Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/zXshu1mZddOfy53LbcxUxTz1_ug.roa
File: zXshu1mZddOfy53LbcxUxTz1_ug.roa (raw, json)
Hash identifier: VTOAfmk37GaFSsm2WRvs6n3ok4B5dH/R558icGYC528=
Subject key identifier: CD:7B:21:BB:59:99:75:D3:9F:CB:9D:CB:6D:CC:54:C5:3C:F5:FE:E8
Certificate issuer: /CN=67499595a65aab0b53768def08091e31061e9e65
Certificate serial: 01952857E11A7CF7092F585043CEB7FB2E52
Authority key identifier: 67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/zXshu1mZddOfy53LbcxUxTz1_ug.roa
Signing time: Fri 21 Feb 2025 11:50:02 +0000
ROA not before: Fri 21 Feb 2025 11:50:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42689
IP address blocks: 46.20.101.0/24 maxlen: 24
46.20.108.0/24 maxlen: 24
46.20.110.0/24 maxlen: 24
185.160.193.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 27 Mar 2025 15:45:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:28:57:e1:1a:7c:f7:09:2f:58:50:43:ce:b7:fb:2e:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67499595a65aab0b53768def08091e31061e9e65
Validity
Not Before: Feb 21 11:50:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cd7b21bb599975d39fcb9dcb6dcc54c53cf5fee8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:3f:d5:c5:fa:3a:9d:23:52:a1:c4:3b:c2:bb:
c6:28:3c:57:77:48:8f:4b:e7:23:80:f6:ff:c2:ec:
19:b0:86:96:34:b0:d7:46:45:24:1a:8e:b0:8d:b2:
5c:2b:b0:b7:45:de:5f:da:bb:33:aa:e7:50:fd:98:
43:1b:79:7c:ee:30:9b:ec:de:db:a7:8b:a0:92:11:
79:e4:56:77:65:25:8a:23:1a:a5:f4:32:4f:15:f8:
e9:fd:4e:cc:9a:c8:30:8d:51:70:ca:43:09:ed:76:
80:d5:45:e2:10:9c:c8:e6:f6:e9:2c:be:ab:ce:e9:
40:bb:a3:94:d2:fa:eb:67:15:7a:04:c6:e9:89:f7:
84:cf:33:bf:31:12:f0:f4:6a:cc:ef:84:b0:57:00:
ed:44:1d:78:86:a6:37:84:0a:53:43:fe:d4:93:54:
53:84:1f:6d:07:02:dd:e5:bf:d8:52:89:e5:bc:e5:
aa:5f:e8:2d:c5:85:e0:17:5a:4f:2d:06:d3:c3:b5:
3c:f2:5c:a1:87:b6:7e:03:3a:1b:62:2f:6a:25:87:
49:cd:32:37:15:b1:ba:9f:87:c0:f2:cb:32:8d:73:
a4:ee:bf:33:2c:cd:b4:bf:23:ef:bb:97:8f:f5:48:
5f:6b:bb:32:ec:95:a3:8e:33:f4:00:2e:d0:53:68:
cc:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:7B:21:BB:59:99:75:D3:9F:CB:9D:CB:6D:CC:54:C5:3C:F5:FE:E8
X509v3 Authority Key Identifier:
keyid:67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/zXshu1mZddOfy53LbcxUxTz1_ug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.101.0/24
46.20.108.0/24
46.20.110.0/24
185.160.193.0/24
