Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/663b4d-b80e-4946-84c4-7408eb8bc586/1/46GZ88YNMjwUrXvh5Y-83Z_-qUs.roa
File: 46GZ88YNMjwUrXvh5Y-83Z_-qUs.roa (raw, json)
Hash identifier: 2aorcIT4Omtm030GmFVw0z/fZAVsk47c8NPlbO22qIk=
Subject key identifier: E3:A1:99:F3:C6:0D:32:3C:14:AD:7B:E1:E5:8F:BC:DD:9F:FE:A9:4B
Certificate issuer: /CN=64fa66fb84a781a0584fd0d1c2df39bda4760519
Certificate serial: 0192DD468DE6DE388EE42B07497BEEE890E7
Authority key identifier: 64:FA:66:FB:84:A7:81:A0:58:4F:D0:D1:C2:DF:39:BD:A4:76:05:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZPpm-4SngaBYT9DRwt85vaR2BRk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/663b4d-b80e-4946-84c4-7408eb8bc586/1/46GZ88YNMjwUrXvh5Y-83Z_-qUs.roa
Signing time: Wed 30 Oct 2024 11:54:01 +0000
ROA not before: Wed 30 Oct 2024 11:54:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49367
IP address blocks: 31.193.188.0/24 maxlen: 24
37.156.174.0/24 maxlen: 24
45.83.56.0/22 maxlen: 22
45.86.144.0/22 maxlen: 22
77.81.103.0/24 maxlen: 24
85.204.255.0/24 maxlen: 24
86.107.110.0/24 maxlen: 24
89.34.236.0/23 maxlen: 23
89.34.239.0/24 maxlen: 24
89.39.254.0/24 maxlen: 24
89.40.142.0/23 maxlen: 23
89.40.227.0/24 maxlen: 24
89.42.134.0/24 maxlen: 24
89.43.35.0/24 maxlen: 24
89.43.52.0/24 maxlen: 24
91.212.52.0/24 maxlen: 24
91.229.186.0/24 maxlen: 24
93.113.144.0/21 maxlen: 21
93.113.144.0/22 maxlen: 22
93.113.144.0/24 maxlen: 24
93.113.145.0/24 maxlen: 24
93.113.146.0/24 maxlen: 24
93.113.147.0/24 maxlen: 24
93.113.148.0/22 maxlen: 22
93.113.148.0/24 maxlen: 24
93.113.149.0/24 maxlen: 24
93.113.150.0/24 maxlen: 24
93.113.151.0/24 maxlen: 24
94.176.212.0/24 maxlen: 24
94.177.48.0/23 maxlen: 23
185.184.240.0/22 maxlen: 22
185.184.240.0/24 maxlen: 24
185.184.241.0/24 maxlen: 24
185.184.242.0/24 maxlen: 24
185.184.243.0/24 maxlen: 24
188.208.16.0/23 maxlen: 23
188.208.16.0/24 maxlen: 24
188.208.17.0/24 maxlen: 24
188.211.248.0/24 maxlen: 24
188.215.6.0/23 maxlen: 23
188.215.6.0/24 maxlen: 24
188.215.7.0/24 maxlen: 24
188.240.228.0/23 maxlen: 23
188.240.228.0/24 maxlen: 24
188.240.229.0/24 maxlen: 24
193.239.140.0/23 maxlen: 23
217.198.177.0/24 maxlen: 24
2a04:68c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 12 Nov 2024 14:20:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:dd:46:8d:e6:de:38:8e:e4:2b:07:49:7b:ee:e8:90:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64fa66fb84a781a0584fd0d1c2df39bda4760519
