Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/feeef5-c96f-4652-94e0-ed38f649e39f/1/q72lgagg6TKYFLOvc38E_3Gpw0s.roa
File: q72lgagg6TKYFLOvc38E_3Gpw0s.roa (raw, json)
Hash identifier: YkxruGRNYnfef0AccLVwLnHjJ0xYUr9akmbDFhkUjZU=
Subject key identifier: AB:BD:A5:81:A8:20:E9:32:98:14:B3:AF:73:7F:04:FF:71:A9:C3:4B
Certificate issuer: /CN=dbc8f2ff98f610fe83830d18918f4c9037272411
Certificate serial: 018B5B4A95579C6B01C25DE91533CA54AF52
Authority key identifier: DB:C8:F2:FF:98:F6:10:FE:83:83:0D:18:91:8F:4C:90:37:27:24:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/28jy_5j2EP6Dgw0YkY9MkDcnJBE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/feeef5-c96f-4652-94e0-ed38f649e39f/1/q72lgagg6TKYFLOvc38E_3Gpw0s.roa
Signing time: Mon 23 Oct 2023 06:48:16 +0000
ROA not before: Mon 23 Oct 2023 06:48:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210079
IP address blocks: 185.154.53.0/24 maxlen: 24
185.154.52.0/24 maxlen: 24
185.154.55.0/24 maxlen: 24
185.154.54.0/24 maxlen: 24
95.142.44.0/24 maxlen: 24
46.30.44.0/24 maxlen: 24
46.30.43.0/24 maxlen: 24
46.30.42.0/24 maxlen: 24
46.30.40.0/24 maxlen: 24
46.30.45.0/24 maxlen: 24
46.30.47.0/24 maxlen: 24
46.30.46.0/24 maxlen: 24
2a06:78c0:db::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 24 Oct 2023 06:08:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:5b:4a:95:57:9c:6b:01:c2:5d:e9:15:33:ca:54:af:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbc8f2ff98f610fe83830d18918f4c9037272411
Validity
Not Before: Oct 23 06:48:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=abbda581a820e9329814b3af737f04ff71a9c34b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:ae:49:6d:fb:3f:c3:9d:6e:6e:45:c0:62:34:
93:e0:98:72:a0:da:4e:dd:1c:34:f8:be:c1:89:6a:
20:84:45:d7:f5:6d:75:aa:87:e2:bd:df:d3:b8:45:
e7:29:ae:65:a8:cb:fb:b4:0a:b6:ad:cc:11:ed:75:
93:a1:1a:a3:50:aa:2b:41:65:8d:ed:1f:87:3b:81:
69:8b:72:ea:37:ae:e2:c9:41:3e:d4:01:23:98:4e:
a7:5a:16:a5:7e:6e:6d:92:e3:d7:6b:b9:d3:42:68:
e5:8b:0a:da:bd:c6:18:d0:4c:b7:80:34:f3:62:0d:
27:a1:ea:1b:86:8f:11:6e:28:ac:b2:5f:81:6a:84:
5d:03:01:fc:3b:ae:78:8e:36:d9:b3:89:e7:2f:1a:
fa:34:1c:08:3c:cc:50:d0:f1:f6:8a:cd:3b:a5:4f:
21:fa:bb:9c:b3:cd:74:af:ca:c9:cc:31:33:fb:4c:
5c:6e:b2:51:be:ae:af:19:f9:ab:33:75:41:5a:cb:
6c:26:a4:41:e9:2b:b0:48:bf:18:6c:34:0a:e3:df:
1c:d0:75:7c:b4:d3:16:19:4f:9f:9a:12:e7:69:93:
ad:a6:9d:6a:b1:a3:64:63:8a:2a:d0:45:c2:d0:05:
92:00:5b:0a:bd:06:5b:77:e2:37:d6:0a:a1:af:87:
f2:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:BD:A5:81:A8:20:E9:32:98:14:B3:AF:73:7F:04:FF:71:A9:C3:4B
X509v3 Authority Key Identifier:
keyid:DB:C8:F2:FF:98:F6:10:FE:83:83:0D:18:91:8F:4C:90:37:27:24:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/28jy_5j2EP6Dgw0YkY9MkDcnJBE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/feeef5-c96f-4652-94e0-ed38f649e39f/1/q72lgagg6TKYFLOvc38E_3Gpw0s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/feeef5-c96f-4652-94e0-ed38f649e39f/1/28jy_5j2EP6Dgw0YkY9MkDcnJBE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.30.40.0/24
