Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/z7fz54_0LHHY3_RAtrgTi4CASqE.roa
File: z7fz54_0LHHY3_RAtrgTi4CASqE.roa (raw, json)
Hash identifier: B5BU+i7EcMpF2RB+Z/1DUgA44JE7sq8ZpmRGfoxIOas=
Subject key identifier: CF:B7:F3:E7:8F:F4:2C:71:D8:DF:F4:40:B6:B8:13:8B:80:80:4A:A1
Certificate issuer: /CN=67499595a65aab0b53768def08091e31061e9e65
Certificate serial: 01978F376BDA2F536EF8EF3849C32C4F1291
Authority key identifier: 67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/z7fz54_0LHHY3_RAtrgTi4CASqE.roa
Signing time: Fri 20 Jun 2025 21:21:03 +0000
ROA not before: Fri 20 Jun 2025 21:21:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48449
IP address blocks: 46.20.97.0/24 maxlen: 24
46.20.103.0/24 maxlen: 24
46.20.106.0/24 maxlen: 24
46.20.111.0/24 maxlen: 24
185.160.194.0/24 maxlen: 24
185.160.195.0/24 maxlen: 24
185.169.220.0/24 maxlen: 24
185.169.221.0/24 maxlen: 24
185.169.222.0/24 maxlen: 24
185.169.223.0/24 maxlen: 24
2a14:80::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 29 Jun 2025 06:33:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:8f:37:6b:da:2f:53:6e:f8:ef:38:49:c3:2c:4f:12:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67499595a65aab0b53768def08091e31061e9e65
Validity
Not Before: Jun 20 21:21:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cfb7f3e78ff42c71d8dff440b6b8138b80804aa1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:4c:c5:df:af:eb:90:54:56:6c:40:b6:16:26:
f1:fb:9d:a0:49:54:d3:0f:f2:34:aa:2b:f0:bf:73:
52:84:d9:5c:3f:d5:80:81:4c:db:9f:71:0c:59:6e:
f8:fa:39:ea:3b:1e:54:69:27:5a:16:71:3c:36:e0:
be:e6:08:e9:0c:92:0f:4b:b4:c6:6a:29:53:94:26:
ea:f7:6a:8c:c6:09:60:5c:53:24:0d:c6:45:61:ce:
19:d6:47:f5:ad:71:99:7b:03:cf:c7:a6:2d:34:c0:
ba:87:4e:c2:c0:e4:4c:51:8f:94:5e:ed:09:fd:74:
f2:d7:a6:63:d3:9e:81:6b:fd:c6:ad:09:c6:b3:e3:
29:4d:66:67:7c:36:fe:25:0c:29:19:32:a1:b0:f0:
87:da:c1:8e:e9:a6:aa:10:45:65:86:23:4a:bf:33:
0a:7e:2f:56:15:91:29:95:9c:24:7b:1b:dc:e8:99:
cc:84:27:9c:36:63:a7:e8:6a:bd:69:1e:c7:44:2e:
dd:2b:d4:16:8e:2c:81:ae:5b:0f:58:63:07:40:cf:
ce:41:a4:51:37:e7:d2:81:70:6d:03:9b:2d:a9:b6:
97:10:aa:f8:6f:4b:e4:98:eb:b4:23:3d:07:c4:61:
fd:57:b1:a9:90:92:3c:0a:4b:69:bf:ae:ba:ea:f8:
33:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:B7:F3:E7:8F:F4:2C:71:D8:DF:F4:40:B6:B8:13:8B:80:80:4A:A1
X509v3 Authority Key Identifier:
keyid:67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/z7fz54_0LHHY3_RAtrgTi4CASqE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.97.0/24
46.20.103.0/24
46.20.106.0/24
