Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/a4QEo2Vbn9N1gSeuV-8rFCCtEvQ.roa
File: a4QEo2Vbn9N1gSeuV-8rFCCtEvQ.roa (raw, json)
Hash identifier: oqXfzPSFexYqNkIBJuuBTv3JhxtdF2qwIgnaq2qc8ps=
Subject key identifier: 6B:84:04:A3:65:5B:9F:D3:75:81:27:AE:57:EF:2B:14:20:AD:12:F4
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 0194221FFF1BC6DABB145EDA9379BAEB3920
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/a4QEo2Vbn9N1gSeuV-8rFCCtEvQ.roa
Signing time: Wed 01 Jan 2025 13:48:29 +0000
ROA not before: Wed 01 Jan 2025 13:48:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44889
IP address blocks: 46.38.129.0/24 maxlen: 24
46.38.131.0/24 maxlen: 24
46.38.140.0/24 maxlen: 24
46.38.151.0/24 maxlen: 24
185.24.150.0/24 maxlen: 24
185.29.220.0/24 maxlen: 24
185.29.221.0/24 maxlen: 24
212.16.64.0/19 maxlen: 24
212.16.71.0/24 maxlen: 24
212.16.72.0/24 maxlen: 25
212.16.81.0/24 maxlen: 24
212.16.86.0/23 maxlen: 23
212.16.89.0/24 maxlen: 24
212.80.0.0/19 maxlen: 24
212.80.2.0/24 maxlen: 24
212.80.12.0/24 maxlen: 24
212.80.13.0/24 maxlen: 24
212.80.14.0/24 maxlen: 24
212.80.15.0/24 maxlen: 24
2a00:7d80::/29 maxlen: 64
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:14:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:ff:1b:c6:da:bb:14:5e:da:93:79:ba:eb:39:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Jan 1 13:48:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6b8404a3655b9fd3758127ae57ef2b1420ad12f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:4f:c6:8c:3c:ef:c3:2c:41:2c:aa:29:62:f8:
54:ea:f0:28:81:b4:fa:5c:d9:81:66:71:23:54:f6:
16:c7:42:d9:be:60:a4:da:39:09:19:80:d6:b1:8a:
d8:be:f0:9a:50:fe:92:5e:26:53:47:1b:d5:7f:76:
fa:b0:91:cf:c2:57:57:ce:69:a4:a3:b8:35:61:d5:
20:11:4b:6c:18:bc:a6:55:d2:31:9c:a1:96:39:2c:
8b:0f:e3:1e:0d:20:0b:86:d3:28:d7:26:8f:79:50:
c2:10:a9:0e:b8:40:04:e2:b8:8f:4d:70:79:66:27:
cb:ce:01:9c:c3:5d:a7:36:ea:3c:14:5a:49:f0:ee:
c9:19:f5:f8:a1:52:e7:e3:28:9e:9d:1b:63:01:3d:
ad:45:82:27:ca:59:3d:36:19:b2:de:48:d7:fb:60:
f7:4a:be:21:92:15:ea:8c:49:f9:99:8a:be:ed:a4:
9f:f3:8a:77:32:4b:26:67:83:a4:73:e0:db:db:0e:
4a:c3:ed:df:71:37:41:31:f7:98:21:8f:00:03:f4:
ac:b6:4d:94:52:fa:66:1d:43:9d:9f:b0:a8:d7:e5:
4d:3a:36:e6:95:6a:05:7c:11:89:e1:00:16:43:dc:
75:8d:28:12:3a:b9:5d:1d:fa:ec:b6:73:a5:aa:3a:
94:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:84:04:A3:65:5B:9F:D3:75:81:27:AE:57:EF:2B:14:20:AD:12:F4