Validity
Not Before: Oct 30 11:54:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e3a199f3c60d323c14ad7be1e58fbcdd9ffea94b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:87:5d:26:07:02:68:2c:62:4c:85:c8:87:3d:
3b:c5:5b:87:b1:e0:9d:a2:82:ee:92:4b:17:0b:e8:
e0:ac:7d:1f:04:a3:6c:11:e3:18:07:c7:9f:8c:d3:
a3:dd:94:43:b6:ba:65:b4:e4:19:86:5e:a0:82:e3:
6d:2e:0d:40:3e:3b:d9:ca:4c:3a:52:db:53:c0:7c:
cd:76:91:02:3f:69:3a:03:b8:8d:b3:e9:2a:2f:dc:
bb:54:b7:af:e9:14:88:9d:7b:fe:ef:00:bf:43:82:
90:4b:ab:28:f6:5b:5a:32:72:2a:9a:86:c4:c2:95:
e3:c5:df:2f:5c:2c:e2:c3:f7:54:2b:12:f5:8a:f0:
60:a7:a4:0f:df:08:2e:80:6a:27:0d:e3:51:f6:21:
3e:32:a9:7f:7b:4e:0f:ff:9a:67:5c:08:f1:e2:3c:
37:be:6d:b7:0a:ee:9e:f7:24:b3:ee:43:fd:cd:80:
26:ef:ad:df:a9:3a:fe:e5:cf:6c:14:aa:85:1f:96:
16:37:30:42:c7:02:90:aa:cb:fd:6c:cb:d6:19:9f:
43:d6:cc:9a:42:77:84:34:da:90:13:ac:e6:2a:37:
9f:1d:97:33:70:27:69:50:ec:0c:e5:16:aa:4b:22:
51:30:1c:e1:2b:17:72:1f:ec:78:d5:a5:ea:a5:01:
8c:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:A1:99:F3:C6:0D:32:3C:14:AD:7B:E1:E5:8F:BC:DD:9F:FE:A9:4B
X509v3 Authority Key Identifier:
keyid:64:FA:66:FB:84:A7:81:A0:58:4F:D0:D1:C2:DF:39:BD:A4:76:05:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZPpm-4SngaBYT9DRwt85vaR2BRk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/663b4d-b80e-4946-84c4-7408eb8bc586/1/46GZ88YNMjwUrXvh5Y-83Z_-qUs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/663b4d-b80e-4946-84c4-7408eb8bc586/1/ZPpm-4SngaBYT9DRwt85vaR2BRk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.193.188.0/24
37.156.174.0/24
45.83.56.0/22
45.86.144.0/22
77.81.103.0/24
85.204.255.0/24
86.107.110.0/24
89.34.236.0/23
89.34.239.0/24
89.39.254.0/24
89.40.142.0/23
89.40.227.0/24
89.42.134.0/24
89.43.35.0/24
89.43.52.0/24
91.212.52.0/24
91.229.186.0/24
93.113.144.0/21
94.176.212.0/24
94.177.48.0/23
185.184.240.0/22
188.208.16.0/23
188.211.248.0/24
188.215.6.0/23
188.240.228.0/23
193.239.140.0/23
217.198.177.0/24
IPv6:
2a04:68c0::/32
Signature Algorithm: sha256WithRSAEncryption
b8:04:ba:e0:2f:6a:6a:d5:f1:4c:f4:b2:fe:02:ab:10:bf:01:
97:4c:28:a3:ba:fd:1b:15:f7:61:52:c3:bc:01:a0:c5:5c:77:
b0:54:be:81:20:8f:2a:12:cf:b3:bc:86:3a:54:db:9f:ab:34:
2e:3f:37:b1:f8:92:d1:09:c9:60:b0:b0:0d:9d:9a:24:dc:48:
d6:6c:f8:2c:76:9e:95:11:44:35:b3:ec:1e:f1:a6:8a:b7:14:
c5:89:29:a9:1c:f7:79:2b:b7:3f:bc:43:83:6d:f4:c1:0f:73:
