Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/4T38UI5zYokJqvCfCiKS3mKTAaM.roa
File: 4T38UI5zYokJqvCfCiKS3mKTAaM.roa (raw, json)
Hash identifier: 479ai4IBchQDfbnTEji86+fY52tXGcy3lz0UYicPPm0=
Subject key identifier: E1:3D:FC:50:8E:73:62:89:09:AA:F0:9F:0A:22:92:DE:62:93:01:A3
Certificate issuer: /CN=89056fa9625b6c87404267c6dc219924ac160045
Certificate serial: 0191FAE74F5AD1A6286FE92A2499A0EBC2CF
Authority key identifier: 89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/4T38UI5zYokJqvCfCiKS3mKTAaM.roa
Signing time: Mon 16 Sep 2024 12:55:48 +0000
ROA not before: Mon 16 Sep 2024 12:55:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 136258
IP address blocks: 46.16.128.0/24 maxlen: 24
46.16.129.0/24 maxlen: 24
46.16.130.0/24 maxlen: 24
109.104.152.0/24 maxlen: 24
109.104.153.0/24 maxlen: 24
109.104.155.0/24 maxlen: 24
147.78.0.0/24 maxlen: 24
147.78.1.0/24 maxlen: 24
147.78.2.0/24 maxlen: 24
147.78.3.0/24 maxlen: 24
185.126.238.0/24 maxlen: 24
185.126.239.0/24 maxlen: 24
185.213.20.0/24 maxlen: 24
185.213.21.0/24 maxlen: 24
185.213.23.0/24 maxlen: 24
2a11:840:6::/48 maxlen: 48
2a11:840:7::/48 maxlen: 48
2a11:840:8::/48 maxlen: 48
2a11:840:10::/48 maxlen: 48
2a11:840:11::/48 maxlen: 48
2a11:840:12::/48 maxlen: 48
2a11:840:13::/48 maxlen: 48
2a11:840:14::/48 maxlen: 48
2a11:840:17::/48 maxlen: 48
2a11:840:18::/48 maxlen: 48
2a11:840:19::/48 maxlen: 48
2a11:840:20::/48 maxlen: 48
2a11:840:21::/48 maxlen: 48
2a11:840:22::/48 maxlen: 48
2a11:840:23::/48 maxlen: 48
2a11:840:24::/48 maxlen: 48
2a11:840:25::/48 maxlen: 48
2a11:840:26::/48 maxlen: 48
2a11:840:30::/48 maxlen: 48
2a11:840:33::/48 maxlen: 48
2a11:840:40::/48 maxlen: 48
2a11:840:41::/48 maxlen: 48
2a11:840:47::/48 maxlen: 48
2a11:840:48::/48 maxlen: 48
2a11:840:54::/48 maxlen: 48
2a11:840:57::/48 maxlen: 48
2a11:840:60::/48 maxlen: 48
2a11:840:61::/48 maxlen: 48
2a11:840:62::/48 maxlen: 48
2a11:840:63::/48 maxlen: 48
2a11:840:64::/48 maxlen: 48
2a11:840:65::/48 maxlen: 48
2a11:840:66::/48 maxlen: 48
2a11:840:67::/48 maxlen: 48
2a11:840:68::/48 maxlen: 48
2a11:840:69::/48 maxlen: 48
2a11:840:70::/48 maxlen: 48
2a11:840:71::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 25 Sep 2024 16:23:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:fa:e7:4f:5a:d1:a6:28:6f:e9:2a:24:99:a0:eb:c2:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89056fa9625b6c87404267c6dc219924ac160045
