Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/aiJPd7ZOPdCI4L9nnSvbGgw4bAM.roa
File: aiJPd7ZOPdCI4L9nnSvbGgw4bAM.roa (raw, json)
Hash identifier: dSiCXIFGpzeK9Yu3JcICvaFotJPeAiAJeCRue6xrpwU=
Subject key identifier: 6A:22:4F:77:B6:4E:3D:D0:88:E0:BF:67:9D:2B:DB:1A:0C:38:6C:03
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 0193B5558BD9C46B9B27F6D98CCCE8BA0FE1
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/aiJPd7ZOPdCI4L9nnSvbGgw4bAM.roa
Signing time: Wed 11 Dec 2024 10:48:22 +0000
ROA not before: Wed 11 Dec 2024 10:48:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34918
IP address blocks: 46.38.138.0/24 maxlen: 24
46.38.139.0/24 maxlen: 24
46.38.148.0/24 maxlen: 24
46.38.150.0/24 maxlen: 24
185.29.222.0/24 maxlen: 24
212.80.11.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 11 Dec 2024 10:52:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:b5:55:8b:d9:c4:6b:9b:27:f6:d9:8c:cc:e8:ba:0f:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Dec 11 10:48:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6a224f77b64e3dd088e0bf679d2bdb1a0c386c03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:19:40:21:19:bc:48:de:5c:18:50:15:31:af:
42:4d:08:8a:7c:1f:a8:52:d3:24:6d:07:2b:ee:37:
c0:f1:30:00:97:07:cc:90:ed:dd:03:31:bc:84:23:
60:68:35:8b:57:d4:50:a2:eb:52:e3:37:28:40:3b:
14:06:7d:13:eb:b7:e1:ee:53:2b:40:c4:7d:f0:9b:
07:1d:db:a7:4d:c2:90:d0:97:f4:64:aa:3d:83:f3:
14:20:81:b5:1e:e7:1a:da:26:02:c4:f1:0c:a6:45:
43:12:9e:f7:8a:16:b3:51:e7:70:96:8d:11:e5:d5:
a4:b7:bf:5e:64:22:ff:19:31:09:cf:9b:d8:83:2a:
a7:f7:2c:51:63:67:57:7f:22:e8:e3:89:02:f1:ff:
de:99:0b:95:9b:06:85:6e:ae:b5:a0:19:13:57:5e:
39:09:a7:de:94:58:e6:47:7b:a4:25:88:0d:40:94:
94:b2:b4:cb:c4:89:f6:6a:e7:33:5b:da:3c:ac:38:
ce:8e:b5:18:9b:a1:b7:fe:25:f7:6e:b9:59:a8:d3:
64:a8:b8:d1:57:9e:26:50:13:e4:4d:9d:19:cd:54:
ef:1e:52:40:35:50:f2:28:2c:7f:29:df:f0:ac:7d:
5c:10:e6:0e:9e:75:12:4b:3e:e6:36:05:ab:7b:21:
7c:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:22:4F:77:B6:4E:3D:D0:88:E0:BF:67:9D:2B:DB:1A:0C:38:6C:03
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/aiJPd7ZOPdCI4L9nnSvbGgw4bAM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.38.138.0/23
46.38.148.0/24
46.38.150.0/24
185.29.222.0/24
212.80.11.0/24
Signature Algorithm: sha256WithRSAEncryption
13:0a:b4:22:b5:f8:3a:95:8d:c3:33:39:76:f7:3b:31:07:47:
91:a7:b5:ac:0a:ee:0b:f3:b7:a8:e4:94:eb:77:a8:7c:e1:08:
68:9e:c1:89:8e:a4:cd:9a:d2:69:c0:a0:ad:ac:62:fb:12:98:
2d:36:79:19:a1:45:f0:c2:cf:d6:ef:64:c5:af:5e:59:4b:4a:
b1:c9:53:5c:41:c1:c1:18:1b:7f:1f:db:b5:ec:be:ee:8b:57:
54:99:c2:17:2e:4a:4c:54:98:20:93:8c:b6:1d:a4:d5:48:d4:
0a:3f:44:95:11:58:d6:69:cd:ac:e2:5b:07:d0:72:3b:a8:6c:
b8:f7:a5:1e:c8:b9:34:79:a8:2d:93:99:25:b5:0e:9f:03:36:
b8:21:f5:cf:ca:34:58:1c:b5:a5:48:43:3e:7d:1b:10:6d:59:
35:74:dd:51:dd:b0:57:d5:44:4e:ff:b0:76:66:51:bf:91:08:
47:d9:68:e7:b1:ac:a7:b3:22:ae:ca:0c:ab:c4:e0:2b:b5:53:
70:c4:4d:c7:e9:4d:73:18:d3:01:e2:82:92:10:3a:e8:cd:6d:
06:4a:06:32:56:ef:af:81:90:c8:58:c3:f1:e0:28:b8:b0:52:
c2:44:24:c3:0e:b8:a7:f5:e7:40:0f:78:cc:38:08:a5:43:29:
66:f3:b9:bc
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZO1VYvZxGubJ/bZjMzoug/hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjQxMjExMTA0ODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTIyNGY3N2I2NGUzZGQwODhlMGJmNjc5ZDJiZGIxYTBjMzg2YzAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxxlAIRm8SN5cGFAVMa9CTQiKfB+o
UtMkbQcr7jfA8TAAlwfMkO3dAzG8hCNgaDWLV9RQoutS4zcoQDsUBn0T67fh7lMr
QMR98JsHHdunTcKQ0Jf0ZKo9g/MUIIG1Huca2iYCxPEMpkVDEp73ihazUedwlo0R
5dWkt79eZCL/GTEJz5vYgyqn9yxRY2dXfyLo44kC8f/emQuVmwaFbq61oBkTV145
CafelFjmR3ukJYgNQJSUsrTLxIn2auczW9o8rDjOjrUYm6G3/iX3brlZqNNkqLjR
V54mUBPkTZ0ZzVTvHlJANVDyKCx/Kd/wrH1cEOYOnnUSSz7mNgWreyF8swIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGoiT3e2Tj3QiOC/Z50r2xoMOGwDMB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvYWlKUGQ3Wk9QZENJNEw5bm5TdmJHZ3c0YkFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBLiaKAwQA
LiaUAwQALiaWAwQAuR3eAwQA1FALMA0GCSqGSIb3DQEBCwUAA4IBAQATCrQitfg6
lY3DMzl29zsxB0eRp7WsCu4L87eo5JTrd6h84QhonsGJjqTNmtJpwKCtrGL7Epgt
NnkZoUXwws/W72TFr15ZS0qxyVNcQcHBGBt/H9u17L7ui1dUmcIXLkpMVJggk4y2
HaTVSNQKP0SVEVjWac2s4lsH0HI7qGy496UeyLk0eagtk5kltQ6fAza4IfXPyjRY
HLWlSEM+fRsQbVk1dN1R3bBX1URO/7B2ZlG/kQhH2WjnsaynsyKuygyrxOArtVNw
xE3H6U1zGNMB4oKSEDrozW0GSgYyVu+vgZDIWMPx4Ci4sFLCRCTDDrin9edAD3jM
OAilQylm87m8
-----END CERTIFICATE-----
Generated at Mon Apr 28 09:51:30 2025 by rpki-client