Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/JA5l3ma1aGYiZFjMB8BGAuwnLl4.roa
File: JA5l3ma1aGYiZFjMB8BGAuwnLl4.roa (raw, json)
Hash identifier: FW6iuTGqdng/cFPMCAy60lQ4Pl2gv2YWD4d3lIuBCek=
Subject key identifier: 24:0E:65:DE:66:B5:68:66:22:64:58:CC:07:C0:46:02:EC:27:2E:5E
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 018A548D5AC90EA7506E057536D454903AD9
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/JA5l3ma1aGYiZFjMB8BGAuwnLl4.roa
Signing time: Sat 02 Sep 2023 06:21:04 +0000
ROA not before: Sat 02 Sep 2023 06:21:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12679
IP address blocks: 176.46.134.0/24 maxlen: 24
176.46.139.0/24 maxlen: 24
176.46.136.0/24 maxlen: 24
176.46.138.0/24 maxlen: 24
176.46.140.0/24 maxlen: 24
176.46.143.0/24 maxlen: 24
176.46.132.0/24 maxlen: 24
176.46.130.0/24 maxlen: 24
176.46.131.0/24 maxlen: 24
176.46.128.0/24 maxlen: 24
109.203.164.0/22 maxlen: 24
109.203.160.0/22 maxlen: 24
94.74.191.0/24 maxlen: 24
94.74.187.0/24 maxlen: 24
37.49.144.0/24 maxlen: 24
37.49.145.0/24 maxlen: 24
37.49.146.0/24 maxlen: 24
37.49.151.0/24 maxlen: 24
37.49.150.0/24 maxlen: 24
37.49.147.0/24 maxlen: 24
37.49.149.0/24 maxlen: 24
37.49.148.0/24 maxlen: 24
94.74.137.0/24 maxlen: 24
94.74.156.0/24 maxlen: 24
94.74.173.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:54:8d:5a:c9:0e:a7:50:6e:05:75:36:d4:54:90:3a:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Sep 2 06:21:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=240e65de66b56866226458cc07c04602ec272e5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:97:75:0e:88:46:ab:50:99:b8:3e:11:aa:7f:
ad:54:00:2a:ab:9f:23:44:dd:89:21:a5:6b:9c:1b:
c0:13:4c:6c:55:f7:de:eb:50:2f:ca:0b:3b:33:f7:
d9:68:0e:0e:96:56:00:16:3c:84:ef:6c:d2:32:0a:
df:79:13:b2:a6:42:97:ef:b1:a8:23:3d:1c:74:fe:
eb:43:eb:3f:f8:28:ca:7c:c9:16:4d:cf:cc:0c:f8:
4c:eb:7e:8d:cc:bc:2f:14:85:49:e2:69:cb:c6:05:
a4:a0:f3:d9:5d:45:7a:6b:95:46:b8:3c:46:3c:93:
7f:a7:50:5f:04:61:77:5b:2f:2b:65:f8:71:fa:5e:
44:d5:b9:73:4a:2a:77:86:81:bd:56:46:60:38:50:
c5:26:5d:d2:3b:e4:d0:1d:43:dc:2a:be:50:1f:ad:
19:2e:04:0d:5d:05:68:e5:e8:df:eb:eb:a1:e6:8c:
8a:b9:a2:46:fb:c7:bd:79:49:15:53:83:eb:a1:12:
21:ec:2a:17:86:ed:16:a2:dd:2c:77:ea:a7:20:b9:
31:0a:b1:f6:b6:23:cc:0b:29:aa:fb:96:ba:7b:53:
8d:b3:ec:da:ac:12:f2:08:31:2e:77:01:af:8c:07:
86:dc:7e:96:95:ac:36:a0:0d:de:58:1d:c7:92:19:
2c:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:0E:65:DE:66:B5:68:66:22:64:58:CC:07:C0:46:02:EC:27:2E:5E
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/JA5l3ma1aGYiZFjMB8BGAuwnLl4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.49.144.0/21
