Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/v4zyXofofTcU9Tw70QdG0JXm5LQ.roa
File: v4zyXofofTcU9Tw70QdG0JXm5LQ.roa (raw, json)
Hash identifier: 4wltJ+uyfEMWzJmJWPdRjTqgg9kbRDQvqV0QjoEuw60=
Subject key identifier: BF:8C:F2:5E:87:E8:7D:37:14:F5:3C:3B:D1:07:46:D0:95:E6:E4:B4
Certificate issuer: /CN=67499595a65aab0b53768def08091e31061e9e65
Certificate serial: 01952859B5DE0E8DF0EE67C0F7E289EA2EA2
Authority key identifier: 67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/v4zyXofofTcU9Tw70QdG0JXm5LQ.roa
Signing time: Fri 21 Feb 2025 11:52:02 +0000
ROA not before: Fri 21 Feb 2025 11:52:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48449
IP address blocks: 46.20.97.0/24 maxlen: 24
46.20.103.0/24 maxlen: 24
46.20.105.0/24 maxlen: 24
46.20.106.0/24 maxlen: 24
46.20.111.0/24 maxlen: 24
185.160.194.0/24 maxlen: 24
185.160.195.0/24 maxlen: 24
185.169.221.0/24 maxlen: 24
185.169.222.0/24 maxlen: 24
185.169.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 03 Mar 2025 10:50:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:28:59:b5:de:0e:8d:f0:ee:67:c0:f7:e2:89:ea:2e:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67499595a65aab0b53768def08091e31061e9e65
Validity
Not Before: Feb 21 11:52:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bf8cf25e87e87d3714f53c3bd10746d095e6e4b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:1a:d6:ab:20:20:fa:0a:01:eb:24:14:de:31:
c3:45:df:ab:76:7e:3f:2f:7b:3f:c1:fc:ea:bb:22:
aa:2e:40:ab:7d:2a:c5:76:ac:9c:dd:d6:54:4c:50:
d7:cd:86:cd:94:73:9a:3f:56:f7:b6:56:d1:7f:a9:
6e:3c:57:f8:83:28:06:25:c6:f7:f4:48:89:02:40:
de:ff:7e:e0:3b:15:de:d5:c2:83:31:ee:0e:1e:ad:
96:72:69:6e:19:2c:5f:ca:46:49:ca:4a:80:0e:b1:
f2:1a:c9:71:5a:c8:87:74:49:fd:7e:d8:e7:c0:22:
92:15:da:6f:02:c5:45:03:e1:09:17:0b:b7:51:cb:
c0:1b:89:d3:a2:9d:fa:cd:ef:97:f2:e7:d2:3c:db:
1f:2a:c3:fe:91:a3:97:9f:41:a3:ed:3c:08:fa:fd:
de:76:10:26:7d:cc:02:02:f0:04:6c:40:f6:34:fa:
22:ce:65:65:c7:15:d6:ef:cf:80:8b:9c:2a:cd:71:
2f:5a:3a:9f:e6:4b:20:2b:57:65:2b:34:75:79:bf:
a7:b4:d0:1f:03:d6:43:6f:16:7d:77:9f:e8:4e:52:
37:c2:39:73:e2:b5:37:9c:95:ac:02:37:39:09:24:
ed:f1:b0:93:1f:36:48:5d:73:69:9b:47:78:46:ed:
10:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:8C:F2:5E:87:E8:7D:37:14:F5:3C:3B:D1:07:46:D0:95:E6:E4:B4
X509v3 Authority Key Identifier:
keyid:67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/v4zyXofofTcU9Tw70QdG0JXm5LQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.97.0/24
46.20.103.0/24
46.20.105.0-46.20.106.255
