Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/iqzOACSGXv8WvVOeE0LoXB9bunc.roa
File: iqzOACSGXv8WvVOeE0LoXB9bunc.roa (raw, json)
Hash identifier: iD5Io3U19SxHwIskHDTASBWFW+4ZLoGBrPg7fBoawas=
Subject key identifier: 8A:AC:CE:00:24:86:5E:FF:16:BD:53:9E:13:42:E8:5C:1F:5B:BA:77
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 018D87CE86975A4DEC5621BC331240E099F7
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/iqzOACSGXv8WvVOeE0LoXB9bunc.roa
Signing time: Thu 08 Feb 2024 08:21:15 +0000
ROA not before: Thu 08 Feb 2024 08:21:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44889
IP address blocks: 46.38.129.0/24 maxlen: 24
46.38.131.0/24 maxlen: 24
46.38.132.0/24 maxlen: 24
46.38.133.0/24 maxlen: 24
46.38.134.0/24 maxlen: 24
46.38.135.0/24 maxlen: 24
46.38.136.0/24 maxlen: 24
46.38.137.0/24 maxlen: 24
46.38.138.0/24 maxlen: 24
46.38.139.0/24 maxlen: 24
46.38.140.0/24 maxlen: 24
46.38.144.0/21 maxlen: 21
46.38.144.0/23 maxlen: 23
46.38.150.0/24 maxlen: 24
46.38.152.0/22 maxlen: 22
46.38.156.0/23 maxlen: 23
46.38.158.0/24 maxlen: 24
109.94.164.0/24 maxlen: 24
109.94.165.0/24 maxlen: 24
185.24.148.0/24 maxlen: 24
185.24.149.0/24 maxlen: 24
185.24.150.0/24 maxlen: 24
185.24.151.0/24 maxlen: 24
185.29.220.0/24 maxlen: 24
185.29.221.0/24 maxlen: 24
185.29.222.0/24 maxlen: 24
185.29.223.0/24 maxlen: 24
185.143.72.0/24 maxlen: 24
185.143.73.0/24 maxlen: 24
185.143.74.0/24 maxlen: 24
185.143.75.0/24 maxlen: 24
212.16.64.0/19 maxlen: 24
212.16.71.0/24 maxlen: 24
212.16.72.0/24 maxlen: 25
212.16.78.0/24 maxlen: 24
212.16.79.0/24 maxlen: 24
212.16.86.0/23 maxlen: 23
212.16.89.0/24 maxlen: 24
212.16.92.0/23 maxlen: 23
212.80.0.0/19 maxlen: 24
212.80.2.0/24 maxlen: 24
212.80.6.0/24 maxlen: 24
212.80.7.0/24 maxlen: 24
212.80.29.0/24 maxlen: 24
2a00:7d80::/29 maxlen: 64
Validation: Failed, certificate revoked on Thu 08 Feb 2024 17:30:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:87:ce:86:97:5a:4d:ec:56:21:bc:33:12:40:e0:99:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Feb 8 08:21:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8aacce0024865eff16bd539e1342e85c1f5bba77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:f1:4e:e8:ed:4e:7b:a2:0e:b6:cf:ef:7c:6a:
86:5f:87:59:1c:cd:5e:ef:a7:cd:e1:3d:77:f2:a8:
07:98:55:67:d4:26:eb:0b:f0:96:10:c6:e8:d9:2b:
18:ba:00:b2:f8:6f:f1:01:23:36:07:52:44:62:70:
89:dd:27:53:97:88:3b:4e:f6:a6:dd:f9:60:9e:78:
91:f7:de:38:55:03:03:b7:ac:4f:1a:4c:b3:66:52:
a0:32:f5:73:ec:ff:e7:59:ff:3b:d5:37:86:c6:3b:
2c:49:3e:98:dc:af:d0:61:9c:49:c0:66:30:97:14:
ec:26:e5:6b:76:ea:31:33:7a:0b:6b:33:8f:41:ee:
29:07:c6:d2:96:50:18:7a:ed:f5:08:f6:5a:48:40:
ae:1e:2a:57:5f:dd:78:08:3e:91:ec:04:d0:06:ec:
15:3e:e0:a1:40:9a:97:f7:e0:68:7a:ea:1b:ab:4a:
fc:82:22:0a:bc:31:eb:3e:66:00:9b:1d:33:08:7b:
e5:c2:50:78:27:3c:78:75:73:b0:72:92:73:c1:e1:
6d:8b:eb:ef:00:42:57:d2:bf:14:dc:2b:42:cd:72:
