Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/DgnWpLSO4I5FyYHiaLAD5LVJn6I.roa
File: DgnWpLSO4I5FyYHiaLAD5LVJn6I.roa (raw, json)
Hash identifier: 76KwUqVaH3Ks9X8GXFierwlbzTfjdszXd/9cR/1ax/k=
Subject key identifier: 0E:09:D6:A4:B4:8E:E0:8E:45:C9:81:E2:68:B0:03:E4:B5:49:9F:A2
Certificate issuer: /CN=67499595a65aab0b53768def08091e31061e9e65
Certificate serial: 018D51207C09033E29E3DC139AA8B1DAAB41
Authority key identifier: 67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/DgnWpLSO4I5FyYHiaLAD5LVJn6I.roa
Signing time: Sun 28 Jan 2024 17:31:39 +0000
ROA not before: Sun 28 Jan 2024 17:31:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48449
IP address blocks: 46.20.104.0/24 maxlen: 24
185.100.171.0/24 maxlen: 24
185.160.194.0/24 maxlen: 24
185.160.195.0/24 maxlen: 24
185.169.221.0/24 maxlen: 24
185.169.222.0/24 maxlen: 24
185.169.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 18 Mar 2024 00:10:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:51:20:7c:09:03:3e:29:e3:dc:13:9a:a8:b1:da:ab:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67499595a65aab0b53768def08091e31061e9e65
Validity
Not Before: Jan 28 17:31:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0e09d6a4b48ee08e45c981e268b003e4b5499fa2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:e6:dc:c7:a5:29:b4:47:d9:f3:3e:fc:01:c5:
ad:5f:c2:4f:f4:a3:ec:66:b1:e3:33:7e:20:b2:d2:
5e:cc:67:74:d9:3d:78:06:f4:f4:99:75:8f:7d:c6:
22:27:12:87:56:a9:b8:dc:f0:ae:73:16:1f:b2:7c:
ad:71:f1:01:ed:f8:d6:50:75:8e:33:6f:37:2a:8f:
96:89:64:34:de:bf:e3:7d:29:5d:1a:17:d7:f6:02:
69:3c:f1:1c:da:ff:1e:9b:cb:93:6b:f4:53:45:e6:
d5:ad:8c:f5:65:0e:35:9a:45:0b:dc:e4:1f:58:22:
cc:c8:75:10:51:ee:fd:b3:86:7a:64:93:c3:40:af:
45:cf:07:98:40:b1:eb:52:6d:9a:c3:80:97:58:81:
50:38:8c:a0:7f:2d:c1:35:b9:09:93:9c:d7:dd:2f:
fe:eb:b7:9d:81:4e:6e:f3:6f:cb:08:60:6d:90:c7:
b8:9a:19:ab:ab:eb:ce:80:7b:88:ab:52:ae:60:1c:
ad:28:43:b0:8a:00:48:78:90:29:e5:c7:6e:8b:18:
f1:48:34:40:5a:2c:d4:4b:ec:24:2b:57:b5:57:ee:
23:0d:e6:d4:1d:41:d0:44:ab:97:43:8a:b0:5e:d6:
2b:ec:2d:81:c3:69:e9:53:be:ca:aa:74:85:b0:bf:
22:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:09:D6:A4:B4:8E:E0:8E:45:C9:81:E2:68:B0:03:E4:B5:49:9F:A2
X509v3 Authority Key Identifier:
keyid:67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/DgnWpLSO4I5FyYHiaLAD5LVJn6I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.104.0/24
185.100.171.0/24
185.160.194.0/23
