Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/CFHgPjKGqclhdqFShs_ET_qwyoA.roa
File: CFHgPjKGqclhdqFShs_ET_qwyoA.roa (raw, json)
Hash identifier: xx0csMCIUx0jpY2K6MmWFXuUMZx9SzxbA1bZCAOd8mE=
Subject key identifier: 08:51:E0:3E:32:86:A9:C9:61:76:A1:52:86:CF:C4:4F:FA:B0:CA:80
Certificate issuer: /CN=67499595a65aab0b53768def08091e31061e9e65
Certificate serial: 018F806270AA44F81C76D7F63D5968EAE8FF
Authority key identifier: 67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/CFHgPjKGqclhdqFShs_ET_qwyoA.roa
Signing time: Thu 16 May 2024 07:51:25 +0000
ROA not before: Thu 16 May 2024 07:51:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48449
IP address blocks: 46.20.96.0/24 maxlen: 24
46.20.98.0/24 maxlen: 24
46.20.102.0/24 maxlen: 24
46.20.104.0/24 maxlen: 24
185.160.194.0/24 maxlen: 24
185.160.195.0/24 maxlen: 24
185.169.221.0/24 maxlen: 24
185.169.222.0/24 maxlen: 24
185.169.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 16 May 2024 13:04:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:80:62:70:aa:44:f8:1c:76:d7:f6:3d:59:68:ea:e8:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67499595a65aab0b53768def08091e31061e9e65
Validity
Not Before: May 16 07:51:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0851e03e3286a9c96176a15286cfc44ffab0ca80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:d9:48:7d:69:3a:b5:ca:4c:c1:ea:66:05:0c:
4d:9a:30:51:f0:29:d1:c0:60:35:02:a1:06:c2:5c:
43:cd:7c:38:80:d6:d2:30:bf:3f:82:a1:4f:77:cb:
1a:84:44:a7:bc:7a:fe:ba:03:32:e1:c7:2c:e6:f3:
96:8b:8f:b3:1b:d4:00:87:84:e8:9e:c2:ef:d0:f7:
e6:a6:0b:52:6e:62:75:33:0d:90:1d:7b:8f:23:22:
38:40:1d:6e:ac:b2:26:86:eb:07:dc:39:b9:21:68:
eb:08:b7:d0:cb:99:20:07:5c:e0:72:bf:4c:49:3c:
34:2d:ed:b0:a8:03:ef:96:81:de:3e:3d:3a:59:93:
a8:43:bf:c6:01:b9:fb:d8:45:93:2e:67:46:d8:ce:
09:ab:a1:d2:0a:79:81:ef:b2:e5:65:d3:5c:30:82:
db:e1:f0:27:96:5b:7d:a4:30:a4:31:c4:6b:12:78:
31:86:5c:19:6c:c1:c9:bc:66:e7:0a:e4:ae:73:07:
da:ca:23:36:c9:5e:06:0f:65:50:36:93:1c:64:2f:
ae:7d:89:8b:cd:f4:45:29:1c:c1:f0:bc:e2:41:b6:
b0:8e:b5:86:83:f9:1b:80:2f:89:82:88:89:c8:6f:
e3:68:37:13:80:5e:30:6d:ac:64:c8:3b:cf:ba:4b:
ab:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:51:E0:3E:32:86:A9:C9:61:76:A1:52:86:CF:C4:4F:FA:B0:CA:80
X509v3 Authority Key Identifier:
keyid:67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/CFHgPjKGqclhdqFShs_ET_qwyoA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.96.0/24
46.20.98.0/24
46.20.102.0/24
46.20.104.0/24
