Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/2uAP7jCeHYfHZvx-tfVPQ4xO-vU.roa
File: 2uAP7jCeHYfHZvx-tfVPQ4xO-vU.roa (raw, json)
Hash identifier: mCmUT5sOYKIE8igw1sFZm2KmDbMMPUv2BX8KZuGNqBs=
Subject key identifier: DA:E0:0F:EE:30:9E:1D:87:C7:66:FC:7E:B5:F5:4F:43:8C:4E:FA:F5
Certificate issuer: /CN=67499595a65aab0b53768def08091e31061e9e65
Certificate serial: 018D4BDBE8E76A879402C6E1313D408EC7D4
Authority key identifier: 67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/2uAP7jCeHYfHZvx-tfVPQ4xO-vU.roa
Signing time: Sat 27 Jan 2024 16:58:39 +0000
ROA not before: Sat 27 Jan 2024 16:58:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48449
IP address blocks: 46.20.104.0/24 maxlen: 24
185.100.171.0/24 maxlen: 24
185.160.194.0/24 maxlen: 24
185.160.195.0/24 maxlen: 24
185.169.220.0/24 maxlen: 24
185.169.221.0/24 maxlen: 24
185.169.222.0/24 maxlen: 24
185.169.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 28 Jan 2024 17:31:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:4b:db:e8:e7:6a:87:94:02:c6:e1:31:3d:40:8e:c7:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67499595a65aab0b53768def08091e31061e9e65
Validity
Not Before: Jan 27 16:58:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dae00fee309e1d87c766fc7eb5f54f438c4efaf5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:e7:89:87:32:53:c1:51:d1:56:97:b4:e4:3e:
87:ce:33:72:ea:4c:59:8f:8f:94:2f:9f:be:77:4d:
5f:5a:46:bd:81:fb:93:4b:1a:71:77:85:7f:75:18:
32:d9:4c:bd:4e:7d:c9:b2:2e:02:a9:e0:ca:87:99:
c4:12:b5:c9:c5:90:f9:1c:a8:38:ec:d5:4e:1d:0b:
4a:07:df:ce:41:4d:94:68:d0:47:47:09:ed:b5:57:
4e:91:a9:a5:59:11:5a:05:72:e5:65:7e:57:5f:19:
45:01:f1:ad:c7:e8:0c:ff:ab:a8:5f:db:c7:70:90:
4e:06:23:28:fb:9a:8a:a9:bd:49:02:e7:4c:12:a9:
5a:da:91:71:0e:aa:74:4a:e3:66:b4:a5:df:86:82:
92:6b:29:cd:ae:76:39:f9:c4:e4:92:aa:10:82:01:
f7:a1:c3:36:17:70:1e:af:c3:4c:02:56:e2:fd:19:
fb:bb:20:e5:79:fa:7b:80:48:fe:e1:75:50:a7:26:
b8:e2:a5:90:4e:95:d5:dc:b2:1f:76:ff:f8:3d:b5:
03:2b:5d:3d:4d:a9:0e:45:ca:5d:fd:75:1a:ad:81:
43:46:16:6a:f7:af:83:b0:8c:bb:96:72:ba:eb:49:
e4:2c:10:c2:d1:2c:21:a4:d6:f3:48:39:25:94:4b:
3b:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:E0:0F:EE:30:9E:1D:87:C7:66:FC:7E:B5:F5:4F:43:8C:4E:FA:F5
X509v3 Authority Key Identifier:
keyid:67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/2uAP7jCeHYfHZvx-tfVPQ4xO-vU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.104.0/24
185.100.171.0/24
