Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/qptNUpWmeIL3TqX191MuI9PPdHI.roa
File: qptNUpWmeIL3TqX191MuI9PPdHI.roa (raw, json)
Hash identifier: eAAeb6bthJZ0L0MpUJ/nlAWGhKWfZLKd2Py2DtJ/3dM=
Subject key identifier: AA:9B:4D:52:95:A6:78:82:F7:4E:A5:F5:F7:53:2E:23:D3:CF:74:72
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 01857039916F65FB08BE31F667C2F3B754ED
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/qptNUpWmeIL3TqX191MuI9PPdHI.roa
Signing time: Mon 02 Jan 2023 02:04:59 +0000
ROA not before: Mon 02 Jan 2023 02:04:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58224
IP address blocks: 212.16.78.0/24 maxlen: 24
212.16.78.0/23 maxlen: 24
212.16.80.0/24 maxlen: 24
212.16.79.0/24 maxlen: 24
212.16.85.0/24 maxlen: 24
212.16.89.0/24 maxlen: 24
212.16.87.0/24 maxlen: 24
212.16.86.0/24 maxlen: 24
212.16.86.0/23 maxlen: 24
212.16.94.0/24 maxlen: 24
212.16.93.0/24 maxlen: 24
212.16.92.0/24 maxlen: 24
212.16.92.0/23 maxlen: 24
185.29.220.0/22 maxlen: 24
212.80.0.0/24 maxlen: 24
212.80.11.0/24 maxlen: 24
212.80.10.0/24 maxlen: 24
212.80.9.0/24 maxlen: 24
212.80.8.0/24 maxlen: 24
212.80.8.0/22 maxlen: 24
212.80.7.0/24 maxlen: 24
212.80.6.0/23 maxlen: 24
212.80.6.0/24 maxlen: 24
212.80.24.0/24 maxlen: 24
212.80.23.0/24 maxlen: 24
212.80.22.0/24 maxlen: 24
212.80.21.0/24 maxlen: 24
212.80.20.0/24 maxlen: 24
212.80.20.0/22 maxlen: 24
212.80.19.0/24 maxlen: 24
212.80.18.0/24 maxlen: 24
212.80.18.0/23 maxlen: 24
212.80.29.0/24 maxlen: 24
185.143.74.0/23 maxlen: 23
185.143.72.0/23 maxlen: 23
185.143.72.0/22 maxlen: 24
185.24.148.0/22 maxlen: 24
46.38.136.0/22 maxlen: 24
46.38.144.0/21 maxlen: 24
46.38.143.0/24 maxlen: 24
46.38.142.0/24 maxlen: 24
46.38.142.0/23 maxlen: 24
46.38.141.0/24 maxlen: 24
46.38.152.0/22 maxlen: 24
46.38.158.0/24 maxlen: 24
46.38.157.0/24 maxlen: 24
46.38.156.0/24 maxlen: 24
46.38.156.0/23 maxlen: 24
46.38.132.0/22 maxlen: 24
46.38.130.0/24 maxlen: 24
46.38.128.0/24 maxlen: 24
109.94.165.0/24 maxlen: 24
109.94.164.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:39:91:6f:65:fb:08:be:31:f6:67:c2:f3:b7:54:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Jan 2 02:04:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aa9b4d5295a67882f74ea5f5f7532e23d3cf7472
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:64:44:7f:29:3d:7b:cd:84:05:40:4f:96:40:
ef:81:24:15:23:e9:f1:34:e2:c1:ad:c2:f7:87:f7:
7f:c1:1d:4a:e6:32:3b:30:20:d4:bc:ea:ad:e2:3c:
c4:72:6b:1a:b8:7d:2d:9d:b5:42:d3:bb:33:97:cb:
64:6f:f3:63:3a:c1:96:f1:9f:b5:4a:e5:3f:42:5e:
1e:cc:bc:eb:e8:99:b4:70:80:62:1d:7e:99:fa:2a:
4f:c5:12:4b:8b:bf:d3:1f:b3:6c:cf:2b:56:7c:35:
2f:c5:41:3a:bb:e8:d2:0f:88:b6:dc:5d:8a:f7:9b:
6f:94:fc:8a:c8:82:f8:ab:91:5c:b7:5d:a1:f8:5b:
2c:4a:a2:10:98:0d:7a:aa:cb:86:5a:cf:b8:9b:e9:
72:f3:75:da:9a:c8:b8:e3:93:ba:d7:63:d2:4c:71:
7b:10:64:58:fa:f9:00:89:f0:90:db:24:02:7a:1c:
28:a0:ed:4c:70:33:99:a4:a4:38:bf:05:83:6e:b2:
24:d9:33:ef:63:af:24:7a:19:a3:66:50:a4:3b:d6:
0d:ab:72:e2:da:53:bf:44:e6:b8:71:50:e5:31:11:
ba:b9:29:7e:e8:6e:88:3a:7e:2e:d9:db:bd:97:d6:
