Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/PJ3hvD84MSB2GpCpUv9gpVXM9Po.roa
File: PJ3hvD84MSB2GpCpUv9gpVXM9Po.roa (raw, json)
Hash identifier: PW6t4djKrhW95J6qqHAneRL1vkWL9mTNoiXd8Z6fZZI=
Subject key identifier: 3C:9D:E1:BC:3F:38:31:20:76:1A:90:A9:52:FF:60:A5:55:CC:F4:FA
Certificate issuer: /CN=57c670c8db32dd748df797c5c93013d8c91fa839
Certificate serial: 0197E96DAD9AE511392EAD2306B04EEEA930
Authority key identifier: 57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/PJ3hvD84MSB2GpCpUv9gpVXM9Po.roa
Signing time: Tue 08 Jul 2025 09:46:08 +0000
ROA not before: Tue 08 Jul 2025 09:46:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207569
IP address blocks: 46.243.1.0/24 maxlen: 24
46.243.4.0/24 maxlen: 24
46.243.6.0/24 maxlen: 24
95.81.112.0/24 maxlen: 24
95.81.113.0/24 maxlen: 24
194.79.60.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 12 Jul 2025 13:22:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:e9:6d:ad:9a:e5:11:39:2e:ad:23:06:b0:4e:ee:a9:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57c670c8db32dd748df797c5c93013d8c91fa839
Validity
Not Before: Jul 8 09:46:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3c9de1bc3f383120761a90a952ff60a555ccf4fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:d8:c9:da:1b:0d:fa:9e:34:02:69:61:08:90:
e4:16:12:75:bc:70:6a:3d:83:67:2b:4e:1e:60:85:
24:40:e6:ea:b0:d8:e3:16:18:bf:5e:22:b0:92:40:
9e:09:cb:06:1a:17:d7:ea:04:2c:5c:cb:07:46:ac:
6e:f5:a5:61:5e:f6:a8:48:64:e0:3d:2b:13:db:ef:
4d:9e:a9:83:ef:00:32:bd:17:42:54:3c:97:95:00:
48:20:94:d3:07:b0:d3:86:d6:12:f2:a3:42:d0:2d:
97:b5:73:1a:18:e8:5c:d2:62:44:2c:c9:ba:42:fa:
a9:0c:03:8c:3b:b8:64:e8:e6:45:ee:21:e5:4f:c4:
cc:de:8b:39:be:79:1e:61:95:93:07:44:7b:c9:81:
ff:b7:45:6d:a4:e9:c0:39:81:82:bd:28:40:dc:4b:
c7:39:61:52:80:e6:f4:ad:27:b7:4e:13:84:fb:67:
79:c2:ea:0e:b7:36:8b:e8:6f:d1:0a:2f:4a:f8:d6:
6b:7c:d8:ff:97:9c:6d:67:c5:8c:4a:f1:04:40:1d:
02:7b:f5:87:f3:74:a4:84:d4:c1:18:2f:f3:3e:d5:
6d:73:0e:97:ad:2a:4d:32:ee:e1:6b:07:b9:5a:33:
c8:3d:09:73:4d:5f:7e:9a:3b:5e:43:f8:00:5b:b0:
4f:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:9D:E1:BC:3F:38:31:20:76:1A:90:A9:52:FF:60:A5:55:CC:F4:FA
X509v3 Authority Key Identifier:
keyid:57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/PJ3hvD84MSB2GpCpUv9gpVXM9Po.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.243.1.0/24
46.243.4.0/24
46.243.6.0/24
95.81.112.0/23
194.79.60.0/24
