Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/xHETIWlhZ5j7L8_vhv4Dk0vIyK0.roa
File: xHETIWlhZ5j7L8_vhv4Dk0vIyK0.roa (raw, json)
Hash identifier: Z8YU+geXHudB42WA+ADTUJmcnlgIAPz+Y7IwHGH7rWA=
Subject key identifier: C4:71:13:21:69:61:67:98:FB:2F:CF:EF:86:FE:03:93:4B:C8:C8:AD
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 01957AC18D59A769C019FFE4DD4EC0FBE7B9
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/xHETIWlhZ5j7L8_vhv4Dk0vIyK0.roa
Signing time: Sun 09 Mar 2025 11:54:19 +0000
ROA not before: Sun 09 Mar 2025 11:54:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44547
IP address blocks: 46.38.153.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 03 Apr 2025 17:24:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:7a:c1:8d:59:a7:69:c0:19:ff:e4:dd:4e:c0:fb:e7:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Mar 9 11:54:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c471132169616798fb2fcfef86fe03934bc8c8ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:09:c2:7f:5c:42:7b:eb:26:d5:ee:e4:b7:70:
e3:80:1d:95:f7:5c:15:f1:34:ad:3e:47:5b:4d:4d:
93:95:22:4c:19:02:a7:b9:94:d7:75:f1:09:8c:a8:
33:83:a0:bb:27:20:5f:34:bb:e9:3e:82:96:aa:0e:
ab:5c:eb:d8:35:38:6f:01:99:b7:48:ba:94:2a:e7:
66:3b:6a:22:bd:6c:62:1b:ca:46:ea:f5:dc:e9:03:
ea:f7:70:c0:5c:61:cb:91:24:95:11:2a:f7:cb:de:
07:0d:4e:13:d5:28:84:cd:8a:3f:ff:34:86:28:a6:
45:3f:b4:26:30:e6:84:1f:49:37:94:ad:14:e2:78:
b6:a2:7f:dc:73:a1:69:6c:f0:9f:96:03:5c:a8:51:
9a:a3:d8:2e:88:20:8d:d7:13:76:76:d6:95:13:9e:
cb:5f:6c:60:89:84:92:ca:97:cc:69:54:3c:87:5c:
5f:c7:ae:7c:c7:7e:79:27:bf:ad:2b:40:c3:d3:ab:
fa:a2:bd:f9:5a:0d:e8:26:cd:e9:a4:4a:99:ed:86:
83:08:8d:24:97:b6:17:66:b7:2f:66:d4:5e:87:3f:
ef:3f:d9:92:8f:18:1f:93:fc:19:dd:4c:f4:3c:11:
27:e6:0a:26:16:5d:68:31:f7:b8:f3:95:f6:fe:3f:
41:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:71:13:21:69:61:67:98:FB:2F:CF:EF:86:FE:03:93:4B:C8:C8:AD
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/xHETIWlhZ5j7L8_vhv4Dk0vIyK0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.38.153.0/24
Signature Algorithm: sha256WithRSAEncryption
76:33:dc:ee:6f:0c:46:8d:2b:c7:91:17:cb:0f:eb:e2:30:e4:
c3:10:01:3a:96:32:7a:39:e2:ac:a3:c1:39:73:e9:bd:16:08:
ed:d5:56:89:55:fb:86:67:aa:ee:de:38:42:1b:b9:6b:9e:96:
48:6c:89:68:06:fa:0d:f0:1a:73:f8:d7:10:a4:b6:75:5d:a7:
b6:a3:f1:ab:a3:c1:f0:94:bb:9c:27:06:1d:55:b2:2c:71:a5:
58:8a:f8:c4:cc:c7:95:8f:74:06:7d:30:67:11:6a:bd:28:4f:
3a:6b:c2:0b:0a:8d:37:fc:72:ef:c5:88:7a:f1:bc:71:ea:bb:
c0:4f:af:a9:a6:32:8d:c7:03:09:90:c8:90:cf:d7:13:c5:0d:
70:49:25:71:49:71:4f:b1:6b:5a:c1:ac:58:e2:cb:6e:16:e7:
af:8a:66:a6:d3:d6:a3:5f:ae:1d:a7:e1:97:c0:56:c9:cd:94:
bf:83:7f:34:1c:d6:31:07:fa:41:c3:96:ae:8a:99:73:2e:52:
fe:fb:87:b3:52:d0:dd:f8:78:43:cc:a6:29:02:27:d2:2d:88:
d5:38:d3:d0:43:5f:c6:3b:14:e7:ce:77:53:ba:8b:c4:7e:a6:
06:70:e9:45:34:5b:65:1e:04:85:92:97:73:56:c1:34:d0:ff:
c1:34:3d:2e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZV6wY1Zp2nAGf/k3U7A++e5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjUwMzA5MTE1NDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDcxMTMyMTY5NjE2Nzk4ZmIyZmNmZWY4NmZlMDM5MzRiYzhjOGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1QnCf1xCe+sm1e7kt3DjgB2V91wV
8TStPkdbTU2TlSJMGQKnuZTXdfEJjKgzg6C7JyBfNLvpPoKWqg6rXOvYNThvAZm3
SLqUKudmO2oivWxiG8pG6vXc6QPq93DAXGHLkSSVESr3y94HDU4T1SiEzYo//zSG
KKZFP7QmMOaEH0k3lK0U4ni2on/cc6FpbPCflgNcqFGao9guiCCN1xN2dtaVE57L
X2xgiYSSypfMaVQ8h1xfx658x355J7+tK0DD06v6or35Wg3oJs3ppEqZ7YaDCI0k
l7YXZrcvZtRehz/vP9mSjxgfk/wZ3Uz0PBEn5gomFl1oMfe485X2/j9BeQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMRxEyFpYWeY+y/P74b+A5NLyMitMB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEveEhFVElXbGhaNWo3TDhfdmh2NERrMHZJeUswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALiaZMA0G
CSqGSIb3DQEBCwUAA4IBAQB2M9zubwxGjSvHkRfLD+viMOTDEAE6ljJ6OeKso8E5
c+m9Fgjt1VaJVfuGZ6ru3jhCG7lrnpZIbIloBvoN8Bpz+NcQpLZ1Xae2o/Gro8Hw
lLucJwYdVbIscaVYivjEzMeVj3QGfTBnEWq9KE86a8ILCo03/HLvxYh68bxx6rvA
T6+ppjKNxwMJkMiQz9cTxQ1wSSVxSXFPsWtawaxY4stuFuevimam09ajX64dp+GX
wFbJzZS/g380HNYxB/pBw5auiplzLlL++4ezUtDd+HhDzKYpAifSLYjVONPQQ1/G
OxTnzndTuovEfqYGcOlFNFtlHgSFkpdzVsE00P/BND0u
-----END CERTIFICATE-----
Generated at Sun Apr 6 02:23:20 2025 by rpki-client