Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/664cab-ba9a-4c40-97f4-af98e49f11ae/1/PKnh3b1IHoJohCmqzsUaKKLcrd8.roa
File: PKnh3b1IHoJohCmqzsUaKKLcrd8.roa (raw, json)
Hash identifier: djHQBrmS5AFs3mnqSRNscNapigDHY5FKZzYfNnqbdKo=
Subject key identifier: 3C:A9:E1:DD:BD:48:1E:82:68:84:29:AA:CE:C5:1A:28:A2:DC:AD:DF
Certificate issuer: /CN=23d480b0795617e2e26e6e18264377e7a96c78f3
Certificate serial: 01955AFA2EB339DD0DAB9A0238D4DEE5A008
Authority key identifier: 23:D4:80:B0:79:56:17:E2:E2:6E:6E:18:26:43:77:E7:A9:6C:78:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I9SAsHlWF-Libm4YJkN356lsePM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/664cab-ba9a-4c40-97f4-af98e49f11ae/1/PKnh3b1IHoJohCmqzsUaKKLcrd8.roa
Signing time: Mon 03 Mar 2025 07:48:20 +0000
ROA not before: Mon 03 Mar 2025 07:48:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215182
IP address blocks: 46.227.160.0/23 maxlen: 23
46.227.162.0/24 maxlen: 24
46.227.164.0/24 maxlen: 24
46.227.166.0/24 maxlen: 24
46.227.167.0/24 maxlen: 24
95.143.0.0/21 maxlen: 24
95.143.4.0/24 maxlen: 24
95.143.5.0/24 maxlen: 24
95.143.11.0/24 maxlen: 24
95.143.12.0/24 maxlen: 24
95.143.13.0/24 maxlen: 24
95.143.14.0/23 maxlen: 23
185.72.224.0/24 maxlen: 24
185.72.225.0/24 maxlen: 24
185.72.226.0/24 maxlen: 24
185.72.227.0/24 maxlen: 24
193.242.176.0/22 maxlen: 22
2a02:1328:2::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 04 Mar 2025 07:32:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:5a:fa:2e:b3:39:dd:0d:ab:9a:02:38:d4:de:e5:a0:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23d480b0795617e2e26e6e18264377e7a96c78f3
Validity
Not Before: Mar 3 07:48:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3ca9e1ddbd481e82688429aacec51a28a2dcaddf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:d8:37:fc:17:26:72:1a:61:a3:53:43:e1:20:
8d:2c:c6:05:3f:11:60:6e:fb:24:e4:4a:13:9b:55:
8a:f2:d1:a2:71:f7:e1:42:bd:be:f6:e9:13:0c:22:
49:e2:44:69:b9:5e:98:8e:2f:ae:33:ba:92:1a:dc:
4f:26:e4:ca:bb:b8:81:0d:1a:69:c3:21:b5:57:b4:
b8:f1:a1:95:1c:77:90:b1:e1:76:34:d1:5b:21:59:
4b:60:0b:0a:76:43:67:87:42:8a:df:83:55:1e:25:
00:ca:ae:4c:ec:c1:11:62:e2:bb:58:ea:b4:c1:18:
b2:d0:24:d2:21:01:51:4f:9a:22:5c:5d:6c:58:50:
00:d1:f6:08:b5:e1:f2:78:8b:29:4f:b3:9b:c1:9e:
ce:70:11:92:84:7d:fd:a3:08:e7:e0:ce:94:7b:f2:
56:ab:f4:e1:6a:31:4c:e8:d0:e6:93:23:d8:af:9d:
06:d8:1c:ee:f3:bd:8e:b5:3a:18:fb:1b:05:12:94:
69:24:83:39:69:8c:74:38:cd:98:d3:fe:99:7a:ab:
c0:b1:3e:fd:d8:d7:4c:d5:51:a1:e5:7c:be:b6:45:
8e:bc:76:e0:5e:02:4d:a8:bb:4f:5c:1d:7b:70:fd:
65:74:75:4b:f0:6e:0e:a8:bc:04:b7:82:78:00:88:
5e:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:A9:E1:DD:BD:48:1E:82:68:84:29:AA:CE:C5:1A:28:A2:DC:AD:DF
X509v3 Authority Key Identifier:
keyid:23:D4:80:B0:79:56:17:E2:E2:6E:6E:18:26:43:77:E7:A9:6C:78:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I9SAsHlWF-Libm4YJkN356lsePM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/664cab-ba9a-4c40-97f4-af98e49f11ae/1/PKnh3b1IHoJohCmqzsUaKKLcrd8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/664cab-ba9a-4c40-97f4-af98e49f11ae/1/I9SAsHlWF-Libm4YJkN356lsePM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.227.160.0-46.227.162.255
