Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/4AhKtIIO8MWpnX068nyFZh_rZ8o.roa
File: 4AhKtIIO8MWpnX068nyFZh_rZ8o.roa (raw, json)
Hash identifier: xyfd9gDYXgzROSE1JtHnDWvwn0dcR8BQ8CnOAEwA9WY=
Subject key identifier: E0:08:4A:B4:82:0E:F0:C5:A9:9D:7D:3A:F2:7C:85:66:1F:EB:67:CA
Certificate issuer: /CN=ed6da9e41686d21c12799c8e84b274aa8241508c
Certificate serial: 018E0E645964B34E7B6F4DB532A8D452ED4B
Authority key identifier: ED:6D:A9:E4:16:86:D2:1C:12:79:9C:8E:84:B2:74:AA:82:41:50:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7W2p5BaG0hwSeZyOhLJ0qoJBUIw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/4AhKtIIO8MWpnX068nyFZh_rZ8o.roa
Signing time: Tue 05 Mar 2024 11:34:01 +0000
ROA not before: Tue 05 Mar 2024 11:34:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 46.143.204.0/22 maxlen: 22
46.143.204.0/24 maxlen: 24
46.143.205.0/24 maxlen: 24
46.143.206.0/24 maxlen: 24
109.122.240.0/22 maxlen: 22
109.122.243.0/24 maxlen: 24
109.122.244.0/22 maxlen: 22
109.122.248.0/22 maxlen: 22
185.84.220.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 05 Mar 2024 12:47:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:0e:64:59:64:b3:4e:7b:6f:4d:b5:32:a8:d4:52:ed:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed6da9e41686d21c12799c8e84b274aa8241508c
Validity
Not Before: Mar 5 11:34:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e0084ab4820ef0c5a99d7d3af27c85661feb67ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:22:ed:b0:8e:85:e5:2a:3b:67:95:4e:21:f9:
b4:4a:00:29:c1:b6:64:da:71:5b:db:5f:1c:65:d1:
82:a6:71:55:24:38:93:a9:c1:c9:5f:8b:da:de:c0:
12:f8:e1:06:9a:72:87:f5:49:3c:54:78:39:6f:b2:
41:d3:da:49:83:79:9f:53:e2:3b:48:ae:c6:2e:22:
68:e3:cb:4c:d8:2a:44:eb:c3:68:42:22:0d:9c:8a:
a6:2a:35:d7:57:6d:fd:55:70:8c:c4:42:ea:5d:9c:
5b:9c:ef:05:69:63:20:e0:59:f6:0e:83:5a:64:9c:
02:0f:eb:c9:19:56:7b:6e:c5:ca:cf:60:1d:76:cc:
d8:65:ac:df:52:70:cd:2d:03:93:e1:19:13:70:13:
cf:dc:ae:62:01:e3:04:88:f7:1e:91:10:64:bd:84:
d7:50:03:56:ff:64:95:24:e9:bd:f1:56:48:6a:ce:
6d:3b:81:ee:8f:42:20:81:2e:61:d1:6e:d2:91:cb:
8b:58:b8:80:1b:02:e0:85:c4:a1:63:31:d3:7e:0d:
f8:a8:51:e1:a3:6b:90:2c:84:1f:b2:ad:37:b9:82:
44:90:56:42:b5:4f:4b:9b:c9:c6:ef:56:ba:6d:2e:
d9:35:1b:c0:41:23:17:6b:00:fd:45:d5:b6:67:1b:
d4:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:08:4A:B4:82:0E:F0:C5:A9:9D:7D:3A:F2:7C:85:66:1F:EB:67:CA
X509v3 Authority Key Identifier:
keyid:ED:6D:A9:E4:16:86:D2:1C:12:79:9C:8E:84:B2:74:AA:82:41:50:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7W2p5BaG0hwSeZyOhLJ0qoJBUIw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/4AhKtIIO8MWpnX068nyFZh_rZ8o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/7W2p5BaG0hwSeZyOhLJ0qoJBUIw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.143.204.0/22
