Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/x8hM3HFMtY9ilWGQlQXAjjlfXvk.roa
File: x8hM3HFMtY9ilWGQlQXAjjlfXvk.roa (raw, json)
Hash identifier: vAAv+Q9OKOEQz9H2mQeK41KkPSoGsWalrsbL5JoVD2c=
Subject key identifier: C7:C8:4C:DC:71:4C:B5:8F:62:95:61:90:95:05:C0:8E:39:5F:5E:F9
Certificate issuer: /CN=67499595a65aab0b53768def08091e31061e9e65
Certificate serial: 018D27000E675320932FAEAF1A6E529C9F4C
Authority key identifier: 67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/x8hM3HFMtY9ilWGQlQXAjjlfXvk.roa
Signing time: Sat 20 Jan 2024 13:12:11 +0000
ROA not before: Sat 20 Jan 2024 13:12:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48449
IP address blocks: 46.20.104.0/24 maxlen: 24
185.100.168.0/24 maxlen: 24
185.100.171.0/24 maxlen: 24
185.160.194.0/24 maxlen: 24
185.160.195.0/24 maxlen: 24
185.169.220.0/24 maxlen: 24
185.169.221.0/24 maxlen: 24
185.169.222.0/24 maxlen: 24
185.169.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 23 Jan 2024 11:44:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:27:00:0e:67:53:20:93:2f:ae:af:1a:6e:52:9c:9f:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67499595a65aab0b53768def08091e31061e9e65
Validity
Not Before: Jan 20 13:12:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c7c84cdc714cb58f629561909505c08e395f5ef9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:fb:71:01:06:68:59:81:47:32:0d:09:9a:7c:
fa:fa:6c:4c:8f:cb:a1:be:09:a9:23:87:28:38:bd:
85:0f:d1:a9:b7:0d:23:c7:ed:b0:13:d5:e0:2f:50:
97:ea:9c:2c:84:ad:be:c9:ab:e6:e5:a6:67:83:c9:
d0:73:04:08:d3:86:a2:c7:0d:71:c7:b5:14:41:22:
b5:e7:2c:75:95:ca:b8:8f:43:e0:82:ae:18:60:90:
c4:5d:75:63:40:78:0d:68:3b:48:c2:7e:7b:dd:49:
7d:c9:ca:11:88:bb:c7:6f:dd:00:2b:72:a5:27:f1:
f0:1e:79:5c:94:99:a6:3b:02:49:d6:3d:5f:51:84:
16:d3:bc:ae:08:bf:da:8a:be:5f:8c:d8:da:ed:40:
86:41:5f:3e:fb:44:ab:c7:bd:a1:41:66:9f:b7:bb:
4b:f3:8e:52:63:81:65:24:6c:31:02:e3:e7:4d:35:
04:e7:1c:f3:c9:5d:10:52:ad:98:15:20:b5:a1:8a:
7d:42:0c:31:77:be:19:6a:00:42:e1:4e:d2:2e:f3:
c8:e7:62:8e:80:54:da:90:68:d0:54:aa:5e:22:94:
64:7d:94:01:7b:9d:08:e8:d3:9a:d5:91:d8:0a:5a:
8d:80:e2:58:66:52:2a:4d:ed:65:9a:73:b2:a4:f0:
08:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:C8:4C:DC:71:4C:B5:8F:62:95:61:90:95:05:C0:8E:39:5F:5E:F9
X509v3 Authority Key Identifier:
keyid:67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/x8hM3HFMtY9ilWGQlQXAjjlfXvk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.104.0/24
185.100.168.0/24