94.74.137.0/24
94.74.156.0/24
94.74.173.0/24
94.74.187.0/24
94.74.191.0/24
109.203.160.0/21
176.46.128.0/24
176.46.130.0-176.46.132.255
176.46.134.0/24
176.46.136.0/24
176.46.138.0-176.46.140.255
176.46.143.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:b9:df:78:d6:1c:81:81:03:db:8f:99:cd:35:63:54:41:b1:
2f:5a:15:76:ca:d6:cb:49:1e:b0:9f:29:57:a8:f5:e1:d3:17:
f1:5c:55:dd:78:de:21:13:d9:24:5f:73:84:6a:e4:66:a4:78:
4a:83:01:bf:64:e5:d6:c5:0e:ab:16:8f:2d:b3:3c:00:6a:c4:
66:06:45:b1:21:06:5e:d5:c0:a8:6d:d9:e6:67:5e:42:a9:ff:
5a:5b:9f:6e:aa:a3:4d:c0:2e:24:95:30:6e:1f:ce:39:0c:4e:
90:c7:98:7c:50:4a:4e:be:26:8d:00:07:68:07:f9:69:df:44:
2d:fc:5d:60:93:90:ad:9c:57:38:7d:1a:89:49:8a:d5:21:e1:
a7:3b:94:c5:20:e2:ca:c8:1f:fc:d8:0a:23:f3:77:06:77:85:
cf:ab:6b:e5:e6:af:94:80:f9:5a:f7:3f:34:7e:d0:97:ee:9a:
db:3e:c9:bc:e8:8e:e9:87:9f:37:d1:78:02:fc:d8:3a:1c:49:
5f:d1:e4:f6:1e:f2:cd:c7:cd:0b:ac:26:21:f7:5a:d7:b3:2d:
c1:49:87:14:db:51:79:a6:04:52:45:18:06:85:8b:49:28:20:
ab:6b:96:9e:eb:51:97:34:aa:34:0b:28:9e:ec:8e:65:09:e0:
42:af:09:8d
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAYpUjVrJDqdQbgV1NtRUkDrZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjMwOTAyMDYyMTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDBlNjVkZTY2YjU2ODY2MjI2NDU4Y2MwN2MwNDYwMmVjMjcyZTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkpd1DohGq1CZuD4Rqn+tVAAqq58j
RN2JIaVrnBvAE0xsVffe61Avygs7M/fZaA4OllYAFjyE72zSMgrfeROypkKX77Go
Iz0cdP7rQ+s/+CjKfMkWTc/MDPhM636NzLwvFIVJ4mnLxgWkoPPZXUV6a5VGuDxG
PJN/p1BfBGF3Wy8rZfhx+l5E1blzSip3hoG9VkZgOFDFJl3SO+TQHUPcKr5QH60Z
LgQNXQVo5ejf6+uh5oyKuaJG+8e9eUkVU4ProRIh7CoXhu0Wot0sd+qnILkxCrH2
tiPMCymq+5a6e1ONs+zarBLyCDEudwGvjAeG3H6Wlaw2oA3eWB3HkhkswQIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFCQOZd5mtWhmImRYzAfARgLsJy5eMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvSkE1bDNtYTFhR1lpWkZqTUI4QkdBdXduTGw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBkBAIAATBeAwQDJTGQAwQA
XkqJAwQAXkqcAwQAXkqtAwQAXkq7AwQAXkq/AwQDbcugAwQAsC6AMAwDBAGwLoID
BACwLoQDBACwLoYDBACwLogwDAMEAbAuigMEALAujAMEALAujzANBgkqhkiG9w0B
AQsFAAOCAQEAPrnfeNYcgYED24+ZzTVjVEGxL1oVdsrWy0kesJ8pV6j14dMX8VxV
3XjeIRPZJF9zhGrkZqR4SoMBv2Tl1sUOqxaPLbM8AGrEZgZFsSEGXtXAqG3Z5mde
Qqn/WlufbqqjTcAuJJUwbh/OOQxOkMeYfFBKTr4mjQAHaAf5ad9ELfxdYJOQrZxX
OH0aiUmK1SHhpzuUxSDiysgf/NgKI/N3BneFz6tr5eavlID5Wvc/NH7Ql+6a2z7J
vOiO6YefN9F4AvzYOhxJX9Hk9h7yzcfNC6wmIfda17MtwUmHFNtReaYEUkUYBoWL
SSggq2uWnutRlzSqNAsonuyOZQngQq8JjQ==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:39 2023 by rpki-client on console.sobornost.net