Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/R4aVPnYYxbr8IAqrRAvpUr1MGWo.roa
File: R4aVPnYYxbr8IAqrRAvpUr1MGWo.roa (raw, json)
Hash identifier: czA1S9328sg65VfSORe3sJydKFI/6oFcjkb7b8fmAmk=
Subject key identifier: 47:86:95:3E:76:18:C5:BA:FC:20:0A:AB:44:0B:E9:52:BD:4C:19:6A
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 018E8A27C1A72DF8AC190849552554426434
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/R4aVPnYYxbr8IAqrRAvpUr1MGWo.roa
Signing time: Fri 29 Mar 2024 12:20:45 +0000
ROA not before: Fri 29 Mar 2024 12:20:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201776
IP address blocks: 2.63.144.0/20 maxlen: 20
2.63.176.0/20 maxlen: 20
2.63.224.0/20 maxlen: 20
46.61.150.0/24 maxlen: 24
46.61.245.0/24 maxlen: 24
176.211.120.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 16 Apr 2024 11:21:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:8a:27:c1:a7:2d:f8:ac:19:08:49:55:25:54:42:64:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Mar 29 12:20:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4786953e7618c5bafc200aab440be952bd4c196a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:dd:b8:a7:41:1f:80:a7:87:ff:ce:ed:6b:b1:
d2:f0:e3:c6:d9:dc:dc:b8:9a:31:76:2f:f8:9b:82:
29:ec:7a:1b:e3:5e:b4:a8:71:96:d6:38:e4:c0:0f:
8e:05:00:9a:5a:fd:f5:93:90:3d:44:10:47:6f:ae:
09:aa:cc:ee:21:4c:94:45:25:83:3d:c9:61:d5:f0:
a6:5f:c7:f3:2b:8e:e9:75:bd:09:1d:2d:e2:d6:fe:
cb:f0:f4:6d:5b:9f:9e:29:d9:32:ff:21:c9:00:6d:
ea:a9:bd:0f:3a:99:6a:71:1d:2b:ae:cb:f4:48:ef:
0d:4d:59:62:64:ff:f0:11:72:d9:59:34:ca:46:04:
8a:6d:20:5a:85:bf:aa:40:4b:87:40:2d:1b:62:7b:
94:ac:b3:b1:68:96:18:ed:74:e0:45:94:c2:93:e6:
d3:1b:51:fa:39:8b:0d:8b:1c:d1:d4:df:e9:52:4c:
3e:96:a7:37:5e:4b:11:bd:f7:c7:8e:57:14:46:35:
bd:6f:30:b2:02:38:b9:71:56:24:38:f8:96:81:03:
7f:12:31:61:49:5a:6c:22:8e:6e:79:89:f7:2d:cb:
57:db:18:4d:32:68:a7:4b:b5:70:5f:ef:37:e3:c3:
d1:66:b5:cb:e2:5f:ce:d0:cb:08:3a:8f:55:c7:2b:
5e:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:86:95:3E:76:18:C5:BA:FC:20:0A:AB:44:0B:E9:52:BD:4C:19:6A
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/R4aVPnYYxbr8IAqrRAvpUr1MGWo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.63.144.0/20
2.63.176.0/20
2.63.224.0/20
46.61.150.0/24
46.61.245.0/24
176.211.120.0/22
Signature Algorithm: sha256WithRSAEncryption
10:fd:60:6e:46:7f:38:e5:69:13:f6:06:49:a8:4a:e9:4e:dc:
e2:13:39:7c:36:e3:57:21:aa:ca:d8:15:a6:5f:02:a4:38:f6:
f7:2c:2f:6c:fc:6f:82:8a:63:08:d2:73:6b:f2:41:55:9b:db:
be:da:5d:3a:b3:33:5f:3d:1d:f1:a5:30:9f:98:2a:17:b0:c7:
9c:d5:2a:77:6b:fa:8b:ad:ac:e7:ea:e9:95:a7:f8:9a:b2:b1:
fd:02:97:4d:31:b2:8d:74:7b:ad:7a:70:27:29:36:6b:66:d3:
0e:2a:8b:53:d2:fe:92:67:57:d3:13:2d:8b:fe:1d:cf:df:8e:
98:32:41:4b:6f:bc:7e:15:16:69:7e:0e:59:59:b3:8d:79:cc:
64:ee:8b:be:ca:3a:71:79:9c:a3:27:df:0e:1d:83:40:89:a9:
fc:e4:a3:4d:a6:9b:86:e0:fb:6c:39:fc:4a:29:f0:fd:a3:fb:
61:db:ec:47:be:20:94:97:68:bc:77:ea:31:21:2f:5d:d5:26:
30:06:e9:f4:b9:00:63:73:8d:3a:19:09:83:1f:f0:ff:e8:4f:
33:2b:bd:0b:2e:88:e6:b7:2f:26:be:1e:51:84:95:47:da:c3:
e2:24:28:36:c3:23:5b:82:af:bb:2c:4a:8a:93:83:80:13:6a:
f2:bd:35:33
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY6KJ8GnLfisGQhJVSVUQmQ0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwMzI5MTIyMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Nzg2OTUzZTc2MThjNWJhZmMyMDBhYWI0NDBiZTk1MmJkNGMxOTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4N24p0EfgKeH/87ta7HS8OPG2dzc
uJoxdi/4m4Ip7Hob4160qHGW1jjkwA+OBQCaWv31k5A9RBBHb64JqszuIUyURSWD
Pclh1fCmX8fzK47pdb0JHS3i1v7L8PRtW5+eKdky/yHJAG3qqb0POplqcR0rrsv0
SO8NTVliZP/wEXLZWTTKRgSKbSBahb+qQEuHQC0bYnuUrLOxaJYY7XTgRZTCk+bT
G1H6OYsNixzR1N/pUkw+lqc3XksRvffHjlcURjW9bzCyAji5cVYkOPiWgQN/EjFh
SVpsIo5ueYn3LctX2xhNMminS7VwX+8348PRZrXL4l/O0MsIOo9VxyteEQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFEeGlT52GMW6/CAKq0QL6VK9TBlqMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvUjRhVlBuWVl4YnI4SUFxclJBdnBVcjFNR1dvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQEAj+QAwQE
Aj+wAwQEAj/gAwQALj2WAwQALj31AwQCsNN4MA0GCSqGSIb3DQEBCwUAA4IBAQAQ
/WBuRn845WkT9gZJqErpTtziEzl8NuNXIarK2BWmXwKkOPb3LC9s/G+CimMI0nNr
8kFVm9u+2l06szNfPR3xpTCfmCoXsMec1Sp3a/qLrazn6umVp/iasrH9ApdNMbKN
dHutenAnKTZrZtMOKotT0v6SZ1fTEy2L/h3P346YMkFLb7x+FRZpfg5ZWbONecxk
7ou+yjpxeZyjJ98OHYNAian85KNNppuG4PtsOfxKKfD9o/th2+xHviCUl2i8d+ox
IS9d1SYwBun0uQBjc406GQmDH/D/6E8zK70LLojmty8mvh5RhJVH2sPiJCg2wyNb
gq+7LEqKk4OAE2ryvTUz
-----END CERTIFICATE-----
Generated at Tue Apr 16 15:59:15 2024 by rpki-client on console.sobornost.net