Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/pDJLwwnHaqOIHCenqhgGKdyXIlM.roa
File: pDJLwwnHaqOIHCenqhgGKdyXIlM.roa (raw, json)
Hash identifier: KweQWK+eIvwjwjJAiNCoBAtwCwwsG50FxJjLCuW9/J0=
Subject key identifier: A4:32:4B:C3:09:C7:6A:A3:88:1C:27:A7:AA:18:06:29:DC:97:22:53
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 018CCE677F0CB7FBCDA00BE18D9C15B7FE07
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/pDJLwwnHaqOIHCenqhgGKdyXIlM.roa
Signing time: Wed 03 Jan 2024 08:18:58 +0000
ROA not before: Wed 03 Jan 2024 08:18:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 212.16.78.0/24 maxlen: 24
212.16.79.0/24 maxlen: 24
212.16.85.0/24 maxlen: 24
212.16.80.0/24 maxlen: 24
212.16.94.0/24 maxlen: 24
185.29.222.0/24 maxlen: 24
185.29.223.0/24 maxlen: 24
185.29.220.0/24 maxlen: 24
185.29.221.0/24 maxlen: 24
212.80.0.0/24 maxlen: 24
212.80.7.0/24 maxlen: 24
212.80.6.0/24 maxlen: 24
212.80.23.0/24 maxlen: 24
212.80.21.0/24 maxlen: 24
212.80.22.0/24 maxlen: 24
212.80.20.0/24 maxlen: 24
185.24.151.0/24 maxlen: 24
185.24.149.0/24 maxlen: 24
185.24.150.0/24 maxlen: 24
185.24.148.0/24 maxlen: 24
46.38.138.0/24 maxlen: 24
46.38.139.0/24 maxlen: 24
46.38.136.0/24 maxlen: 24
46.38.137.0/24 maxlen: 24
46.38.135.0/24 maxlen: 24
46.38.133.0/24 maxlen: 24
46.38.134.0/24 maxlen: 24
46.38.132.0/24 maxlen: 24
46.38.130.0/24 maxlen: 24
46.38.128.0/24 maxlen: 24
109.94.164.0/24 maxlen: 24
109.94.165.0/24 maxlen: 24
185.143.75.0/24 maxlen: 24
185.143.73.0/24 maxlen: 24
185.143.74.0/24 maxlen: 24
185.143.72.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 11 Jan 2024 06:19:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ce:67:7f:0c:b7:fb:cd:a0:0b:e1:8d:9c:15:b7:fe:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Jan 3 08:18:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a4324bc309c76aa3881c27a7aa180629dc972253
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:85:36:b4:9f:01:78:51:4d:59:2f:ef:ec:b6:
ad:6e:86:68:fe:f6:c8:c4:44:5b:27:bf:5d:93:bd:
80:94:b0:b3:23:87:d1:68:cf:e0:2d:4c:f2:6c:14:
72:e0:49:cc:8e:8d:4e:f4:ac:ea:bd:f1:38:aa:59:
9a:4e:c0:9b:10:08:54:3f:d4:9e:0d:f1:6c:38:a9:
5f:b0:cb:b6:20:13:8c:12:2f:e2:bc:97:fd:2b:4a:
fa:37:26:ea:45:2d:f9:a4:e7:be:5a:f5:91:54:dd:
ca:80:c8:f5:3c:c2:55:9e:8d:8e:b8:df:d5:f6:fb:
fb:13:6f:c1:70:47:ff:11:0a:57:c2:7e:8b:ab:c6:
af:76:74:e9:18:19:b9:10:aa:a9:1e:ed:61:17:22:
8f:97:ca:c1:92:8c:c7:19:67:42:db:49:c6:4e:a1:
10:2b:a2:18:3b:9c:a6:1b:a4:7c:d0:68:70:e5:09:
54:8e:3e:5e:d3:6a:a9:9e:7f:53:89:b3:77:da:ad:
0f:1f:8d:ee:1c:d1:9f:d2:e4:cd:7f:d3:68:b9:9e:
61:b0:e4:02:fb:32:3b:fb:be:f7:ac:10:89:24:4d:
27:04:bf:63:9a:cb:ed:f5:2b:fd:33:93:fc:50:2e:
52:3a:6a:4e:ef:81:c1:f6:9d:72:6b:41:aa:fe:cd:
45:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:32:4B:C3:09:C7:6A:A3:88:1C:27:A7:AA:18:06:29:DC:97:22:53
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/pDJLwwnHaqOIHCenqhgGKdyXIlM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.38.128.0/24
46.38.130.0/24
46.38.132.0-46.38.139.255
109.94.164.0/23
185.24.148.0/22
185.29.220.0/22
185.143.72.0/22
212.16.78.0-212.16.80.255
212.16.85.0/24
212.16.94.0/24
212.80.0.0/24
212.80.6.0/23
212.80.20.0/22
Signature Algorithm: sha256WithRSAEncryption
a0:54:a4:90:60:33:ae:65:75:75:8c:49:72:5e:2e:80:f1:e2:
35:bc:2f:e3:ff:ce:0d:3f:9d:e8:1b:c9:73:c0:23:71:60:07:
cf:d2:d4:ce:70:c3:6f:df:ef:91:dd:18:f8:60:00:53:b8:09:
d9:f6:d0:63:17:4a:18:4a:0e:b6:89:1a:8a:52:a4:8d:0f:23:
a2:64:2c:16:63:39:c5:0d:ca:46:2a:30:00:60:0a:0e:cb:a8:
c6:34:3e:26:53:f2:5c:48:45:86:50:2c:ab:82:f8:aa:f8:88:
d5:ae:76:d7:d1:3f:f6:ac:1f:eb:af:55:00:5e:53:5b:c8:eb:
63:d2:1c:f4:2b:ec:be:f5:da:d8:68:6c:4b:99:5f:36:23:b4:
0f:a7:1a:46:2d:c9:d6:43:25:87:e5:ed:1a:e4:0d:61:7f:2d:
86:6e:54:8e:ee:13:1a:2e:bc:02:b9:c0:f2:6b:ef:5f:a2:56:
23:1d:fa:12:75:26:a0:c0:3b:75:9e:10:af:f6:a5:41:9a:f5:
b8:7a:bd:7e:2b:71:63:5c:5a:4b:31:0c:43:c4:d4:ab:80:b2:
e8:fc:db:85:d6:d9:9d:9d:f1:e7:2e:5e:03:e8:22:d7:e4:a8:
eb:04:41:21:54:b3:fe:7c:3c:71:78:38:a3:42:62:96:31:d2:
5e:9b:1b:2d
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAYzOZ38Mt/vNoAvhjZwVt/4HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjQwMTAzMDgxODU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDMyNGJjMzA5Yzc2YWEzODgxYzI3YTdhYTE4MDYyOWRjOTcyMjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx4U2tJ8BeFFNWS/v7LatboZo/vbI
xERbJ79dk72AlLCzI4fRaM/gLUzybBRy4EnMjo1O9KzqvfE4qlmaTsCbEAhUP9Se
DfFsOKlfsMu2IBOMEi/ivJf9K0r6NybqRS35pOe+WvWRVN3KgMj1PMJVno2OuN/V
9vv7E2/BcEf/EQpXwn6Lq8avdnTpGBm5EKqpHu1hFyKPl8rBkozHGWdC20nGTqEQ
K6IYO5ymG6R80Ghw5QlUjj5e02qpnn9TibN32q0PH43uHNGf0uTNf9NouZ5hsOQC
+zI7+773rBCJJE0nBL9jmsvt9Sv9M5P8UC5SOmpO74HB9p1ya0Gq/s1F+QIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFKQyS8MJx2qjiBwnp6oYBinclyJTMB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvcERKTHd3bkhhcU9JSENlbnFoZ0dLZHlYSWxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBkBAIAATBeAwQALiaAAwQA
LiaCMAwDBAIuJoQDBAIuJogDBAFtXqQDBAK5GJQDBAK5HdwDBAK5j0gwDAMEAdQQ
TgMEANQQUAMEANQQVQMEANQQXgMEANRQAAMEAdRQBgMEAtRQFDANBgkqhkiG9w0B
AQsFAAOCAQEAoFSkkGAzrmV1dYxJcl4ugPHiNbwv4//ODT+d6BvJc8AjcWAHz9LU
znDDb9/vkd0Y+GAAU7gJ2fbQYxdKGEoOtokailKkjQ8jomQsFmM5xQ3KRiowAGAK
DsuoxjQ+JlPyXEhFhlAsq4L4qviI1a5219E/9qwf669VAF5TW8jrY9Ic9CvsvvXa
2GhsS5lfNiO0D6caRi3J1kMlh+XtGuQNYX8thm5Uju4TGi68ArnA8mvvX6JWIx36
EnUmoMA7dZ4Qr/alQZr1uHq9fitxY1xaSzEMQ8TUq4Cy6PzbhdbZnZ3x5y5eA+gi
1+So6wRBIVSz/nw8cXg4o0JiljHSXpsbLQ==
-----END CERTIFICATE-----
Generated at Thu Jan 11 09:30:57 2024 by rpki-client on console-fra.rpki-client.org