Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/fFkfeFBVgarLLt3vR_YqviEPlwE.roa
File: fFkfeFBVgarLLt3vR_YqviEPlwE.roa (raw, json)
Hash identifier: SZXzpXI1TB0+1TxBE5BCrlP3VWQt2R0ldC8D3kqiVIc=
Subject key identifier: 7C:59:1F:78:50:55:81:AA:CB:2E:DD:EF:47:F6:2A:BE:21:0F:97:01
Certificate issuer: /CN=67499595a65aab0b53768def08091e31061e9e65
Certificate serial: 018F8188EA7CA711D1CA99600F3CB19BA99E
Authority key identifier: 67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/fFkfeFBVgarLLt3vR_YqviEPlwE.roa
Signing time: Thu 16 May 2024 13:13:04 +0000
ROA not before: Thu 16 May 2024 13:13:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48449
IP address blocks: 46.20.99.0/24 maxlen: 24
46.20.104.0/24 maxlen: 24
185.160.194.0/24 maxlen: 24
185.160.195.0/24 maxlen: 24
185.169.221.0/24 maxlen: 24
185.169.222.0/24 maxlen: 24
185.169.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 17 Jul 2024 10:46:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:81:88:ea:7c:a7:11:d1:ca:99:60:0f:3c:b1:9b:a9:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67499595a65aab0b53768def08091e31061e9e65
Validity
Not Before: May 16 13:13:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7c591f78505581aacb2eddef47f62abe210f9701
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:a7:91:d6:9d:dd:7d:a8:4c:2d:cb:c7:4a:ff:
81:d3:e9:cc:5c:8b:b4:aa:f5:87:eb:38:02:f6:34:
b2:25:7b:ad:5a:84:8a:bb:49:5f:2a:6b:11:c9:8c:
16:09:78:25:95:68:71:ec:c3:e5:42:1e:97:3b:b1:
99:ec:31:4c:64:c6:4f:48:86:ca:1a:ff:53:ae:ff:
7f:b3:08:27:73:71:5d:52:f2:25:d5:a5:62:c7:cb:
33:19:41:d4:70:b7:36:26:ca:a5:b2:25:ba:6f:3c:
30:d1:f9:80:59:37:8f:c0:23:65:11:76:f1:53:87:
c5:0a:0f:22:57:50:b1:f3:3b:06:15:cd:62:4a:95:
8a:9a:fd:3b:ce:b1:4f:09:84:2d:fa:29:8f:0a:86:
b2:29:80:2b:1b:05:9e:a2:3f:a0:ff:29:e5:76:40:
01:c7:9b:0d:45:29:93:05:ac:ae:7a:36:95:88:0f:
d9:08:00:f2:12:49:85:1a:07:a0:30:88:e0:c3:da:
42:2f:a0:69:92:a0:f1:b5:e2:e7:d9:b8:6a:13:6c:
42:47:0c:b4:2d:c5:3b:38:b1:85:96:fd:b5:a3:01:
6a:6d:cd:d6:58:df:9b:cf:10:a0:93:fa:c8:0e:85:
19:53:73:7f:11:01:51:5d:a0:08:c1:15:31:7d:fe:
7d:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:59:1F:78:50:55:81:AA:CB:2E:DD:EF:47:F6:2A:BE:21:0F:97:01
X509v3 Authority Key Identifier:
keyid:67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/fFkfeFBVgarLLt3vR_YqviEPlwE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.99.0/24
46.20.104.0/24
185.160.194.0/23
