Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/06444c-9d9b-4c6b-950b-79c8987a8b1c/1/nqxDiltauRF4oPjc8-xe97CjnrE.roa
File: nqxDiltauRF4oPjc8-xe97CjnrE.roa (raw, json)
Hash identifier: fJBjq/6yehjGvxOEoqxqe+IAK33htKUSEG1zB5XaqyY=
Subject key identifier: 9E:AC:43:8A:5B:5A:B9:11:78:A0:F8:DC:F3:EC:5E:F7:B0:A3:9E:B1
Certificate issuer: /CN=5a43e9e267956e7f262c17f0089f0f60ba7abefb
Certificate serial: 018BB3FF080E2FB2062F67250466A8D7C161
Authority key identifier: 5A:43:E9:E2:67:95:6E:7F:26:2C:17:F0:08:9F:0F:60:BA:7A:BE:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WkPp4meVbn8mLBfwCJ8PYLp6vvs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/06444c-9d9b-4c6b-950b-79c8987a8b1c/1/nqxDiltauRF4oPjc8-xe97CjnrE.roa
Signing time: Thu 09 Nov 2023 12:11:57 +0000
ROA not before: Thu 09 Nov 2023 12:11:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43987
IP address blocks: 46.49.132.0/24 maxlen: 24
46.49.135.0/24 maxlen: 24
46.49.144.0/24 maxlen: 24
46.49.140.0/24 maxlen: 24
46.49.143.0/24 maxlen: 24
46.49.173.0/24 maxlen: 24
46.49.210.0/24 maxlen: 24
2a02:df5::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b3:ff:08:0e:2f:b2:06:2f:67:25:04:66:a8:d7:c1:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a43e9e267956e7f262c17f0089f0f60ba7abefb
Validity
Not Before: Nov 9 12:11:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9eac438a5b5ab91178a0f8dcf3ec5ef7b0a39eb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:eb:6e:94:1d:9a:97:7a:19:4e:d7:73:de:ef:
bd:c2:6a:dd:e6:d4:d1:b9:53:60:8c:92:60:2c:e3:
93:b5:b4:4b:42:97:79:25:15:5b:e4:ce:14:8b:af:
3c:c4:50:f8:ef:5c:ee:bf:ba:f5:6b:dc:4b:2e:22:
c1:c1:0d:80:12:9d:27:0d:a7:3d:2d:6d:d6:41:42:
52:2c:30:96:87:56:9a:a3:d2:d5:e6:ba:6e:60:bc:
10:dd:8a:91:2d:7c:4e:14:55:94:23:c5:d9:f2:88:
71:bb:25:c5:f5:ff:03:25:64:ad:46:4e:9b:19:06:
4e:1a:95:fc:82:cf:62:0a:07:05:d0:8c:18:0b:a3:
80:94:23:f4:88:cd:34:19:05:7f:53:dd:f5:1e:5b:
44:2a:6a:0c:81:1b:82:7b:c3:85:ae:7e:ec:8f:bf:
28:c9:93:4b:2f:7b:c3:87:3d:b8:98:94:07:68:9f:
73:d4:5c:06:4d:09:53:a8:c2:8d:79:1c:77:1d:5c:
97:03:9f:a0:62:0e:0b:37:f5:ca:c9:c6:a3:1f:7d:
aa:02:50:56:7e:27:63:08:6e:09:71:2e:0a:eb:ba:
9d:b4:eb:9b:e0:cb:ff:c9:34:b6:b2:f3:ac:f7:2a:
7f:59:d9:08:9d:55:7f:63:f1:9b:8c:a9:ef:f3:35:
23:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:AC:43:8A:5B:5A:B9:11:78:A0:F8:DC:F3:EC:5E:F7:B0:A3:9E:B1
X509v3 Authority Key Identifier:
keyid:5A:43:E9:E2:67:95:6E:7F:26:2C:17:F0:08:9F:0F:60:BA:7A:BE:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WkPp4meVbn8mLBfwCJ8PYLp6vvs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/06444c-9d9b-4c6b-950b-79c8987a8b1c/1/nqxDiltauRF4oPjc8-xe97CjnrE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/06444c-9d9b-4c6b-950b-79c8987a8b1c/1/WkPp4meVbn8mLBfwCJ8PYLp6vvs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.49.132.0/24
