Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/uZCBvViNXiCVzSWDynPUNmsh9vI.roa
File: uZCBvViNXiCVzSWDynPUNmsh9vI.roa (raw, json)
Hash identifier: jyMuWexyoTWSZxpp1TRv8b1C7/TkvpaSLm6Qrn/CEss=
Subject key identifier: B9:90:81:BD:58:8D:5E:20:95:CD:25:83:CA:73:D4:36:6B:21:F6:F2
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 0193B5558CA9BC37FE6FB23BE862DDBB7707
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/uZCBvViNXiCVzSWDynPUNmsh9vI.roa
Signing time: Wed 11 Dec 2024 10:48:22 +0000
ROA not before: Wed 11 Dec 2024 10:48:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44889
IP address blocks: 46.38.129.0/24 maxlen: 24
46.38.131.0/24 maxlen: 24
46.38.140.0/24 maxlen: 24
46.38.151.0/24 maxlen: 24
185.24.150.0/24 maxlen: 24
185.29.220.0/24 maxlen: 24
185.29.221.0/24 maxlen: 24
212.16.64.0/19 maxlen: 24
212.16.71.0/24 maxlen: 24
212.16.72.0/24 maxlen: 25
212.16.81.0/24 maxlen: 24
212.16.86.0/23 maxlen: 23
212.16.89.0/24 maxlen: 24
212.80.0.0/19 maxlen: 24
212.80.2.0/24 maxlen: 24
212.80.12.0/24 maxlen: 24
212.80.13.0/24 maxlen: 24
212.80.14.0/24 maxlen: 24
212.80.15.0/24 maxlen: 24
2a00:7d80::/29 maxlen: 64
Validation: Failed, certificate revoked on Wed 11 Dec 2024 11:05:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:b5:55:8c:a9:bc:37:fe:6f:b2:3b:e8:62:dd:bb:77:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Dec 11 10:48:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b99081bd588d5e2095cd2583ca73d4366b21f6f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:7f:b4:22:c3:7f:51:c9:46:c2:7c:9a:e6:4e:
8d:bb:6b:6d:de:e7:e3:20:e1:95:dc:89:d5:63:a8:
de:86:e3:b2:88:9a:7b:ab:6b:11:93:7d:ba:43:f2:
28:67:83:dd:28:3f:66:72:ab:8e:c5:7f:ef:44:da:
ef:bb:3e:bc:b9:af:cd:f9:9b:be:37:71:0c:7d:18:
a3:d4:c5:d1:46:65:dc:ab:f7:24:f0:3c:4a:83:02:
24:d9:20:40:7a:38:39:31:eb:d8:ba:c0:6c:8d:d5:
f2:d4:e6:81:96:9d:dd:55:36:bc:bf:55:33:49:6d:
ae:65:a4:3a:4b:f3:19:b6:2e:5c:e1:53:3b:55:2e:
a9:fe:e9:c9:28:5a:98:e2:92:de:1d:37:18:c0:a3:
b7:5c:e1:fc:d1:44:4f:29:00:af:ad:87:a8:e6:52:
48:c8:f4:41:56:df:2a:fb:d0:29:d7:36:11:f3:94:
03:4e:76:48:11:52:7d:f3:a0:1b:42:00:f0:83:b9:
71:9e:60:92:0b:19:32:c6:17:a5:95:d6:a3:30:cf:
37:41:1d:e5:0d:b2:81:02:84:82:ac:66:9d:09:fe:
7f:93:a5:7d:72:12:b6:ee:50:28:08:bb:46:48:53:
ca:7c:cb:d5:79:22:c0:2c:97:59:69:5b:4a:3c:60:
cc:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:90:81:BD:58:8D:5E:20:95:CD:25:83:CA:73:D4:36:6B:21:F6:F2
