Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/G3EXk-TXHdpZZGXtiL1llNlNwfI.roa
File: G3EXk-TXHdpZZGXtiL1llNlNwfI.roa (raw, json)
Hash identifier: 5FzrWq2cJMC7Msxf960GY8yVOGtsHujbLGtS5L/WR6k=
Subject key identifier: 1B:71:17:93:E4:D7:1D:DA:59:64:65:ED:88:BD:65:94:D9:4D:C1:F2
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 0194221FFF84269761519C08C0F9D86857BB
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/G3EXk-TXHdpZZGXtiL1llNlNwfI.roa
Signing time: Wed 01 Jan 2025 13:48:29 +0000
ROA not before: Wed 01 Jan 2025 13:48:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48147
IP address blocks: 46.38.143.0/24 maxlen: 24
212.16.86.0/24 maxlen: 24
212.80.18.0/23 maxlen: 23
212.80.18.0/24 maxlen: 24
212.80.19.0/24 maxlen: 24
212.80.20.0/22 maxlen: 22
212.80.20.0/24 maxlen: 24
212.80.21.0/24 maxlen: 24
212.80.22.0/24 maxlen: 24
212.80.23.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 16 Jan 2025 15:02:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:ff:84:26:97:61:51:9c:08:c0:f9:d8:68:57:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Jan 1 13:48:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1b711793e4d71dda596465ed88bd6594d94dc1f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:df:19:5a:a0:6b:86:9e:60:53:9c:11:30:ab:
f2:06:ab:9b:74:ca:cb:35:12:49:9a:a9:1d:0d:d9:
6f:46:c1:85:2e:ec:eb:b2:f0:e5:97:11:02:ef:a6:
96:9d:73:8a:c5:1a:51:77:f5:1c:6b:9f:8a:77:e5:
07:e2:94:40:aa:37:35:de:05:6f:ed:f8:ec:57:d8:
a9:7d:14:13:f1:6e:a4:cd:8c:70:d7:68:27:62:09:
2b:b8:4a:c8:06:4d:07:1d:0b:f6:a5:82:97:39:ce:
e6:53:9e:d7:53:d0:a6:59:a2:5d:0e:e6:ff:db:3d:
6d:95:66:0b:f9:1c:84:74:d7:8e:81:f7:14:88:ec:
e9:88:59:c3:04:57:df:db:96:69:ab:d9:f5:9c:2c:
31:18:d7:e6:bb:86:fb:0f:c9:95:4b:f9:ba:38:cd:
8d:10:dc:e8:ce:b3:58:0d:fb:4d:47:c6:4f:a5:0a:
ab:d6:6e:66:fe:75:48:19:a1:c6:da:57:33:a5:ca:
30:62:59:26:34:1c:50:50:5b:02:0e:7a:d3:66:ab:
b4:d8:48:8a:dd:6a:74:3d:72:9d:d1:17:9b:c5:91:
5e:f5:b4:b2:cc:0a:37:51:eb:b0:25:bf:f0:9f:15:
32:40:21:cd:50:c1:d2:ec:05:87:b3:8f:b5:e8:5f:
48:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:71:17:93:E4:D7:1D:DA:59:64:65:ED:88:BD:65:94:D9:4D:C1:F2
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/G3EXk-TXHdpZZGXtiL1llNlNwfI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.38.143.0/24
212.16.86.0/24
212.80.18.0-212.80.23.255
Signature Algorithm: sha256WithRSAEncryption
3f:e5:f2:ab:17:a5:39:ad:22:b6:6f:9c:71:51:36:ec:b9:a5:
f3:31:48:b8:fd:7e:5a:4d:75:de:8d:7e:7b:74:ef:ac:28:a4:
ee:39:c4:9e:86:b6:d4:54:72:2e:dc:0a:61:e7:09:ec:0f:58:
af:6c:7f:40:1a:dd:eb:9b:4d:c6:4c:5a:ce:bd:bb:c3:69:fc:
80:9f:0e:ee:3e:35:e7:c4:3c:38:a3:9f:2b:96:76:38:65:e3:
4d:d9:81:b1:73:2c:69:8d:e9:5d:90:d5:f9:94:73:4e:38:22:
0c:e2:24:34:5c:68:e5:aa:34:66:02:ec:b0:f2:b0:49:50:b3:
94:2a:22:ca:ba:fa:ad:c3:3d:47:a4:14:39:4e:1d:95:35:5b:
18:8e:be:3e:db:28:bc:78:6a:aa:ea:d3:c9:a4:e7:e2:94:80:
a8:d3:be:51:34:fe:f9:52:d6:08:68:9b:e8:65:21:5c:28:dc:
d2:64:21:21:8f:18:9b:7f:9a:6b:ad:69:84:20:35:00:b4:c2:
e6:c1:ef:0d:78:fe:bd:26:6f:de:2c:b2:e3:9c:c4:33:9b:91:
90:54:61:f9:b8:f5:de:c5:3d:ed:f5:66:d3:9c:7f:3f:4e:b8:
0d:12:24:ac:5f:9f:4d:f2:42:cd:b5:1b:7b:08:2e:b4:7c:e4:
44:c9:69:05
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQiH/+EJpdhUZwIwPnYaFe7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjUwMTAxMTM0ODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjcxMTc5M2U0ZDcxZGRhNTk2NDY1ZWQ4OGJkNjU5NGQ5NGRjMWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxd8ZWqBrhp5gU5wRMKvyBqubdMrL
NRJJmqkdDdlvRsGFLuzrsvDllxEC76aWnXOKxRpRd/Uca5+Kd+UH4pRAqjc13gVv
7fjsV9ipfRQT8W6kzYxw12gnYgkruErIBk0HHQv2pYKXOc7mU57XU9CmWaJdDub/
2z1tlWYL+RyEdNeOgfcUiOzpiFnDBFff25Zpq9n1nCwxGNfmu4b7D8mVS/m6OM2N
ENzozrNYDftNR8ZPpQqr1m5m/nVIGaHG2lczpcowYlkmNBxQUFsCDnrTZqu02EiK
3Wp0PXKd0RebxZFe9bSyzAo3UeuwJb/wnxUyQCHNUMHS7AWHs4+16F9IyQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFBtxF5Pk1x3aWWRl7Yi9ZZTZTcHyMB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvRzNFWGstVFhIZHBaWkdYdGlMMWxsTmxOd2ZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQALiaPAwQA
1BBWMAwDBAHUUBIDBAPUUBAwDQYJKoZIhvcNAQELBQADggEBAD/l8qsXpTmtIrZv
nHFRNuy5pfMxSLj9flpNdd6Nfnt076wopO45xJ6GttRUci7cCmHnCewPWK9sf0Aa
3eubTcZMWs69u8Np/ICfDu4+NefEPDijnyuWdjhl403ZgbFzLGmN6V2Q1fmUc044
IgziJDRcaOWqNGYC7LDysElQs5QqIsq6+q3DPUekFDlOHZU1WxiOvj7bKLx4aqrq
08mk5+KUgKjTvlE0/vlS1ghom+hlIVwo3NJkISGPGJt/mmutaYQgNQC0wubB7w14
/r0mb94ssuOcxDObkZBUYfm49d7FPe31ZtOcfz9OuA0SJKxfn03yQs21G3sILrR8
5ETJaQU=
-----END CERTIFICATE-----
Generated at Sun Apr 20 20:24:57 2025 by rpki-client