Validity
Not Before: Sep 16 12:55:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e13dfc508e73628909aaf09f0a2292de629301a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:53:66:f0:33:12:27:56:6b:8b:fe:d0:c7:39:
23:27:93:34:18:4f:c7:51:3b:36:60:2b:be:a2:92:
75:d0:7e:02:95:d7:30:3e:de:91:63:d5:fd:5b:7d:
f9:28:b3:2d:4a:9f:51:d5:2e:e6:3e:4a:a2:9c:26:
29:9a:de:3e:d8:3a:96:d1:c4:68:8f:0c:7c:20:a0:
63:39:cf:8b:31:79:cd:70:e5:f9:e7:d3:90:fa:0b:
4f:29:1d:1b:c9:b8:df:3e:ca:c9:a4:ea:0e:e2:2a:
53:c6:d9:5c:cb:68:4f:6c:f1:8e:fd:ba:b1:b1:16:
28:65:dc:61:5d:69:a6:d6:23:1e:b8:c1:40:8c:b4:
9e:c7:b2:f8:45:6e:e6:48:77:20:b4:19:41:4d:41:
31:2f:a5:ca:3a:c4:d2:f0:6c:86:dd:29:7a:c0:a5:
09:72:e2:d4:02:b2:60:38:9a:1e:d4:63:8f:7c:ce:
15:04:fc:2f:e9:97:df:e3:53:a2:fb:39:eb:3c:17:
e3:6e:eb:e9:94:25:ba:32:c5:cc:ea:ff:55:ee:74:
92:e2:bc:8a:bb:4b:30:58:b4:6a:a0:03:78:29:a3:
bb:ed:0c:ea:a6:1e:ff:03:72:bf:69:05:b4:04:6c:
2f:c7:71:0d:8f:7c:52:bf:c3:39:d1:60:64:2a:15:
4d:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:3D:FC:50:8E:73:62:89:09:AA:F0:9F:0A:22:92:DE:62:93:01:A3
X509v3 Authority Key Identifier:
keyid:89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/4T38UI5zYokJqvCfCiKS3mKTAaM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/iQVvqWJbbIdAQmfG3CGZJKwWAEU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.16.128.0-46.16.130.255
109.104.152.0/23
109.104.155.0/24
147.78.0.0/22
185.126.238.0/23
185.213.20.0/23
185.213.23.0/24
IPv6:
2a11:840:6::-2a11:840:8:ffff:ffff:ffff:ffff:ffff
2a11:840:10::-2a11:840:14:ffff:ffff:ffff:ffff:ffff
2a11:840:17::-2a11:840:19:ffff:ffff:ffff:ffff:ffff
2a11:840:20::-2a11:840:26:ffff:ffff:ffff:ffff:ffff
2a11:840:30::/48
2a11:840:33::/48
2a11:840:40::/47
2a11:840:47::-2a11:840:48:ffff:ffff:ffff:ffff:ffff
2a11:840:54::/48
2a11:840:57::/48
2a11:840:60::-2a11:840:69:ffff:ffff:ffff:ffff:ffff
2a11:840:70::/47
Signature Algorithm: sha256WithRSAEncryption
20:e6:a4:c3:39:58:06:00:70:e9:ba:1e:46:8a:54:33:a9:5a:
ad:1c:cb:97:62:a8:c8:8a:39:0b:39:e4:0d:a4:ab:19:b8:48:
32:ff:a2:9c:4c:c8:ed:31:e8:54:dd:1c:c6:45:8f:73:ae:8d:
4f:a1:c8:91:17:2a:08:17:6c:9e:7b:a1:d6:23:25:0a:72:cb:
95:59:0e:be:b4:02:3d:a5:81:75:d8:ce:ce:a0:e5:61:12:95:
fa:8c:dc:80:6a:bc:ac:8b:81:f8:51:fe:e6:79:75:b0:92:61:
