Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/f0b6ba-8675-491c-8593-724949b460e9/1/n0MVYxqNpu2zgW8UiQ0rZMl5UY0.roa
File: n0MVYxqNpu2zgW8UiQ0rZMl5UY0.roa (raw, json)
Hash identifier: stoCu5gwDw4yOMcFcUtLqXHUjvQc27OmkjSPsZsvcZ0=
Subject key identifier: 9F:43:15:63:1A:8D:A6:ED:B3:81:6F:14:89:0D:2B:64:C9:79:51:8D
Certificate issuer: /CN=38f9c54f19193e06548163f895c3a46b9f8bfbb5
Certificate serial: 018C8C4EB7F84F26E89C278B1120CE85588D
Authority key identifier: 38:F9:C5:4F:19:19:3E:06:54:81:63:F8:95:C3:A4:6B:9F:8B:FB:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OPnFTxkZPgZUgWP4lcOka5-L-7U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/f0b6ba-8675-491c-8593-724949b460e9/1/n0MVYxqNpu2zgW8UiQ0rZMl5UY0.roa
Signing time: Thu 21 Dec 2023 12:16:58 +0000
ROA not before: Thu 21 Dec 2023 12:16:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29247
IP address blocks: 149.210.0.0/18 maxlen: 18
109.178.0.0/16 maxlen: 16
5.144.224.0/20 maxlen: 20
5.203.0.0/16 maxlen: 16
62.103.103.0/24 maxlen: 24
5.144.192.0/20 maxlen: 20
5.144.192.0/18 maxlen: 18
5.144.208.0/20 maxlen: 20
31.152.0.0/16 maxlen: 16
94.143.177.0/24 maxlen: 24
94.143.176.0/24 maxlen: 24
94.143.178.0/24 maxlen: 24
195.167.65.0/24 maxlen: 24
94.143.180.0/24 maxlen: 24
94.143.183.0/24 maxlen: 24
149.210.64.0/18 maxlen: 18
2a02:1388::/29 maxlen: 29
2a02:1388::/36 maxlen: 36
2a02:1388:2000::/36 maxlen: 36
2a02:1388:4000::/36 maxlen: 36
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:8c:4e:b7:f8:4f:26:e8:9c:27:8b:11:20:ce:85:58:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38f9c54f19193e06548163f895c3a46b9f8bfbb5
Validity
Not Before: Dec 21 12:16:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9f4315631a8da6edb3816f14890d2b64c979518d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:b1:27:ec:56:44:a7:1f:3d:d0:60:02:b2:f2:
b7:78:66:57:4f:58:90:90:3f:af:8c:49:27:55:4d:
26:13:e8:8e:c3:8a:21:04:6e:48:54:33:51:fa:3a:
aa:65:e5:33:99:de:9a:f0:06:49:56:aa:18:ef:84:
d4:01:75:2c:29:98:d7:3f:d3:f7:41:6b:ef:dd:9d:
29:40:4d:4a:ec:3a:4f:6e:e9:75:10:30:08:2c:4a:
8f:de:a2:55:a0:c6:ae:27:7d:c1:ef:ac:83:d2:84:
ae:43:4a:9f:84:fa:81:ef:f3:83:dd:03:c9:cc:17:
7f:62:90:e2:99:1b:f5:7f:36:7e:7d:06:9e:a3:8d:
72:16:e4:12:30:d2:e7:64:7a:4e:b1:bc:e5:eb:ab:
08:01:89:c6:41:62:aa:e9:af:f1:3e:d8:39:c8:0e:
98:2c:d6:fe:c0:f6:73:9a:b8:ff:60:06:60:56:ae:
41:1a:36:7f:3e:99:a6:10:30:e5:48:9a:43:c0:1d:
d7:a4:5d:7e:17:ba:04:6b:8d:a4:c7:4d:e0:9d:a8:
7b:d4:48:87:e8:03:12:90:dc:d4:81:f8:c3:64:51:
d4:a4:93:3b:a6:a9:1b:9d:39:cc:f4:46:8e:39:5e:
5d:07:5d:90:bb:3b:1b:da:83:56:61:5c:9f:5a:0d:
ef:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:43:15:63:1A:8D:A6:ED:B3:81:6F:14:89:0D:2B:64:C9:79:51:8D
X509v3 Authority Key Identifier:
keyid:38:F9:C5:4F:19:19:3E:06:54:81:63:F8:95:C3:A4:6B:9F:8B:FB:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OPnFTxkZPgZUgWP4lcOka5-L-7U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/f0b6ba-8675-491c-8593-724949b460e9/1/n0MVYxqNpu2zgW8UiQ0rZMl5UY0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/f0b6ba-8675-491c-8593-724949b460e9/1/OPnFTxkZPgZUgWP4lcOka5-L-7U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.144.192.0/18
