Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/dX6rJhvdkTiVTP3HEsKCDAGJ1GE.roa
File: dX6rJhvdkTiVTP3HEsKCDAGJ1GE.roa (raw, json)
Hash identifier: x17Zw7BV47ORe7rv4uxejbSYCf2zwJHhosRtS2UOmXo=
Subject key identifier: 75:7E:AB:26:1B:DD:91:38:95:4C:FD:C7:12:C2:82:0C:01:89:D4:61
Certificate issuer: /CN=89056fa9625b6c87404267c6dc219924ac160045
Certificate serial: 0191A493E9C43A2FD5370555252F763987BA
Authority key identifier: 89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/dX6rJhvdkTiVTP3HEsKCDAGJ1GE.roa
Signing time: Fri 30 Aug 2024 18:37:22 +0000
ROA not before: Fri 30 Aug 2024 18:37:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 136258
IP address blocks: 46.16.128.0/24 maxlen: 24
46.16.129.0/24 maxlen: 24
46.16.130.0/24 maxlen: 24
109.104.152.0/24 maxlen: 24
109.104.153.0/24 maxlen: 24
109.104.155.0/24 maxlen: 24
147.78.0.0/24 maxlen: 24
147.78.1.0/24 maxlen: 24
147.78.2.0/24 maxlen: 24
147.78.3.0/24 maxlen: 24
185.126.238.0/24 maxlen: 24
185.126.239.0/24 maxlen: 24
185.213.23.0/24 maxlen: 24
2a11:840:6::/48 maxlen: 48
2a11:840:7::/48 maxlen: 48
2a11:840:8::/48 maxlen: 48
2a11:840:10::/48 maxlen: 48
2a11:840:11::/48 maxlen: 48
2a11:840:12::/48 maxlen: 48
2a11:840:13::/48 maxlen: 48
2a11:840:14::/48 maxlen: 48
2a11:840:17::/48 maxlen: 48
2a11:840:18::/48 maxlen: 48
2a11:840:19::/48 maxlen: 48
2a11:840:20::/48 maxlen: 48
2a11:840:21::/48 maxlen: 48
2a11:840:22::/48 maxlen: 48
2a11:840:23::/48 maxlen: 48
2a11:840:24::/48 maxlen: 48
2a11:840:25::/48 maxlen: 48
2a11:840:26::/48 maxlen: 48
2a11:840:30::/48 maxlen: 48
2a11:840:33::/48 maxlen: 48
2a11:840:40::/48 maxlen: 48
2a11:840:41::/48 maxlen: 48
2a11:840:47::/48 maxlen: 48
2a11:840:48::/48 maxlen: 48
2a11:840:54::/48 maxlen: 48
2a11:840:60::/48 maxlen: 48
2a11:840:61::/48 maxlen: 48
2a11:840:62::/48 maxlen: 48
2a11:840:63::/48 maxlen: 48
2a11:840:64::/48 maxlen: 48
2a11:840:65::/48 maxlen: 48
2a11:840:66::/48 maxlen: 48
2a11:840:67::/48 maxlen: 48
2a11:840:68::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 09 Sep 2024 12:37:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:a4:93:e9:c4:3a:2f:d5:37:05:55:25:2f:76:39:87:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89056fa9625b6c87404267c6dc219924ac160045
Validity
Not Before: Aug 30 18:37:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=757eab261bdd9138954cfdc712c2820c0189d461
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:e5:5f:c2:42:3f:9f:03:f3:ea:58:67:fd:49:
3b:50:45:23:5a:cf:d4:4a:e7:44:b5:f8:eb:35:8d:
7e:26:eb:6c:67:20:ca:6b:cd:76:b1:77:45:c1:26:
01:de:4d:27:ac:48:e6:d8:b3:60:8f:bc:9a:6e:bf:
01:39:23:b8:3c:c8:49:08:7b:9c:56:7f:7e:6c:71:
92:ad:6b:60:c1:45:97:28:48:b1:42:4d:3a:d0:ba:
ec:2b:ba:e3:9e:42:9b:5e:d9:dc:8e:05:7c:d7:a3:
fe:e2:dc:be:5b:e1:18:17:0a:3f:9a:0e:9d:61:75:
1f:16:8b:1e:cd:4b:79:19:bc:74:c3:5d:49:4f:89:
c4:4b:4b:96:ef:a4:78:d4:bd:bb:c0:ad:4c:78:1c:
8b:55:27:68:0a:d5:4c:52:67:b1:e7:2f:46:24:19:
73:58:7b:b0:ee:d2:56:8c:18:1f:c7:cd:8d:1a:30:
0b:fb:d2:a3:93:d3:b0:f0:57:ad:8f:bb:85:f0:d7:
ec:0f:b4:a2:03:36:5a:27:50:e8:34:3d:90:74:21:
f4:5e:1d:a1:9a:81:28:91:ec:6b:81:35:ba:d6:34:
5b:f6:4d:aa:b7:08:d3:dc:51:2e:d9:2e:c7:95:ca:
f8:cc:f8:69:be:95:48:eb:c7:32:08:c8:d0:d5:00:
90:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:7E:AB:26:1B:DD:91:38:95:4C:FD:C7:12:C2:82:0C:01:89:D4:61
X509v3 Authority Key Identifier:
