Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/aMXMB_qsGincgEy2-D7xaqFHXVs.roa
File: aMXMB_qsGincgEy2-D7xaqFHXVs.roa (raw, json)
Hash identifier: ijBQYJZxKt9iGWA9aQnb/FKQfDWFkGWNgHjyUxJC2VQ=
Subject key identifier: 68:C5:CC:07:FA:AC:1A:29:DC:80:4C:B6:F8:3E:F1:6A:A1:47:5D:5B
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 018BC7A98495CF235A95C3DBEA2F99B829EC
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/aMXMB_qsGincgEy2-D7xaqFHXVs.roa
Signing time: Mon 13 Nov 2023 07:50:57 +0000
ROA not before: Mon 13 Nov 2023 07:50:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44889
IP address blocks: 212.16.64.0/19 maxlen: 24
212.16.71.0/24 maxlen: 24
212.16.72.0/24 maxlen: 25
212.80.0.0/19 maxlen: 24
212.80.2.0/24 maxlen: 24
212.80.20.0/23 maxlen: 23
46.38.140.0/24 maxlen: 24
46.38.144.0/21 maxlen: 21
46.38.144.0/23 maxlen: 23
46.38.150.0/24 maxlen: 24
46.38.129.0/24 maxlen: 24
46.38.131.0/24 maxlen: 24
46.38.132.0/22 maxlen: 22
2a00:7d80::/29 maxlen: 64
Validation: Failed, certificate revoked on Mon 13 Nov 2023 13:31:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:c7:a9:84:95:cf:23:5a:95:c3:db:ea:2f:99:b8:29:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Nov 13 07:50:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=68c5cc07faac1a29dc804cb6f83ef16aa1475d5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:6c:32:39:f0:c6:c0:1d:3a:3c:4e:72:ec:49:
10:0f:ab:18:c2:a8:e8:45:54:8d:86:df:3a:de:51:
8f:f7:9a:63:ad:1e:bd:71:67:f0:69:85:74:c5:27:
56:31:8a:f4:e0:7a:0d:5b:21:77:42:24:65:c2:dd:
37:41:8f:6c:23:4f:1d:0a:7c:2e:29:5a:4a:50:6f:
13:9e:48:99:88:94:ef:5b:88:f2:e4:cc:0a:ec:04:
68:52:8f:1e:9f:f4:db:7e:40:fb:01:29:ad:5c:02:
70:13:28:03:04:71:4e:bf:60:34:d7:4b:12:5b:f7:
ab:ae:d3:0d:30:f9:30:c2:ed:0a:3c:88:a0:1f:4f:
39:06:3f:96:7c:cb:3c:54:c8:41:13:00:ed:48:50:
ae:93:43:d0:60:bb:20:29:c2:3d:7a:c5:a4:41:6d:
e1:7f:d4:39:38:de:aa:37:bb:d4:1c:2c:1b:e8:84:
9d:f0:05:81:e2:2b:a7:a4:51:3b:4d:17:d9:0e:cc:
66:f4:e8:8e:14:10:eb:a2:22:95:c7:f0:06:ae:3b:
42:b5:0a:a4:9e:d4:cd:9c:7a:4c:d7:d3:09:58:39:
78:99:ee:bf:b5:e0:b2:d2:51:59:c6:99:eb:4a:11:
9e:04:3f:01:ec:03:c7:0d:e4:e2:39:0b:69:5b:3f:
d9:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:C5:CC:07:FA:AC:1A:29:DC:80:4C:B6:F8:3E:F1:6A:A1:47:5D:5B
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/aMXMB_qsGincgEy2-D7xaqFHXVs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.38.129.0/24