5.203.0.0/16
31.152.0.0/16
62.103.103.0/24
94.143.176.0-94.143.178.255
94.143.180.0/24
94.143.183.0/24
109.178.0.0/16
149.210.0.0/17
195.167.65.0/24
IPv6:
2a02:1388::/29
Signature Algorithm: sha256WithRSAEncryption
2c:a9:64:9f:2b:93:41:40:f3:ec:6f:1e:d9:de:d9:da:f9:b5:
fc:eb:d7:1a:65:21:2b:65:31:c2:74:11:ea:98:46:f0:f3:68:
64:e4:76:55:46:ed:55:9e:b9:df:fe:6a:15:40:0b:db:dc:fb:
16:10:01:f5:e1:26:cc:51:82:37:09:ee:4b:df:ef:b4:e6:84:
b2:ec:3c:0e:3a:1f:cc:84:9d:0b:8b:b7:c3:eb:55:3f:9f:d0:
e5:8c:eb:17:66:31:d1:ba:19:77:69:18:b6:42:82:88:b5:a2:
84:db:80:0e:c7:85:cb:72:0e:e4:8c:04:a2:d0:f2:75:4c:fb:
68:27:00:b7:1c:da:47:d0:c0:57:5e:3c:66:ca:ad:52:bf:8b:
d6:ae:76:1c:f2:38:70:88:8c:df:f1:22:46:47:98:8d:2a:72:
ef:ca:8d:14:85:b2:e5:14:5a:d5:1b:47:77:86:b5:d1:8e:ab:
8b:6d:06:22:37:d0:42:22:d4:ff:81:3e:24:f1:36:8d:6d:1f:
df:b7:74:30:47:a6:45:c3:5f:7c:87:e9:77:3b:b1:fb:5c:38:
d9:59:8f:1d:e7:e3:e9:94:da:6c:20:b1:fc:9a:0e:3e:9d:2d:
32:79:6a:d6:b3:e9:84:2f:a6:bf:7b:a7:59:33:7b:54:e8:ce:
0f:83:98:48
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAYyMTrf4TybonCeLESDOhViNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4ZjljNTRmMTkxOTNlMDY1NDgxNjNmODk1YzNhNDZiOWY4
YmZiYjUwHhcNMjMxMjIxMTIxNjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjQzMTU2MzFhOGRhNmVkYjM4MTZmMTQ4OTBkMmI2NGM5Nzk1MThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxbEn7FZEpx890GACsvK3eGZXT1iQ
kD+vjEknVU0mE+iOw4ohBG5IVDNR+jqqZeUzmd6a8AZJVqoY74TUAXUsKZjXP9P3
QWvv3Z0pQE1K7DpPbul1EDAILEqP3qJVoMauJ33B76yD0oSuQ0qfhPqB7/OD3QPJ
zBd/YpDimRv1fzZ+fQaeo41yFuQSMNLnZHpOsbzl66sIAYnGQWKq6a/xPtg5yA6Y
LNb+wPZzmrj/YAZgVq5BGjZ/PpmmEDDlSJpDwB3XpF1+F7oEa42kx03gnah71EiH
6AMSkNzUgfjDZFHUpJM7pqkbnTnM9EaOOV5dB12Quzsb2oNWYVyfWg3vRwIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFJ9DFWMajabts4FvFIkNK2TJeVGNMB8GA1UdIwQY
MBaAFDj5xU8ZGT4GVIFj+JXDpGufi/u1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1BuRlR4a1pQZ1pVZ1dQNGxjT2thNS1MLTdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9mMGI2YmEtODY3NS00OTFjLTg1OTMt
NzI0OTQ5YjQ2MGU5LzEvbjBNVll4cU5wdTJ6Z1c4VWlRMHJaTWw1VVkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9mMGI2YmEtODY3NS00OTFjLTg1OTMtNzI0OTQ5YjQ2MGU5
LzEvT1BuRlR4a1pQZ1pVZ1dQNGxjT2thNS1MLTdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBHBAIAATBBAwQGBZDAAwMA
BcsDAwAfmAMEAD5nZzAMAwQEXo+wAwQAXo+yAwQAXo+0AwQAXo+3AwMAbbIDBAeV
0gADBADDp0EwDQQCAAIwBwMFAyoCE4gwDQYJKoZIhvcNAQELBQADggEBACypZJ8r
k0FA8+xvHtne2dr5tfzr1xplIStlMcJ0EeqYRvDzaGTkdlVG7VWeud/+ahVAC9vc
+xYQAfXhJsxRgjcJ7kvf77TmhLLsPA46H8yEnQuLt8PrVT+f0OWM6xdmMdG6GXdp
GLZCgoi1ooTbgA7HhctyDuSMBKLQ8nVM+2gnALcc2kfQwFdePGbKrVK/i9audhzy
OHCIjN/xIkZHmI0qcu/KjRSFsuUUWtUbR3eGtdGOq4ttBiI30EIi1P+BPiTxNo1t
H9+3dDBHpkXDX3yH6Xc7sftcONlZjx3n4+mU2mwgsfyaDj6dLTJ5ataz6YQvpr97
p1kze1Tozg+DmEg=
-----END CERTIFICATE-----
Generated at Mon Jan 1 14:11:02 2024 by rpki-client on console.sobornost.net