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/uZCBvViNXiCVzSWDynPUNmsh9vI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.38.129.0/24
46.38.131.0/24
46.38.140.0/24
46.38.151.0/24
185.24.150.0/24
185.29.220.0/23
212.16.64.0/19
212.80.0.0/19
IPv6:
2a00:7d80::/29
Signature Algorithm: sha256WithRSAEncryption
11:ae:f6:ed:e6:d9:89:cd:93:02:5c:f1:c1:55:36:54:5f:9a:
f7:5f:2f:05:10:fe:d8:e7:2e:ba:80:3c:e8:29:fe:92:ef:fb:
e2:9b:83:b7:e8:07:c1:ae:0b:ac:86:08:7a:4e:29:d3:2d:e9:
36:5d:36:88:81:01:18:41:63:8f:d4:a5:e7:fc:f2:cf:15:b7:
86:13:e8:a9:55:48:25:de:07:3e:dd:a3:a3:94:b1:c1:56:9f:
f3:fd:5a:b9:2e:5e:a8:45:d3:86:15:fa:7d:8a:19:8b:f9:ac:
24:62:41:05:d8:e5:9d:58:06:4a:21:f3:4e:8c:b7:e4:c5:85:
30:ee:59:40:48:1c:59:cd:a7:80:75:9c:95:1a:5c:57:01:0f:
8d:83:78:59:5a:af:5d:ea:29:2b:53:ae:37:71:3a:2d:69:6a:
ca:bf:e4:51:38:2f:94:27:16:86:83:93:2a:42:33:b7:ac:cd:
04:01:0b:03:b8:40:22:81:fb:95:bb:96:2b:d9:74:6c:8a:7e:
90:f9:4a:10:94:e1:93:20:e0:11:ce:c7:06:39:0d:70:4a:53:
50:88:62:75:3b:52:03:fc:ce:79:c8:bb:18:3e:3c:32:54:6f:
73:01:a5:59:23:48:7a:e8:b5:db:aa:bb:71:8a:69:b6:38:d2:
eb:99:b3:1b
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZO1VYypvDf+b7I76GLdu3cHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjQxMjExMTA0ODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTkwODFiZDU4OGQ1ZTIwOTVjZDI1ODNjYTczZDQzNjZiMjFmNmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoX+0IsN/UclGwnya5k6Nu2tt3ufj
IOGV3InVY6jehuOyiJp7q2sRk326Q/IoZ4PdKD9mcquOxX/vRNrvuz68ua/N+Zu+
N3EMfRij1MXRRmXcq/ck8DxKgwIk2SBAejg5MevYusBsjdXy1OaBlp3dVTa8v1Uz
SW2uZaQ6S/MZti5c4VM7VS6p/unJKFqY4pLeHTcYwKO3XOH80URPKQCvrYeo5lJI
yPRBVt8q+9Ap1zYR85QDTnZIEVJ986AbQgDwg7lxnmCSCxkyxhelldajMM83QR3l
DbKBAoSCrGadCf5/k6V9chK27lAoCLtGSFPKfMvVeSLALJdZaVtKPGDMSwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFLmQgb1YjV4glc0lg8pz1DZrIfbyMB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvdVpDQnZWaU5YaUNWelNXRHluUFVObXNoOXZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQALiaBAwQA
LiaDAwQALiaMAwQALiaXAwQAuRiWAwQBuR3cAwQF1BBAAwQF1FAAMA0EAgACMAcD
BQMqAH2AMA0GCSqGSIb3DQEBCwUAA4IBAQARrvbt5tmJzZMCXPHBVTZUX5r3Xy8F
EP7Y5y66gDzoKf6S7/vim4O36AfBrgushgh6TinTLek2XTaIgQEYQWOP1KXn/PLP
FbeGE+ipVUgl3gc+3aOjlLHBVp/z/Vq5Ll6oRdOGFfp9ihmL+awkYkEF2OWdWAZK
IfNOjLfkxYUw7llASBxZzaeAdZyVGlxXAQ+Ng3hZWq9d6ikrU643cTotaWrKv+RR
OC+UJxaGg5MqQjO3rM0EAQsDuEAigfuVu5Yr2XRsin6Q+UoQlOGTIOARzscGOQ1w
SlNQiGJ1O1ID/M55yLsYPjwyVG9zAaVZI0h66LXbqrtximm2ONLrmbMb
-----END CERTIFICATE-----
Generated at Mon Apr 28 02:01:09 2025 by rpki-client