Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/cw6oBeltJcoIpq-Wl2baUuIeGFA.roa
File: cw6oBeltJcoIpq-Wl2baUuIeGFA.roa (raw, json)
Hash identifier: gmTcnV4PMd7Xgn7S83t6iES7GTG93MR7WP1+SfT/kFk=
Subject key identifier: 73:0E:A8:05:E9:6D:25:CA:08:A6:AF:96:97:66:DA:52:E2:1E:18:50
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 018DA26766809F1919658118097E445F1D92
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/cw6oBeltJcoIpq-Wl2baUuIeGFA.roa
Signing time: Tue 13 Feb 2024 12:18:21 +0000
ROA not before: Tue 13 Feb 2024 12:18:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44889
IP address blocks: 46.38.129.0/24 maxlen: 24
46.38.131.0/24 maxlen: 24
46.38.132.0/24 maxlen: 24
46.38.133.0/24 maxlen: 24
46.38.134.0/24 maxlen: 24
46.38.135.0/24 maxlen: 24
46.38.136.0/24 maxlen: 24
46.38.137.0/24 maxlen: 24
46.38.138.0/24 maxlen: 24
46.38.139.0/24 maxlen: 24
46.38.140.0/24 maxlen: 24
46.38.144.0/21 maxlen: 21
46.38.144.0/23 maxlen: 23
46.38.150.0/24 maxlen: 24
46.38.152.0/22 maxlen: 22
46.38.156.0/23 maxlen: 23
109.94.164.0/24 maxlen: 24
109.94.165.0/24 maxlen: 24
185.24.148.0/24 maxlen: 24
185.24.149.0/24 maxlen: 24
185.24.150.0/24 maxlen: 24
185.24.151.0/24 maxlen: 24
185.29.220.0/24 maxlen: 24
185.29.221.0/24 maxlen: 24
185.29.222.0/24 maxlen: 24
185.29.223.0/24 maxlen: 24
185.143.72.0/24 maxlen: 24
185.143.73.0/24 maxlen: 24
185.143.74.0/24 maxlen: 24
185.143.75.0/24 maxlen: 24
212.16.64.0/19 maxlen: 24
212.16.71.0/24 maxlen: 24
212.16.72.0/24 maxlen: 25
212.16.78.0/24 maxlen: 24
212.16.79.0/24 maxlen: 24
212.16.86.0/23 maxlen: 23
212.16.89.0/24 maxlen: 24
212.80.0.0/19 maxlen: 24
212.80.2.0/24 maxlen: 24
212.80.6.0/24 maxlen: 24
212.80.7.0/24 maxlen: 24
212.80.29.0/24 maxlen: 24
2a00:7d80::/29 maxlen: 64
Validation: Failed, certificate revoked on Wed 14 Feb 2024 09:38:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a2:67:66:80:9f:19:19:65:81:18:09:7e:44:5f:1d:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Feb 13 12:18:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=730ea805e96d25ca08a6af969766da52e21e1850
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:aa:43:af:bd:1c:02:a6:dc:f6:65:3f:40:cb:
b9:0d:68:ea:a2:80:12:98:67:9e:58:e3:ba:47:7b:
6c:68:15:22:61:28:50:14:75:33:79:81:1f:c7:9f:
5a:71:bd:f0:49:dd:6c:fc:3d:65:09:fb:6c:28:0d:
b8:b7:5e:e2:c5:d4:7a:88:f2:2b:89:50:22:4a:1a:
d1:46:dc:51:17:91:26:82:d7:b0:c4:c3:ba:55:99:
13:9d:03:ec:ad:23:37:64:4d:d5:e3:de:17:3b:f7:
21:11:62:30:c3:20:bd:a5:84:ac:52:05:ec:00:c7:
14:e5:08:ac:71:71:40:07:8f:73:c1:32:9f:87:5a:
a7:fd:94:92:00:6e:10:88:33:86:a7:1f:7b:20:b8:
ae:3d:21:d1:44:16:fb:5f:1f:46:95:84:50:b4:55:
e1:f0:8c:a0:34:2f:27:ba:19:d0:ea:d2:7e:b7:e0:
2e:64:d1:a4:a2:0f:11:be:e3:43:11:71:cb:c0:02:
8a:76:43:97:9d:9a:5d:02:5d:47:1d:c3:3a:9e:ea:
3e:b6:97:25:cb:99:2a:bd:bc:38:3f:33:34:8c:c6:
