Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/qY0I5qrSVlkehwCaGeeH3wsWJPY.roa
File: qY0I5qrSVlkehwCaGeeH3wsWJPY.roa (raw, json)
Hash identifier: GMMRLfcNShH1kqNvltXmm0BGVDGeufLOsDLnKK3bh8E=
Subject key identifier: A9:8D:08:E6:AA:D2:56:59:1E:87:00:9A:19:E7:87:DF:0B:16:24:F6
Certificate issuer: /CN=67499595a65aab0b53768def08091e31061e9e65
Certificate serial: 0193E84E852248955B988363E978066BDB77
Authority key identifier: 67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/qY0I5qrSVlkehwCaGeeH3wsWJPY.roa
Signing time: Sat 21 Dec 2024 08:21:20 +0000
ROA not before: Sat 21 Dec 2024 08:21:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48449
IP address blocks: 46.20.97.0/24 maxlen: 24
46.20.103.0/24 maxlen: 24
185.160.194.0/24 maxlen: 24
185.160.195.0/24 maxlen: 24
185.169.221.0/24 maxlen: 24
185.169.222.0/24 maxlen: 24
185.169.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 28 Dec 2024 18:31:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:e8:4e:85:22:48:95:5b:98:83:63:e9:78:06:6b:db:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67499595a65aab0b53768def08091e31061e9e65
Validity
Not Before: Dec 21 08:21:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a98d08e6aad256591e87009a19e787df0b1624f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:f9:82:e4:89:12:6d:d5:5f:81:45:e5:1a:b7:
61:19:a0:30:e9:45:55:ee:16:41:69:88:c5:40:f3:
04:cd:88:b2:f2:8e:1e:f1:1c:bd:7c:2a:15:2c:d2:
e5:ff:06:00:dd:6b:ea:ea:0a:9c:dc:cb:3f:d9:d5:
e4:b3:44:ea:e6:1d:82:b0:c8:f0:c6:ed:ee:c6:2c:
f1:53:c6:7b:28:c4:60:47:b1:f6:c6:4d:55:08:55:
2f:24:6e:3d:e8:73:78:2b:20:47:73:9a:c9:71:e3:
7d:0c:21:c6:4a:c1:b7:4d:01:ee:5f:68:70:a2:cb:
5e:c0:39:06:f8:de:78:d2:d9:63:39:c4:26:a8:50:
97:ee:08:d9:a3:80:46:d3:6d:20:f0:b2:6d:11:62:
d8:2a:1e:e1:39:e5:9b:e7:a1:f4:db:81:9b:9b:27:
3b:28:bb:48:f8:96:6f:1c:74:13:67:3a:1a:b3:09:
63:c9:9a:a6:fa:3f:69:0b:99:89:49:4a:11:f4:57:
eb:52:18:9c:56:0e:57:20:6d:bb:60:11:52:3c:89:
98:79:4e:31:53:fb:7a:d0:3a:75:5b:d1:33:ae:ac:
eb:6c:4e:fc:b5:a0:2b:26:82:fd:78:45:f7:3d:61:
bf:ce:9f:38:17:d6:f7:25:cc:36:b5:ed:52:89:bb:
1e:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:8D:08:E6:AA:D2:56:59:1E:87:00:9A:19:E7:87:DF:0B:16:24:F6
X509v3 Authority Key Identifier:
keyid:67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/qY0I5qrSVlkehwCaGeeH3wsWJPY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.97.0/24
46.20.103.0/24
185.160.194.0/23
