Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/avQsBsjEK17g-V4k0958ALT1Kpw.roa
File: avQsBsjEK17g-V4k0958ALT1Kpw.roa (raw, json)
Hash identifier: w5e2nHq5GA73XSfkrjk8En5Ze8l2C06vRs3XxpX8nfs=
Subject key identifier: 6A:F4:2C:06:C8:C4:2B:5E:E0:F9:5E:24:D3:DE:7C:00:B4:F5:2A:9C
Certificate issuer: /CN=67499595a65aab0b53768def08091e31061e9e65
Certificate serial: 01940E897D6DA17E7CF2FBE5032F9674C3F1
Authority key identifier: 67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/avQsBsjEK17g-V4k0958ALT1Kpw.roa
Signing time: Sat 28 Dec 2024 18:31:19 +0000
ROA not before: Sat 28 Dec 2024 18:31:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48449
IP address blocks: 46.20.97.0/24 maxlen: 24
46.20.103.0/24 maxlen: 24
185.100.168.0/24 maxlen: 24
185.160.194.0/24 maxlen: 24
185.160.195.0/24 maxlen: 24
185.169.221.0/24 maxlen: 24
185.169.222.0/24 maxlen: 24
185.169.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:49:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:0e:89:7d:6d:a1:7e:7c:f2:fb:e5:03:2f:96:74:c3:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67499595a65aab0b53768def08091e31061e9e65
Validity
Not Before: Dec 28 18:31:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6af42c06c8c42b5ee0f95e24d3de7c00b4f52a9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:06:0b:ed:3b:d6:34:4b:8a:40:47:1f:44:41:
fa:3b:26:97:66:49:5f:dd:ba:ac:1d:6a:6c:44:15:
76:6b:cf:b1:83:57:3a:9a:3d:3f:ec:af:b0:8d:10:
fe:40:db:90:05:dd:1a:5f:0f:88:6c:07:e9:0f:9f:
dc:ab:c4:9a:e0:c5:fd:ef:ac:b0:1f:89:4b:bd:69:
df:1c:38:44:82:d0:00:60:7c:df:1a:b4:5f:85:a3:
9f:2b:97:ab:8b:bf:b7:01:07:3a:e5:3f:bf:34:08:
bf:0f:9b:25:6a:72:5e:4d:43:b6:d3:8a:4b:b2:31:
c6:96:a4:df:f4:42:da:7d:0e:db:5e:90:51:d9:11:
df:6e:dc:21:54:69:7a:2c:0f:eb:b2:c0:fe:9a:2b:
1f:76:84:50:36:99:58:16:d9:6c:e1:42:99:1f:18:
5b:24:b6:b6:67:5f:92:19:9c:3b:47:ec:10:ff:2b:
03:bd:4b:1f:04:c7:76:40:bf:c5:63:d3:6b:a7:af:
8e:74:83:bc:c8:31:95:c7:6a:ba:c2:2e:e6:41:32:
63:da:85:c7:0f:72:c1:c1:89:98:c2:2c:0e:89:9d:
36:dc:a3:58:da:a7:92:e2:02:23:cc:e5:e5:77:95:
12:a1:43:d8:d3:52:08:f1:47:cc:04:3f:0d:d1:8e:
c7:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:F4:2C:06:C8:C4:2B:5E:E0:F9:5E:24:D3:DE:7C:00:B4:F5:2A:9C
X509v3 Authority Key Identifier:
keyid:67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/avQsBsjEK17g-V4k0958ALT1Kpw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.97.0/24
46.20.103.0/24
185.100.168.0/24
185.160.194.0/23
