Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/1-AZuKTlV2_2CKC27a6jio_krMoc.roa
File: 1-AZuKTlV2_2CKC27a6jio_krMoc.roa (raw, json)
Hash identifier: YK3ckHZvE6obVaNIyvcXAoWoKiDPaNFTOSI7tL9840A=
Subject key identifier: F8:06:6E:29:39:55:DB:FD:82:28:2D:BB:6B:A8:E2:A3:F9:2B:32:87
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 019393004ABCE333507A6534CE6B6E4E3CD0
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/1-AZuKTlV2_2CKC27a6jio_krMoc.roa
Signing time: Wed 04 Dec 2024 18:48:10 +0000
ROA not before: Wed 04 Dec 2024 18:48:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42337
IP address blocks: 46.38.146.0/24 maxlen: 24
46.38.147.0/24 maxlen: 24
46.38.149.0/24 maxlen: 24
109.94.165.0/24 maxlen: 24
185.29.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:93:00:4a:bc:e3:33:50:7a:65:34:ce:6b:6e:4e:3c:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Dec 4 18:48:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f8066e293955dbfd82282dbb6ba8e2a3f92b3287
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:d3:0e:77:43:b3:e7:eb:3c:99:3f:d7:f1:9c:
c7:0a:8a:30:ea:a3:61:39:86:73:49:73:78:13:12:
72:eb:0d:b3:2c:bd:51:f9:61:53:68:13:41:8c:c0:
d3:b3:ed:aa:ce:89:7f:9e:fa:c4:c1:b6:58:04:87:
51:8b:51:b9:df:7d:99:50:db:7c:05:95:28:e8:e2:
1c:5a:71:93:f0:86:94:3c:9a:e9:ea:25:91:7c:32:
02:44:ff:a5:89:dc:24:45:de:68:25:a4:41:64:b8:
3a:de:9b:a5:06:ca:96:c4:c6:27:5e:7a:91:af:83:
25:c8:38:21:ec:85:b0:6a:f5:d0:f8:df:b6:68:1c:
bf:ea:c2:68:d7:17:7d:66:82:0d:39:ee:fc:16:05:
54:b6:30:f8:fa:2a:8c:8c:01:5c:a7:74:e3:b3:24:
92:1c:c8:c4:66:a1:93:f1:a7:ab:85:06:fc:c0:04:
ad:94:20:3b:c0:67:f5:16:28:24:c4:d2:6e:bb:aa:
84:97:ff:09:1c:aa:22:43:77:fe:b2:e9:0c:ea:9b:
a7:e7:a3:34:91:d8:95:34:31:f8:c6:62:1c:98:8a:
cd:c0:bd:12:f0:4c:96:54:0f:af:08:e8:89:1a:96:
a8:3c:1a:52:4f:db:17:a3:6a:83:e4:6b:0a:28:16:
61:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:06:6E:29:39:55:DB:FD:82:28:2D:BB:6B:A8:E2:A3:F9:2B:32:87
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/1-AZuKTlV2_2CKC27a6jio_krMoc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.38.146.0/23
46.38.149.0/24
109.94.165.0/24
185.29.223.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:f4:30:24:26:cb:98:1f:d0:0c:75:68:16:cb:90:a3:f5:ed:
50:5c:48:8f:f5:9b:ac:d4:ae:5f:80:1f:ff:cc:f8:e4:30:59:
83:47:fe:e3:52:16:93:b9:d3:b2:c5:df:59:73:41:b1:60:c6:
37:6f:5b:65:61:3c:08:6f:c5:97:2f:72:a6:39:4a:31:51:57:
47:c2:79:ae:1e:8a:f7:14:34:d2:b1:24:4a:f0:57:6c:9e:d7:
c0:00:df:11:a5:db:a3:5b:c8:e0:40:f1:de:1b:e7:38:2f:0f:
11:63:53:d3:57:ae:cc:d0:b4:f1:4a:d5:be:b3:04:c4:4b:f2:
8f:6b:ce:22:f1:9f:bf:75:a3:31:63:68:72:0b:61:5d:9e:2c:
94:cf:68:bb:06:eb:e7:14:ac:35:56:a4:35:0d:c9:44:cd:85:
26:8b:fe:86:8e:6c:6b:d6:a6:a3:c2:39:58:e6:2e:b5:33:a5:
dc:c3:d0:ce:82:0e:26:ae:7d:a1:30:ec:ed:a9:09:6f:a5:68:
0d:9f:28:1b:67:88:46:c8:15:87:4d:de:be:21:e4:50:e9:c2:
9f:9f:7a:20:c9:a3:bd:e9:d7:37:9c:2f:5c:ec:d9:81:ce:77:
4c:4e:8b:30:36:26:27:8f:c8:ac:9c:55:e2:a6:86:57:00:c1:
fc:49:fc:c4
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAZOTAEq84zNQemU0zmtuTjzQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjQxMjA0MTg0ODEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODA2NmUyOTM5NTVkYmZkODIyODJkYmI2YmE4ZTJhM2Y5MmIzMjg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAytMOd0Oz5+s8mT/X8ZzHCoow6qNh
OYZzSXN4ExJy6w2zLL1R+WFTaBNBjMDTs+2qzol/nvrEwbZYBIdRi1G5332ZUNt8
BZUo6OIcWnGT8IaUPJrp6iWRfDICRP+lidwkRd5oJaRBZLg63pulBsqWxMYnXnqR
r4MlyDgh7IWwavXQ+N+2aBy/6sJo1xd9ZoINOe78FgVUtjD4+iqMjAFcp3TjsySS
HMjEZqGT8aerhQb8wAStlCA7wGf1FigkxNJuu6qEl/8JHKoiQ3f+sukM6pun56M0
kdiVNDH4xmIcmIrNwL0S8EyWVA+vCOiJGpaoPBpST9sXo2qD5GsKKBZhWQIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFPgGbik5Vdv9gigtu2uo4qP5KzKHMB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvMS1BWnVLVGxWMl8yQ0tDMjdhNmppb19rck1vYy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNjEvNWY2OTA2LTNmYjAtNGRmZi04ZDAxLTJhMDljYzUzYTgw
NS8xL3R5bEY5WEVERlRvSGhVNTA0aWZ5cnNIRjlEQS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAxBggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAS4mkgME
AC4mlQMEAG1epQMEALkd3zANBgkqhkiG9w0BAQsFAAOCAQEAtvQwJCbLmB/QDHVo
FsuQo/XtUFxIj/WbrNSuX4Af/8z45DBZg0f+41IWk7nTssXfWXNBsWDGN29bZWE8
CG/Fly9ypjlKMVFXR8J5rh6K9xQ00rEkSvBXbJ7XwADfEaXbo1vI4EDx3hvnOC8P
EWNT01euzNC08UrVvrMExEvyj2vOIvGfv3WjMWNocgthXZ4slM9ouwbr5xSsNVak
NQ3JRM2FJov+ho5sa9amo8I5WOYutTOl3MPQzoIOJq59oTDs7akJb6VoDZ8oG2eI
RsgVh03eviHkUOnCn596IMmjvenXN5wvXOzZgc53TE6LMDYmJ4/IrJxV4qaGVwDB
/En8xA==
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:41:41 2025 by rpki-client