185.169.221.0-185.169.223.255
Signature Algorithm: sha256WithRSAEncryption
01:8a:a4:9d:94:54:80:0d:e8:bf:a9:67:a3:a0:dd:24:a3:62:
3c:f1:9d:07:f7:31:08:c5:f3:59:60:92:8e:c5:86:21:a5:07:
6d:4e:94:dd:7b:87:aa:df:2f:af:9c:29:1b:ab:cd:b6:c8:3e:
78:e7:13:df:0f:a7:42:5d:1a:fc:ca:53:17:0b:9b:f5:f8:95:
44:38:fe:72:0f:50:67:42:5c:bb:25:d4:e2:de:c9:26:37:11:
c8:9c:da:00:10:f9:d9:9e:34:1e:7f:2b:02:b0:75:8e:e2:26:
e6:4a:53:3a:13:36:e0:01:a1:fe:41:48:b9:44:a7:e3:0b:50:
e8:d5:76:6c:0d:a2:a4:37:48:91:6c:94:4d:d4:1d:8e:46:bb:
b8:3a:38:0b:e2:93:5b:0e:bb:a0:7e:72:3a:d3:b4:78:92:a6:
b8:1e:ee:b8:e1:a2:71:16:e3:96:e3:d7:74:8e:ea:73:4e:77:
4b:78:0c:c5:f7:8a:2f:d1:45:37:e6:71:2d:df:a5:72:0c:7f:
ae:84:eb:2f:75:62:62:c5:6c:95:fc:89:81:6e:db:06:71:4f:
01:52:8d:74:28:b5:da:d9:c3:65:fa:11:50:b0:a2:1f:7e:f7:
9e:f5:aa:ae:5c:86:a0:a7:ee:b3:e3:46:9f:eb:fc:ed:0e:45:
19:45:74:57
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZPoToUiSJVbmINj6XgGa9t3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NDk5NTk1YTY1YWFiMGI1Mzc2OGRlZjA4MDkxZTMxMDYx
ZTllNjUwHhcNMjQxMjIxMDgyMTIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOThkMDhlNmFhZDI1NjU5MWU4NzAwOWExOWU3ODdkZjBiMTYyNGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsvmC5IkSbdVfgUXlGrdhGaAw6UVV
7hZBaYjFQPMEzYiy8o4e8Ry9fCoVLNLl/wYA3Wvq6gqc3Ms/2dXks0Tq5h2CsMjw
xu3uxizxU8Z7KMRgR7H2xk1VCFUvJG496HN4KyBHc5rJceN9DCHGSsG3TQHuX2hw
ostewDkG+N540tljOcQmqFCX7gjZo4BG020g8LJtEWLYKh7hOeWb56H024Gbmyc7
KLtI+JZvHHQTZzoaswljyZqm+j9pC5mJSUoR9FfrUhicVg5XIG27YBFSPImYeU4x
U/t60Dp1W9EzrqzrbE78taArJoL9eEX3PWG/zp84F9b3Jcw2te1SibsehQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFKmNCOaq0lZZHocAmhnnh98LFiT2MB8GA1UdIwQY
MBaAFGdJlZWmWqsLU3aN7wgJHjEGHp5lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTct
MzU1MDgwNDE2NTJkLzEvcVkwSTVxclNWbGtlaHdDYUdlZUgzd3NXSlBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTctMzU1MDgwNDE2NTJk
LzEvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQALhRhAwQA
LhRnAwQBuaDCMAwDBAC5qd0DBAW5qcAwDQYJKoZIhvcNAQELBQADggEBAAGKpJ2U
VIAN6L+pZ6Og3SSjYjzxnQf3MQjF81lgko7FhiGlB21OlN17h6rfL6+cKRurzbbI
PnjnE98Pp0JdGvzKUxcLm/X4lUQ4/nIPUGdCXLsl1OLeySY3Ecic2gAQ+dmeNB5/
KwKwdY7iJuZKUzoTNuABof5BSLlEp+MLUOjVdmwNoqQ3SJFslE3UHY5Gu7g6OAvi
k1sOu6B+cjrTtHiSprge7rjhonEW45bj13SO6nNOd0t4DMX3ii/RRTfmcS3fpXIM
f66E6y91YmLFbJX8iYFu2wZxTwFSjXQotdrZw2X6EVCwoh9+9571qq5chqCn7rPj
Rp/r/O0ORRlFdFc=
-----END CERTIFICATE-----
Generated at Tue Apr 22 06:02:31 2025 by rpki-client