185.169.221.0-185.169.223.255
Signature Algorithm: sha256WithRSAEncryption
9a:6f:32:8f:4f:02:f1:fa:5b:3f:34:1d:24:da:5d:bc:69:93:
f2:b7:c6:85:c2:78:fb:5c:43:18:e2:a5:8a:81:93:fe:06:7d:
bd:4b:68:70:42:b9:54:24:f4:e4:ac:b2:0a:0b:0d:17:8d:81:
b4:ce:aa:a2:eb:79:5f:b4:74:9f:18:ed:74:88:64:6e:9e:c6:
3d:50:37:f9:84:0c:2d:a6:8c:e1:a9:73:7b:bf:2e:f5:33:68:
8c:29:38:de:81:80:d7:be:e7:54:0e:2b:bb:2d:22:57:fb:0c:
41:57:f9:e6:ec:4c:64:e2:db:94:ec:08:e9:c2:d5:13:af:8b:
a2:e5:30:51:8d:75:bf:fe:d5:95:95:83:9d:09:c2:92:3f:44:
2f:56:46:78:9e:c5:57:ce:07:3a:29:29:87:e2:b6:ef:e9:36:
54:f8:05:f2:b9:c7:fc:06:23:c2:bb:e3:1e:6b:bf:7a:d3:b1:
e6:8b:f8:41:d9:5f:e5:c4:73:bc:45:9e:8a:38:62:88:c5:76:
3e:4b:e3:2f:73:d8:fb:37:75:6b:61:d5:eb:64:11:de:48:a0:
7d:1e:52:e2:e0:ae:cf:dc:e6:5a:13:b5:87:37:8c:eb:0c:d6:
b2:ae:71:86:b6:ed:8f:1e:f6:15:0f:01:15:7c:30:84:ab:66:
dc:a9:e7:db
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAY+BiOp8pxHRyplgDzyxm6meMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NDk5NTk1YTY1YWFiMGI1Mzc2OGRlZjA4MDkxZTMxMDYx
ZTllNjUwHhcNMjQwNTE2MTMxMzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzU5MWY3ODUwNTU4MWFhY2IyZWRkZWY0N2Y2MmFiZTIxMGY5NzAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4KeR1p3dfahMLcvHSv+B0+nMXIu0
qvWH6zgC9jSyJXutWoSKu0lfKmsRyYwWCXgllWhx7MPlQh6XO7GZ7DFMZMZPSIbK
Gv9Trv9/swgnc3FdUvIl1aVix8szGUHUcLc2JsqlsiW6bzww0fmAWTePwCNlEXbx
U4fFCg8iV1Cx8zsGFc1iSpWKmv07zrFPCYQt+imPCoayKYArGwWeoj+g/ynldkAB
x5sNRSmTBayuejaViA/ZCADyEkmFGgegMIjgw9pCL6BpkqDxteLn2bhqE2xCRwy0
LcU7OLGFlv21owFqbc3WWN+bzxCgk/rIDoUZU3N/EQFRXaAIwRUxff598wIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFHxZH3hQVYGqyy7d70f2Kr4hD5cBMB8GA1UdIwQY
MBaAFGdJlZWmWqsLU3aN7wgJHjEGHp5lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTct
MzU1MDgwNDE2NTJkLzEvZkZrZmVGQlZnYXJMTHQzdlJfWXF2aUVQbHdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTctMzU1MDgwNDE2NTJk
LzEvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQALhRjAwQA
LhRoAwQBuaDCMAwDBAC5qd0DBAW5qcAwDQYJKoZIhvcNAQELBQADggEBAJpvMo9P
AvH6Wz80HSTaXbxpk/K3xoXCePtcQxjipYqBk/4Gfb1LaHBCuVQk9OSssgoLDReN
gbTOqqLreV+0dJ8Y7XSIZG6exj1QN/mEDC2mjOGpc3u/LvUzaIwpON6BgNe+51QO
K7stIlf7DEFX+ebsTGTi25TsCOnC1ROvi6LlMFGNdb/+1ZWVg50JwpI/RC9WRnie
xVfOBzopKYfitu/pNlT4BfK5x/wGI8K74x5rv3rTseaL+EHZX+XEc7xFnoo4YojF
dj5L4y9z2Ps3dWth1etkEd5IoH0eUuLgrs/c5loTtYc3jOsM1rKucYa27Y8e9hUP
ARV8MISrZtyp59s=
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:18:48 2025 by rpki-client