keyid:89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/dX6rJhvdkTiVTP3HEsKCDAGJ1GE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/iQVvqWJbbIdAQmfG3CGZJKwWAEU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.16.128.0-46.16.130.255
109.104.152.0/23
109.104.155.0/24
147.78.0.0/22
185.126.238.0/23
185.213.23.0/24
IPv6:
2a11:840:6::-2a11:840:8:ffff:ffff:ffff:ffff:ffff
2a11:840:10::-2a11:840:14:ffff:ffff:ffff:ffff:ffff
2a11:840:17::-2a11:840:19:ffff:ffff:ffff:ffff:ffff
2a11:840:20::-2a11:840:26:ffff:ffff:ffff:ffff:ffff
2a11:840:30::/48
2a11:840:33::/48
2a11:840:40::/47
2a11:840:47::-2a11:840:48:ffff:ffff:ffff:ffff:ffff
2a11:840:54::/48
2a11:840:60::-2a11:840:68:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
14:bc:b4:8a:0c:d9:b3:b6:96:a8:e6:f9:e7:d9:1f:c1:03:46:
57:9c:6a:ae:64:f8:10:65:bc:1a:0e:cd:83:52:79:a5:da:81:
08:c8:44:2f:af:92:6b:24:63:e2:c8:f7:fa:7f:e0:7d:17:4b:
a4:fd:71:b0:4b:dc:02:e2:7f:a1:85:a5:84:69:41:35:ed:12:
f3:7f:9e:4c:c9:63:88:9b:46:4b:11:fd:4e:6b:9e:a0:26:b7:
25:e2:0d:83:0f:df:aa:0b:d0:8a:72:92:8b:52:8f:26:00:46:
c2:cc:7d:64:cf:aa:ec:b7:22:42:fa:5c:83:9b:78:27:26:99:
33:02:bd:df:9d:a4:91:2e:5c:81:48:3f:4f:48:90:9d:73:86:
da:05:fd:60:2e:3f:ae:96:ad:33:f0:f6:db:7f:1f:3d:d7:16:
18:90:66:7c:53:b9:0d:f3:81:4c:0c:66:a6:fc:5d:83:8a:3e:
b3:e9:3a:ca:aa:af:f5:93:d0:50:82:fc:dd:59:fb:b6:03:93:
c7:ac:fd:55:19:ac:28:26:bf:46:55:f1:32:2f:c9:2f:40:a8:
3a:2c:78:c6:5a:22:33:2f:28:c9:8e:0b:df:eb:81:74:10:67:
74:b3:fb:61:62:e9:10:04:ab:3d:a3:ce:55:08:07:33:7f:80:
08:f7:d8:c4
-----BEGIN CERTIFICATE-----
MIIFzDCCBLSgAwIBAgISAZGkk+nEOi/VNwVVJS92OYe6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5MDU2ZmE5NjI1YjZjODc0MDQyNjdjNmRjMjE5OTI0YWMx
NjAwNDUwHhcNMjQwODMwMTgzNzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTdlYWIyNjFiZGQ5MTM4OTU0Y2ZkYzcxMmMyODIwYzAxODlkNDYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApOVfwkI/nwPz6lhn/Uk7UEUjWs/U
SudEtfjrNY1+JutsZyDKa812sXdFwSYB3k0nrEjm2LNgj7yabr8BOSO4PMhJCHuc
Vn9+bHGSrWtgwUWXKEixQk060LrsK7rjnkKbXtncjgV816P+4ty+W+EYFwo/mg6d
YXUfFosezUt5Gbx0w11JT4nES0uW76R41L27wK1MeByLVSdoCtVMUmex5y9GJBlz
WHuw7tJWjBgfx82NGjAL+9Kjk9Ow8Fetj7uF8NfsD7SiAzZaJ1DoND2QdCH0Xh2h
moEokexrgTW61jRb9k2qtwjT3FEu2S7Hlcr4zPhpvpVI68cyCMjQ1QCQvwIDAQAB
o4IC2DCCAtQwHQYDVR0OBBYEFHV+qyYb3ZE4lUz9xxLCggwBidRhMB8GA1UdIwQY
MBaAFIkFb6liW2yHQEJnxtwhmSSsFgBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQt
NTE5MjAzNzMzNTNjLzEvZFg2ckpodmRrVGlWVFAzSEVzS0NEQUdKMUdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQtNTE5MjAzNzMzNTNj
LzEvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHtBggrBgEFBQcBBwEB/wSB3TCB2jAyBAIAATAsMAwDBAcu
EIADBAAuEIIDBAFtaJgDBABtaJsDBAKTTgADBAG5fu4DBAC51RcwgaMEAgACMIGc
MBIDBwEqEQhAAAYDBwAqEQhAAAgwEgMHBCoRCEAAEAMHACoRCEAAFDASAwcAKhEI
QAAXAwcBKhEIQAAYMBIDBwUqEQhAACADBwAqEQhAACYDBwAqEQhAADADBwAqEQhA
ADMDBwEqEQhAAEAwEgMHACoRCEAARwMHACoRCEAASAMHACoRCEAAVDASAwcFKhEI
QABgAwcAKhEIQABoMA0GCSqGSIb3DQEBCwUAA4IBAQAUvLSKDNmztpao5vnn2R/B
A0ZXnGquZPgQZbwaDs2DUnml2oEIyEQvr5JrJGPiyPf6f+B9F0uk/XGwS9wC4n+h
haWEaUE17RLzf55MyWOIm0ZLEf1Oa56gJrcl4g2DD9+qC9CKcpKLUo8mAEbCzH1k
z6rstyJC+lyDm3gnJpkzAr3fnaSRLlyBSD9PSJCdc4baBf1gLj+ulq0z8Pbbfx89
1xYYkGZ8U7kN84FMDGam/F2Dij6z6TrKqq/1k9BQgvzdWfu2A5PHrP1VGawoJr9G
VfEyL8kvQKg6LHjGWiIzLyjJjgvf64F0EGd0s/thYukQBKs9o85VCAczf4AI99jE
-----END CERTIFICATE-----
Generated at Mon Sep 9 14:25:14 2024 by rpki-client on console-fra.rpki-client.org