46.227.164.0/24
46.227.166.0/23
95.143.0.0/21
95.143.11.0-95.143.15.255
185.72.224.0/22
193.242.176.0/22
IPv6:
2a02:1328:2::/48
Signature Algorithm: sha256WithRSAEncryption
30:5f:74:54:5e:e7:ae:d3:e3:3d:cc:df:37:01:7e:f4:86:b7:
48:be:40:6b:a1:6b:a6:5a:aa:52:df:25:75:87:50:89:64:9d:
b1:83:4b:c8:36:c0:12:62:69:e5:2b:66:f0:5e:10:44:db:0a:
d9:82:25:c0:0e:c3:61:f4:b5:dc:33:93:76:14:2a:da:36:55:
1f:04:ea:b2:4c:45:d2:1e:27:f7:4d:7d:ad:23:aa:9d:a4:56:
fe:f4:84:e3:48:62:c0:42:c0:6b:86:0a:c9:3b:ec:bb:23:16:
87:54:4f:58:1b:9e:87:23:a1:d9:5f:c8:ec:45:93:b7:67:02:
9b:c7:3c:3d:57:1e:b9:8b:f0:b5:44:24:e3:43:68:19:d8:82:
39:a4:ec:eb:57:67:63:dc:ea:62:08:9f:f4:be:b5:19:ae:19:
a0:85:86:56:e5:db:2a:21:5e:75:12:14:b4:cb:9e:1b:ef:16:
21:e1:c6:cc:1c:a9:ab:77:f9:1b:c3:23:35:bb:82:96:32:89:
e5:fc:09:73:f5:0a:eb:2c:fc:3a:a4:f7:4e:7e:a2:15:7c:d1:
34:9a:e7:dd:77:8b:68:4b:69:49:f5:ab:c3:c8:44:01:e2:02:
30:7e:dd:09:da:6c:1e:71:75:a3:91:5f:62:68:b6:20:dd:3a:
7b:6a:dd:b7
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAZVa+i6zOd0Nq5oCONTe5aAIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzZDQ4MGIwNzk1NjE3ZTJlMjZlNmUxODI2NDM3N2U3YTk2
Yzc4ZjMwHhcNMjUwMzAzMDc0ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2E5ZTFkZGJkNDgxZTgyNjg4NDI5YWFjZWM1MWEyOGEyZGNhZGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsdg3/Bcmchpho1ND4SCNLMYFPxFg
bvsk5EoTm1WK8tGicffhQr2+9ukTDCJJ4kRpuV6Yji+uM7qSGtxPJuTKu7iBDRpp
wyG1V7S48aGVHHeQseF2NNFbIVlLYAsKdkNnh0KK34NVHiUAyq5M7MERYuK7WOq0
wRiy0CTSIQFRT5oiXF1sWFAA0fYIteHyeIspT7ObwZ7OcBGShH39owjn4M6Ue/JW
q/ThajFM6NDmkyPYr50G2Bzu872OtToY+xsFEpRpJIM5aYx0OM2Y0/6ZeqvAsT79
2NdM1VGh5Xy+tkWOvHbgXgJNqLtPXB17cP1ldHVL8G4OqLwEt4J4AIheRQIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFDyp4d29SB6CaIQpqs7FGiii3K3fMB8GA1UdIwQY
MBaAFCPUgLB5Vhfi4m5uGCZDd+epbHjzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTlTQXNIbFdGLUxpYm00WUprTjM1NmxzZVBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy82NjRjYWItYmE5YS00YzQwLTk3ZjQt
YWY5OGU0OWYxMWFlLzEvUEtuaDNiMUlIb0pvaENtcXpzVWFLS0xjcmQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy82NjRjYWItYmE5YS00YzQwLTk3ZjQtYWY5OGU0OWYxMWFl
LzEvSTlTQXNIbFdGLUxpYm00WUprTjM1NmxzZVBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBABAIAATA6MAwDBAUu46AD
BAAu46IDBAAu46QDBAEu46YDBANfjwAwDAMEAF+PCwMEBF+PAAMEArlI4AMEAsHy
sDAPBAIAAjAJAwcAKgITKAACMA0GCSqGSIb3DQEBCwUAA4IBAQAwX3RUXueu0+M9
zN83AX70hrdIvkBroWumWqpS3yV1h1CJZJ2xg0vINsASYmnlK2bwXhBE2wrZgiXA
DsNh9LXcM5N2FCraNlUfBOqyTEXSHif3TX2tI6qdpFb+9ITjSGLAQsBrhgrJO+y7
IxaHVE9YG56HI6HZX8jsRZO3ZwKbxzw9Vx65i/C1RCTjQ2gZ2II5pOzrV2dj3Opi
CJ/0vrUZrhmghYZW5dsqIV51EhS0y54b7xYh4cbMHKmrd/kbwyM1u4KWMonl/Alz
9QrrLPw6pPdOfqIVfNE0mufdd4toS2lJ9avDyEQB4gIwft0J2mwecXWjkV9iaLYg
3Tp7at23
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:35:16 2025 by rpki-client