Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/3jk_L-Kap6izFBuJISi2VDGBM7c.roa
File: 3jk_L-Kap6izFBuJISi2VDGBM7c.roa (raw, json)
Hash identifier: SiLCn4NY/b4Hmu3M8YzzUYZeOOzOry3i+PWl6++nskw=
Subject key identifier: DE:39:3F:2F:E2:9A:A7:A8:B3:14:1B:89:21:28:B6:54:31:81:33:B7
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 0197D4FA4B8BDE8F78B552A08BE71CB09201
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/3jk_L-Kap6izFBuJISi2VDGBM7c.roa
Signing time: Fri 04 Jul 2025 10:27:42 +0000
ROA not before: Fri 04 Jul 2025 10:27:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213732
IP address blocks: 46.38.144.0/24 maxlen: 24
46.38.146.0/24 maxlen: 24
46.38.147.0/24 maxlen: 24
46.38.148.0/24 maxlen: 24
46.38.149.0/24 maxlen: 24
46.38.150.0/24 maxlen: 24
46.38.151.0/24 maxlen: 24
185.29.223.0/24 maxlen: 24
212.80.29.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 21 Jul 2025 13:35:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:d4:fa:4b:8b:de:8f:78:b5:52:a0:8b:e7:1c:b0:92:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Jul 4 10:27:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=de393f2fe29aa7a8b3141b892128b654318133b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:e5:b7:1a:ed:79:7d:ec:a4:da:f6:3f:ae:af:
55:84:17:a0:1e:57:0b:a9:a5:74:c0:48:9a:be:ab:
31:3c:fd:63:6f:a9:8f:9d:75:9d:8d:45:5b:9f:a9:
2a:ae:a1:8e:41:c3:42:38:bb:30:0b:3c:47:fc:a5:
09:6f:63:06:10:c4:cc:c2:c9:ad:48:79:c2:c4:4b:
00:31:2d:e4:65:19:d2:64:7a:61:80:88:69:9f:c6:
f9:50:ba:a4:dd:fc:53:e1:f5:55:c3:2e:2d:6a:9a:
36:0b:51:6e:e8:bd:70:55:9b:fe:0f:60:fe:f4:5f:
19:1b:f6:da:73:13:2d:76:73:8e:1f:fc:c3:60:cb:
f3:22:06:0f:73:9d:af:7a:d6:74:1d:33:95:87:91:
b4:c3:e0:99:2f:27:3a:23:7e:8b:99:bb:39:83:cb:
e8:d6:e2:5a:55:0a:16:42:30:05:6e:79:e5:7e:2f:
99:ce:51:77:96:34:0c:70:9e:fe:0a:29:37:ae:a8:
c8:42:da:89:82:e2:39:e0:a1:ca:28:0c:83:4f:71:
16:aa:7a:e5:a4:c6:cd:ad:b0:2d:93:df:ac:c9:87:
0a:d0:20:2a:e0:aa:d9:83:b9:d0:47:f5:dd:9c:9a:
44:42:44:55:cd:60:99:45:c4:40:b9:51:a1:a5:19:
12:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:39:3F:2F:E2:9A:A7:A8:B3:14:1B:89:21:28:B6:54:31:81:33:B7
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/3jk_L-Kap6izFBuJISi2VDGBM7c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.38.144.0/24
46.38.146.0-46.38.151.255
185.29.223.0/24
212.80.29.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:f2:d2:6b:df:eb:64:00:95:9b:c4:d3:65:c4:07:a3:f4:d9:
13:39:53:d0:8d:ba:80:8a:36:e8:49:71:c1:d0:3c:d9:c2:eb:
6a:2c:1f:a0:a7:5b:0a:84:f6:c5:f4:33:44:91:16:2f:07:5d:
eb:92:03:9c:31:0e:c9:6e:1f:69:64:45:ab:ff:77:41:59:85:
e4:35:69:54:cc:94:d6:ff:04:05:62:6d:d1:b5:87:f5:41:bb:
c0:32:c2:1d:e0:b8:0b:a0:51:61:4c:bc:a3:f6:40:50:e9:2a:
95:27:c2:b7:c0:9b:6a:78:78:a1:1e:95:80:a4:b4:86:b2:a5:
9f:4f:c9:9e:18:f6:d0:55:4b:f7:eb:f2:89:e6:72:fa:8c:dc:
95:c3:3b:b4:7c:36:0a:1f:b8:bb:ce:e2:a1:15:80:38:e8:94:
21:04:5d:81:f9:f4:d6:89:a8:1b:c6:df:64:c7:8b:ca:8c:7c:
81:36:63:54:72:f5:4f:4b:66:a5:7b:37:c7:dc:38:ce:ef:e4:
cc:36:e1:ea:13:0f:00:73:0d:12:a4:a6:86:06:94:cb:a3:53:
34:9e:35:a6:f5:fb:34:ca:e1:fe:2d:09:da:2c:17:ef:24:14:
1f:91:ec:1f:d3:a2:bf:a3:db:b2:a8:28:03:0a:86:c3:3c:52:
a7:bb:69:cd
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZfU+kuL3o94tVKgi+ccsJIBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjUwNzA0MTAyNzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTM5M2YyZmUyOWFhN2E4YjMxNDFiODkyMTI4YjY1NDMxODEzM2I3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4uW3Gu15feyk2vY/rq9VhBegHlcL
qaV0wEiavqsxPP1jb6mPnXWdjUVbn6kqrqGOQcNCOLswCzxH/KUJb2MGEMTMwsmt
SHnCxEsAMS3kZRnSZHphgIhpn8b5ULqk3fxT4fVVwy4tapo2C1Fu6L1wVZv+D2D+
9F8ZG/bacxMtdnOOH/zDYMvzIgYPc52vetZ0HTOVh5G0w+CZLyc6I36Lmbs5g8vo
1uJaVQoWQjAFbnnlfi+ZzlF3ljQMcJ7+Cik3rqjIQtqJguI54KHKKAyDT3EWqnrl
pMbNrbAtk9+syYcK0CAq4KrZg7nQR/XdnJpEQkRVzWCZRcRAuVGhpRkSEwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFN45Py/imqeosxQbiSEotlQxgTO3MB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvM2prX0wtS2FwNml6RkJ1SklTaTJWREdCTTdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQALiaQMAwD
BAEuJpIDBAMuJpADBAC5Hd8DBADUUB0wDQYJKoZIhvcNAQELBQADggEBAE/y0mvf
62QAlZvE02XEB6P02RM5U9CNuoCKNuhJccHQPNnC62osH6CnWwqE9sX0M0SRFi8H
XeuSA5wxDsluH2lkRav/d0FZheQ1aVTMlNb/BAVibdG1h/VBu8Aywh3guAugUWFM
vKP2QFDpKpUnwrfAm2p4eKEelYCktIaypZ9PyZ4Y9tBVS/fr8onmcvqM3JXDO7R8
NgofuLvO4qEVgDjolCEEXYH59NaJqBvG32THi8qMfIE2Y1Ry9U9LZqV7N8fcOM7v
5Mw24eoTDwBzDRKkpoYGlMujUzSeNab1+zTK4f4tCdosF+8kFB+R7B/Tor+j27Ko
KAMKhsM8Uqe7ac0=
-----END CERTIFICATE-----
Generated at Fri Jul 25 18:18:16 2025 by rpki-client