Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/qfE-BoOEHZcy7bdj2w7C5WZoYqI.roa
File: qfE-BoOEHZcy7bdj2w7C5WZoYqI.roa (raw, json)
Hash identifier: imLHaUZfUxTQ6r/Don2i46Inh5k1kaadraX3dnKXI/I=
Subject key identifier: A9:F1:3E:06:83:84:1D:97:32:ED:B7:63:DB:0E:C2:E5:66:68:62:A2
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 019198F1B36C4610F54BD06F0BDB65CC4F58
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/qfE-BoOEHZcy7bdj2w7C5WZoYqI.roa
Signing time: Wed 28 Aug 2024 12:24:22 +0000
ROA not before: Wed 28 Aug 2024 12:24:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34918
IP address blocks: 46.38.137.0/24 maxlen: 24
46.38.139.0/24 maxlen: 24
109.94.164.0/24 maxlen: 24
185.29.222.0/24 maxlen: 24
212.80.9.0/24 maxlen: 24
212.80.11.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 16 Sep 2024 07:06:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:98:f1:b3:6c:46:10:f5:4b:d0:6f:0b:db:65:cc:4f:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Aug 28 12:24:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a9f13e0683841d9732edb763db0ec2e5666862a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:84:21:14:96:01:fb:1e:94:36:e5:de:04:2b:
15:e4:a2:76:4f:1b:6b:3d:65:f0:2e:67:ca:99:bb:
cb:53:e5:2a:b1:8d:ff:ad:62:4c:82:0f:e7:f2:e6:
7c:59:42:dc:52:74:29:e1:44:52:43:2e:6d:9c:1b:
5e:f5:25:9c:5f:cb:5a:d8:4d:48:7d:69:43:32:59:
52:8e:50:77:69:ed:4e:34:80:73:61:47:b9:32:06:
5e:3d:6a:93:a0:29:ca:06:0d:f4:02:2a:3e:11:2f:
21:36:30:56:0d:f6:95:ce:da:6d:cd:25:b9:6b:6f:
3e:d0:f3:75:4f:7e:0e:9d:6d:d6:7b:8f:1f:16:e1:
70:2a:e5:8c:20:b0:b0:61:ee:76:34:79:21:96:59:
6f:99:45:b2:a6:82:75:b4:98:c4:0a:f5:df:4c:49:
3c:e1:cc:49:cd:a0:62:7d:45:68:46:4f:1b:d8:9f:
da:67:9f:82:89:0e:bd:bd:9a:28:1d:e3:64:06:f0:
28:0a:65:8a:50:2e:d4:b3:e1:ea:8c:17:e2:e6:b2:
d3:28:b0:af:36:97:87:ed:b3:10:46:76:c1:3c:38:
94:88:32:c4:06:67:d6:e9:19:8f:5d:85:09:6d:a6:
ca:3e:7a:bd:83:6d:50:0f:58:3b:b1:f5:38:e5:92:
a0:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:F1:3E:06:83:84:1D:97:32:ED:B7:63:DB:0E:C2:E5:66:68:62:A2
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/qfE-BoOEHZcy7bdj2w7C5WZoYqI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.38.137.0/24
46.38.139.0/24
109.94.164.0/24
185.29.222.0/24
212.80.9.0/24
212.80.11.0/24
Signature Algorithm: sha256WithRSAEncryption
86:66:aa:94:44:99:d3:ed:b3:13:97:6b:7b:89:8e:e3:3c:1f:
0f:08:fd:b4:c4:b2:c5:3c:fe:ab:2f:4a:22:8c:9a:2a:a0:c6:
11:77:c6:16:95:24:4e:28:a3:2a:57:b7:b1:3b:b7:9f:58:7f:
22:e0:f2:d5:9d:78:4a:a2:60:0d:3c:b6:e1:95:7d:1b:f3:56:
b1:4c:32:41:ca:a7:94:49:cc:04:1f:69:18:0a:34:ae:b5:1e:
15:94:18:f8:6f:4d:7d:f5:f0:99:10:12:b6:f3:01:de:02:d4:
78:59:38:56:c3:d6:b5:65:a1:4f:57:9b:77:2d:21:85:5a:70:
15:78:74:24:c1:88:40:1c:e6:51:a6:ec:d6:3d:e4:f3:b0:04:
f2:8e:cb:df:26:95:90:b4:95:77:a2:d9:74:a5:8e:8c:99:50:
57:57:a9:75:bb:36:34:26:b9:8a:7c:a7:46:5a:82:fa:b3:9b:
a1:60:37:38:72:ca:c0:68:2f:81:a2:18:53:34:79:29:64:54:
da:8d:d9:f6:d6:18:d2:f2:54:ec:e6:f2:ac:7f:f0:cf:2c:cf:
64:3a:1b:aa:21:13:4e:ab:3c:41:59:69:c5:06:af:8d:17:05:
43:b3:f0:e0:6b:42:20:f9:49:5d:52:78:89:5a:cd:31:66:6a:
f5:08:27:b6
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZGY8bNsRhD1S9BvC9tlzE9YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjQwODI4MTIyNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWYxM2UwNjgzODQxZDk3MzJlZGI3NjNkYjBlYzJlNTY2Njg2MmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz4QhFJYB+x6UNuXeBCsV5KJ2Txtr
PWXwLmfKmbvLU+UqsY3/rWJMgg/n8uZ8WULcUnQp4URSQy5tnBte9SWcX8ta2E1I
fWlDMllSjlB3ae1ONIBzYUe5MgZePWqToCnKBg30Aio+ES8hNjBWDfaVztptzSW5
a28+0PN1T34OnW3We48fFuFwKuWMILCwYe52NHkhlllvmUWypoJ1tJjECvXfTEk8
4cxJzaBifUVoRk8b2J/aZ5+CiQ69vZooHeNkBvAoCmWKUC7Us+HqjBfi5rLTKLCv
NpeH7bMQRnbBPDiUiDLEBmfW6RmPXYUJbabKPnq9g21QD1g7sfU45ZKgaQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFKnxPgaDhB2XMu23Y9sOwuVmaGKiMB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvcWZFLUJvT0VIWmN5N2JkajJ3N0M1V1pvWXFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALiaJAwQA
LiaLAwQAbV6kAwQAuR3eAwQA1FAJAwQA1FALMA0GCSqGSIb3DQEBCwUAA4IBAQCG
ZqqURJnT7bMTl2t7iY7jPB8PCP20xLLFPP6rL0oijJoqoMYRd8YWlSROKKMqV7ex
O7efWH8i4PLVnXhKomANPLbhlX0b81axTDJByqeUScwEH2kYCjSutR4VlBj4b019
9fCZEBK28wHeAtR4WThWw9a1ZaFPV5t3LSGFWnAVeHQkwYhAHOZRpuzWPeTzsATy
jsvfJpWQtJV3otl0pY6MmVBXV6l1uzY0JrmKfKdGWoL6s5uhYDc4csrAaC+BohhT
NHkpZFTajdn21hjS8lTs5vKsf/DPLM9kOhuqIRNOqzxBWWnFBq+NFwVDs/Dga0Ig
+UldUniJWs0xZmr1CCe2
-----END CERTIFICATE-----
Generated at Mon Sep 16 09:12:51 2024 by rpki-client on console-fra.rpki-client.org