Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/aOFqz8iIKiV7CEbRl4NkazJIRuo.roa
File: aOFqz8iIKiV7CEbRl4NkazJIRuo.roa (raw, json)
Hash identifier: wzlYJYpDO4i03HHJB714cSBgMlFbdAyLjBezzJi+GhU=
Subject key identifier: 68:E1:6A:CF:C8:88:2A:25:7B:08:46:D1:97:83:64:6B:32:48:46:EA
Certificate issuer: /CN=67499595a65aab0b53768def08091e31061e9e65
Certificate serial: 0191DD8CA9974C285336A0E17BCB4643ED71
Authority key identifier: 67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/aOFqz8iIKiV7CEbRl4NkazJIRuo.roa
Signing time: Tue 10 Sep 2024 20:07:48 +0000
ROA not before: Tue 10 Sep 2024 20:07:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48449
IP address blocks: 46.20.99.0/24 maxlen: 24
46.20.107.0/24 maxlen: 24
185.160.194.0/24 maxlen: 24
185.160.195.0/24 maxlen: 24
185.169.221.0/24 maxlen: 24
185.169.222.0/24 maxlen: 24
185.169.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 16 Oct 2024 14:14:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:dd:8c:a9:97:4c:28:53:36:a0:e1:7b:cb:46:43:ed:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67499595a65aab0b53768def08091e31061e9e65
Validity
Not Before: Sep 10 20:07:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=68e16acfc8882a257b0846d19783646b324846ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:a8:f4:7f:69:41:07:16:b2:ef:3e:8b:37:a7:
cd:1f:a5:a6:5d:9d:e0:a7:21:6b:9a:95:1c:6e:ba:
ca:94:ad:e0:92:7d:41:2f:d9:65:39:dc:2e:34:03:
6a:85:a3:d5:06:20:25:81:3c:89:b5:0c:c6:83:3c:
63:48:db:f9:9a:91:86:35:88:46:a6:3e:b4:bc:bc:
c9:32:a6:f9:43:db:91:02:e0:29:aa:a0:09:04:54:
06:88:be:50:54:45:c5:fb:d0:43:35:85:c8:f2:f5:
7e:f4:4f:31:6a:ce:15:26:eb:5e:6c:31:05:ff:07:
fa:a6:4f:f6:46:10:36:76:71:0b:22:af:a7:a2:57:
f8:cb:de:c6:2a:98:84:05:d6:57:00:19:43:46:65:
de:35:af:0f:78:ae:c9:d7:90:96:bd:33:fb:e3:87:
6b:13:54:5a:8a:9d:37:44:64:85:5e:7e:08:25:50:
2d:f8:94:c5:0a:2c:aa:ba:c6:39:5e:23:4f:b0:1d:
bd:ba:2b:e9:f8:7d:bc:18:a4:5f:d4:f3:78:09:6b:
c6:02:bf:3d:f9:21:32:ff:70:e7:b2:6e:6c:0d:54:
f1:91:49:22:a6:05:1d:de:ed:1e:71:5c:85:1f:36:
63:aa:29:5e:be:64:95:ba:1a:06:39:68:b5:01:84:
7a:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:E1:6A:CF:C8:88:2A:25:7B:08:46:D1:97:83:64:6B:32:48:46:EA
X509v3 Authority Key Identifier:
keyid:67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/aOFqz8iIKiV7CEbRl4NkazJIRuo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.99.0/24
46.20.107.0/24
185.160.194.0/23
