Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/PZzDDM7yDF62M54K1bvTDcGBs6U.roa
File: PZzDDM7yDF62M54K1bvTDcGBs6U.roa (raw, json)
Hash identifier: vtPdYfRTWFqXJS/EXk1n+8T3px7NSC4aofyoGo2Lsfk=
Subject key identifier: 3D:9C:C3:0C:CE:F2:0C:5E:B6:33:9E:0A:D5:BB:D3:0D:C1:81:B3:A5
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 0194221FFFFED871CCA35BE9CE7C8F83FEF6
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/PZzDDM7yDF62M54K1bvTDcGBs6U.roa
Signing time: Wed 01 Jan 2025 13:48:29 +0000
ROA not before: Wed 01 Jan 2025 13:48:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50338
IP address blocks: 46.38.157.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Feb 2025 11:06:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:ff:fe:d8:71:cc:a3:5b:e9:ce:7c:8f:83:fe:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Jan 1 13:48:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3d9cc30ccef20c5eb6339e0ad5bbd30dc181b3a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:95:37:aa:b7:8e:8b:4f:d9:43:47:2b:ea:06:
cb:3f:5c:fb:8b:43:0b:e4:e2:55:77:89:d6:f1:4d:
8a:c2:d7:05:17:6d:5a:4a:c2:a2:44:c7:01:6c:47:
ed:4b:8b:9a:67:5e:84:94:0f:63:5b:ce:e9:c4:00:
ca:06:ec:7b:cf:c7:0e:aa:bd:18:e8:43:4c:6d:e3:
a0:27:99:01:31:b7:04:61:d1:87:14:ec:36:94:ef:
92:82:07:69:aa:f7:dc:a8:69:79:41:d5:d3:8f:d4:
c9:78:e6:5e:28:bc:45:04:6d:cc:ff:9c:9d:5d:77:
97:e7:93:01:6b:33:e6:ac:b1:a8:3f:b8:f6:3d:82:
b4:19:2f:3c:5a:20:bf:a3:c0:be:31:85:ac:8b:c4:
06:fc:36:6e:74:d5:b6:4d:c7:e0:07:18:7a:5b:00:
35:aa:e1:04:57:ad:db:45:f7:9e:3f:92:d0:d3:8d:
e1:44:db:f2:39:cc:3b:5b:0f:d3:17:7b:e0:d4:8b:
17:0e:a3:99:39:f6:08:71:a4:d6:df:fb:41:de:4e:
68:5e:41:16:05:a7:33:2d:8a:61:63:6e:51:34:a7:
73:05:f7:2e:ca:a6:4f:77:80:f0:44:b5:43:10:9e:
5a:a1:19:76:20:fe:2d:e4:a2:ca:6d:ba:c4:38:53:
16:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:9C:C3:0C:CE:F2:0C:5E:B6:33:9E:0A:D5:BB:D3:0D:C1:81:B3:A5
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/PZzDDM7yDF62M54K1bvTDcGBs6U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.38.157.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:b2:19:7b:7b:df:98:44:66:d7:87:a9:cd:0f:43:06:04:42:
53:55:b4:c6:4f:dd:7d:03:17:00:83:ce:f5:d4:b1:9d:95:34:
db:12:dc:1f:38:c3:9d:72:50:0b:c2:eb:e0:78:8f:21:ec:24:
1b:91:80:39:57:48:18:32:f4:55:e2:c7:70:ca:28:ec:d0:05:
47:d6:fb:54:88:4f:9f:b7:8b:2c:ba:7e:bf:ed:dd:a0:3b:29:
a5:54:14:51:e9:d1:6b:37:a3:06:1b:b2:6f:60:5f:2a:8b:6c:
0c:11:d8:ac:38:82:92:42:13:27:7c:0d:9c:1f:eb:27:16:6b:
ae:28:be:d8:86:0b:c1:d5:3a:ee:bf:ea:90:1c:59:bc:1b:cc:
a4:f7:6c:2d:04:64:8c:29:0c:80:a8:da:08:0c:38:f1:f6:47:
ff:8a:bf:ac:19:2f:a4:2b:d4:62:2a:81:38:9c:fd:f8:75:b9:
3e:80:46:1d:c5:48:33:f1:29:5d:39:23:00:8e:ad:9a:5c:89:
79:e1:83:31:63:57:01:14:02:0b:9c:24:94:c4:65:02:ad:64:
f1:b5:30:2b:21:ec:2a:f5:47:a8:4f:8b:13:31:66:3a:49:85:
2f:7f:5c:70:a6:94:99:9a:e1:78:35:f7:1f:ba:32:a7:36:0b:
e9:fb:08:4d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH//+2HHMo1vpznyPg/72MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjUwMTAxMTM0ODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDljYzMwY2NlZjIwYzVlYjYzMzllMGFkNWJiZDMwZGMxODFiM2E1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoJU3qreOi0/ZQ0cr6gbLP1z7i0ML
5OJVd4nW8U2KwtcFF21aSsKiRMcBbEftS4uaZ16ElA9jW87pxADKBux7z8cOqr0Y
6ENMbeOgJ5kBMbcEYdGHFOw2lO+SggdpqvfcqGl5QdXTj9TJeOZeKLxFBG3M/5yd
XXeX55MBazPmrLGoP7j2PYK0GS88WiC/o8C+MYWsi8QG/DZudNW2TcfgBxh6WwA1
quEEV63bRfeeP5LQ043hRNvyOcw7Ww/TF3vg1IsXDqOZOfYIcaTW3/tB3k5oXkEW
BaczLYphY25RNKdzBfcuyqZPd4DwRLVDEJ5aoRl2IP4t5KLKbbrEOFMWNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD2cwwzO8gxetjOeCtW70w3BgbOlMB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvUFp6RERNN3lERjYyTTU0SzFidlREY0dCczZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALiadMA0G
CSqGSIb3DQEBCwUAA4IBAQCdshl7e9+YRGbXh6nND0MGBEJTVbTGT919AxcAg871
1LGdlTTbEtwfOMOdclALwuvgeI8h7CQbkYA5V0gYMvRV4sdwyijs0AVH1vtUiE+f
t4ssun6/7d2gOymlVBRR6dFrN6MGG7JvYF8qi2wMEdisOIKSQhMnfA2cH+snFmuu
KL7YhgvB1Truv+qQHFm8G8yk92wtBGSMKQyAqNoIDDjx9kf/ir+sGS+kK9RiKoE4
nP34dbk+gEYdxUgz8SldOSMAjq2aXIl54YMxY1cBFAILnCSUxGUCrWTxtTArIewq
9UeoT4sTMWY6SYUvf1xwppSZmuF4NfcfujKnNgvp+whN
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:41:38 2025 by rpki-client