22:95:15:3b:6e:ac:ec:68:28:16:93:16:da:92:a4:c6:48:5a:
4f:89:5a:d1:67:57:0b:89:1c:c3:48:b2:c7:af:40:ed:3d:df:
53:5c:81:43:a3:9b:56:37:5d:e4:57:92:8d:a9:b7:34:db:e0:
e0:50:d7:30:54:32:f6:ee:6a:2d:ac:7d:fb:b1:ce:66:71:48:
ad:c3:13:8d:ec:14:e4:6a:d0:e3:b3:76:a8:8d:b9:82:ee:8f:
89:86:89:74:a7:30:8e:dd:2e:b5:3b:d3:d7:c8:23:fc:28:b4:
d4:a1:b5:ad:c7:79:8f:c2:1c:ba:ef:4e:77:cd:a0:8e:59:28:
6c:e2:d0:f8:12:4d:6f:7a:1c:c0:7c:a7:ee:f0:e3:2d:a0:66:
73:4d:eb:5a
-----BEGIN CERTIFICATE-----
MIIFrTCCBJWgAwIBAgISAZLdRo3m3jiO5CsHSXvu6JDnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0ZmE2NmZiODRhNzgxYTA1ODRmZDBkMWMyZGYzOWJkYTQ3
NjA1MTkwHhcNMjQxMDMwMTE1NDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2ExOTlmM2M2MGQzMjNjMTRhZDdiZTFlNThmYmNkZDlmZmVhOTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzIddJgcCaCxiTIXIhz07xVuHseCd
ooLukksXC+jgrH0fBKNsEeMYB8efjNOj3ZRDtrpltOQZhl6gguNtLg1APjvZykw6
UttTwHzNdpECP2k6A7iNs+kqL9y7VLev6RSInXv+7wC/Q4KQS6so9ltaMnIqmobE
wpXjxd8vXCziw/dUKxL1ivBgp6QP3wgugGonDeNR9iE+Mql/e04P/5pnXAjx4jw3
vm23Cu6e9ySz7kP9zYAm763fqTr+5c9sFKqFH5YWNzBCxwKQqsv9bMvWGZ9D1sya
QneENNqQE6zmKjefHZczcCdpUOwM5RaqSyJRMBzhKxdyH+x41aXqpQGM3wIDAQAB
o4ICuTCCArUwHQYDVR0OBBYEFOOhmfPGDTI8FK174eWPvN2f/qlLMB8GA1UdIwQY
MBaAFGT6ZvuEp4GgWE/Q0cLfOb2kdgUZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlBwbS00U25nYUJZVDlEUnd0ODV2YVIyQlJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi82NjNiNGQtYjgwZS00OTQ2LTg0YzQt
NzQwOGViOGJjNTg2LzEvNDZHWjg4WU5NandVclh2aDVZLTgzWl8tcVVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi82NjNiNGQtYjgwZS00OTQ2LTg0YzQtNzQwOGViOGJjNTg2
LzEvWlBwbS00U25nYUJZVDlEUnd0ODV2YVIyQlJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHOBggrBgEFBQcBBwEB/wSBvjCBuzCBqQQCAAEwgaIDBAAf
wbwDBAAlnK4DBAItUzgDBAItVpADBABNUWcDBABVzP8DBABWa24DBAFZIuwDBABZ
Iu8DBABZJ/4DBAFZKI4DBABZKOMDBABZKoYDBABZKyMDBABZKzQDBABb1DQDBABb
5boDBANdcZADBABesNQDBAFesTADBAK5uPADBAG80BADBAC80/gDBAG81wYDBAG8
8OQDBAHB74wDBADZxrEwDQQCAAIwBwMFACoEaMAwDQYJKoZIhvcNAQELBQADggEB
ALgEuuAvamrV8Uz0sv4CqxC/AZdMKKO6/RsV92FSw7wBoMVcd7BUvoEgjyoSz7O8
hjpU25+rNC4/N7H4ktEJyWCwsA2dmiTcSNZs+Cx2npURRDWz7B7xpoq3FMWJKakc
93krtz+8Q4Nt9MEPcyKVFTturOxoKBaTFtqSpMZIWk+JWtFnVwuJHMNIssevQO09
31NcgUOjm1Y3XeRXko2ptzTb4OBQ1zBUMvbuai2sffuxzmZxSK3DE43sFORq0OOz
dqiNuYLuj4mGiXSnMI7dLrU709fII/wotNShta3HeY/CHLrvTnfNoI5ZKGzi0PgS
TW96HMB8p+7w4y2gZnNN61o=
-----END CERTIFICATE-----
Generated at Wed Jun 11 20:46:54 2025 by rpki-client