50:cc:ea:2d:d8:cd:ab:e9:7b:d5:93:83:51:ed:73:
64:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:9B:4D:52:95:A6:78:82:F7:4E:A5:F5:F7:53:2E:23:D3:CF:74:72
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/qptNUpWmeIL3TqX191MuI9PPdHI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.38.128.0/24
46.38.130.0/24
46.38.132.0-46.38.139.255
46.38.141.0-46.38.158.255
109.94.164.0/23
185.24.148.0/22
185.29.220.0/22
185.143.72.0/22
212.16.78.0-212.16.80.255
212.16.85.0-212.16.87.255
212.16.89.0/24
212.16.92.0-212.16.94.255
212.80.0.0/24
212.80.6.0-212.80.11.255
212.80.18.0-212.80.24.255
212.80.29.0/24
Signature Algorithm: sha256WithRSAEncryption
45:3d:99:4d:30:83:59:f2:01:38:22:57:23:a9:e6:6d:d4:30:
34:41:b3:5d:cb:3a:76:02:b5:e3:5f:9b:66:49:d1:b5:d1:77:
ab:6a:7f:0d:80:d7:20:49:f0:d7:ba:46:90:54:b5:36:ec:54:
b3:9e:21:51:f3:ec:fe:df:0a:4b:c3:2b:c6:2b:1d:99:e8:19:
31:04:8d:81:e2:b1:80:f1:67:65:9c:52:7b:41:c7:30:6e:71:
89:eb:83:d1:f6:12:5e:8c:ef:23:d0:a2:bc:71:60:b2:68:e7:
1b:5a:82:d4:04:12:98:89:a7:c8:f6:aa:14:8a:f4:b2:7a:88:
70:4a:ce:ea:f1:6b:a5:eb:7c:8a:5f:90:36:01:3b:41:87:67:
c4:6a:95:11:d7:e1:d6:81:8a:e2:f5:ca:71:91:00:80:f4:74:
01:1c:8a:ec:95:84:0d:d9:10:ba:29:e9:67:30:09:a7:f2:24:
76:b2:27:b2:b8:72:e9:d1:9a:a7:6c:2e:4e:2f:cc:28:f3:96:
66:f4:27:a6:77:e7:c2:68:75:44:e6:83:c6:44:8c:38:6d:13:
2a:d3:ac:f6:2b:0a:32:dd:22:a1:b7:f7:2a:f9:3c:53:30:ae:
92:62:21:52:e2:3e:78:4a:b1:d4:15:22:f4:b3:38:52:e7:c0:
71:c3:cb:d8
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAYVwOZFvZfsIvjH2Z8Lzt1TtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjMwMTAyMDIwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTliNGQ1Mjk1YTY3ODgyZjc0ZWE1ZjVmNzUzMmUyM2QzY2Y3NDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkmREfyk9e82EBUBPlkDvgSQVI+nx
NOLBrcL3h/d/wR1K5jI7MCDUvOqt4jzEcmsauH0tnbVC07szl8tkb/NjOsGW8Z+1
SuU/Ql4ezLzr6Jm0cIBiHX6Z+ipPxRJLi7/TH7NszytWfDUvxUE6u+jSD4i23F2K
95tvlPyKyIL4q5Fct12h+FssSqIQmA16qsuGWs+4m+ly83Xamsi445O612PSTHF7
EGRY+vkAifCQ2yQCehwooO1McDOZpKQ4vwWDbrIk2TPvY68kehmjZlCkO9YNq3Li
2lO/ROa4cVDlMRG6uSl+6G6IOn4u2du9l9ZQzOot2M2r6XvVk4NR7XNk/QIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFKqbTVKVpniC906l9fdTLiPTz3RyMB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvcXB0TlVwV21lSUwzVHFYMTkxTXVJOVBQZEhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG1BggrBgEFBQcBBwEB/wSBpTCBojCBnwQCAAEwgZgDBAAu
JoADBAAuJoIwDAMEAi4mhAMEAi4miDAMAwQALiaNAwQALiaeAwQBbV6kAwQCuRiU
AwQCuR3cAwQCuY9IMAwDBAHUEE4DBADUEFAwDAMEANQQVQMEA9QQUAMEANQQWTAM
AwQC1BBcAwQA1BBeAwQA1FAAMAwDBAHUUAYDBALUUAgwDAMEAdRQEgMEANRQGAME
ANRQHTANBgkqhkiG9w0BAQsFAAOCAQEART2ZTTCDWfIBOCJXI6nmbdQwNEGzXcs6
dgK141+bZknRtdF3q2p/DYDXIEnw17pGkFS1NuxUs54hUfPs/t8KS8MrxisdmegZ
MQSNgeKxgPFnZZxSe0HHMG5xieuD0fYSXozvI9CivHFgsmjnG1qC1AQSmImnyPaq
FIr0snqIcErO6vFrpet8il+QNgE7QYdnxGqVEdfh1oGK4vXKcZEAgPR0ARyK7JWE
DdkQuinpZzAJp/IkdrInsrhy6dGap2wuTi/MKPOWZvQnpnfnwmh1ROaDxkSMOG0T
KtOs9isKMt0iobf3Kvk8UzCukmIhUuI+eEqx1BUi9LM4UufAccPL2A==
-----END CERTIFICATE-----
Generated at Thu Sep 28 09:21:34 2023 by rpki-client on console-ams.rpki-client.org