Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/js1qma-hxyqk6H_SrX6WAvI5wng.roa
File: js1qma-hxyqk6H_SrX6WAvI5wng.roa (raw, json)
Hash identifier: kB3X3mbbwKLk9CuwsgVr8mG0XOioud0kYdWTcb/3/Qw=
Subject key identifier: 8E:CD:6A:99:AF:A1:C7:2A:A4:E8:7F:D2:AD:7E:96:02:F2:39:C2:78
Certificate issuer: /CN=67499595a65aab0b53768def08091e31061e9e65
Certificate serial: 019295AE76BFC8DC7E0BBF3FC72B81CE63F3
Authority key identifier: 67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/js1qma-hxyqk6H_SrX6WAvI5wng.roa
Signing time: Wed 16 Oct 2024 14:14:51 +0000
ROA not before: Wed 16 Oct 2024 14:14:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48449
IP address blocks: 46.20.99.0/24 maxlen: 24
46.20.100.0/24 maxlen: 24
46.20.107.0/24 maxlen: 24
185.160.194.0/24 maxlen: 24
185.160.195.0/24 maxlen: 24
185.169.221.0/24 maxlen: 24
185.169.222.0/24 maxlen: 24
185.169.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 23 Oct 2024 09:36:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:95:ae:76:bf:c8:dc:7e:0b:bf:3f:c7:2b:81:ce:63:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67499595a65aab0b53768def08091e31061e9e65
Validity
Not Before: Oct 16 14:14:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8ecd6a99afa1c72aa4e87fd2ad7e9602f239c278
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:f9:38:a2:12:8d:9c:92:db:bb:b7:68:fc:43:
db:37:4e:92:1c:0b:e8:51:55:08:c2:c8:93:3b:eb:
58:21:f1:03:82:d9:f0:d6:22:66:be:0e:87:85:78:
4b:da:59:3d:2d:36:71:34:5f:57:28:1a:0c:5e:5a:
f6:df:83:90:2f:79:f8:f2:83:18:0b:d0:81:af:2a:
df:05:be:ac:88:f2:f7:76:f9:38:dc:54:6b:38:00:
cd:e7:14:ce:d5:df:22:cc:3f:d1:2a:17:8a:cb:2e:
9f:a7:16:27:ef:2c:35:c4:10:61:1f:11:5d:2c:b1:
d7:d4:7d:31:36:39:33:a4:21:bb:12:4a:93:31:8c:
23:b4:b2:b9:02:0d:28:1b:f7:73:19:ec:ce:b4:79:
fa:52:24:db:86:fc:2d:78:da:3f:75:39:4d:51:45:
89:41:9c:89:9f:ec:af:86:ce:6f:7d:77:9d:df:87:
52:7c:b6:0d:60:9b:d8:3f:d7:09:ca:8b:86:b9:40:
7a:d0:08:f0:13:e7:58:66:55:ac:23:be:d1:02:03:
00:aa:a0:d7:02:c9:12:e0:52:12:b7:c9:0c:a4:fa:
60:d1:80:9e:77:7a:8f:07:0f:8b:df:09:0f:81:e7:
c5:31:f3:49:c0:d0:8e:9a:85:c5:45:8a:bf:58:f4:
df:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:CD:6A:99:AF:A1:C7:2A:A4:E8:7F:D2:AD:7E:96:02:F2:39:C2:78
X509v3 Authority Key Identifier:
keyid:67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/js1qma-hxyqk6H_SrX6WAvI5wng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.99.0-46.20.100.255
46.20.107.0/24
185.160.194.0/23
