Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/0K2o-pyQklUsgN5E5Kih4ag96G4.roa
File: 0K2o-pyQklUsgN5E5Kih4ag96G4.roa (raw, json)
Hash identifier: Q2IDF6Z33ds4o0YifVRl5fyEu7FweRi6MtmKyx+R4ow=
Subject key identifier: D0:AD:A8:FA:9C:90:92:55:2C:80:DE:44:E4:A8:A1:E1:A8:3D:E8:6E
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 018E1288873B74E4A5484141453FD8AD8710
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/0K2o-pyQklUsgN5E5Kih4ag96G4.roa
Signing time: Wed 06 Mar 2024 06:52:01 +0000
ROA not before: Wed 06 Mar 2024 06:52:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201776
IP address blocks: 2.63.144.0/20 maxlen: 20
2.63.176.0/20 maxlen: 20
2.63.224.0/20 maxlen: 20
46.61.150.0/24 maxlen: 24
176.211.120.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 29 Mar 2024 12:20:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:12:88:87:3b:74:e4:a5:48:41:41:45:3f:d8:ad:87:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Mar 6 06:52:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d0ada8fa9c9092552c80de44e4a8a1e1a83de86e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:c7:44:c7:f6:f0:3f:fd:fd:c4:64:3d:4a:e1:
d4:5f:3d:24:24:76:11:92:a0:74:95:df:14:92:92:
93:d3:fd:f3:46:8a:7f:f5:bb:73:44:46:29:e7:d6:
7f:26:49:e1:bc:97:6a:c4:59:f2:ca:5c:ac:8e:5c:
13:79:72:bc:e0:68:8d:93:23:98:0f:4d:e3:6c:eb:
07:c8:c2:ca:e0:0e:0f:db:c7:6a:b6:d8:4a:57:6b:
c2:83:97:fe:ff:cf:b2:ed:ff:0a:b0:b0:cc:af:41:
36:12:97:4a:89:67:59:69:d9:f9:38:1c:5b:df:12:
ac:a7:e8:fa:ee:14:57:51:30:07:f0:0a:5b:3a:75:
b4:0a:a2:6c:07:fc:ea:bb:ff:a1:79:a9:5a:eb:4a:
7e:a3:60:99:51:3d:c3:86:be:3c:d8:d2:02:3b:ca:
88:39:af:d6:2f:47:3b:71:bd:61:37:20:d0:ee:d8:
ea:c0:b9:68:41:15:a0:1b:5a:99:96:91:28:e1:81:
22:15:0a:99:32:96:ef:80:6f:24:03:0f:25:aa:a1:
fc:70:71:2a:16:1d:c3:be:9d:c8:04:bd:b5:eb:a8:
5f:de:7a:ae:99:a5:c4:48:9d:c3:df:29:1a:e8:71:
d8:b2:97:fa:dd:4d:9d:8d:97:2c:59:62:86:30:32:
c5:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:AD:A8:FA:9C:90:92:55:2C:80:DE:44:E4:A8:A1:E1:A8:3D:E8:6E
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/0K2o-pyQklUsgN5E5Kih4ag96G4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.63.144.0/20
2.63.176.0/20
2.63.224.0/20
46.61.150.0/24
176.211.120.0/22
Signature Algorithm: sha256WithRSAEncryption
56:72:4f:fa:ae:47:29:c7:76:55:22:92:1e:45:74:20:bb:16:
d9:73:a7:6d:76:b8:a4:35:3d:6f:f3:91:28:c2:f4:fb:b0:76:
06:a9:b0:35:7e:66:f9:1c:52:c9:42:67:a5:ab:66:84:15:b6:
56:e4:17:f5:92:4a:43:83:6a:d6:91:58:e0:55:99:f0:ec:00:
a8:86:44:8f:e1:d8:39:f7:1b:8f:90:08:66:e8:cc:5d:08:70:
13:00:41:3e:85:87:a1:2f:11:b9:ec:53:df:0f:26:d1:27:25:
2d:0b:1b:15:70:f0:31:99:50:30:40:bf:d3:35:b3:ae:c5:33:
4d:e2:e1:da:e9:3e:d0:91:d8:32:65:65:88:21:08:48:9f:ca:
ff:be:6d:01:f8:08:2a:e3:ce:8a:f3:16:dd:15:e2:c4:12:f1:
6d:bd:71:4f:f1:c5:36:7f:d7:3e:00:86:bd:a4:e8:11:52:b1:
8b:ce:59:45:56:32:d1:81:95:e8:8c:27:e8:94:84:de:8e:d2:
19:f8:ce:c5:e1:fa:51:b5:27:8c:83:b2:1d:d1:a3:b3:2f:07:
5b:05:28:62:ed:66:eb:56:67:f5:ce:89:c7:4e:4f:d1:34:43:
8b:de:7c:f4:1a:97:a0:11:60:ae:96:78:59:02:dc:20:88:e0:
c6:1c:44:1a
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY4SiIc7dOSlSEFBRT/YrYcQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwMzA2MDY1MjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGFkYThmYTljOTA5MjU1MmM4MGRlNDRlNGE4YTFlMWE4M2RlODZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh8dEx/bwP/39xGQ9SuHUXz0kJHYR
kqB0ld8UkpKT0/3zRop/9btzREYp59Z/JknhvJdqxFnyylysjlwTeXK84GiNkyOY
D03jbOsHyMLK4A4P28dqtthKV2vCg5f+/8+y7f8KsLDMr0E2EpdKiWdZadn5OBxb
3xKsp+j67hRXUTAH8ApbOnW0CqJsB/zqu/+heala60p+o2CZUT3Dhr482NICO8qI
Oa/WL0c7cb1hNyDQ7tjqwLloQRWgG1qZlpEo4YEiFQqZMpbvgG8kAw8lqqH8cHEq
Fh3Dvp3IBL2166hf3nqumaXESJ3D3yka6HHYspf63U2djZcsWWKGMDLFAwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNCtqPqckJJVLIDeROSooeGoPehuMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvMEsyby1weVFrbFVzZ041RTVLaWg0YWc5Nkc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQEAj+QAwQE
Aj+wAwQEAj/gAwQALj2WAwQCsNN4MA0GCSqGSIb3DQEBCwUAA4IBAQBWck/6rkcp
x3ZVIpIeRXQguxbZc6dtdrikNT1v85EowvT7sHYGqbA1fmb5HFLJQmelq2aEFbZW
5Bf1kkpDg2rWkVjgVZnw7ACohkSP4dg59xuPkAhm6MxdCHATAEE+hYehLxG57FPf
DybRJyUtCxsVcPAxmVAwQL/TNbOuxTNN4uHa6T7QkdgyZWWIIQhIn8r/vm0B+Agq
486K8xbdFeLEEvFtvXFP8cU2f9c+AIa9pOgRUrGLzllFVjLRgZXojCfolITejtIZ
+M7F4fpRtSeMg7Id0aOzLwdbBShi7WbrVmf1zonHTk/RNEOL3nz0GpegEWCulnhZ
AtwgiODGHEQa
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:23 2024 by rpki-client on console-ams.rpki-client.org