Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/768fdb-d1b5-4bef-bcbd-4924fa000b7c/1/znDDrKLOTm7CjJPqzy8NJ-L-ysM.roa
File: znDDrKLOTm7CjJPqzy8NJ-L-ysM.roa (raw, json)
Hash identifier: ufpwkxxIqw+1Ltb4ZmSZKP5sNAO+59s1PxiucAJxpPY=
Subject key identifier: CE:70:C3:AC:A2:CE:4E:6E:C2:8C:93:EA:CF:2F:0D:27:E2:FE:CA:C3
Certificate issuer: /CN=a63bcc6d25f7476fbb3ec33f6dbc3e9eead92212
Certificate serial: 018776E60E9D1EC4C3A5EBD8148D569DA5A5
Authority key identifier: A6:3B:CC:6D:25:F7:47:6F:BB:3E:C3:3F:6D:BC:3E:9E:EA:D9:22:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pjvMbSX3R2-7PsM_bbw-nurZIhI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/768fdb-d1b5-4bef-bcbd-4924fa000b7c/1/znDDrKLOTm7CjJPqzy8NJ-L-ysM.roa
Signing time: Wed 12 Apr 2023 19:16:41 +0000
ROA not before: Wed 12 Apr 2023 19:16:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35819
IP address blocks: 46.153.16.0/20 maxlen: 20
46.153.128.0/20 maxlen: 20
46.153.32.0/20 maxlen: 20
46.153.144.0/20 maxlen: 20
46.153.48.0/20 maxlen: 20
46.153.160.0/19 maxlen: 19
46.153.64.0/19 maxlen: 19
46.153.192.0/20 maxlen: 20
46.153.96.0/19 maxlen: 19
46.153.208.0/20 maxlen: 20
46.153.0.0/20 maxlen: 20
46.153.224.0/20 maxlen: 20
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:76:e6:0e:9d:1e:c4:c3:a5:eb:d8:14:8d:56:9d:a5:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a63bcc6d25f7476fbb3ec33f6dbc3e9eead92212
Validity
Not Before: Apr 12 19:16:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ce70c3aca2ce4e6ec28c93eacf2f0d27e2fecac3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:1b:ff:b4:a4:8d:67:36:93:13:c1:6f:5f:e6:
ea:ff:f4:fa:83:6f:5e:c6:26:d2:47:de:74:3e:95:
79:3b:74:a8:9c:f3:1f:bd:73:a3:38:1a:85:46:9c:
4f:0c:16:96:58:a0:44:37:5e:27:31:94:68:b3:75:
bd:ac:19:37:db:81:9c:6e:54:7b:4c:9d:48:58:de:
1f:55:4a:f2:7d:ce:3e:65:ff:d3:9e:7e:65:87:4f:
5f:10:1a:15:91:1b:42:f1:e8:6e:66:42:62:04:37:
0f:2a:3f:70:cd:16:68:ad:7c:27:0f:86:73:47:d9:
d5:56:49:64:ff:42:e5:f9:75:84:28:1f:82:da:98:
a7:ed:24:86:44:2e:86:26:f9:73:09:2c:57:9b:f3:
10:9d:37:7e:a3:27:dd:fb:45:58:6f:47:5a:65:71:
a7:21:97:f7:a4:3a:15:16:d3:de:7a:0a:20:fa:70:
38:2f:57:6f:f7:ac:2e:80:50:e7:6b:0b:b1:fc:c2:
f8:b9:a9:f4:3f:9d:b4:c0:fc:fd:58:96:da:fe:6b:
62:c3:2e:90:9c:64:1b:69:43:e7:23:8e:1d:63:7a:
7d:76:f9:1f:e1:08:d2:e2:d8:64:97:95:b0:2c:05:
16:33:50:eb:1e:23:01:30:1f:1d:88:29:39:26:59:
7c:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:70:C3:AC:A2:CE:4E:6E:C2:8C:93:EA:CF:2F:0D:27:E2:FE:CA:C3
X509v3 Authority Key Identifier:
keyid:A6:3B:CC:6D:25:F7:47:6F:BB:3E:C3:3F:6D:BC:3E:9E:EA:D9:22:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pjvMbSX3R2-7PsM_bbw-nurZIhI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/768fdb-d1b5-4bef-bcbd-4924fa000b7c/1/znDDrKLOTm7CjJPqzy8NJ-L-ysM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/768fdb-d1b5-4bef-bcbd-4924fa000b7c/1/pjvMbSX3R2-7PsM_bbw-nurZIhI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.153.0.0-46.153.239.255