a5:fd:ee:45:56:73:9b:24:21:2c:85:0d:e3:7b:53:36:2e:25:
4e:9e:8b:02:b4:af:27:7f:df:f8:07:7a:f6:34:bd:b3:e2:26:
45:6f:d1:b7:26:af:d4:4f:46:bd:63:d8:5c:d4:d0:65:ff:e3:
b0:84:92:9d:21:37:87:8c:42:75:20:33:17:ec:ec:1b:bd:22:
b5:e1:29:ec:c6:a0:8d:ad:ac:54:1a:58:f3:0e:36:26:cc:3b:
3d:38:32:a9:c0:8d:fb:42:ac:55:be:f3:6f:ce:f6:0b:c4:5d:
31:36:21:b3:86:8c:9e:d2:d4:dd:6f:4d:a2:a3:01:1b:95:15:
0e:09:57:da:a1:f2:3a:9c:3f:92:13:15:bd:43:c8:ee:ac:9f:
b8:46:c5:65
-----BEGIN CERTIFICATE-----
MIIF5TCCBM2gAwIBAgISAZH6509a0aYob+kqJJmg68LPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5MDU2ZmE5NjI1YjZjODc0MDQyNjdjNmRjMjE5OTI0YWMx
NjAwNDUwHhcNMjQwOTE2MTI1NTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTNkZmM1MDhlNzM2Mjg5MDlhYWYwOWYwYTIyOTJkZTYyOTMwMWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoFNm8DMSJ1Zri/7QxzkjJ5M0GE/H
UTs2YCu+opJ10H4CldcwPt6RY9X9W335KLMtSp9R1S7mPkqinCYpmt4+2DqW0cRo
jwx8IKBjOc+LMXnNcOX559OQ+gtPKR0bybjfPsrJpOoO4ipTxtlcy2hPbPGO/bqx
sRYoZdxhXWmm1iMeuMFAjLSex7L4RW7mSHcgtBlBTUExL6XKOsTS8GyG3Sl6wKUJ
cuLUArJgOJoe1GOPfM4VBPwv6Zff41Oi+znrPBfjbuvplCW6MsXM6v9V7nSS4ryK
u0swWLRqoAN4KaO77Qzqph7/A3K/aQW0BGwvx3ENj3xSv8M50WBkKhVNeQIDAQAB
o4IC8TCCAu0wHQYDVR0OBBYEFOE9/FCOc2KJCarwnwoikt5ikwGjMB8GA1UdIwQY
MBaAFIkFb6liW2yHQEJnxtwhmSSsFgBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQt
NTE5MjAzNzMzNTNjLzEvNFQzOFVJNXpZb2tKcXZDZkNpS1MzbUtUQWFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQtNTE5MjAzNzMzNTNj
LzEvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBBQYIKwYBBQUHAQcBAf8EgfUwgfIwOAQCAAEwMjAMAwQH
LhCAAwQALhCCAwQBbWiYAwQAbWibAwQCk04AAwQBuX7uAwQBudUUAwQAudUXMIG1
BAIAAjCBrjASAwcBKhEIQAAGAwcAKhEIQAAIMBIDBwQqEQhAABADBwAqEQhAABQw
EgMHACoRCEAAFwMHASoRCEAAGDASAwcFKhEIQAAgAwcAKhEIQAAmAwcAKhEIQAAw
AwcAKhEIQAAzAwcBKhEIQABAMBIDBwAqEQhAAEcDBwAqEQhAAEgDBwAqEQhAAFQD
BwAqEQhAAFcwEgMHBSoRCEAAYAMHASoRCEAAaAMHASoRCEAAcDANBgkqhkiG9w0B
AQsFAAOCAQEAIOakwzlYBgBw6boeRopUM6larRzLl2KoyIo5CznkDaSrGbhIMv+i
nEzI7THoVN0cxkWPc66NT6HIkRcqCBdsnnuh1iMlCnLLlVkOvrQCPaWBddjOzqDl
YRKV+ozcgGq8rIuB+FH+5nl1sJJhpf3uRVZzmyQhLIUN43tTNi4lTp6LArSvJ3/f
+Ad69jS9s+ImRW/Rtyav1E9GvWPYXNTQZf/jsISSnSE3h4xCdSAzF+zsG70iteEp
7Magja2sVBpY8w42Jsw7PTgyqcCN+0KsVb7zb872C8RdMTYhs4aMntLU3W9NoqMB
G5UVDglX2qHyOpw/khMVvUPI7qyfuEbFZQ==
-----END CERTIFICATE-----
Generated at Wed Sep 25 19:03:24 2024 by rpki-client on console-fra.rpki-client.org