Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/cKSUy8eHh7X2FQcpQWss_coPvbc.roa
File: cKSUy8eHh7X2FQcpQWss_coPvbc.roa (raw, json)
Hash identifier: dft79exrqbXnNO55xjXT0+Ny/36lDo8xup91tyaEkJE=
Subject key identifier: 70:A4:94:CB:C7:87:87:B5:F6:15:07:29:41:6B:2C:FD:CA:0F:BD:B7
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 019294604D52EADABD9589D9EAF4AC27FFE5
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/cKSUy8eHh7X2FQcpQWss_coPvbc.roa
Signing time: Wed 16 Oct 2024 08:09:52 +0000
ROA not before: Wed 16 Oct 2024 08:09:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204104
IP address blocks: 46.38.136.0/24 maxlen: 24
46.38.137.0/24 maxlen: 24
46.38.138.0/24 maxlen: 24
109.94.164.0/24 maxlen: 24
212.80.8.0/24 maxlen: 24
212.80.10.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 06 Nov 2024 11:07:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:94:60:4d:52:ea:da:bd:95:89:d9:ea:f4:ac:27:ff:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Oct 16 08:09:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=70a494cbc78787b5f6150729416b2cfdca0fbdb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:60:ef:11:2a:08:27:8e:c3:6d:65:45:7f:3d:
bb:63:da:9e:dc:00:8b:3c:8b:c4:24:72:05:90:ac:
66:6d:ed:4a:22:c0:4b:4f:22:55:7b:79:77:23:85:
bc:32:5e:72:08:81:cb:d8:61:15:ab:4c:eb:91:23:
14:a8:f9:43:97:6f:a9:eb:79:7c:5c:f0:5a:a1:7a:
0d:09:19:6b:b0:64:0f:23:1c:ec:74:fe:0d:a7:58:
62:1c:e3:38:da:d6:30:35:16:91:6a:bf:fc:5d:82:
08:59:7d:43:01:bd:e5:54:4a:40:2a:50:88:7c:fc:
c2:5d:be:3a:9f:aa:d6:9c:e0:78:b9:a7:0e:54:50:
71:19:7e:12:a6:ce:25:89:56:0c:4a:06:f8:9c:1e:
de:5b:5c:ba:6d:13:3f:63:55:f7:f4:b9:1e:d9:d6:
49:05:d3:b3:94:e4:48:e4:ad:f7:02:36:0c:7f:8d:
af:97:a2:3b:05:e8:a0:07:ee:81:4e:4f:e4:de:37:
fe:9c:83:93:88:c7:92:86:49:a5:fa:28:f8:ac:66:
c3:9b:28:59:14:93:70:33:f7:63:92:4a:2c:13:a2:
7f:d3:4b:0d:03:80:d5:75:95:ab:9a:10:69:70:b4:
a7:43:ea:65:c6:56:b2:11:35:d4:3f:28:e2:eb:3b:
ca:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:A4:94:CB:C7:87:87:B5:F6:15:07:29:41:6B:2C:FD:CA:0F:BD:B7
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/cKSUy8eHh7X2FQcpQWss_coPvbc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.38.136.0-46.38.138.255
109.94.164.0/24
212.80.8.0/24
212.80.10.0/24
Signature Algorithm: sha256WithRSAEncryption
73:45:19:b0:8f:6a:fb:db:8e:ce:e4:cb:82:d5:64:79:3b:a4:
80:eb:ff:cd:bc:92:d9:f6:10:ac:6a:23:9d:91:06:07:f8:ad:
19:f0:74:0e:d0:7c:26:20:b6:5d:74:72:67:be:a5:d5:83:a0:
71:cf:af:91:be:e0:a5:22:7c:58:a5:72:5e:4f:9f:9e:35:bf:
4a:65:1b:a3:34:c1:ea:6c:9e:c0:aa:60:2e:1d:88:77:4b:a6:
1d:5b:af:62:b3:a7:c6:59:50:64:d6:f6:de:cc:20:3d:28:29:
1b:51:79:5e:2b:7b:24:f2:b5:dd:9a:36:26:d6:95:6d:3a:45:
d2:cd:63:80:ee:ab:57:40:68:0a:52:cf:24:27:8c:a6:43:e7:
4f:56:b9:e1:17:5f:55:68:d7:95:4a:72:1d:9f:f0:ff:a3:48:
9f:40:3d:6c:d3:c3:5e:79:20:3a:2b:08:cc:fd:38:49:71:3c:
8e:d9:d2:d4:94:cf:cd:0a:ed:51:b2:0d:e1:81:ac:2f:c6:4a:
ce:93:7d:f4:7d:b6:55:65:43:2f:41:29:40:29:68:95:9f:e9:
bd:64:51:c6:b5:20:08:dc:0a:3a:55:2a:da:61:f2:a5:bb:bc:
8c:2d:8e:ff:9c:b8:94:70:cf:bb:f8:f0:64:73:60:91:61:04:
cb:f2:3d:38
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZKUYE1S6tq9lYnZ6vSsJ//lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjQxMDE2MDgwOTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGE0OTRjYmM3ODc4N2I1ZjYxNTA3Mjk0MTZiMmNmZGNhMGZiZGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhGDvESoIJ47DbWVFfz27Y9qe3ACL
PIvEJHIFkKxmbe1KIsBLTyJVe3l3I4W8Ml5yCIHL2GEVq0zrkSMUqPlDl2+p63l8
XPBaoXoNCRlrsGQPIxzsdP4Np1hiHOM42tYwNRaRar/8XYIIWX1DAb3lVEpAKlCI
fPzCXb46n6rWnOB4uacOVFBxGX4Sps4liVYMSgb4nB7eW1y6bRM/Y1X39Lke2dZJ
BdOzlORI5K33AjYMf42vl6I7BeigB+6BTk/k3jf+nIOTiMeShkml+ij4rGbDmyhZ
FJNwM/djkkosE6J/00sNA4DVdZWrmhBpcLSnQ+plxlayETXUPyji6zvKLQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFHCklMvHh4e19hUHKUFrLP3KD723MB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvY0tTVXk4ZUhoN1gyRlFjcFFXc3NfY29QdmJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBAMuJogD
BAAuJooDBABtXqQDBADUUAgDBADUUAowDQYJKoZIhvcNAQELBQADggEBAHNFGbCP
avvbjs7ky4LVZHk7pIDr/828ktn2EKxqI52RBgf4rRnwdA7QfCYgtl10cme+pdWD
oHHPr5G+4KUifFilcl5Pn541v0plG6M0wepsnsCqYC4diHdLph1br2Kzp8ZZUGTW
9t7MID0oKRtReV4reyTytd2aNibWlW06RdLNY4Duq1dAaApSzyQnjKZD509WueEX
X1Vo15VKch2f8P+jSJ9APWzTw155IDorCMz9OElxPI7Z0tSUz80K7VGyDeGBrC/G
Ss6TffR9tlVlQy9BKUApaJWf6b1kUca1IAjcCjpVKtph8qW7vIwtjv+cuJRwz7v4
8GRzYJFhBMvyPTg=
-----END CERTIFICATE-----
Generated at Wed Nov 6 15:16:07 2024 by rpki-client on console-fra.rpki-client.org