185.169.221.0-185.169.223.255
Signature Algorithm: sha256WithRSAEncryption
9b:09:9c:7d:c0:96:8d:f7:38:14:1b:f7:6c:5e:d1:ed:a0:40:
55:5f:8a:7f:94:53:c9:30:09:c4:68:83:c2:0f:f1:16:8a:70:
84:20:a6:d5:0b:75:27:ad:e5:e7:7b:23:80:b2:25:77:db:57:
bd:29:54:50:f7:d4:18:a6:80:ec:44:1a:6c:d7:1d:5e:1c:1f:
ae:c9:e0:2f:f7:23:4e:d0:3e:14:6c:46:cd:83:22:79:b4:80:
b7:5c:9d:41:45:d1:8b:0c:44:61:64:b4:42:66:ea:df:d2:ea:
be:70:14:12:86:e4:f3:0b:8e:a4:cc:e0:0c:33:92:59:a9:49:
b5:2c:dc:4d:82:f4:58:6f:76:b5:25:69:f0:b9:ca:2a:82:7b:
91:d1:02:45:f6:73:79:4a:03:3c:ec:cf:c9:c3:cf:ed:31:c0:
4e:9c:48:23:ad:ef:b4:50:f8:90:50:a4:df:86:26:57:88:96:
37:42:42:7a:ff:d2:9f:2f:d2:7e:34:0f:ff:50:5e:bd:0c:6e:
21:af:e2:ec:81:10:0b:59:c7:d4:4a:30:c7:ec:55:59:a7:0a:
8f:b3:dc:1e:d4:df:37:33:91:d2:f7:91:46:49:c7:92:0f:36:
68:f5:06:65:8b:1e:e5:55:d3:50:55:5d:c7:3a:a2:b5:59:43:
43:46:5f:99
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZKVrna/yNx+C78/xyuBzmPzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NDk5NTk1YTY1YWFiMGI1Mzc2OGRlZjA4MDkxZTMxMDYx
ZTllNjUwHhcNMjQxMDE2MTQxNDUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWNkNmE5OWFmYTFjNzJhYTRlODdmZDJhZDdlOTYwMmYyMzljMjc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAovk4ohKNnJLbu7do/EPbN06SHAvo
UVUIwsiTO+tYIfEDgtnw1iJmvg6HhXhL2lk9LTZxNF9XKBoMXlr234OQL3n48oMY
C9CBryrfBb6siPL3dvk43FRrOADN5xTO1d8izD/RKheKyy6fpxYn7yw1xBBhHxFd
LLHX1H0xNjkzpCG7EkqTMYwjtLK5Ag0oG/dzGezOtHn6UiTbhvwteNo/dTlNUUWJ
QZyJn+yvhs5vfXed34dSfLYNYJvYP9cJyouGuUB60AjwE+dYZlWsI77RAgMAqqDX
AskS4FISt8kMpPpg0YCed3qPBw+L3wkPgefFMfNJwNCOmoXFRYq/WPTfSwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFI7NapmvoccqpOh/0q1+lgLyOcJ4MB8GA1UdIwQY
MBaAFGdJlZWmWqsLU3aN7wgJHjEGHp5lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTct
MzU1MDgwNDE2NTJkLzEvanMxcW1hLWh4eXFrNkhfU3JYNldBdkk1d25nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTctMzU1MDgwNDE2NTJk
LzEvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoMAwDBAAuFGMD
BAAuFGQDBAAuFGsDBAG5oMIwDAMEALmp3QMEBbmpwDANBgkqhkiG9w0BAQsFAAOC
AQEAmwmcfcCWjfc4FBv3bF7R7aBAVV+Kf5RTyTAJxGiDwg/xFopwhCCm1Qt1J63l
53sjgLIld9tXvSlUUPfUGKaA7EQabNcdXhwfrsngL/cjTtA+FGxGzYMiebSAt1yd
QUXRiwxEYWS0Qmbq39LqvnAUEobk8wuOpMzgDDOSWalJtSzcTYL0WG92tSVp8LnK
KoJ7kdECRfZzeUoDPOzPycPP7THATpxII63vtFD4kFCk34YmV4iWN0JCev/Sny/S
fjQP/1BevQxuIa/i7IEQC1nH1Eowx+xVWacKj7PcHtTfNzOR0veRRknHkg82aPUG
ZYse5VXTUFVdxzqitVlDQ0ZfmQ==
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:19:28 2025 by rpki-client