46.20.111.0/24
185.160.194.0/23
185.169.221.0-185.169.223.255
Signature Algorithm: sha256WithRSAEncryption
a2:4f:77:ed:fc:b0:ec:74:18:34:f8:1f:55:15:53:e4:9f:ca:
08:63:b8:41:d1:06:ad:94:4e:b3:0b:65:1f:23:f6:bb:2d:bb:
33:ea:6e:83:fc:1f:02:f6:e6:d0:40:10:7f:96:f9:87:34:31:
2a:31:6f:6d:98:09:eb:44:9c:59:45:d3:25:26:56:2c:2d:73:
54:66:f1:59:4d:98:25:08:ef:cf:3e:3d:6d:cb:a9:54:1b:e8:
d6:4b:57:87:69:03:bc:53:6c:4e:4d:a7:2b:95:f8:1d:f5:94:
f3:1e:87:df:71:07:91:71:96:11:30:1e:b0:cd:5b:a9:6a:58:
8d:7c:bd:b7:0f:6b:4a:04:7c:20:f8:36:3e:24:f2:fa:0d:a8:
ba:c6:4d:58:45:b4:49:45:a3:cf:97:1a:5b:46:8d:68:9c:92:
9c:d3:28:39:2e:16:86:d9:73:26:1b:dc:c3:fd:75:f1:2f:65:
9d:a4:9f:54:bf:59:63:a2:e9:6d:80:72:a0:95:3e:63:b8:d3:
cc:31:53:e4:a2:6c:d6:3b:8e:f3:8c:47:b9:16:4f:54:61:96:
60:a7:b1:83:b8:3b:46:04:f0:91:a3:3e:46:f6:cc:9f:b7:a3:
ae:94:07:f9:d1:ee:a6:c1:7e:b1:ed:88:46:2b:67:46:a6:cf:
91:9a:42:45
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZUoWbXeDo3w7mfA9+KJ6i6iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NDk5NTk1YTY1YWFiMGI1Mzc2OGRlZjA4MDkxZTMxMDYx
ZTllNjUwHhcNMjUwMjIxMTE1MjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjhjZjI1ZTg3ZTg3ZDM3MTRmNTNjM2JkMTA3NDZkMDk1ZTZlNGI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApRrWqyAg+goB6yQU3jHDRd+rdn4/
L3s/wfzquyKqLkCrfSrFdqyc3dZUTFDXzYbNlHOaP1b3tlbRf6luPFf4gygGJcb3
9EiJAkDe/37gOxXe1cKDMe4OHq2WcmluGSxfykZJykqADrHyGslxWsiHdEn9ftjn
wCKSFdpvAsVFA+EJFwu3UcvAG4nTop36ze+X8ufSPNsfKsP+kaOXn0Gj7TwI+v3e
dhAmfcwCAvAEbED2NPoizmVlxxXW78+Ai5wqzXEvWjqf5ksgK1dlKzR1eb+ntNAf
A9ZDbxZ9d5/oTlI3wjlz4rU3nJWsAjc5CSTt8bCTHzZIXXNpm0d4Ru0QqQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFL+M8l6H6H03FPU8O9EHRtCV5uS0MB8GA1UdIwQY
MBaAFGdJlZWmWqsLU3aN7wgJHjEGHp5lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTct
MzU1MDgwNDE2NTJkLzEvdjR6eVhvZm9mVGNVOVR3NzBRZEcwSlhtNUxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTctMzU1MDgwNDE2NTJk
LzEvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIAATA0AwQALhRhAwQA
LhRnMAwDBAAuFGkDBAAuFGoDBAAuFG8DBAG5oMIwDAMEALmp3QMEBbmpwDANBgkq
hkiG9w0BAQsFAAOCAQEAok937fyw7HQYNPgfVRVT5J/KCGO4QdEGrZROswtlHyP2
uy27M+pug/wfAvbm0EAQf5b5hzQxKjFvbZgJ60ScWUXTJSZWLC1zVGbxWU2YJQjv
zz49bcupVBvo1ktXh2kDvFNsTk2nK5X4HfWU8x6H33EHkXGWETAesM1bqWpYjXy9
tw9rSgR8IPg2PiTy+g2ousZNWEW0SUWjz5caW0aNaJySnNMoOS4WhtlzJhvcw/11
8S9lnaSfVL9ZY6LpbYByoJU+Y7jTzDFT5KJs1juO84xHuRZPVGGWYKexg7g7RgTw
kaM+RvbMn7ejrpQH+dHupsF+se2IRitnRqbPkZpCRQ==
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:16:55 2025 by rpki-client