Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/ddwUo3tm67OD7OyRLj4mQMFopz4.roa
File: ddwUo3tm67OD7OyRLj4mQMFopz4.roa (raw, json)
Hash identifier: wTDKK31W4f4sWOvr570BJrJHve32ATYyDyFQ3QGnmPA=
Subject key identifier: 75:DC:14:A3:7B:66:EB:B3:83:EC:EC:91:2E:3E:26:40:C1:68:A7:3E
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 018C6DFEAB0849C16178787C090378BA9DEA
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/ddwUo3tm67OD7OyRLj4mQMFopz4.roa
Signing time: Fri 15 Dec 2023 15:00:55 +0000
ROA not before: Fri 15 Dec 2023 15:00:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 46.38.136.0/22 maxlen: 22
212.16.94.0/24 maxlen: 24
212.80.20.0/22 maxlen: 24
46.38.132.0/22 maxlen: 22
46.38.130.0/24 maxlen: 24
46.38.128.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 20 Dec 2023 16:25:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:6d:fe:ab:08:49:c1:61:78:78:7c:09:03:78:ba:9d:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Dec 15 15:00:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=75dc14a37b66ebb383ecec912e3e2640c168a73e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:75:66:5d:37:4f:97:29:bd:8a:77:f4:53:39:
bc:a0:35:0c:19:44:02:87:45:ea:a9:97:eb:c5:50:
23:9b:90:ab:ab:84:ad:ea:8d:f6:65:23:fd:3a:32:
fb:e3:77:e0:ef:11:75:e7:8b:c7:a7:9f:21:3e:97:
fa:24:6c:31:7d:63:13:fd:de:2b:42:aa:05:a5:13:
1e:1c:87:bf:7c:b4:47:f7:af:9f:34:b1:5e:be:31:
3c:da:d0:cd:88:e9:5d:6e:a7:ea:74:78:74:49:e6:
55:4f:c6:5b:13:df:8a:e6:89:23:a9:4c:97:5e:91:
aa:83:a3:3e:4a:3a:75:60:47:2f:29:db:f9:c7:6b:
77:ec:e3:70:aa:21:42:27:0b:d2:45:22:f4:16:ef:
b7:b5:f5:9f:12:97:a7:b9:40:ab:7b:01:03:4a:4e:
2e:1b:91:9d:26:c4:bc:48:9f:2d:bd:73:3a:b5:e5:
92:7d:c9:d5:64:e6:a7:dc:3a:6d:1b:b2:2d:94:c9:
68:80:7e:c2:6b:22:e9:fd:6e:18:e6:f2:b9:bb:01:
60:de:b3:f7:a4:78:e2:9c:34:84:2d:a7:04:c9:28:
c0:b1:c4:a1:ef:f2:3a:06:f6:4c:51:e9:a6:51:87:
35:37:c0:78:c1:e1:72:f6:20:c0:a7:c1:0d:ea:4a:
11:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:DC:14:A3:7B:66:EB:B3:83:EC:EC:91:2E:3E:26:40:C1:68:A7:3E
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/ddwUo3tm67OD7OyRLj4mQMFopz4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.38.128.0/24
46.38.130.0/24
46.38.132.0-46.38.139.255
212.16.94.0/24
212.80.20.0/22
Signature Algorithm: sha256WithRSAEncryption
16:47:6f:6c:ce:a0:9b:71:92:d1:a2:2b:c6:f8:97:ca:59:be:
10:84:56:53:79:9f:9e:bf:c1:13:e4:04:5f:dd:45:12:8d:f0:
f3:bf:d2:a3:1d:af:aa:37:18:e1:af:e7:9c:f6:c5:97:29:5d:
79:cb:c9:79:17:7b:fb:20:36:85:9d:b0:6b:7f:b3:66:31:e8:
61:41:82:7f:4b:fa:2c:f3:fd:cb:b1:5f:a3:ce:b3:0b:e2:a5:
03:cd:3d:a5:28:60:82:3d:20:ea:f0:ca:05:8e:f9:4d:10:7d:
95:99:9d:b0:75:b3:15:19:cf:2e:5c:d8:6b:f3:38:e0:bd:b7:
e3:07:b4:25:48:1f:b4:85:d6:fb:28:c5:23:cc:2e:f3:2d:e2:
08:55:77:d6:7d:62:fd:69:e7:d1:ec:a8:6c:64:a9:15:7d:fb:
06:1a:f3:5e:76:ba:bb:55:07:3f:55:37:30:f0:60:26:80:e6:
df:63:a1:6a:38:f8:6c:ff:82:72:88:ba:a6:f9:9a:4f:10:63:
ae:05:24:f4:01:80:20:4b:3b:ca:e1:31:5a:03:35:d7:94:cf:
9d:bb:9f:1e:db:eb:2c:8a:07:61:92:22:75:16:64:e7:0b:b9:
55:05:76:d3:b0:f6:64:3a:21:c5:7f:27:35:45:87:99:4d:fc:
ef:51:59:10
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYxt/qsIScFheHh8CQN4up3qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjMxMjE1MTUwMDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWRjMTRhMzdiNjZlYmIzODNlY2VjOTEyZTNlMjY0MGMxNjhhNzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhnVmXTdPlym9inf0Uzm8oDUMGUQC
h0XqqZfrxVAjm5Crq4St6o32ZSP9OjL743fg7xF154vHp58hPpf6JGwxfWMT/d4r
QqoFpRMeHIe/fLRH96+fNLFevjE82tDNiOldbqfqdHh0SeZVT8ZbE9+K5okjqUyX
XpGqg6M+Sjp1YEcvKdv5x2t37ONwqiFCJwvSRSL0Fu+3tfWfEpenuUCrewEDSk4u
G5GdJsS8SJ8tvXM6teWSfcnVZOan3DptG7ItlMlogH7CayLp/W4Y5vK5uwFg3rP3
pHjinDSELacEySjAscSh7/I6BvZMUemmUYc1N8B4weFy9iDAp8EN6koRxwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFHXcFKN7Zuuzg+zskS4+JkDBaKc+MB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvZGR3VW8zdG02N09EN095UkxqNG1RTUZvcHo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQALiaAAwQA
LiaCMAwDBAIuJoQDBAIuJogDBADUEF4DBALUUBQwDQYJKoZIhvcNAQELBQADggEB
ABZHb2zOoJtxktGiK8b4l8pZvhCEVlN5n56/wRPkBF/dRRKN8PO/0qMdr6o3GOGv
55z2xZcpXXnLyXkXe/sgNoWdsGt/s2Yx6GFBgn9L+izz/cuxX6POswvipQPNPaUo
YII9IOrwygWO+U0QfZWZnbB1sxUZzy5c2GvzOOC9t+MHtCVIH7SF1vsoxSPMLvMt
4ghVd9Z9Yv1p59HsqGxkqRV9+wYa8152urtVBz9VNzDwYCaA5t9joWo4+Gz/gnKI
uqb5mk8QY64FJPQBgCBLO8rhMVoDNdeUz527nx7b6yyKB2GSInUWZOcLuVUFdtOw
9mQ6IcV/JzVFh5lN/O9RWRA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:24 2024 by rpki-client on console-fra.rpki-client.org