185.160.194.0/23
185.169.221.0-185.169.223.255
Signature Algorithm: sha256WithRSAEncryption
72:e6:26:45:ba:17:03:0a:91:fa:2a:a2:45:ce:b3:0f:a5:62:
49:f3:e3:79:07:60:4a:b8:7c:43:6f:dd:3c:84:a2:2a:94:61:
3f:c3:74:79:53:d7:c5:24:14:93:76:48:a2:b1:ef:c5:45:ab:
9d:04:cb:77:c7:3b:6e:ba:88:2d:2e:30:1b:3b:78:85:d6:d2:
dd:61:e9:22:b4:de:6a:1c:27:76:1e:26:e8:80:b1:b9:93:ac:
19:ae:7b:43:f2:57:d6:d6:36:f9:61:93:34:17:e2:c7:1f:40:
dc:cd:9d:8b:58:9e:6a:fa:61:80:a3:65:43:06:64:24:a7:c1:
4c:98:4c:09:e5:93:32:33:f0:b5:42:09:9d:d9:65:36:ac:e7:
9b:51:43:82:a9:26:5f:73:8d:4c:bd:c8:6f:1f:13:48:8d:2c:
cb:02:4c:87:ec:ed:f1:cd:1a:36:ad:04:eb:f8:f7:3d:17:1a:
51:4b:84:d8:35:8b:b8:e1:f9:11:db:33:13:b3:14:20:fb:67:
45:62:80:ac:09:87:2c:9c:2a:c7:b3:df:a9:fe:d2:aa:2e:89:
90:c7:ff:72:04:90:30:30:18:39:32:dc:60:5a:73:2e:d5:0c:
4a:5e:87:8f:40:78:a7:f6:ba:75:fa:47:24:8e:ee:25:23:13:
27:b5:14:12
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAY+AYnCqRPgcdtf2PVlo6uj/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NDk5NTk1YTY1YWFiMGI1Mzc2OGRlZjA4MDkxZTMxMDYx
ZTllNjUwHhcNMjQwNTE2MDc1MTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODUxZTAzZTMyODZhOWM5NjE3NmExNTI4NmNmYzQ0ZmZhYjBjYTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr9lIfWk6tcpMwepmBQxNmjBR8CnR
wGA1AqEGwlxDzXw4gNbSML8/gqFPd8sahESnvHr+ugMy4ccs5vOWi4+zG9QAh4To
nsLv0PfmpgtSbmJ1Mw2QHXuPIyI4QB1urLImhusH3Dm5IWjrCLfQy5kgB1zgcr9M
STw0Le2wqAPvloHePj06WZOoQ7/GAbn72EWTLmdG2M4Jq6HSCnmB77LlZdNcMILb
4fAnllt9pDCkMcRrEngxhlwZbMHJvGbnCuSucwfayiM2yV4GD2VQNpMcZC+ufYmL
zfRFKRzB8LziQbawjrWGg/kbgC+JgoiJyG/jaDcTgF4wbaxkyDvPukurewIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFAhR4D4yhqnJYXahUobPxE/6sMqAMB8GA1UdIwQY
MBaAFGdJlZWmWqsLU3aN7wgJHjEGHp5lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTct
MzU1MDgwNDE2NTJkLzEvQ0ZIZ1BqS0dxY2xoZHFGU2hzX0VUX3F3eW9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTctMzU1MDgwNDE2NTJk
LzEvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQALhRgAwQA
LhRiAwQALhRmAwQALhRoAwQBuaDCMAwDBAC5qd0DBAW5qcAwDQYJKoZIhvcNAQEL
BQADggEBAHLmJkW6FwMKkfoqokXOsw+lYknz43kHYEq4fENv3TyEoiqUYT/DdHlT
18UkFJN2SKKx78VFq50Ey3fHO266iC0uMBs7eIXW0t1h6SK03mocJ3YeJuiAsbmT
rBmue0PyV9bWNvlhkzQX4scfQNzNnYtYnmr6YYCjZUMGZCSnwUyYTAnlkzIz8LVC
CZ3ZZTas55tRQ4KpJl9zjUy9yG8fE0iNLMsCTIfs7fHNGjatBOv49z0XGlFLhNg1
i7jh+RHbMxOzFCD7Z0VigKwJhyycKsez36n+0qouiZDH/3IEkDAwGDky3GBacy7V
DEpeh49AeKf2unX6RySO7iUjEye1FBI=
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:12:17 2025 by rpki-client