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/a4QEo2Vbn9N1gSeuV-8rFCCtEvQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.38.129.0/24
46.38.131.0/24
46.38.140.0/24
46.38.151.0/24
185.24.150.0/24
185.29.220.0/23
212.16.64.0/19
212.80.0.0/19
IPv6:
2a00:7d80::/29
Signature Algorithm: sha256WithRSAEncryption
2c:ad:bc:88:1e:75:7f:d4:ef:ef:89:9f:c3:f2:2a:e4:bb:62:
a6:c3:5f:40:fd:75:26:49:31:5f:0a:40:52:ee:74:60:97:ad:
2e:d6:82:71:04:5b:2c:b9:bf:7f:73:c4:02:9d:19:de:59:8e:
1a:82:ef:5c:5e:dd:07:c3:2c:a8:b4:68:ad:ff:1c:89:04:14:
e1:77:26:31:12:10:3a:49:fa:eb:fd:3c:3a:29:1a:f2:0d:b5:
84:7c:53:eb:13:f7:c8:e7:87:83:bb:89:e1:c3:e2:67:50:7c:
0f:3b:0f:40:a8:d3:bc:c5:a4:7d:f1:8c:da:23:d3:60:a1:96:
ee:63:53:47:21:f5:0e:a0:18:a5:49:c8:98:af:5d:80:61:29:
04:58:74:48:54:27:2b:92:fa:31:60:bf:b9:8b:ce:dc:0c:7d:
cd:e7:40:99:7e:c6:e3:df:ae:28:37:b6:46:36:ba:67:06:82:
c4:03:0d:d5:45:c9:83:74:d7:e6:31:62:9d:a9:14:1f:58:e1:
0f:b9:04:e5:75:ad:ca:c2:5c:bd:ad:f4:f9:fb:2f:81:1b:ef:
32:43:73:6a:61:d0:0b:c8:bf:8d:75:1f:66:5b:d6:b3:c7:34:
0d:9f:c4:06:4f:39:32:01:e1:52:6c:b5:d5:11:46:67:2e:4e:
c0:d1:ca:6a
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZQiH/8bxtq7FF7ak3m66zkgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjUwMTAxMTM0ODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Yjg0MDRhMzY1NWI5ZmQzNzU4MTI3YWU1N2VmMmIxNDIwYWQxMmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2k/GjDzvwyxBLKopYvhU6vAogbT6
XNmBZnEjVPYWx0LZvmCk2jkJGYDWsYrYvvCaUP6SXiZTRxvVf3b6sJHPwldXzmmk
o7g1YdUgEUtsGLymVdIxnKGWOSyLD+MeDSALhtMo1yaPeVDCEKkOuEAE4riPTXB5
ZifLzgGcw12nNuo8FFpJ8O7JGfX4oVLn4yienRtjAT2tRYInylk9Nhmy3kjX+2D3
Sr4hkhXqjEn5mYq+7aSf84p3MksmZ4Okc+Db2w5Kw+3fcTdBMfeYIY8AA/Sstk2U
UvpmHUOdn7Co1+VNOjbmlWoFfBGJ4QAWQ9x1jSgSOrldHfrstnOlqjqUWwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFGuEBKNlW5/TdYEnrlfvKxQgrRL0MB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvYTRRRW8yVmJuOU4xZ1NldVYtOHJGQ0N0RXZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQALiaBAwQA
LiaDAwQALiaMAwQALiaXAwQAuRiWAwQBuR3cAwQF1BBAAwQF1FAAMA0EAgACMAcD
BQMqAH2AMA0GCSqGSIb3DQEBCwUAA4IBAQAsrbyIHnV/1O/viZ/D8irku2Kmw19A
/XUmSTFfCkBS7nRgl60u1oJxBFssub9/c8QCnRneWY4agu9cXt0HwyyotGit/xyJ
BBThdyYxEhA6Sfrr/Tw6KRryDbWEfFPrE/fI54eDu4nhw+JnUHwPOw9AqNO8xaR9
8YzaI9NgoZbuY1NHIfUOoBilSciYr12AYSkEWHRIVCcrkvoxYL+5i87cDH3N50CZ
fsbj364oN7ZGNrpnBoLEAw3VRcmDdNfmMWKdqRQfWOEPuQTlda3Kwly9rfT5+y+B
G+8yQ3NqYdALyL+NdR9mW9azxzQNn8QGTzkyAeFSbLXVEUZnLk7A0cpq
-----END CERTIFICATE-----
Generated at Sat May 10 19:43:23 2025 by rpki-client