185.100.171.0/24
185.160.194.0/23
185.169.220.0/22
Signature Algorithm: sha256WithRSAEncryption
98:48:93:4a:2f:d8:9c:2a:be:d4:30:f0:23:93:c5:fc:10:63:
ff:c4:b2:cb:40:47:c7:a4:16:3b:3b:ff:a3:66:ef:46:64:64:
18:f5:ef:34:97:c9:06:ec:ec:b4:b5:00:b7:a3:bc:29:af:b2:
83:69:93:2d:f7:64:49:bb:6f:53:d0:0e:7e:7f:25:91:44:ff:
e6:c2:65:8e:aa:c8:7c:2e:cc:dc:c9:76:50:7e:03:e7:eb:35:
62:0d:e4:0f:ab:b6:43:31:ea:1c:3b:ce:8a:10:09:6f:af:ab:
a5:26:af:f0:59:4f:f7:e6:06:51:e9:87:cd:b8:c6:73:82:b8:
fd:9f:15:33:ca:a0:94:bc:98:58:29:00:07:99:75:4e:ba:a1:
4a:c5:ba:ec:0e:18:7b:46:eb:2f:fa:fc:b8:f0:3e:b9:4b:19:
cd:00:9f:78:f1:5a:6f:bf:0a:a9:55:7f:ec:dc:e9:9d:b1:b8:
01:96:c2:36:9e:5a:f2:9d:ab:ce:3f:bf:6b:eb:5f:11:12:d5:
32:13:10:89:1f:de:4e:04:2b:5d:af:5f:63:ff:6f:45:a4:6f:
f6:f7:c1:c1:e3:db:42:85:f1:4b:3d:54:fc:6c:9b:e9:3b:be:
4f:63:00:ff:fd:f6:62:a7:67:d0:4b:d1:ca:34:1d:c3:3f:d3:
36:89:66:06
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY0nAA5nUyCTL66vGm5SnJ9MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NDk5NTk1YTY1YWFiMGI1Mzc2OGRlZjA4MDkxZTMxMDYx
ZTllNjUwHhcNMjQwMTIwMTMxMjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2M4NGNkYzcxNGNiNThmNjI5NTYxOTA5NTA1YzA4ZTM5NWY1ZWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApftxAQZoWYFHMg0Jmnz6+mxMj8uh
vgmpI4coOL2FD9Gptw0jx+2wE9XgL1CX6pwshK2+yavm5aZng8nQcwQI04aixw1x
x7UUQSK15yx1lcq4j0Pggq4YYJDEXXVjQHgNaDtIwn573Ul9ycoRiLvHb90AK3Kl
J/HwHnlclJmmOwJJ1j1fUYQW07yuCL/air5fjNja7UCGQV8++0Srx72hQWaft7tL
845SY4FlJGwxAuPnTTUE5xzzyV0QUq2YFSC1oYp9Qgwxd74ZagBC4U7SLvPI52KO
gFTakGjQVKpeIpRkfZQBe50I6NOa1ZHYClqNgOJYZlIqTe1lmnOypPAIBwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMfITNxxTLWPYpVhkJUFwI45X175MB8GA1UdIwQY
MBaAFGdJlZWmWqsLU3aN7wgJHjEGHp5lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTct
MzU1MDgwNDE2NTJkLzEveDhoTTNIRk10WTlpbFdHUWxRWEFqamxmWHZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTctMzU1MDgwNDE2NTJk
LzEvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALhRoAwQA
uWSoAwQAuWSrAwQBuaDCAwQCuancMA0GCSqGSIb3DQEBCwUAA4IBAQCYSJNKL9ic
Kr7UMPAjk8X8EGP/xLLLQEfHpBY7O/+jZu9GZGQY9e80l8kG7Oy0tQC3o7wpr7KD
aZMt92RJu29T0A5+fyWRRP/mwmWOqsh8LszcyXZQfgPn6zViDeQPq7ZDMeocO86K
EAlvr6ulJq/wWU/35gZR6YfNuMZzgrj9nxUzyqCUvJhYKQAHmXVOuqFKxbrsDhh7
Rusv+vy48D65SxnNAJ948VpvvwqpVX/s3OmdsbgBlsI2nlrynavOP79r618REtUy
ExCJH95OBCtdr19j/29FpG/298HB49tChfFLPVT8bJvpO75PYwD//fZip2fQS9HK
NB3DP9M2iWYG
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:13:33 2025 by rpki-client