Signature Algorithm: sha256WithRSAEncryption
38:43:c0:31:47:bc:23:b2:5f:a3:82:c5:c6:fe:91:a7:91:ea:
f7:e7:d8:59:1c:c4:20:c8:86:2a:9e:37:5a:88:35:a8:6c:e9:
d1:d8:03:9b:7e:6b:f2:f5:05:5c:45:d9:67:04:4e:eb:09:cd:
19:21:39:8e:05:c2:8c:6d:61:0a:a0:86:67:e1:ad:a8:62:6f:
98:fa:a7:a5:8c:40:70:5b:96:ee:a2:44:4f:38:1b:1c:20:57:
68:eb:9c:9d:8d:fe:55:67:38:50:6b:5b:ee:bc:b1:77:9e:92:
9d:34:02:e8:ab:7e:b4:ce:35:86:d2:db:01:40:09:2a:ca:8c:
eb:29:70:b5:35:51:b5:53:0e:b1:44:a9:e9:80:c1:e5:23:9e:
c0:38:c2:5f:e9:5a:ea:0e:bf:2e:16:03:45:45:a1:09:a6:e1:
b7:a4:8d:cd:ab:c2:c6:bc:7b:26:7e:db:90:a7:d0:eb:96:bd:
8c:52:6c:34:2f:8c:f3:5e:ef:fb:30:91:e7:f4:88:47:0a:34:
ad:f4:cd:0a:85:fd:33:a4:0c:94:06:4c:ba:ec:b4:ac:75:0e:
49:76:e5:59:93:55:2c:20:2b:a7:25:dc:1e:b7:35:51:54:9c:
6a:01:38:fd:9d:b0:db:33:95:46:10:e3:ed:7a:7e:5b:93:ff:
a8:2a:f2:0a
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZfpba2a5RE5Lq0jBrBO7qkwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3YzY3MGM4ZGIzMmRkNzQ4ZGY3OTdjNWM5MzAxM2Q4Yzkx
ZmE4MzkwHhcNMjUwNzA4MDk0NjA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzlkZTFiYzNmMzgzMTIwNzYxYTkwYTk1MmZmNjBhNTU1Y2NmNGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqdjJ2hsN+p40AmlhCJDkFhJ1vHBq
PYNnK04eYIUkQObqsNjjFhi/XiKwkkCeCcsGGhfX6gQsXMsHRqxu9aVhXvaoSGTg
PSsT2+9NnqmD7wAyvRdCVDyXlQBIIJTTB7DThtYS8qNC0C2XtXMaGOhc0mJELMm6
QvqpDAOMO7hk6OZF7iHlT8TM3os5vnkeYZWTB0R7yYH/t0VtpOnAOYGCvShA3EvH
OWFSgOb0rSe3ThOE+2d5wuoOtzaL6G/RCi9K+NZrfNj/l5xtZ8WMSvEEQB0Ce/WH
83SkhNTBGC/zPtVtcw6XrSpNMu7hawe5WjPIPQlzTV9+mjteQ/gAW7BPMQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDyd4bw/ODEgdhqQqVL/YKVVzPT6MB8GA1UdIwQY
MBaAFFfGcMjbMt10jfeXxckwE9jJH6g5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQt
MzA0OTVmNDAzNzg0LzEvUEozaHZEODRNU0IyR3BDcFV2OWdwVlhNOVBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQtMzA0OTVmNDAzNzg0
LzEvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALvMBAwQA
LvMEAwQALvMGAwQBX1FwAwQAwk88MA0GCSqGSIb3DQEBCwUAA4IBAQA4Q8AxR7wj
sl+jgsXG/pGnker359hZHMQgyIYqnjdaiDWobOnR2AObfmvy9QVcRdlnBE7rCc0Z
ITmOBcKMbWEKoIZn4a2oYm+Y+qeljEBwW5buokRPOBscIFdo65ydjf5VZzhQa1vu
vLF3npKdNALoq360zjWG0tsBQAkqyozrKXC1NVG1Uw6xRKnpgMHlI57AOMJf6Vrq
Dr8uFgNFRaEJpuG3pI3Nq8LGvHsmftuQp9Drlr2MUmw0L4zzXu/7MJHn9IhHCjSt
9M0Khf0zpAyUBky67LSsdQ5JduVZk1UsICunJdwetzVRVJxqATj9nbDbM5VGEOPt
en5bk/+oKvIK
-----END CERTIFICATE-----
Generated at Sun Jul 27 09:11:29 2025 by rpki-client