5e:46:3c:ba:39:eb:
bc:dd:3d:96:37:36:31:35:85:c6:a0:11:0d:4e:da:
d7:b9:93:32:20:aa:f8:0d:65:b3:82:78:0c:84:f6:
7d:30:5c:b7:41:10:e3:1e:c4:62:72:e0:cc:bb:6d:
de:5a:0f:05:3f:95:91:c9:92:cf:17:aa:72:19:3c:
81:b2:4b:4e:05:ee:92:31:74:8d:ba:a7:06:ea:94:
6d:74:c9:19:00:95:18:0d:97:ae:e8:73:57:b3:22:
ac:b7:9f:5c:e5:0f:00:8c:d2:27:57:68:ed:75:46:
ac:8e:da:4f:fe:a3:e9:82:b1:c4:e6:d4:81:20:db:
0c:3e:e3:ca:a1:8f:2f:1a:3c:a1:7c:7b:4b:3a:1c:
f0:62:b0:43:10:f9:c3:56:2b:af:61:38:27:42:25:
73:94:8d:e4:d3:33:da:97:55:86:55:aa:97:20:32:
ef:f6:5e:c6:de:60:04:d0:ba:ac:2d:58:8e:14:b0:
81:84:55:38:a4:b2:91:ad:bf:ec:7a:a6:8c:32:f2:
a8:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:9A:B6:08:4E:6A:CE:B7:C1:0B:A5:C3:44:98:73:26:C9:7C:82:14
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/Zpq2CE5qzrfBC6XDRJhzJsl8ghQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.38.129.0/24
46.38.131.0/24
46.38.136.0-46.38.140.255
46.38.144.0/23
46.38.150.0/24
46.38.152.0-46.38.157.255
109.94.164.0/23
185.24.148.0/22
185.29.220.0/22
185.143.73.0-185.143.75.255
212.16.64.0/19
212.80.0.0/19
IPv6:
2a00:7d80::/29
Signature Algorithm: sha256WithRSAEncryption
85:74:0e:ee:f0:11:26:8c:fb:fa:7a:80:6c:c8:31:55:e7:99:
35:56:bc:51:0f:54:d2:a9:a4:b0:46:1e:db:61:92:1a:3f:c9:
cf:a7:c8:79:c7:f3:61:ab:d3:fc:15:aa:14:2c:e6:1b:d2:68:
be:2b:91:bb:0e:04:6f:84:45:1d:9c:a6:62:fb:34:23:cb:45:
a7:95:10:35:ea:4c:d2:85:c7:c2:b0:21:c1:c2:81:e2:67:0a:
1b:5b:50:b3:89:3f:f6:99:4e:d4:83:51:27:7a:8b:c1:d5:75:
f0:12:b9:71:32:b9:7a:c4:25:8a:aa:0f:15:eb:30:1c:81:6f:
8d:59:a5:ab:7d:0b:ca:eb:66:b9:0e:67:97:e5:6c:ab:6c:16:
2f:22:73:97:36:e3:77:f6:59:76:52:09:22:ac:a8:9d:26:08:
8b:ac:c6:e8:96:92:04:17:81:6f:d9:a3:31:94:d4:cf:99:57:
cc:06:8c:87:ce:df:a8:55:6f:77:b8:e4:37:ca:52:13:5e:46:
da:de:be:e4:06:cd:7a:e0:ff:e7:a5:d8:60:f3:a3:e3:2e:58:
5e:6d:8d:e7:8b:5f:6b:9d:41:f6:fc:6a:98:bc:ff:f2:6d:95:
f3:6c:25:e3:33:ee:ff:0b:c2:0c:d9:ef:1e:45:0c:0d:12:29:
e3:6b:91:e4
-----BEGIN CERTIFICATE-----
MIIFZzCCBE+gAwIBAgISAY2tY+YK8xxkBTBhOHkIzYT6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjQwMjE1MTUzMDIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjlhYjYwODRlNmFjZWI3YzEwYmE1YzM0NDk4NzMyNmM5N2M4MjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjfmoULJYHLyKhf4lW3xdHoE01RDg
ukYVizCf/kKah2fczVAhgBdj2ijEaw5a++hgZLGKisReRjy6Oeu83T2WNzYxNYXG
oBENTtrXuZMyIKr4DWWzgngMhPZ9MFy3QRDjHsRicuDMu23eWg8FP5WRyZLPF6py
GTyBsktOBe6SMXSNuqcG6pRtdMkZAJUYDZeu6HNXsyKst59c5Q8AjNInV2jtdUas
jtpP/qPpgrHE5tSBINsMPuPKoY8vGjyhfHtLOhzwYrBDEPnDViuvYTgnQiVzlI3k
0zPal1WGVaqXIDLv9l7G3mAE0LqsLViOFLCBhFU4pLKRrb/seqaMMvKoAwIDAQAB
o4ICczCCAm8wHQYDVR0OBBYEFGaatghOas63wQulw0SYcybJfIIUMB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvWnBxMkNFNXF6cmZCQzZYRFJKaHpKc2w4Z2hRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGIBggrBgEFBQcBBwEB/wR5MHcwZgQCAAEwYAMEAC4mgQME
AC4mgzAMAwQDLiaIAwQALiaMAwQBLiaQAwQALiaWMAwDBAMuJpgDBAEuJpwDBAFt
XqQDBAK5GJQDBAK5HdwwDAMEALmPSQMEArmPSAMEBdQQQAMEBdRQADANBAIAAjAH
AwUDKgB9gDANBgkqhkiG9w0BAQsFAAOCAQEAhXQO7vARJoz7+nqAbMgxVeeZNVa8
UQ9U0qmksEYe22GSGj/Jz6fIecfzYavT/BWqFCzmG9JoviuRuw4Eb4RFHZymYvs0
I8tFp5UQNepM0oXHwrAhwcKB4mcKG1tQs4k/9plO1INRJ3qLwdV18BK5cTK5esQl
iqoPFeswHIFvjVmlq30LyutmuQ5nl+Vsq2wWLyJzlzbjd/ZZdlIJIqyonSYIi6zG
6JaSBBeBb9mjMZTUz5lXzAaMh87fqFVvd7jkN8pSE15G2t6+5AbNeuD/56XYYPOj
4y5YXm2N54tfa51B9vxqmLz/8m2V82wl4zPu/wvCDNnvHkUMDRIp42uR5A==
-----END CERTIFICATE-----
Generated at Fri Feb 16 20:24:01 2024 by rpki-client on console-fra.rpki-client.org