Signature Algorithm: sha256WithRSAEncryption
50:8d:6a:cb:d3:5a:d4:f0:ed:10:96:d8:b8:d8:9e:fc:da:19:
d1:cb:63:cd:a1:e9:b6:c8:9c:d7:84:26:a1:bd:31:55:07:6f:
e6:fd:a6:9e:57:f5:5a:5f:6c:f4:12:56:f5:c2:08:96:1a:e0:
06:ce:a8:b3:c5:66:00:88:6c:8d:50:d1:e0:4b:6f:99:4a:dd:
1f:c7:64:1a:cb:4f:2c:c2:d4:f2:d3:c4:81:a6:18:e5:3e:35:
23:d0:3e:09:e5:18:50:e2:27:98:b6:b5:08:e7:3d:bb:86:ca:
d8:ea:ba:01:e8:ed:9c:93:9d:95:a4:95:3c:66:c8:5e:dd:1d:
6a:06:83:11:d4:78:51:5d:cb:0b:e0:a6:fc:b2:42:fc:50:51:
52:8b:42:54:d1:93:53:74:f8:f7:e5:f2:85:28:af:4a:8d:d7:
b6:2d:5d:21:52:7d:d4:ce:90:20:b2:4e:e0:94:b0:fc:1f:0b:
14:3f:ba:ca:24:70:79:be:74:9e:ba:f3:75:a3:19:17:96:81:
c7:8c:6c:00:2e:c1:bd:e4:fd:7e:26:e7:66:ef:4d:7c:24:5f:
fe:2f:d8:68:6a:8b:c3:d6:d2:70:9b:6f:28:46:2f:0e:a6:df:
dd:56:99:16:3a:a3:bd:e1:d8:12:36:94:ba:32:61:77:bd:3c:
0d:70:e0:2d
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYd25g6dHsTDpevYFI1WnaWlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2M2JjYzZkMjVmNzQ3NmZiYjNlYzMzZjZkYmMzZTllZWFk
OTIyMTIwHhcNMjMwNDEyMTkxNjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTcwYzNhY2EyY2U0ZTZlYzI4YzkzZWFjZjJmMGQyN2UyZmVjYWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjxv/tKSNZzaTE8FvX+bq//T6g29e
xibSR950PpV5O3SonPMfvXOjOBqFRpxPDBaWWKBEN14nMZRos3W9rBk324GcblR7
TJ1IWN4fVUryfc4+Zf/Tnn5lh09fEBoVkRtC8ehuZkJiBDcPKj9wzRZorXwnD4Zz
R9nVVklk/0Ll+XWEKB+C2pin7SSGRC6GJvlzCSxXm/MQnTd+oyfd+0VYb0daZXGn
IZf3pDoVFtPeegog+nA4L1dv96wugFDnawux/ML4uan0P520wPz9WJba/mtiwy6Q
nGQbaUPnI44dY3p9dvkf4QjS4thkl5WwLAUWM1DrHiMBMB8diCk5Jll8UwIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFM5ww6yizk5uwoyT6s8vDSfi/srDMB8GA1UdIwQY
MBaAFKY7zG0l90dvuz7DP228Pp7q2SISMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGp2TWJTWDNSMi03UHNNX2Jidy1udXJaSWhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS83NjhmZGItZDFiNS00YmVmLWJjYmQt
NDkyNGZhMDAwYjdjLzEvem5ERHJLTE9UbTdDakpQcXp5OE5KLUwteXNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS83NjhmZGItZDFiNS00YmVmLWJjYmQtNDkyNGZhMDAwYjdj
LzEvcGp2TWJTWDNSMi03UHNNX2Jidy1udXJaSWhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCYGCCsGAQUFBwEHAQH/BBcwFTATBAIAATANMAsDAwAumQME
BC6Z4DANBgkqhkiG9w0BAQsFAAOCAQEAUI1qy9Na1PDtEJbYuNie/NoZ0ctjzaHp
tsic14Qmob0xVQdv5v2mnlf1Wl9s9BJW9cIIlhrgBs6os8VmAIhsjVDR4EtvmUrd
H8dkGstPLMLU8tPEgaYY5T41I9A+CeUYUOInmLa1COc9u4bK2Oq6AejtnJOdlaSV
PGbIXt0dagaDEdR4UV3LC+Cm/LJC/FBRUotCVNGTU3T49+XyhSivSo3Xti1dIVJ9
1M6QILJO4JSw/B8LFD+6yiRweb50nrrzdaMZF5aBx4xsAC7BveT9fibnZu9NfCRf
/i/YaGqLw9bScJtvKEYvDqbf3VaZFjqjveHYEjaUujJhd708DXDgLQ==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:07 2023 by rpki-client on console.sobornost.net