f2:d6:5e:60:34:24:63:c9:a2:f5:74:8b:63:df:35:
83:c0:89:5d:a6:ab:7a:83:f7:48:5a:ef:31:5b:d4:
bf:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:AC:CE:00:24:86:5E:FF:16:BD:53:9E:13:42:E8:5C:1F:5B:BA:77
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/iqzOACSGXv8WvVOeE0LoXB9bunc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.38.129.0/24
46.38.131.0-46.38.140.255
46.38.144.0-46.38.158.255
109.94.164.0/23
185.24.148.0/22
185.29.220.0/22
185.143.72.0/22
212.16.64.0/19
212.80.0.0/19
IPv6:
2a00:7d80::/29
Signature Algorithm: sha256WithRSAEncryption
b5:16:7f:3e:d6:62:8d:53:3f:07:ff:f4:5a:f2:70:4e:39:c0:
74:d6:3f:e3:e9:a6:b9:c7:67:3f:4e:47:e9:cf:a8:bb:4f:f7:
62:ba:1b:1a:93:4a:03:6e:de:f8:cf:fa:cc:33:27:b6:db:b0:
4c:7a:11:99:bd:fe:30:b3:31:35:c3:bc:53:20:e3:68:b9:b5:
d0:0d:0b:6e:0c:9a:26:9d:b8:d8:c6:eb:52:72:8c:b3:ed:32:
21:82:e5:2a:b2:8d:e2:eb:0d:33:56:dd:2f:46:60:be:eb:6e:
f1:f8:df:b9:c5:bb:95:a0:cd:e4:b0:1a:08:3f:3a:18:47:54:
60:f0:bf:06:33:50:0d:da:df:c2:95:0a:10:51:c0:46:de:9a:
4f:e9:5f:31:2d:d1:e6:e6:69:d0:ab:b3:9c:d8:6a:f4:8c:75:
50:32:4a:eb:d3:d8:ac:49:bf:0e:03:79:ae:0d:2d:64:99:a3:
cb:5a:95:7f:24:bb:41:ef:a7:f8:73:c5:62:2f:57:1b:e1:22:
aa:79:b2:78:13:1c:b1:11:a8:ed:69:bd:b9:6c:da:c1:8b:5d:
31:a0:d4:cc:ee:60:05:3f:4e:2e:07:4d:10:19:f0:b5:ba:a2:
21:5b:ad:24:b3:b1:18:67:68:4f:bb:5a:8b:6d:f1:50:25:70:
0f:d7:f1:dc
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgISAY2HzoaXWk3sViG8MxJA4Jn3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjQwMjA4MDgyMTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWFjY2UwMDI0ODY1ZWZmMTZiZDUzOWUxMzQyZTg1YzFmNWJiYTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlfFO6O1Oe6IOts/vfGqGX4dZHM1e
76fN4T138qgHmFVn1CbrC/CWEMbo2SsYugCy+G/xASM2B1JEYnCJ3SdTl4g7Tvam
3flgnniR9944VQMDt6xPGkyzZlKgMvVz7P/nWf871TeGxjssST6Y3K/QYZxJwGYw
lxTsJuVrduoxM3oLazOPQe4pB8bSllAYeu31CPZaSECuHipXX914CD6R7ATQBuwV
PuChQJqX9+Boeuobq0r8giIKvDHrPmYAmx0zCHvlwlB4Jzx4dXOwcpJzweFti+vv
AEJX0r8U3CtCzXLy1l5gNCRjyaL1dItj3zWDwIldpqt6g/dIWu8xW9S/sQIDAQAB
o4ICWDCCAlQwHQYDVR0OBBYEFIqszgAkhl7/Fr1TnhNC6FwfW7p3MB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvaXF6T0FDU0dYdjhXdlZPZUUwTG9YQjlidW5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG4GCCsGAQUFBwEHAQH/BF8wXTBMBAIAATBGAwQALiaBMAwD
BAAuJoMDBAAuJowwDAMEBC4mkAMEAC4mngMEAW1epAMEArkYlAMEArkd3AMEArmP
SAMEBdQQQAMEBdRQADANBAIAAjAHAwUDKgB9gDANBgkqhkiG9w0BAQsFAAOCAQEA
tRZ/PtZijVM/B//0WvJwTjnAdNY/4+mmucdnP05H6c+ou0/3YrobGpNKA27e+M/6
zDMnttuwTHoRmb3+MLMxNcO8UyDjaLm10A0LbgyaJp242MbrUnKMs+0yIYLlKrKN
4usNM1bdL0Zgvutu8fjfucW7laDN5LAaCD86GEdUYPC/BjNQDdrfwpUKEFHARt6a
T+lfMS3R5uZp0KuznNhq9Ix1UDJK69PYrEm/DgN5rg0tZJmjy1qVfyS7Qe+n+HPF
Yi9XG+EiqnmyeBMcsRGo7Wm9uWzawYtdMaDUzO5gBT9OLgdNEBnwtbqiIVutJLOx
GGdoT7tai23xUCVwD9fx3A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:07 2024 by rpki-client on console-ams.rpki-client.org