185.169.221.0-185.169.223.255
Signature Algorithm: sha256WithRSAEncryption
42:5f:fe:af:58:73:7b:73:67:ef:d6:85:bd:ee:a8:86:1b:55:
a8:05:d8:6a:99:e5:8b:8b:8a:52:1f:50:cf:88:2b:41:65:ee:
c3:6c:2f:a3:d3:c4:07:f3:fd:a2:1f:1e:e6:8c:78:51:95:38:
05:68:0d:a2:54:67:63:35:d7:c5:de:2c:85:d9:01:23:75:f3:
08:0f:b8:f3:63:82:43:41:01:db:0c:06:83:c7:e7:d0:d2:c8:
d6:6b:46:d1:ec:38:98:93:da:e0:f8:0d:6f:ed:26:7d:11:60:
19:49:fb:30:31:4b:ef:5f:03:b8:91:09:4a:60:a4:a1:d9:a9:
cd:93:d7:9f:ef:4c:da:bc:e3:2f:72:11:47:d3:2c:eb:14:49:
2b:ba:f5:9b:9b:bb:4f:65:52:d7:1c:54:4c:c8:35:9d:50:58:
ae:ec:23:df:67:c9:88:25:26:79:c2:c9:da:ac:15:8c:37:f6:
9f:89:2c:6b:1c:fc:69:fd:cf:6d:f9:bd:ff:03:68:1a:98:d8:
09:88:84:7a:18:64:6d:36:8b:66:8e:2f:a7:f8:02:c6:19:35:
51:50:59:60:b6:21:3a:99:58:6b:82:a0:79:5b:25:a6:a7:72:
45:42:b1:4c:75:a5:63:b7:52:5e:ba:6e:ca:64:b5:3c:49:0a:
82:87:58:1a
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZHdjKmXTChTNqDhe8tGQ+1xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NDk5NTk1YTY1YWFiMGI1Mzc2OGRlZjA4MDkxZTMxMDYx
ZTllNjUwHhcNMjQwOTEwMjAwNzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGUxNmFjZmM4ODgyYTI1N2IwODQ2ZDE5NzgzNjQ2YjMyNDg0NmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq6j0f2lBBxay7z6LN6fNH6WmXZ3g
pyFrmpUcbrrKlK3gkn1BL9llOdwuNANqhaPVBiAlgTyJtQzGgzxjSNv5mpGGNYhG
pj60vLzJMqb5Q9uRAuApqqAJBFQGiL5QVEXF+9BDNYXI8vV+9E8xas4VJutebDEF
/wf6pk/2RhA2dnELIq+nolf4y97GKpiEBdZXABlDRmXeNa8PeK7J15CWvTP744dr
E1Raip03RGSFXn4IJVAt+JTFCiyqusY5XiNPsB29uivp+H28GKRf1PN4CWvGAr89
+SEy/3Dnsm5sDVTxkUkipgUd3u0ecVyFHzZjqilevmSVuhoGOWi1AYR6pQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFGjhas/IiColewhG0ZeDZGsySEbqMB8GA1UdIwQY
MBaAFGdJlZWmWqsLU3aN7wgJHjEGHp5lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTct
MzU1MDgwNDE2NTJkLzEvYU9GcXo4aUlLaVY3Q0ViUmw0TmthekpJUnVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTctMzU1MDgwNDE2NTJk
LzEvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQALhRjAwQA
LhRrAwQBuaDCMAwDBAC5qd0DBAW5qcAwDQYJKoZIhvcNAQELBQADggEBAEJf/q9Y
c3tzZ+/Whb3uqIYbVagF2GqZ5YuLilIfUM+IK0Fl7sNsL6PTxAfz/aIfHuaMeFGV
OAVoDaJUZ2M118XeLIXZASN18wgPuPNjgkNBAdsMBoPH59DSyNZrRtHsOJiT2uD4
DW/tJn0RYBlJ+zAxS+9fA7iRCUpgpKHZqc2T15/vTNq84y9yEUfTLOsUSSu69Zub
u09lUtccVEzINZ1QWK7sI99nyYglJnnCydqsFYw39p+JLGsc/Gn9z235vf8DaBqY
2AmIhHoYZG02i2aOL6f4AsYZNVFQWWC2ITqZWGuCoHlbJaanckVCsUx1pWO3Ul66
bspktTxJCoKHWBo=
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:14:36 2025 by rpki-client