185.169.221.0-185.169.223.255
Signature Algorithm: sha256WithRSAEncryption
45:99:3c:a3:c9:04:52:a6:48:92:22:9a:9f:31:82:a2:47:db:
26:6a:53:c0:04:db:ac:2a:86:d3:3c:cb:f5:53:8e:fe:3f:48:
93:4a:01:1c:61:4b:82:9e:e8:04:16:6b:88:ff:e3:23:b4:17:
ec:68:a0:a2:78:5f:da:35:e9:3d:84:1c:0a:ab:ad:63:26:f3:
28:54:52:e7:06:e2:ef:57:86:75:40:d1:da:2f:69:ae:db:dc:
22:4e:6c:ba:b7:a6:2e:f8:a8:25:2b:4b:16:e9:de:6b:75:56:
a4:3b:b5:7c:01:14:9d:ea:90:6e:4f:aa:91:a0:d1:34:30:98:
a8:8a:58:f6:25:c9:ec:fb:f4:82:e4:93:4a:89:76:0a:d8:fc:
c1:ba:7c:5e:d3:32:d5:7d:da:8b:23:d0:74:1b:af:96:5c:e2:
04:f4:a9:c6:5d:13:57:d8:3b:c6:77:83:0d:af:da:8e:14:25:
dd:1f:31:67:5a:a3:ca:09:63:62:17:17:80:d3:b7:de:72:63:
64:2c:b7:db:ce:c5:8a:2d:93:08:c9:6f:cb:04:ee:c4:f8:9f:
2f:95:39:b0:60:63:79:0d:fe:ff:90:b0:af:d5:a2:aa:e7:af:
17:b0:ff:f4:79:3e:a2:0d:f7:c8:27:fd:d5:b5:af:69:e9:d5:
b6:91:82:73
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAY1RIHwJAz4p49wTmqix2qtBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NDk5NTk1YTY1YWFiMGI1Mzc2OGRlZjA4MDkxZTMxMDYx
ZTllNjUwHhcNMjQwMTI4MTczMTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTA5ZDZhNGI0OGVlMDhlNDVjOTgxZTI2OGIwMDNlNGI1NDk5ZmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7ebcx6UptEfZ8z78AcWtX8JP9KPs
ZrHjM34gstJezGd02T14BvT0mXWPfcYiJxKHVqm43PCucxYfsnytcfEB7fjWUHWO
M283Ko+WiWQ03r/jfSldGhfX9gJpPPEc2v8em8uTa/RTRebVrYz1ZQ41mkUL3OQf
WCLMyHUQUe79s4Z6ZJPDQK9FzweYQLHrUm2aw4CXWIFQOIygfy3BNbkJk5zX3S/+
67edgU5u82/LCGBtkMe4mhmrq+vOgHuIq1KuYBytKEOwigBIeJAp5cduixjxSDRA
WizUS+wkK1e1V+4jDebUHUHQRKuXQ4qwXtYr7C2Bw2npU77KqnSFsL8ilQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFA4J1qS0juCORcmB4miwA+S1SZ+iMB8GA1UdIwQY
MBaAFGdJlZWmWqsLU3aN7wgJHjEGHp5lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTct
MzU1MDgwNDE2NTJkLzEvRGduV3BMU080STVGeVlIaWFMQUQ1TFZKbjZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTctMzU1MDgwNDE2NTJk
LzEvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQALhRoAwQA
uWSrAwQBuaDCMAwDBAC5qd0DBAW5qcAwDQYJKoZIhvcNAQELBQADggEBAEWZPKPJ
BFKmSJIimp8xgqJH2yZqU8AE26wqhtM8y/VTjv4/SJNKARxhS4Ke6AQWa4j/4yO0
F+xooKJ4X9o16T2EHAqrrWMm8yhUUucG4u9XhnVA0dovaa7b3CJObLq3pi74qCUr
Sxbp3mt1VqQ7tXwBFJ3qkG5PqpGg0TQwmKiKWPYlyez79ILkk0qJdgrY/MG6fF7T
MtV92osj0HQbr5Zc4gT0qcZdE1fYO8Z3gw2v2o4UJd0fMWdao8oJY2IXF4DTt95y
Y2Qst9vOxYotkwjJb8sE7sT4ny+VObBgY3kN/v+QsK/Voqrnrxew//R5PqIN98gn
/dW1r2np1baRgnM=
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:18:37 2025 by rpki-client