109.122.240.0-109.122.251.255
185.84.220.0/22
Signature Algorithm: sha256WithRSAEncryption
63:2b:e2:39:b3:c6:e4:ca:c7:e0:f8:a0:c8:c4:f7:21:88:48:
01:ef:47:99:3d:0e:f2:dd:08:04:14:1d:ec:57:ec:d7:4d:52:
08:b2:a3:e1:2d:86:3b:b6:c2:75:d2:af:e4:2a:b9:0c:76:2c:
b8:00:8c:fd:ac:f8:67:a4:14:1a:44:d6:ba:be:10:54:1c:37:
56:ca:47:38:00:55:2b:ea:2e:fb:f3:e3:37:f5:4e:37:df:59:
79:54:de:bd:5c:b4:c9:93:41:7e:ae:c6:fc:6d:f2:c7:ef:a1:
35:55:d7:8c:75:e1:05:02:1e:4b:6d:51:c8:bb:aa:7c:07:e2:
39:13:99:3b:8d:98:99:0d:4f:99:0a:0f:57:85:69:0c:f8:26:
21:2b:30:e3:1b:0b:38:f4:38:f9:92:b7:ee:9b:3e:8f:6e:62:
cb:3f:31:93:31:b2:25:3d:ad:e7:f2:d4:76:51:16:ff:11:6a:
58:2e:d0:39:21:cf:36:67:87:b5:0d:2a:d7:35:94:62:18:c0:
64:72:6c:7f:95:8c:23:fa:11:42:70:f9:31:a1:56:70:ea:2f:
ee:5f:5d:1e:8e:dd:4d:b9:4e:ee:b1:00:e1:c4:8e:bf:a1:a7:
7f:e0:d7:ce:04:08:97:41:c3:7e:d7:d3:a7:9a:c7:53:c7:d1:
be:47:6e:c4
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAY4OZFlks057b021MqjUUu1LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkNmRhOWU0MTY4NmQyMWMxMjc5OWM4ZTg0YjI3NGFhODI0
MTUwOGMwHhcNMjQwMzA1MTEzNDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDA4NGFiNDgyMGVmMGM1YTk5ZDdkM2FmMjdjODU2NjFmZWI2N2NhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAryLtsI6F5So7Z5VOIfm0SgApwbZk
2nFb218cZdGCpnFVJDiTqcHJX4va3sAS+OEGmnKH9Uk8VHg5b7JB09pJg3mfU+I7
SK7GLiJo48tM2CpE68NoQiINnIqmKjXXV239VXCMxELqXZxbnO8FaWMg4Fn2DoNa
ZJwCD+vJGVZ7bsXKz2AddszYZazfUnDNLQOT4RkTcBPP3K5iAeMEiPcekRBkvYTX
UANW/2SVJOm98VZIas5tO4Huj0IggS5h0W7SkcuLWLiAGwLghcShYzHTfg34qFHh
o2uQLIQfsq03uYJEkFZCtU9Lm8nG71a6bS7ZNRvAQSMXawD9RdW2ZxvU8wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFOAISrSCDvDFqZ19OvJ8hWYf62fKMB8GA1UdIwQY
MBaAFO1tqeQWhtIcEnmcjoSydKqCQVCMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1cycDVCYUcwaHdTZVp5T2hMSjBxb0pCVUl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9hYzAxN2MtZmYyOS00M2NmLWEzZDYt
MjlmMWJlYjJmMjgyLzEvNEFoS3RJSU84TVdwblgwNjhueUZaaF9yWjhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS9hYzAxN2MtZmYyOS00M2NmLWEzZDYtMjlmMWJlYjJmMjgy
LzEvN1cycDVCYUcwaHdTZVp5T2hMSjBxb0pCVUl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCLo/MMAwD
BARtevADBAJtevgDBAK5VNwwDQYJKoZIhvcNAQELBQADggEBAGMr4jmzxuTKx+D4
oMjE9yGISAHvR5k9DvLdCAQUHexX7NdNUgiyo+Ethju2wnXSr+QquQx2LLgAjP2s
+GekFBpE1rq+EFQcN1bKRzgAVSvqLvvz4zf1TjffWXlU3r1ctMmTQX6uxvxt8sfv
oTVV14x14QUCHkttUci7qnwH4jkTmTuNmJkNT5kKD1eFaQz4JiErMOMbCzj0OPmS
t+6bPo9uYss/MZMxsiU9refy1HZRFv8Ralgu0DkhzzZnh7UNKtc1lGIYwGRybH+V
jCP6EUJw+TGhVnDqL+5fXR6O3U25Tu6xAOHEjr+hp3/g184ECJdBw37X06eax1PH
0b5HbsQ=
-----END CERTIFICATE-----
Generated at Tue Mar 5 19:08:32 2024 by rpki-client on console.sobornost.net