Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/ZR4tOXZr0I9RRGYHbpQp-eRg5OY.roa
File: ZR4tOXZr0I9RRGYHbpQp-eRg5OY.roa (raw, json)
Hash identifier: bEmaRNZ1c6RsEPi45jb6kNETLM86OWK4f2uaaF43dl0=
Subject key identifier: 65:1E:2D:39:76:6B:D0:8F:51:44:66:07:6E:94:29:F9:E4:60:E4:E6
Certificate issuer: /CN=67499595a65aab0b53768def08091e31061e9e65
Certificate serial: 018CC9BC6C056816F835B31288E9790EF2E6
Authority key identifier: 67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/ZR4tOXZr0I9RRGYHbpQp-eRg5OY.roa
Signing time: Tue 02 Jan 2024 10:33:37 +0000
ROA not before: Tue 02 Jan 2024 10:33:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48449
IP address blocks: 46.20.110.0/24 maxlen: 24
46.20.108.0/24 maxlen: 24
185.160.195.0/24 maxlen: 24
185.160.194.0/24 maxlen: 24
185.100.171.0/24 maxlen: 24
185.169.221.0/24 maxlen: 24
46.20.104.0/24 maxlen: 24
185.169.222.0/24 maxlen: 24
185.169.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 03 Jan 2024 09:10:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:6c:05:68:16:f8:35:b3:12:88:e9:79:0e:f2:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67499595a65aab0b53768def08091e31061e9e65
Validity
Not Before: Jan 2 10:33:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=651e2d39766bd08f514466076e9429f9e460e4e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:47:c2:9f:99:a6:b1:08:bb:f6:a4:5e:80:b3:
69:1c:ca:13:0a:47:1d:ae:c0:45:57:15:2b:e7:53:
4f:2f:11:b5:15:0a:c8:8f:47:16:0f:1a:08:18:7c:
21:c8:38:3a:04:17:90:db:c6:3c:cb:fe:4f:de:76:
e1:5b:36:4b:7c:b4:e0:6b:9f:a2:b1:f1:11:25:4e:
64:27:c0:95:de:3a:be:06:7b:c9:8f:f0:4b:3c:e4:
a5:3c:5d:08:bd:f2:f5:23:68:f0:6d:49:e4:d7:6c:
f5:2d:99:8e:4d:88:e3:80:46:08:76:71:d5:8c:58:
e2:3c:a1:1a:d7:4f:a9:c6:28:03:79:c1:c4:49:3c:
14:10:d2:a6:6d:50:9d:ea:cc:3a:f6:71:52:ff:a8:
82:6f:65:2a:0e:a2:e6:cb:ac:0f:94:d5:0b:20:ab:
ea:52:9f:41:0e:a9:f6:39:96:16:ba:44:c6:36:69:
2b:25:bc:1c:b8:fa:2f:33:68:c9:56:ab:93:9b:a3:
3c:29:cc:2b:93:9b:58:7d:de:32:32:9a:cd:56:19:
67:b9:9c:b0:c0:a5:05:73:54:8e:35:cf:f6:1c:a0:
e4:c8:6a:a6:87:26:d7:21:b6:cc:6e:a4:55:80:e9:
b6:cd:52:98:09:b8:28:96:0e:d6:3f:d8:af:1e:f9:
9d:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:1E:2D:39:76:6B:D0:8F:51:44:66:07:6E:94:29:F9:E4:60:E4:E6
X509v3 Authority Key Identifier:
keyid:67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/ZR4tOXZr0I9RRGYHbpQp-eRg5OY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.104.0/24
46.20.108.0/24
46.20.110.0/24
185.100.171.0/24