66:6c:bd:90:6a:36:ed:00:44:ae:e8:64:2b:16:ff:
2b:bf:f3:18:28:96:a0:27:33:e5:1e:bc:dc:60:89:
82:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:0E:A8:05:E9:6D:25:CA:08:A6:AF:96:97:66:DA:52:E2:1E:18:50
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/cw6oBeltJcoIpq-Wl2baUuIeGFA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.38.129.0/24
46.38.131.0-46.38.140.255
46.38.144.0-46.38.157.255
109.94.164.0/23
185.24.148.0/22
185.29.220.0/22
185.143.72.0/22
212.16.64.0/19
212.80.0.0/19
IPv6:
2a00:7d80::/29
Signature Algorithm: sha256WithRSAEncryption
04:ed:30:38:64:2a:e0:b1:46:fa:95:59:6e:37:b9:b2:d5:47:
cc:21:d2:e9:00:f5:eb:6d:2b:ed:3c:1b:97:f8:ac:54:bc:e1:
80:d9:2a:25:3b:49:24:54:12:ee:51:f7:3a:19:41:d1:e7:e9:
a4:b6:10:d7:6e:a8:29:63:3e:c1:2d:d5:7a:67:a0:71:57:0f:
11:7b:93:06:6c:1d:ba:d3:a4:9b:47:68:06:7d:86:c0:5b:a5:
46:5c:bf:9a:d4:7b:dd:53:3a:fd:e4:3a:9d:a2:2e:ad:70:e3:
fc:f7:45:a8:d5:11:4a:cf:c8:30:82:d9:76:6d:73:b5:91:2a:
cd:8b:d3:40:2c:61:5d:46:ea:51:85:b1:da:6c:43:2d:7a:62:
e3:2f:cf:ea:66:3b:b8:69:cc:51:e5:2c:4e:48:87:a9:84:5d:
7b:d2:19:4c:e5:e6:00:3a:03:86:bc:d9:0a:65:2a:b8:ff:6a:
80:f0:bf:77:09:97:04:80:64:ec:7c:9a:d4:3c:4b:9e:32:11:
5b:30:8a:0b:e1:13:f0:62:22:2a:45:b1:bc:52:3a:61:2e:f8:
1a:49:79:29:9e:60:9f:3b:65:d6:d2:b2:6d:72:79:b2:ab:c2:
5c:13:eb:79:11:a4:05:b6:4a:75:76:21:f0:d1:fa:ee:a9:66:
52:4b:03:cc
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgISAY2iZ2aAnxkZZYEYCX5EXx2SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjQwMjEzMTIxODIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzBlYTgwNWU5NmQyNWNhMDhhNmFmOTY5NzY2ZGE1MmUyMWUxODUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgKpDr70cAqbc9mU/QMu5DWjqooAS
mGeeWOO6R3tsaBUiYShQFHUzeYEfx59acb3wSd1s/D1lCftsKA24t17ixdR6iPIr
iVAiShrRRtxRF5EmgtewxMO6VZkTnQPsrSM3ZE3V494XO/chEWIwwyC9pYSsUgXs
AMcU5QiscXFAB49zwTKfh1qn/ZSSAG4QiDOGpx97ILiuPSHRRBb7Xx9GlYRQtFXh
8IygNC8nuhnQ6tJ+t+AuZNGkog8RvuNDEXHLwAKKdkOXnZpdAl1HHcM6nuo+tpcl
y5kqvbw4PzM0jMZmbL2QajbtAESu6GQrFv8rv/MYKJagJzPlHrzcYImCEQIDAQAB
o4ICWDCCAlQwHQYDVR0OBBYEFHMOqAXpbSXKCKavlpdm2lLiHhhQMB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvY3c2b0JlbHRKY29JcHEtV2wyYmFVdUllR0ZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG4GCCsGAQUFBwEHAQH/BF8wXTBMBAIAATBGAwQALiaBMAwD
BAAuJoMDBAAuJowwDAMEBC4mkAMEAS4mnAMEAW1epAMEArkYlAMEArkd3AMEArmP
SAMEBdQQQAMEBdRQADANBAIAAjAHAwUDKgB9gDANBgkqhkiG9w0BAQsFAAOCAQEA
BO0wOGQq4LFG+pVZbje5stVHzCHS6QD1620r7Twbl/isVLzhgNkqJTtJJFQS7lH3
OhlB0efppLYQ126oKWM+wS3VemegcVcPEXuTBmwdutOkm0doBn2GwFulRly/mtR7
3VM6/eQ6naIurXDj/PdFqNURSs/IMILZdm1ztZEqzYvTQCxhXUbqUYWx2mxDLXpi
4y/P6mY7uGnMUeUsTkiHqYRde9IZTOXmADoDhrzZCmUquP9qgPC/dwmXBIBk7Hya
1DxLnjIRWzCKC+ET8GIiKkWxvFI6YS74Gkl5KZ5gnztl1tKybXJ5sqvCXBPreRGk
BbZKdXYh8NH67qlmUksDzA==
-----END CERTIFICATE-----
Generated at Wed Feb 14 12:16:43 2024 by rpki-client on console-fra.rpki-client.org