46.49.135.0/24
46.49.140.0/24
46.49.143.0-46.49.144.255
46.49.173.0/24
46.49.210.0/24
IPv6:
2a02:df5::/32
Signature Algorithm: sha256WithRSAEncryption
32:51:92:f5:44:22:43:8b:34:23:1d:08:56:8e:81:71:1c:e1:
70:64:59:73:6d:af:9f:5f:bc:0e:2a:9d:2b:cb:27:31:65:64:
d5:42:b9:ae:f7:0f:bc:99:fa:e6:73:c8:b9:15:76:4a:a9:17:
e4:28:89:8d:3b:be:70:bf:f2:c3:c1:c8:74:7c:6f:04:75:0c:
0b:0e:74:38:b8:bd:46:07:f9:ba:e0:56:e0:84:d1:eb:58:15:
9a:63:1f:02:30:9a:62:1f:ee:70:7d:a2:9f:7b:e3:ff:b0:f4:
07:91:ea:b6:7b:7f:70:24:1f:9f:c4:96:bf:38:1f:35:2c:df:
5b:12:07:45:b7:f2:1c:b7:a7:fc:04:39:01:4b:b5:c1:b7:d2:
3a:88:4f:5e:2b:40:9d:85:3f:20:fe:e4:72:0b:3f:75:e6:d1:
24:c7:b4:f1:f9:66:3d:fc:f1:26:41:e0:f6:d4:0b:78:e7:0a:
09:82:8c:4c:72:4a:a9:0a:d1:ec:60:9d:8b:9a:fa:d8:ed:88:
ce:19:96:64:9d:60:bd:bf:34:c2:0a:5c:38:b5:eb:1f:ac:4c:
c7:7c:f1:61:d6:e9:71:06:64:e9:29:64:0c:e6:30:11:dd:1c:
b9:fb:10:34:1b:bf:cd:80:68:36:dd:ac:98:35:11:b2:a4:aa:
c1:63:aa:16
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAYuz/wgOL7IGL2clBGao18FhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNDNlOWUyNjc5NTZlN2YyNjJjMTdmMDA4OWYwZjYwYmE3
YWJlZmIwHhcNMjMxMTA5MTIxMTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWFjNDM4YTViNWFiOTExNzhhMGY4ZGNmM2VjNWVmN2IwYTM5ZWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoOtulB2al3oZTtdz3u+9wmrd5tTR
uVNgjJJgLOOTtbRLQpd5JRVb5M4Ui688xFD471zuv7r1a9xLLiLBwQ2AEp0nDac9
LW3WQUJSLDCWh1aao9LV5rpuYLwQ3YqRLXxOFFWUI8XZ8ohxuyXF9f8DJWStRk6b
GQZOGpX8gs9iCgcF0IwYC6OAlCP0iM00GQV/U931HltEKmoMgRuCe8OFrn7sj78o
yZNLL3vDhz24mJQHaJ9z1FwGTQlTqMKNeRx3HVyXA5+gYg4LN/XKycajH32qAlBW
fidjCG4JcS4K67qdtOub4Mv/yTS2svOs9yp/WdkInVV/Y/GbjKnv8zUjoQIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFJ6sQ4pbWrkReKD43PPsXvewo56xMB8GA1UdIwQY
MBaAFFpD6eJnlW5/JiwX8AifD2C6er77MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2tQcDRtZVZibjhtTEJmd0NKOFBZTHA2dnZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC8wNjQ0NGMtOWQ5Yi00YzZiLTk1MGIt
NzljODk4N2E4YjFjLzEvbnF4RGlsdGF1UkY0b1BqYzgteGU5N0NqbnJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC8wNjQ0NGMtOWQ5Yi00YzZiLTk1MGItNzljODk4N2E4YjFj
LzEvV2tQcDRtZVZibjhtTEJmd0NKOFBZTHA2dnZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAyBAIAATAsAwQALjGEAwQA
LjGHAwQALjGMMAwDBAAuMY8DBAAuMZADBAAuMa0DBAAuMdIwDQQCAAIwBwMFACoC
DfUwDQYJKoZIhvcNAQELBQADggEBADJRkvVEIkOLNCMdCFaOgXEc4XBkWXNtr59f
vA4qnSvLJzFlZNVCua73D7yZ+uZzyLkVdkqpF+QoiY07vnC/8sPByHR8bwR1DAsO
dDi4vUYH+brgVuCE0etYFZpjHwIwmmIf7nB9op974/+w9AeR6rZ7f3AkH5/Elr84
HzUs31sSB0W38hy3p/wEOQFLtcG30jqIT14rQJ2FPyD+5HILP3Xm0STHtPH5Zj38
8SZB4PbUC3jnCgmCjExySqkK0exgnYua+tjtiM4ZlmSdYL2/NMIKXDi16x+sTMd8
8WHW6XEGZOkpZAzmMBHdHLn7EDQbv82AaDbdrJg1EbKkqsFjqhY=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:45 2023 by rpki-client on console.sobornost.net