185.160.194.0/23
185.169.221.0-185.169.223.255
Signature Algorithm: sha256WithRSAEncryption
55:c0:01:cb:67:3e:24:cb:4a:6f:af:d5:ea:45:e3:91:81:0c:
87:40:21:ef:5f:ef:2a:e4:b7:38:7d:29:cf:c8:59:84:2c:9e:
e0:b6:7d:5e:fe:b7:e9:39:4a:95:99:38:3a:e2:4c:91:7a:c7:
fa:86:63:ac:1d:39:45:bb:9c:d4:7a:c5:bc:7e:0f:33:7c:ce:
ae:60:6f:ef:87:9c:78:ce:43:7f:e1:20:aa:9e:78:35:e9:ad:
6a:a6:c2:a4:7a:68:f6:34:92:66:9a:eb:69:ce:b0:29:fa:73:
26:81:98:e5:d4:19:c8:8f:50:dc:41:98:5e:13:c6:69:23:52:
03:e4:fb:c8:b0:99:21:2d:74:fe:dd:33:4b:f8:ce:70:dd:d6:
50:1f:5a:4f:30:98:fd:03:0c:46:fa:27:c7:85:4f:0e:74:d8:
38:3d:9b:2d:39:d7:ee:f2:d8:2c:e4:47:a1:85:8d:73:17:f4:
3f:bb:1e:6f:95:e4:12:5e:eb:a9:81:2c:da:db:76:2c:e0:22:
76:8b:cd:e1:48:2c:dd:2d:38:de:6e:3c:9e:92:7a:5b:4d:80:
c3:c8:48:7c:78:83:98:3a:39:43:d3:d1:41:5f:46:21:92:8c:
bb:cb:b7:4d:8c:d5:98:ac:96:97:81:24:bf:aa:92:b5:a8:d5:
e2:a6:4e:7f
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYzJvGwFaBb4NbMSiOl5DvLmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NDk5NTk1YTY1YWFiMGI1Mzc2OGRlZjA4MDkxZTMxMDYx
ZTllNjUwHhcNMjQwMTAyMTAzMzM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTFlMmQzOTc2NmJkMDhmNTE0NDY2MDc2ZTk0MjlmOWU0NjBlNGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmEfCn5mmsQi79qRegLNpHMoTCkcd
rsBFVxUr51NPLxG1FQrIj0cWDxoIGHwhyDg6BBeQ28Y8y/5P3nbhWzZLfLTga5+i
sfERJU5kJ8CV3jq+BnvJj/BLPOSlPF0IvfL1I2jwbUnk12z1LZmOTYjjgEYIdnHV
jFjiPKEa10+pxigDecHESTwUENKmbVCd6sw69nFS/6iCb2UqDqLmy6wPlNULIKvq
Up9BDqn2OZYWukTGNmkrJbwcuPovM2jJVquTm6M8Kcwrk5tYfd4yMprNVhlnuZyw
wKUFc1SONc/2HKDkyGqmhybXIbbMbqRVgOm2zVKYCbgolg7WP9ivHvmdFwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFGUeLTl2a9CPUURmB26UKfnkYOTmMB8GA1UdIwQY
MBaAFGdJlZWmWqsLU3aN7wgJHjEGHp5lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTct
MzU1MDgwNDE2NTJkLzEvWlI0dE9YWnIwSTlSUkdZSGJwUXAtZVJnNU9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTctMzU1MDgwNDE2NTJk
LzEvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQALhRoAwQA
LhRsAwQALhRuAwQAuWSrAwQBuaDCMAwDBAC5qd0DBAW5qcAwDQYJKoZIhvcNAQEL
BQADggEBAFXAActnPiTLSm+v1epF45GBDIdAIe9f7yrktzh9Kc/IWYQsnuC2fV7+
t+k5SpWZODriTJF6x/qGY6wdOUW7nNR6xbx+DzN8zq5gb++HnHjOQ3/hIKqeeDXp
rWqmwqR6aPY0kmaa62nOsCn6cyaBmOXUGciPUNxBmF4TxmkjUgPk+8iwmSEtdP7d
M0v4znDd1lAfWk8wmP0DDEb6J8eFTw502Dg9my051+7y2CzkR6GFjXMX9D+7Hm+V
5BJe66mBLNrbdizgInaLzeFILN0tON5uPJ6SeltNgMPISHx4g5g6OUPT0UFfRiGS
jLvLt02M1ZislpeBJL+qkrWo1eKmTn8=
-----END CERTIFICATE-----
Generated at Mon Apr 21 10:50:32 2025 by rpki-client