Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/KzNt27S1tOjAUbIU54aEhJvNgoQ.roa
File: KzNt27S1tOjAUbIU54aEhJvNgoQ.roa (raw, json)
Hash identifier: tycWAAY0y8StO/VMnQmXq6X1woRqYDUBzIfkwGlo5w0=
Subject key identifier: 2B:33:6D:DB:B4:B5:B4:E8:C0:51:B2:14:E7:86:84:84:9B:CD:82:84
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 0194CB080074CA030D780BCEEE843759C927
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/KzNt27S1tOjAUbIU54aEhJvNgoQ.roa
Signing time: Mon 03 Feb 2025 08:58:06 +0000
ROA not before: Mon 03 Feb 2025 08:58:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35372
IP address blocks: 46.38.148.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 22 Feb 2025 12:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:cb:08:00:74:ca:03:0d:78:0b:ce:ee:84:37:59:c9:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Feb 3 08:58:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2b336ddbb4b5b4e8c051b214e78684849bcd8284
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:3f:aa:ab:7e:07:05:3c:2e:ce:df:8d:62:a2:
d8:1d:48:23:d9:c5:4e:50:c0:8b:8a:90:c5:88:c6:
17:3f:fb:db:c1:48:66:cd:fc:cf:88:b8:1b:28:72:
29:da:7c:33:dc:aa:41:d0:a6:e8:8f:c7:b9:c3:1b:
e2:d5:1b:c6:92:54:0e:50:77:59:3c:ca:e5:c3:c8:
e7:dc:99:e2:63:36:55:38:a7:d1:50:ca:92:20:65:
37:87:16:c9:a8:8d:7c:9f:bb:94:5d:7c:a4:71:e8:
80:72:2c:f7:22:59:ad:12:52:51:83:ce:9c:6f:c1:
bb:86:8e:c9:cb:64:35:09:4d:7c:6a:19:c0:c2:1f:
19:54:ad:90:fa:f4:e6:d0:bb:82:70:82:62:b4:8d:
67:65:6c:6b:88:26:d3:5d:9b:35:0a:da:ef:5a:e0:
ca:d2:67:3b:be:c6:42:77:31:d9:84:32:86:cf:3c:
0c:af:c5:bb:05:a4:4a:77:9f:56:3a:d4:5a:e0:7a:
8a:f2:e1:94:6d:e0:7e:01:c4:a6:8c:71:83:98:02:
8b:28:df:86:22:f1:4d:3c:66:28:53:cc:61:a4:5b:
1b:44:c3:e7:21:ef:36:f2:45:7f:1f:c7:0b:dc:de:
09:73:31:06:29:6a:34:34:fb:00:3b:26:57:19:02:
f2:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:33:6D:DB:B4:B5:B4:E8:C0:51:B2:14:E7:86:84:84:9B:CD:82:84
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/KzNt27S1tOjAUbIU54aEhJvNgoQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.38.148.0/24
Signature Algorithm: sha256WithRSAEncryption
66:93:ef:55:15:7b:cb:20:08:c2:56:7e:32:b8:69:37:3c:e4:
31:04:4c:2d:49:f2:40:57:ea:d9:de:93:fa:08:7c:76:88:8a:
c6:61:02:5e:4b:a7:d4:7a:33:73:7b:49:e8:66:4a:3b:ce:e6:
ad:33:ac:37:3b:14:4f:76:f0:fe:23:b8:c6:79:35:a3:fc:05:
71:02:75:e9:d6:18:d1:d6:4b:0a:c9:53:91:17:dc:5a:a3:76:
7c:57:cf:e2:96:d6:94:76:9c:3e:16:e7:93:a2:55:59:2a:cc:
52:31:e9:c4:3f:7f:0c:6f:23:13:41:1f:7c:06:18:b2:70:59:
6a:1d:5d:c9:38:c1:2d:0f:05:76:af:b4:c9:3f:3c:17:05:9f:
3f:71:94:57:48:42:fa:36:16:16:6a:56:13:f0:01:6f:b5:5e:
ad:52:ef:9d:d4:fc:d2:63:4b:dd:9e:15:fa:50:b3:e1:c4:88:
9d:47:66:3b:43:25:b0:08:83:cd:e0:fc:82:77:d3:36:6f:cc:
42:11:a8:80:41:db:61:01:91:e2:14:70:56:fd:39:f2:be:e5:
ed:a0:0b:b6:51:cb:f5:4f:c4:84:be:98:01:8b:f7:56:e5:4e:
62:b2:94:8d:ff:55:ce:20:c4:bf:07:1b:61:35:d2:45:a0:69:
42:09:99:6c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZTLCAB0ygMNeAvO7oQ3WcknMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjUwMjAzMDg1ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjMzNmRkYmI0YjViNGU4YzA1MWIyMTRlNzg2ODQ4NDliY2Q4Mjg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqD+qq34HBTwuzt+NYqLYHUgj2cVO
UMCLipDFiMYXP/vbwUhmzfzPiLgbKHIp2nwz3KpB0Kboj8e5wxvi1RvGklQOUHdZ
PMrlw8jn3JniYzZVOKfRUMqSIGU3hxbJqI18n7uUXXykceiAciz3IlmtElJRg86c
b8G7ho7Jy2Q1CU18ahnAwh8ZVK2Q+vTm0LuCcIJitI1nZWxriCbTXZs1CtrvWuDK
0mc7vsZCdzHZhDKGzzwMr8W7BaRKd59WOtRa4HqK8uGUbeB+AcSmjHGDmAKLKN+G
IvFNPGYoU8xhpFsbRMPnIe828kV/H8cL3N4JczEGKWo0NPsAOyZXGQLyZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCszbdu0tbTowFGyFOeGhISbzYKEMB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvS3pOdDI3UzF0T2pBVWJJVTU0YUVoSnZOZ29RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALiaUMA0G
CSqGSIb3DQEBCwUAA4IBAQBmk+9VFXvLIAjCVn4yuGk3POQxBEwtSfJAV+rZ3pP6
CHx2iIrGYQJeS6fUejNze0noZko7zuatM6w3OxRPdvD+I7jGeTWj/AVxAnXp1hjR
1ksKyVORF9xao3Z8V8/iltaUdpw+FueTolVZKsxSMenEP38MbyMTQR98BhiycFlq
HV3JOMEtDwV2r7TJPzwXBZ8/cZRXSEL6NhYWalYT8AFvtV6tUu+d1PzSY0vdnhX6
ULPhxIidR2Y7QyWwCIPN4PyCd9M2b8xCEaiAQdthAZHiFHBW/TnyvuXtoAu2Ucv1
T8SEvpgBi/dW5U5ispSN/1XOIMS/BxthNdJFoGlCCZls
-----END CERTIFICATE-----
Generated at Thu Apr 17 08:43:40 2025 by rpki-client