Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/dnzin3fmN0C5xh6NlQxJ0RKomZ4.roa
File: dnzin3fmN0C5xh6NlQxJ0RKomZ4.roa (raw, json)
Hash identifier: /5eXzKykfSTCGfoA2uRboMBfDvWmsVTx6hczVP4WeTU=
Subject key identifier: 76:7C:E2:9F:77:E6:37:40:B9:C6:1E:8D:95:0C:49:D1:12:A8:99:9E
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 01938BE34EBB41DFFA4E2949CAC95F4BD3B8
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/dnzin3fmN0C5xh6NlQxJ0RKomZ4.roa
Signing time: Tue 03 Dec 2024 09:39:10 +0000
ROA not before: Tue 03 Dec 2024 09:39:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214003
IP address blocks: 46.38.154.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:8b:e3:4e:bb:41:df:fa:4e:29:49:ca:c9:5f:4b:d3:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Dec 3 09:39:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=767ce29f77e63740b9c61e8d950c49d112a8999e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:81:8e:0d:24:74:e0:c4:0d:91:f9:2d:b2:d8:
ad:08:1f:fe:ad:fc:93:e9:b2:f0:41:d1:6a:aa:8c:
d5:20:60:c2:14:c0:4b:94:d8:31:49:09:85:fb:a9:
9e:87:75:d7:ec:70:a8:93:44:9c:f3:dd:a9:be:0c:
fb:94:e4:95:31:a6:73:aa:62:2f:e9:19:f9:e6:27:
3a:a6:ed:46:9d:2f:32:2c:c4:5c:88:ec:0e:c4:2a:
b3:70:ef:c3:31:7e:dc:ed:f6:b2:24:63:db:58:02:
96:d4:ff:59:19:99:ba:c6:4a:11:53:47:67:0c:5a:
ca:d7:b7:09:c4:c8:54:3b:13:b3:c2:17:ca:d2:0f:
26:9a:5b:76:8d:3b:35:15:8a:be:14:a9:00:5c:00:
39:d5:df:1c:03:14:47:67:5c:4e:b8:43:e9:1f:10:
05:07:2f:7c:a9:11:17:fd:7d:51:f9:83:8e:09:24:
f4:79:ca:62:0a:16:a4:d0:39:1a:5d:e3:6d:77:50:
ea:76:66:fb:a3:e9:29:78:9d:e2:e6:33:fe:79:78:
a4:85:e2:3c:ae:fb:fb:35:9c:23:ca:05:01:db:3d:
05:67:83:ea:a6:1a:7d:da:35:95:3c:a4:bf:c9:ab:
1d:40:31:0e:d4:2b:62:c0:69:1e:46:fa:81:a5:25:
f7:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:7C:E2:9F:77:E6:37:40:B9:C6:1E:8D:95:0C:49:D1:12:A8:99:9E
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/dnzin3fmN0C5xh6NlQxJ0RKomZ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.38.154.0/24
Signature Algorithm: sha256WithRSAEncryption
14:2e:5a:ca:30:d3:41:bd:a4:31:3d:1f:85:cd:76:d1:b7:d0:
94:bf:eb:5b:fc:f9:24:4c:58:38:19:91:51:11:77:03:a8:62:
44:fe:12:42:80:3a:94:ab:e6:02:ca:a5:55:62:43:b4:55:2b:
dd:74:e0:0f:a0:fc:a2:56:f1:75:86:4a:b8:ed:7f:0f:2a:7f:
50:da:ea:e5:4c:2e:2d:03:d3:9a:e4:09:13:44:07:11:0b:41:
82:3f:16:8e:e0:92:c0:aa:02:09:e6:bd:47:ff:f4:6d:01:8b:
6b:60:13:5b:20:a6:be:fe:05:f1:9f:66:3e:2b:f9:c9:5d:53:
31:c7:e0:d7:ec:73:4c:3e:5d:65:c2:7f:ae:09:aa:22:63:ec:
86:30:2d:c6:09:21:15:74:b1:29:ed:54:2d:c1:23:b5:78:5b:
e5:fa:93:81:b3:0e:4a:17:cf:73:b5:4b:e7:eb:3f:e5:42:60:
f4:07:cb:e6:0f:9d:34:73:82:13:41:fa:c9:08:fe:ba:af:f5:
9a:eb:c1:0a:11:5d:b8:ed:93:65:53:07:5f:3d:28:31:e3:81:
92:11:51:ac:6c:2f:de:04:9c:8c:ee:38:be:b5:03:31:e5:74:
08:94:db:7d:b6:ba:8f:93:1c:19:bb:29:aa:56:fb:43:6d:62:
6c:b7:68:c8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZOL4067Qd/6TilJyslfS9O4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjQxMjAzMDkzOTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjdjZTI5Zjc3ZTYzNzQwYjljNjFlOGQ5NTBjNDlkMTEyYTg5OTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvYGODSR04MQNkfktstitCB/+rfyT
6bLwQdFqqozVIGDCFMBLlNgxSQmF+6meh3XX7HCok0Sc892pvgz7lOSVMaZzqmIv
6Rn55ic6pu1GnS8yLMRciOwOxCqzcO/DMX7c7fayJGPbWAKW1P9ZGZm6xkoRU0dn
DFrK17cJxMhUOxOzwhfK0g8mmlt2jTs1FYq+FKkAXAA51d8cAxRHZ1xOuEPpHxAF
By98qREX/X1R+YOOCST0ecpiChak0DkaXeNtd1Dqdmb7o+kpeJ3i5jP+eXikheI8
rvv7NZwjygUB2z0FZ4Pqphp92jWVPKS/yasdQDEO1CtiwGkeRvqBpSX3bwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHZ84p935jdAucYejZUMSdESqJmeMB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvZG56aW4zZm1OMEM1eGg2TmxReEowUktvbVo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALiaaMA0G
CSqGSIb3DQEBCwUAA4IBAQAULlrKMNNBvaQxPR+FzXbRt9CUv+tb/PkkTFg4GZFR
EXcDqGJE/hJCgDqUq+YCyqVVYkO0VSvddOAPoPyiVvF1hkq47X8PKn9Q2urlTC4t
A9Oa5AkTRAcRC0GCPxaO4JLAqgIJ5r1H//RtAYtrYBNbIKa+/gXxn2Y+K/nJXVMx
x+DX7HNMPl1lwn+uCaoiY+yGMC3GCSEVdLEp7VQtwSO1eFvl+pOBsw5KF89ztUvn
6z/lQmD0B8vmD500c4ITQfrJCP66r/Wa68EKEV247ZNlUwdfPSgx44GSEVGsbC/e
BJyM7ji+tQMx5XQIlNt9trqPkxwZuymqVvtDbWJst2jI
-----END CERTIFICATE-----
Generated at Thu Apr 17 08:52:37 2025 by rpki-client