46.30.42.0-46.30.47.255
95.142.44.0/24
185.154.52.0/22
IPv6:
2a06:78c0:db::/48
Signature Algorithm: sha256WithRSAEncryption
5b:d9:a1:30:b0:b2:b9:34:62:91:04:26:ff:32:84:ce:95:a8:
32:98:ab:33:09:f3:23:6a:f5:50:24:46:b4:37:9b:96:94:04:
51:fa:56:62:cf:bd:08:71:8e:84:b6:cc:36:9d:be:31:47:6b:
6b:50:b8:66:5c:ea:d8:e5:84:14:0a:22:d0:93:77:ea:a2:e6:
f9:cd:2b:d6:36:96:4c:36:d8:da:c6:e3:54:03:d8:ec:22:38:
3f:c8:3d:ff:71:76:49:48:33:27:9d:74:35:b7:08:0b:60:64:
6d:6e:83:19:c5:7c:86:d7:b5:f5:9d:7a:05:9b:5c:8b:a4:57:
9b:e8:c4:bb:01:c8:84:62:6d:5a:44:1f:a6:c2:c8:f2:56:e3:
fb:a2:d6:da:4a:2c:4a:07:a9:8c:f4:c2:ba:18:91:2c:90:e4:
86:3f:3b:15:01:5f:47:a3:37:ab:62:3f:4b:b5:34:97:1e:02:
19:00:e6:99:2a:dd:fe:eb:12:d1:da:06:8f:eb:f2:c5:35:b7:
3e:2d:e2:76:c5:02:3a:5d:77:73:d0:79:cb:4e:d2:a7:23:67:
52:3b:88:b5:f0:45:69:fb:4b:81:d7:f3:8b:90:86:7d:43:f4:
ce:25:a1:2e:71:0f:37:04:16:e1:24:d0:bc:07:f9:67:c3:41:
75:83:2e:c6
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAYtbSpVXnGsBwl3pFTPKVK9SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiYzhmMmZmOThmNjEwZmU4MzgzMGQxODkxOGY0YzkwMzcy
NzI0MTEwHhcNMjMxMDIzMDY0ODE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmJkYTU4MWE4MjBlOTMyOTgxNGIzYWY3MzdmMDRmZjcxYTljMzRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA465Jbfs/w51ubkXAYjST4JhyoNpO
3Rw0+L7BiWoghEXX9W11qofivd/TuEXnKa5lqMv7tAq2rcwR7XWToRqjUKorQWWN
7R+HO4Fpi3LqN67iyUE+1AEjmE6nWhalfm5tkuPXa7nTQmjliwravcYY0Ey3gDTz
Yg0noeobho8Rbiissl+BaoRdAwH8O654jjbZs4nnLxr6NBwIPMxQ0PH2is07pU8h
+rucs810r8rJzDEz+0xcbrJRvq6vGfmrM3VBWstsJqRB6SuwSL8YbDQK498c0HV8
tNMWGU+fmhLnaZOtpp1qsaNkY4oq0EXC0AWSAFsKvQZbd+I31gqhr4fypwIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFKu9pYGoIOkymBSzr3N/BP9xqcNLMB8GA1UdIwQY
MBaAFNvI8v+Y9hD+g4MNGJGPTJA3JyQRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjhqeV81ajJFUDZEZ3cwWWtZOU1rRGNuSkJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9mZWVlZjUtYzk2Zi00NjUyLTk0ZTAt
ZWQzOGY2NDllMzlmLzEvcTcybGdhZ2c2VEtZRkxPdmMzOEVfM0dwdzBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9mZWVlZjUtYzk2Zi00NjUyLTk0ZTAtZWQzOGY2NDllMzlm
LzEvMjhqeV81ajJFUDZEZ3cwWWtZOU1rRGNuSkJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTAmBAIAATAgAwQALh4oMAwD
BAEuHioDBAQuHiADBABfjiwDBAK5mjQwDwQCAAIwCQMHACoGeMAA2zANBgkqhkiG
9w0BAQsFAAOCAQEAW9mhMLCyuTRikQQm/zKEzpWoMpirMwnzI2r1UCRGtDeblpQE
UfpWYs+9CHGOhLbMNp2+MUdra1C4Zlzq2OWEFAoi0JN36qLm+c0r1jaWTDbY2sbj
VAPY7CI4P8g9/3F2SUgzJ510NbcIC2BkbW6DGcV8hte19Z16BZtci6RXm+jEuwHI
hGJtWkQfpsLI8lbj+6LW2kosSgepjPTCuhiRLJDkhj87FQFfR6M3q2I/S7U0lx4C
GQDmmSrd/usS0doGj+vyxTW3Pi3idsUCOl13c9B5y07SpyNnUjuItfBFaftLgdfz
i5CGfUP0ziWhLnEPNwQW4STQvAf5Z8NBdYMuxg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:03 2024 by rpki-client on console-fra.rpki-client.org