Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/yb_7XZnxaJVdCp1t2loHSUdTvCg.roa
File: yb_7XZnxaJVdCp1t2loHSUdTvCg.roa (raw, json)
Hash identifier: ljdutPtSIAzxwabF2yZtZ8kj9LserhiOjsV1xQt+0c4=
Subject key identifier: C9:BF:FB:5D:99:F1:68:95:5D:0A:9D:6D:DA:5A:07:49:47:53:BC:28
Certificate issuer: /CN=67499595a65aab0b53768def08091e31061e9e65
Certificate serial: 0195D19EDFCCDABFF82302BFF484F65B8A82
Authority key identifier: 67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/yb_7XZnxaJVdCp1t2loHSUdTvCg.roa
Signing time: Wed 26 Mar 2025 08:43:24 +0000
ROA not before: Wed 26 Mar 2025 08:43:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48449
IP address blocks: 46.20.97.0/24 maxlen: 24
46.20.103.0/24 maxlen: 24
46.20.106.0/24 maxlen: 24
46.20.111.0/24 maxlen: 24
185.160.194.0/24 maxlen: 24
185.160.195.0/24 maxlen: 24
185.169.220.0/24 maxlen: 24
185.169.221.0/24 maxlen: 24
185.169.222.0/24 maxlen: 24
185.169.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 27 Mar 2025 15:45:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:d1:9e:df:cc:da:bf:f8:23:02:bf:f4:84:f6:5b:8a:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67499595a65aab0b53768def08091e31061e9e65
Validity
Not Before: Mar 26 08:43:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c9bffb5d99f168955d0a9d6dda5a07494753bc28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:ec:8f:c5:e4:75:d7:1c:49:47:5e:7a:d5:18:
71:42:2e:8f:86:b7:b9:28:b4:13:e3:4d:0a:43:1c:
a0:98:a6:7b:ea:80:3e:90:ef:0c:9f:4e:00:36:2b:
a0:23:ee:f6:ad:f6:11:fe:23:57:9a:17:80:f3:24:
27:e2:6f:a7:7a:6f:59:1c:d8:86:8b:c2:12:4c:6b:
74:e3:0d:31:66:8f:f8:77:c1:df:9c:c0:0b:b0:16:
9d:e1:95:55:ac:16:ce:86:4c:45:76:93:0f:a6:00:
6f:46:ed:f1:5d:c6:39:ea:94:a6:43:b2:77:da:66:
60:93:64:b3:18:b5:d5:ba:e1:6d:ee:f4:f0:16:2d:
81:09:07:70:1b:cc:b8:20:53:d4:9a:18:1c:1c:d5:
00:f3:7f:34:af:1d:20:1e:7d:51:d4:2a:7a:27:26:
39:59:40:8a:e4:a6:45:26:d0:db:eb:e0:ce:4b:4d:
c7:8c:1b:2b:fa:33:4e:73:2a:18:f6:f6:8d:bc:4f:
63:46:d2:2f:49:c9:2d:22:75:b4:0d:16:2a:3e:cb:
16:95:da:b8:bb:d4:9c:72:69:f8:43:e7:e2:92:ed:
04:45:d1:32:e1:07:24:0f:d7:cb:a8:86:97:22:17:
cb:2f:53:28:2a:3e:cc:e4:34:7a:1f:93:cb:6b:30:
ec:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:BF:FB:5D:99:F1:68:95:5D:0A:9D:6D:DA:5A:07:49:47:53:BC:28
X509v3 Authority Key Identifier:
keyid:67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/yb_7XZnxaJVdCp1t2loHSUdTvCg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.97.0/24
46.20.103.0/24
