Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/I5Zdp_FbQJkyKEUmYEDyzDr-d0w.roa
File: I5Zdp_FbQJkyKEUmYEDyzDr-d0w.roa (raw, json)
Hash identifier: uo/K36ec6Qx2ivmuijtZqYYSAbpIb30GrevEBs0hcow=
Subject key identifier: 23:96:5D:A7:F1:5B:40:99:32:28:45:26:60:40:F2:CC:3A:FE:77:4C
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 019518E8771D3A98A6D5AE54F03243F3A6B5
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/I5Zdp_FbQJkyKEUmYEDyzDr-d0w.roa
Signing time: Tue 18 Feb 2025 11:54:02 +0000
ROA not before: Tue 18 Feb 2025 11:54:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 46.38.157.0/24 maxlen: 24
212.16.92.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 25 Mar 2025 17:17:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:18:e8:77:1d:3a:98:a6:d5:ae:54:f0:32:43:f3:a6:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Feb 18 11:54:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=23965da7f15b4099322845266040f2cc3afe774c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:a8:dc:49:10:22:8e:b7:ec:57:80:da:21:18:
53:f7:95:4f:7d:4f:6f:b7:c2:83:14:72:cd:13:28:
ef:1f:1c:fb:9a:84:79:d0:12:49:88:b3:63:48:6b:
e7:8f:aa:75:73:20:5a:ef:5a:61:66:a3:c4:94:61:
c3:ce:8b:80:05:d9:13:f2:f6:ce:26:01:7f:aa:0d:
ee:b2:99:e2:34:f5:8d:f4:59:87:b2:c4:21:8e:3e:
3c:9d:2d:9d:84:06:85:0e:37:0d:13:64:f1:42:41:
1e:1d:b2:5d:ef:b7:04:06:de:81:4c:c5:2a:7a:91:
13:c5:76:56:ff:b3:be:ff:00:0e:b1:7e:40:c4:46:
70:d9:4b:9f:e2:0b:a2:2f:30:f2:0d:2f:72:0d:1e:
48:cb:1e:d9:cf:79:a8:41:cb:18:66:29:ac:a8:95:
a3:1c:83:f8:02:c9:d7:3f:bf:7f:0f:f9:dd:b5:68:
cb:f3:75:48:40:f2:03:5f:df:39:e9:97:cb:8c:9e:
7d:66:8c:c3:e5:54:b7:8f:92:ea:95:e6:4e:a1:c7:
1a:d2:ca:27:55:00:0d:09:ec:f4:53:40:ab:34:c3:
0e:80:0f:d4:06:5e:bc:32:c6:04:a2:ed:75:19:a5:
3b:6b:6e:1d:2b:6e:73:40:f6:7d:de:90:c8:86:de:
5a:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:96:5D:A7:F1:5B:40:99:32:28:45:26:60:40:F2:CC:3A:FE:77:4C
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/I5Zdp_FbQJkyKEUmYEDyzDr-d0w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.38.157.0/24
212.16.92.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:8e:5c:39:b7:5b:6a:12:2e:60:15:fc:56:e9:13:ae:16:8b:
3e:77:37:02:19:53:3f:57:23:29:de:9f:37:9f:d9:85:db:13:
44:52:b8:38:e5:04:39:23:3a:11:11:99:ac:25:d2:eb:a1:89:
3e:48:77:bd:36:38:f2:12:29:e0:a7:de:a8:ed:f3:f2:4d:3e:
27:1f:51:b1:17:30:90:4c:21:3b:24:8d:0f:63:a7:16:18:d9:
4c:3c:f8:d7:4e:37:21:3d:ef:cf:5c:75:4d:a7:22:5c:9b:f8:
a7:32:f9:74:8d:b2:78:e2:66:6a:0c:cb:ef:36:cf:d8:82:37:
be:17:39:48:d2:55:2a:ab:0a:6c:94:06:b0:39:27:16:2e:e7:
54:b4:b0:8a:9c:09:13:08:41:06:d7:42:a7:bc:b3:f4:d2:a4:
ea:0e:85:b6:8b:0c:75:49:f6:75:67:02:f2:c2:cc:53:96:2f:
46:6f:36:3e:44:f8:37:fd:43:24:1a:59:60:53:08:35:52:7e:
5a:99:12:2e:10:27:75:47:a8:d8:f3:37:cb:e1:d6:68:a2:7e:
bf:e6:62:4c:cf:45:30:76:36:71:c7:f8:71:7f:c7:0b:f2:fd:
85:24:a1:81:40:4c:cb:f4:b5:cb:30:57:88:8e:b6:bf:63:ce:
86:c8:ba:6d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZUY6HcdOpim1a5U8DJD86a1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjUwMjE4MTE1NDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzk2NWRhN2YxNWI0MDk5MzIyODQ1MjY2MDQwZjJjYzNhZmU3NzRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhajcSRAijrfsV4DaIRhT95VPfU9v
t8KDFHLNEyjvHxz7moR50BJJiLNjSGvnj6p1cyBa71phZqPElGHDzouABdkT8vbO
JgF/qg3uspniNPWN9FmHssQhjj48nS2dhAaFDjcNE2TxQkEeHbJd77cEBt6BTMUq
epETxXZW/7O+/wAOsX5AxEZw2Uuf4guiLzDyDS9yDR5Iyx7Zz3moQcsYZimsqJWj
HIP4AsnXP79/D/ndtWjL83VIQPIDX9856ZfLjJ59ZozD5VS3j5LqleZOocca0son
VQANCez0U0CrNMMOgA/UBl68MsYEou11GaU7a24dK25zQPZ93pDIht5aOwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCOWXafxW0CZMihFJmBA8sw6/ndMMB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvSTVaZHBfRmJRSmt5S0VVbVlFRHl6RHItZDB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALiadAwQA
1BBcMA0GCSqGSIb3DQEBCwUAA4IBAQBKjlw5t1tqEi5gFfxW6ROuFos+dzcCGVM/
VyMp3p83n9mF2xNEUrg45QQ5IzoREZmsJdLroYk+SHe9NjjyEingp96o7fPyTT4n
H1GxFzCQTCE7JI0PY6cWGNlMPPjXTjchPe/PXHVNpyJcm/inMvl0jbJ44mZqDMvv
Ns/Ygje+FzlI0lUqqwpslAawOScWLudUtLCKnAkTCEEG10KnvLP00qTqDoW2iwx1
SfZ1ZwLywsxTli9GbzY+RPg3/UMkGllgUwg1Un5amRIuECd1R6jY8zfL4dZoon6/
5mJMz0UwdjZxx/hxf8cL8v2FJKGBQEzL9LXLMFeIjra/Y86GyLpt
-----END CERTIFICATE-----
Generated at Thu Apr 17 08:50:07 2025 by rpki-client