Signature Algorithm: sha256WithRSAEncryption
64:68:ed:4a:d4:22:80:e6:5a:0b:9d:8c:09:39:77:ff:40:26:
ba:ad:88:22:dd:3f:9e:2c:56:7e:61:07:4f:99:ab:71:ba:d8:
b8:71:ba:90:85:71:4d:8f:eb:35:1d:84:ec:dc:f7:40:2c:03:
50:a3:0e:e3:4d:ed:1f:95:b5:43:c8:15:14:67:ed:02:b3:7d:
f5:d5:24:3a:c1:e4:cc:88:2b:23:84:f8:bd:00:24:18:78:a5:
d9:bd:65:b6:58:07:ab:29:80:a2:c5:f4:de:7d:75:22:04:49:
64:a8:1b:00:f5:03:08:cd:59:78:97:c6:e2:6c:f7:12:6c:5e:
ba:15:82:60:97:f2:4a:b7:9d:15:5e:19:9d:5a:9a:37:7e:9b:
a3:1f:4c:71:be:aa:89:2c:dc:8b:78:ef:d6:eb:f8:7e:3a:c5:
05:62:5d:99:69:32:9c:75:f1:ec:60:d6:4a:6c:61:f3:3e:f4:
2d:7c:ca:50:38:0c:fd:a8:de:a9:4c:14:cd:26:0e:0a:8e:4b:
a2:86:ee:f1:9c:27:b7:f1:ca:4f:bf:69:3d:90:3c:73:f4:ba:
20:f8:29:5b:7a:a6:33:2d:22:e9:74:10:b4:1e:86:bc:c8:48:
f0:3f:83:75:0d:2f:11:61:89:76:7b:ef:16:7c:ed:d9:c2:f2:
24:a8:df:71
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZUoV+EafPcJL1hQQ863+y5SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NDk5NTk1YTY1YWFiMGI1Mzc2OGRlZjA4MDkxZTMxMDYx
ZTllNjUwHhcNMjUwMjIxMTE1MDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDdiMjFiYjU5OTk3NWQzOWZjYjlkY2I2ZGNjNTRjNTNjZjVmZWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoj/Vxfo6nSNSocQ7wrvGKDxXd0iP
S+cjgPb/wuwZsIaWNLDXRkUkGo6wjbJcK7C3Rd5f2rszqudQ/ZhDG3l87jCb7N7b
p4ugkhF55FZ3ZSWKIxql9DJPFfjp/U7MmsgwjVFwykMJ7XaA1UXiEJzI5vbpLL6r
zulAu6OU0vrrZxV6BMbpifeEzzO/MRLw9GrM74SwVwDtRB14hqY3hApTQ/7Uk1RT
hB9tBwLd5b/YUonlvOWqX+gtxYXgF1pPLQbTw7U88lyhh7Z+AzobYi9qJYdJzTI3
FbG6n4fA8ssyjXOk7r8zLM20vyPvu5eP9Uhfa7sy7JWjjjP0AC7QU2jMNwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFM17IbtZmXXTn8udy23MVMU89f7oMB8GA1UdIwQY
MBaAFGdJlZWmWqsLU3aN7wgJHjEGHp5lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTct
MzU1MDgwNDE2NTJkLzEvelhzaHUxbVpkZE9meTUzTGJjeFV4VHoxX3VnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTctMzU1MDgwNDE2NTJk
LzEvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALhRlAwQA
LhRsAwQALhRuAwQAuaDBMA0GCSqGSIb3DQEBCwUAA4IBAQBkaO1K1CKA5loLnYwJ
OXf/QCa6rYgi3T+eLFZ+YQdPmatxuti4cbqQhXFNj+s1HYTs3PdALANQow7jTe0f
lbVDyBUUZ+0Cs3311SQ6weTMiCsjhPi9ACQYeKXZvWW2WAerKYCixfTefXUiBElk
qBsA9QMIzVl4l8bibPcSbF66FYJgl/JKt50VXhmdWpo3fpujH0xxvqqJLNyLeO/W
6/h+OsUFYl2ZaTKcdfHsYNZKbGHzPvQtfMpQOAz9qN6pTBTNJg4Kjkuihu7xnCe3
8cpPv2k9kDxz9Log+ClbeqYzLSLpdBC0Hoa8yEjwP4N1DS8RYYl2e+8WfO3ZwvIk
qN9x
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:20:23 2025 by rpki-client