46.38.131.0-46.38.135.255
46.38.140.0/24
46.38.144.0/21
212.16.64.0/19
212.80.0.0/19
IPv6:
2a00:7d80::/29
Signature Algorithm: sha256WithRSAEncryption
aa:c9:93:70:a9:dd:02:61:85:7a:89:21:26:6e:c8:62:d1:e3:
16:14:61:bf:8e:15:e5:d1:df:1b:0d:44:52:ec:40:e2:24:d1:
80:dc:f1:b0:f1:9f:6c:4c:7a:38:4b:81:16:dd:10:7d:f2:77:
ec:c0:2b:06:b5:db:49:d0:cd:9c:72:43:14:f6:65:0f:a2:d0:
b5:bf:9f:c2:7e:9e:c5:b4:61:38:be:aa:ed:b6:90:95:1b:b9:
30:e5:f3:fc:24:73:97:41:8c:8b:14:f5:3e:47:25:f6:5c:5f:
e0:7e:c8:48:bc:d9:83:88:70:a5:c5:6b:ef:c3:e7:f8:ca:97:
81:52:03:ad:02:ce:1f:44:99:12:ea:e9:e1:2e:15:df:06:e7:
c9:28:74:5f:df:87:5f:7f:55:bd:63:12:f1:ca:63:3f:2c:41:
a2:b0:fd:c5:b8:86:fa:87:1f:af:f5:dc:9b:b4:67:f0:45:30:
ef:7e:ac:62:fa:b4:55:d7:39:54:1c:13:a8:e2:d2:47:31:44:
1a:0c:d2:41:39:58:5a:97:ff:0f:97:b5:bb:6b:d6:12:e2:c1:
55:32:44:bc:e8:59:0c:df:86:b3:f1:e6:72:58:81:08:bb:ef:
36:6c:9c:e1:35:b2:01:c6:bf:f6:5f:64:a8:ed:81:62:ab:f0:
cf:76:d7:58
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAYvHqYSVzyNalcPb6i+ZuCnsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjMxMTEzMDc1MDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGM1Y2MwN2ZhYWMxYTI5ZGM4MDRjYjZmODNlZjE2YWExNDc1ZDViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArmwyOfDGwB06PE5y7EkQD6sYwqjo
RVSNht863lGP95pjrR69cWfwaYV0xSdWMYr04HoNWyF3QiRlwt03QY9sI08dCnwu
KVpKUG8TnkiZiJTvW4jy5MwK7ARoUo8en/TbfkD7ASmtXAJwEygDBHFOv2A010sS
W/errtMNMPkwwu0KPIigH085Bj+WfMs8VMhBEwDtSFCuk0PQYLsgKcI9esWkQW3h
f9Q5ON6qN7vUHCwb6ISd8AWB4iunpFE7TRfZDsxm9OiOFBDroiKVx/AGrjtCtQqk
ntTNnHpM19MJWDl4me6/teCy0lFZxpnrShGeBD8B7APHDeTiOQtpWz/Z+wIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFGjFzAf6rBop3IBMtvg+8WqhR11bMB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvYU1YTUJfcXNHaW5jZ0V5Mi1EN3hhcUZIWFZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAyBAIAATAsAwQALiaBMAwD
BAAuJoMDBAMuJoADBAAuJowDBAMuJpADBAXUEEADBAXUUAAwDQQCAAIwBwMFAyoA
fYAwDQYJKoZIhvcNAQELBQADggEBAKrJk3Cp3QJhhXqJISZuyGLR4xYUYb+OFeXR
3xsNRFLsQOIk0YDc8bDxn2xMejhLgRbdEH3yd+zAKwa120nQzZxyQxT2ZQ+i0LW/
n8J+nsW0YTi+qu22kJUbuTDl8/wkc5dBjIsU9T5HJfZcX+B+yEi82YOIcKXFa+/D
5/jKl4FSA60Czh9EmRLq6eEuFd8G58kodF/fh19/Vb1jEvHKYz8sQaKw/cW4hvqH
H6/13Ju0Z/BFMO9+rGL6tFXXOVQcE6ji0kcxRBoM0kE5WFqX/w+Xtbtr1hLiwVUy
RLzoWQzfhrPx5nJYgQi77zZsnOE1sgHGv/ZfZKjtgWKr8M9211g=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:24 2024 by rpki-client on console-fra.rpki-client.org