46.20.106.0/24
46.20.111.0/24
185.160.194.0/23
185.169.220.0/22
Signature Algorithm: sha256WithRSAEncryption
2a:8c:fd:2f:80:52:b2:ff:1c:a6:d7:cf:67:b0:99:f9:e3:c6:
d3:90:c2:78:52:00:bf:7f:19:7b:85:b8:7c:82:9d:b7:a5:15:
ce:69:ef:79:7a:e3:d0:ff:22:8e:75:04:11:10:69:57:a8:61:
d6:fe:4d:87:eb:c9:63:02:6c:cf:5a:6c:08:69:2d:ae:32:d6:
dc:e3:90:52:e2:df:76:b1:81:59:f4:f1:5f:52:7d:2f:fc:bd:
ba:ff:ca:5b:fb:71:79:c3:61:7f:22:db:bd:69:55:aa:2b:44:
fa:04:59:47:8f:e0:7a:38:e5:20:d1:99:c9:f2:de:dc:09:86:
e5:8e:84:76:76:51:66:d8:21:49:c0:86:53:08:f3:b3:a9:2e:
e7:de:34:4c:c7:b8:55:aa:6e:7e:6a:52:2f:5e:13:44:a3:52:
1e:2a:e8:bc:50:49:b6:59:21:25:84:99:68:41:cb:e8:f6:43:
61:e1:a5:c2:a1:b6:ee:74:45:cb:70:41:e0:de:15:31:f4:06:
a6:82:b7:50:6d:82:97:cb:6b:1c:dd:e6:2a:22:80:f0:54:cc:
36:17:89:14:7f:13:67:48:7f:6a:c7:ba:4b:00:00:85:06:12:
2d:e8:53:83:12:ae:94:e1:ac:37:18:08:80:56:00:4c:e4:64:
1e:32:53:57
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZXRnt/M2r/4IwK/9IT2W4qCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NDk5NTk1YTY1YWFiMGI1Mzc2OGRlZjA4MDkxZTMxMDYx
ZTllNjUwHhcNMjUwMzI2MDg0MzI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWJmZmI1ZDk5ZjE2ODk1NWQwYTlkNmRkYTVhMDc0OTQ3NTNiYzI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyOyPxeR11xxJR1561RhxQi6Phre5
KLQT400KQxygmKZ76oA+kO8Mn04ANiugI+72rfYR/iNXmheA8yQn4m+nem9ZHNiG
i8ISTGt04w0xZo/4d8HfnMALsBad4ZVVrBbOhkxFdpMPpgBvRu3xXcY56pSmQ7J3
2mZgk2SzGLXVuuFt7vTwFi2BCQdwG8y4IFPUmhgcHNUA8380rx0gHn1R1Cp6JyY5
WUCK5KZFJtDb6+DOS03HjBsr+jNOcyoY9vaNvE9jRtIvScktInW0DRYqPssWldq4
u9Sccmn4Q+fiku0ERdEy4QckD9fLqIaXIhfLL1MoKj7M5DR6H5PLazDsQwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFMm/+12Z8WiVXQqdbdpaB0lHU7woMB8GA1UdIwQY
MBaAFGdJlZWmWqsLU3aN7wgJHjEGHp5lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTct
MzU1MDgwNDE2NTJkLzEveWJfN1habnhhSlZkQ3AxdDJsb0hTVWRUdkNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTctMzU1MDgwNDE2NTJk
LzEvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALhRhAwQA
LhRnAwQALhRqAwQALhRvAwQBuaDCAwQCuancMA0GCSqGSIb3DQEBCwUAA4IBAQAq
jP0vgFKy/xym189nsJn548bTkMJ4UgC/fxl7hbh8gp23pRXOae95euPQ/yKOdQQR
EGlXqGHW/k2H68ljAmzPWmwIaS2uMtbc45BS4t92sYFZ9PFfUn0v/L26/8pb+3F5
w2F/Itu9aVWqK0T6BFlHj+B6OOUg0ZnJ8t7cCYbljoR2dlFm2CFJwIZTCPOzqS7n
3jRMx7hVqm5+alIvXhNEo1IeKui8UEm2WSElhJloQcvo9kNh4aXCobbudEXLcEHg
3hUx9AamgrdQbYKXy2sc3eYqIoDwVMw2F4kUfxNnSH9qx7pLAACFBhIt6FODEq6U
4aw3GAiAVgBM5GQeMlNX
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:19:20 2025 by rpki-client