46.20.111.0/24
185.160.194.0/23
185.169.220.0/22
IPv6:
2a14:80::/48
Signature Algorithm: sha256WithRSAEncryption
73:d5:8c:f1:62:0e:97:4d:93:82:a5:18:76:1d:d1:8c:fe:2d:
4c:1b:de:84:d8:9c:12:44:be:2a:9a:87:c7:4b:d6:48:c9:93:
6d:f8:86:ac:b7:69:dc:3c:af:9c:e0:37:16:36:15:01:73:d9:
29:0f:5f:7a:08:fc:ed:a0:10:47:23:02:0e:46:ba:eb:b9:ce:
d0:97:18:e9:22:fc:9a:58:7b:ad:d8:f5:75:93:80:78:44:a2:
06:9e:48:68:c4:bd:6c:42:b8:11:f7:1e:95:82:ca:25:19:38:
50:df:8c:ad:05:c8:fc:c3:59:13:9e:65:ac:6b:fb:da:ea:0f:
96:0c:49:48:a0:54:35:88:59:c4:50:e7:ac:5e:58:47:45:b9:
1c:de:98:27:ee:a7:bf:af:94:af:89:72:f1:e5:be:2a:cf:1c:
e9:c2:b4:7d:9e:4b:2d:bd:cc:48:87:88:16:26:6d:0c:c4:96:
db:4d:2f:2a:ef:25:cd:46:cc:52:e0:5a:46:6b:21:00:54:5b:
31:9c:a1:8b:49:b6:1a:d4:f5:59:9c:39:10:3c:f0:1e:ab:b2:
5b:df:52:50:3a:3f:a9:7b:23:6b:7b:15:45:95:62:67:3a:9d:
35:b8:94:4a:9a:04:55:92:f7:ae:35:5c:35:9d:06:5b:9d:fe:
fb:d3:5c:d4
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZePN2vaL1Nu+O84ScMsTxKRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NDk5NTk1YTY1YWFiMGI1Mzc2OGRlZjA4MDkxZTMxMDYx
ZTllNjUwHhcNMjUwNjIwMjEyMTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmI3ZjNlNzhmZjQyYzcxZDhkZmY0NDBiNmI4MTM4YjgwODA0YWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm0zF36/rkFRWbEC2Fibx+52gSVTT
D/I0qivwv3NShNlcP9WAgUzbn3EMWW74+jnqOx5UaSdaFnE8NuC+5gjpDJIPS7TG
ailTlCbq92qMxglgXFMkDcZFYc4Z1kf1rXGZewPPx6YtNMC6h07CwORMUY+UXu0J
/XTy16Zj056Ba/3GrQnGs+MpTWZnfDb+JQwpGTKhsPCH2sGO6aaqEEVlhiNKvzMK
fi9WFZEplZwkexvc6JnMhCecNmOn6Gq9aR7HRC7dK9QWjiyBrlsPWGMHQM/OQaRR
N+fSgXBtA5stqbaXEKr4b0vkmOu0Iz0HxGH9V7GpkJI8Cktpv6666vgzKQIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFM+38+eP9Cxx2N/0QLa4E4uAgEqhMB8GA1UdIwQY
MBaAFGdJlZWmWqsLU3aN7wgJHjEGHp5lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTct
MzU1MDgwNDE2NTJkLzEvejdmejU0XzBMSEhZM19SQXRyZ1RpNENBU3FFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTctMzU1MDgwNDE2NTJk
LzEvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAqBAIAATAkAwQALhRhAwQA
LhRnAwQALhRqAwQALhRvAwQBuaDCAwQCuancMA8EAgACMAkDBwAqFACAAAAwDQYJ
KoZIhvcNAQELBQADggEBAHPVjPFiDpdNk4KlGHYd0Yz+LUwb3oTYnBJEviqah8dL
1kjJk234hqy3adw8r5zgNxY2FQFz2SkPX3oI/O2gEEcjAg5Guuu5ztCXGOki/JpY
e63Y9XWTgHhEogaeSGjEvWxCuBH3HpWCyiUZOFDfjK0FyPzDWROeZaxr+9rqD5YM
SUigVDWIWcRQ56xeWEdFuRzemCfup7+vlK+JcvHlvirPHOnCtH2eSy29zEiHiBYm
bQzElttNLyrvJc1GzFLgWkZrIQBUWzGcoYtJthrU9VmcORA88B6rslvfUlA6P6l7
I2t7FUWVYmc6nTW4lEqaBFWS9641XDWdBlud/vvTXNQ=
-----END CERTIFICATE-----
Generated at Sun Jul 27 00:59:58 2025 by rpki-client