185.160.194.0/23
185.169.220.0/22
Signature Algorithm: sha256WithRSAEncryption
62:0f:e0:0f:8b:ee:8b:f0:c3:15:bf:9f:e3:42:02:74:a8:8e:
c0:4e:26:fa:78:15:60:ae:de:15:db:c4:30:df:54:ba:f7:ac:
a9:62:3e:38:99:c1:e1:c6:f0:5a:ae:42:bd:56:d2:f8:9f:5c:
a7:ea:0b:d6:c1:f1:bb:9b:4a:a5:18:3e:b4:09:03:5e:63:81:
26:10:55:18:4d:42:13:80:dd:e4:0f:e5:b5:25:d6:19:d4:bf:
8f:7f:79:d9:83:65:ef:0b:4c:15:b8:d4:c8:08:a9:cb:4d:61:
ad:ad:66:78:01:b0:45:a7:55:fe:c3:9c:2f:b2:91:f7:28:d0:
e6:45:24:28:44:2d:cf:c7:10:a3:bd:88:0d:53:49:54:a5:63:
bb:6e:cb:92:16:bb:f7:b2:fb:a0:02:4b:fa:d9:ec:04:47:94:
41:8f:d8:a8:cc:c6:73:56:06:82:15:d8:a3:13:5b:cb:f3:37:
7d:ef:f2:0f:ba:8c:01:3a:fd:1e:62:ff:7b:dd:ca:8f:d3:e9:
9c:25:8b:92:c9:7f:b5:de:f8:20:b7:0b:ea:35:87:9d:19:5e:
d9:d0:1c:fd:cb:f8:39:37:44:84:0d:2d:b1:5d:05:d7:da:31:
80:93:62:98:e0:11:26:be:2b:53:53:07:12:49:95:d4:7d:05:
7b:f3:5f:ce
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY1L2+jnaoeUAsbhMT1AjsfUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NDk5NTk1YTY1YWFiMGI1Mzc2OGRlZjA4MDkxZTMxMDYx
ZTllNjUwHhcNMjQwMTI3MTY1ODM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWUwMGZlZTMwOWUxZDg3Yzc2NmZjN2ViNWY1NGY0MzhjNGVmYWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAleeJhzJTwVHRVpe05D6HzjNy6kxZ
j4+UL5++d01fWka9gfuTSxpxd4V/dRgy2Uy9Tn3Jsi4CqeDKh5nEErXJxZD5HKg4
7NVOHQtKB9/OQU2UaNBHRwnttVdOkamlWRFaBXLlZX5XXxlFAfGtx+gM/6uoX9vH
cJBOBiMo+5qKqb1JAudMEqla2pFxDqp0SuNmtKXfhoKSaynNrnY5+cTkkqoQggH3
ocM2F3Aer8NMAlbi/Rn7uyDlefp7gEj+4XVQpya44qWQTpXV3LIfdv/4PbUDK109
TakORcpd/XUarYFDRhZq96+DsIy7lnK660nkLBDC0SwhpNbzSDkllEs7LwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNrgD+4wnh2Hx2b8frX1T0OMTvr1MB8GA1UdIwQY
MBaAFGdJlZWmWqsLU3aN7wgJHjEGHp5lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTct
MzU1MDgwNDE2NTJkLzEvMnVBUDdqQ2VIWWZIWnZ4LXRmVlBRNHhPLXZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTctMzU1MDgwNDE2NTJk
LzEvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALhRoAwQA
uWSrAwQBuaDCAwQCuancMA0GCSqGSIb3DQEBCwUAA4IBAQBiD+APi+6L8MMVv5/j
QgJ0qI7ATib6eBVgrt4V28Qw31S696ypYj44mcHhxvBarkK9VtL4n1yn6gvWwfG7
m0qlGD60CQNeY4EmEFUYTUITgN3kD+W1JdYZ1L+Pf3nZg2XvC0wVuNTICKnLTWGt
rWZ4AbBFp1X+w5wvspH3KNDmRSQoRC3PxxCjvYgNU0lUpWO7bsuSFrv3svugAkv6
2ewER5RBj9iozMZzVgaCFdijE1vL8zd97/IPuowBOv0eYv973cqP0+mcJYuSyX+1
3vggtwvqNYedGV7Z0Bz9y/g5N0SEDS2xXQXX2jGAk2KY4BEmvitTUwcSSZXUfQV7
81/O
-----END CERTIFICATE-----
Generated at Sat May 10 19:46:42 2025 by rpki-client