185.169.221.0-185.169.223.255
Signature Algorithm: sha256WithRSAEncryption
54:f4:fa:64:bb:11:1a:52:8a:7e:27:e9:0e:f6:cd:a4:7f:98:
e5:61:73:4e:eb:c0:ab:01:27:fe:1a:2b:62:13:e2:2b:79:38:
4c:e6:b3:b5:63:9d:18:39:51:7a:1e:27:9a:f2:ee:8a:03:ff:
9a:b6:52:c4:12:a1:e9:ab:75:50:ff:c3:75:7a:b8:67:1d:f1:
82:ce:8c:30:a7:2b:14:ae:d7:72:67:48:cb:05:6c:19:2a:fa:
42:99:5d:2a:45:b3:cd:db:74:4f:27:93:4f:64:e6:88:79:a1:
a5:88:71:b0:2d:0d:2c:60:d3:84:dd:f6:9c:f4:82:0e:55:dd:
0a:53:b7:d6:bd:93:9e:3c:d1:40:8f:38:56:13:f2:40:56:ae:
16:b2:94:bd:ff:24:09:3d:a6:a8:2b:75:9f:98:10:b6:70:92:
a5:4b:a4:e4:1e:cf:2e:56:81:f6:f3:14:b8:99:c7:37:67:7a:
ea:70:d3:3b:6d:0d:4c:54:9f:88:bc:be:3a:fc:21:5f:b1:1d:
66:70:13:c7:47:2a:75:bc:29:1f:cf:d9:bd:ee:37:ad:4d:9b:
20:35:0a:cc:95:01:92:71:51:38:d2:37:74:84:a9:de:2b:af:
f5:82:da:3b:58:b5:ed:c2:1d:f3:84:aa:94:fb:4a:28:6c:2a:
a8:31:72:06
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZQOiX1toX588vvlAy+WdMPxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NDk5NTk1YTY1YWFiMGI1Mzc2OGRlZjA4MDkxZTMxMDYx
ZTllNjUwHhcNMjQxMjI4MTgzMTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWY0MmMwNmM4YzQyYjVlZTBmOTVlMjRkM2RlN2MwMGI0ZjUyYTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkwYL7TvWNEuKQEcfREH6OyaXZklf
3bqsHWpsRBV2a8+xg1c6mj0/7K+wjRD+QNuQBd0aXw+IbAfpD5/cq8Sa4MX976yw
H4lLvWnfHDhEgtAAYHzfGrRfhaOfK5eri7+3AQc65T+/NAi/D5slanJeTUO204pL
sjHGlqTf9ELafQ7bXpBR2RHfbtwhVGl6LA/rssD+misfdoRQNplYFtls4UKZHxhb
JLa2Z1+SGZw7R+wQ/ysDvUsfBMd2QL/FY9Nrp6+OdIO8yDGVx2q6wi7mQTJj2oXH
D3LBwYmYwiwOiZ023KNY2qeS4gIjzOXld5USoUPY01II8UfMBD8N0Y7HLwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFGr0LAbIxCte4PleJNPefAC09SqcMB8GA1UdIwQY
MBaAFGdJlZWmWqsLU3aN7wgJHjEGHp5lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTct
MzU1MDgwNDE2NTJkLzEvYXZRc0JzakVLMTdnLVY0azA5NThBTFQxS3B3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTctMzU1MDgwNDE2NTJk
LzEvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQALhRhAwQA
LhRnAwQAuWSoAwQBuaDCMAwDBAC5qd0DBAW5qcAwDQYJKoZIhvcNAQELBQADggEB
AFT0+mS7ERpSin4n6Q72zaR/mOVhc07rwKsBJ/4aK2IT4it5OEzms7VjnRg5UXoe
J5ry7ooD/5q2UsQSoemrdVD/w3V6uGcd8YLOjDCnKxSu13JnSMsFbBkq+kKZXSpF
s83bdE8nk09k5oh5oaWIcbAtDSxg04Td9pz0gg5V3QpTt9a9k5480UCPOFYT8kBW
rhaylL3/JAk9pqgrdZ+YELZwkqVLpOQezy5WgfbzFLiZxzdneupw0zttDUxUn4i8
vjr8IV+xHWZwE8dHKnW8KR/P2b3uN61NmyA1CsyVAZJxUTjSN3SEqd4rr/WC2jtY
te3CHfOEqpT7SihsKqgxcgY=
-----END CERTIFICATE-----
Generated at Sun Apr 20 15:40:15 2025 by rpki-client