Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/tOQsKHQkM1Xm5xu2oCNhDuQTmpU.roa
File: tOQsKHQkM1Xm5xu2oCNhDuQTmpU.roa (raw, json)
Hash identifier: hNE2aYL61x01RR1csHFuGf7GYwQ1RIy+Fr563aI/jCE=
Subject key identifier: B4:E4:2C:28:74:24:33:55:E6:E7:1B:B6:A0:23:61:0E:E4:13:9A:95
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 0193963844B6BB0C5B57E6D7BF9CA4E2C7A2
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/tOQsKHQkM1Xm5xu2oCNhDuQTmpU.roa
Signing time: Thu 05 Dec 2024 09:48:10 +0000
ROA not before: Thu 05 Dec 2024 09:48:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201776
IP address blocks: 2.63.144.0/20 maxlen: 20
2.63.176.0/20 maxlen: 20
2.63.224.0/20 maxlen: 20
46.61.150.0/24 maxlen: 24
46.61.245.0/24 maxlen: 24
84.42.92.0/22 maxlen: 24
92.50.204.0/23 maxlen: 23
176.208.74.0/24 maxlen: 24
176.211.120.0/22 maxlen: 22
188.128.76.0/23 maxlen: 23
188.254.122.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:50:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:96:38:44:b6:bb:0c:5b:57:e6:d7:bf:9c:a4:e2:c7:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Dec 5 09:48:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b4e42c2874243355e6e71bb6a023610ee4139a95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:d3:a3:3e:80:ee:cf:cc:04:9b:6b:1b:22:5d:
01:e3:4e:6c:91:44:b9:98:23:c9:dc:05:60:f6:f7:
01:fd:85:e5:3e:a0:fa:d9:d4:66:db:74:5c:10:c8:
e0:b7:8c:17:ab:1f:5f:a5:71:c6:1d:d9:dd:7c:4a:
f2:6f:44:92:da:a1:01:a0:e9:cb:16:ce:f4:9d:52:
64:9b:38:e4:e1:56:bb:ce:f2:8a:e2:c8:7b:04:b3:
e6:01:e4:d8:dc:66:82:59:dc:37:d3:e1:32:f8:0f:
a3:7c:34:61:c9:d6:96:d8:2d:a8:12:0c:82:f5:b6:
28:7e:a6:9e:a7:32:c4:f8:b4:45:6b:56:47:06:38:
06:5c:58:c7:d6:a9:0d:60:90:f7:3f:40:21:33:dc:
86:e3:20:de:c4:b3:20:5e:07:0b:10:f1:9e:cd:94:
12:b6:60:80:f5:75:2a:35:10:f7:00:dd:3e:4e:64:
3e:ca:ca:01:32:9b:6a:4a:ce:3a:4d:3b:84:e1:74:
38:c6:c8:cc:52:8e:4f:1f:89:12:03:d2:24:e5:99:
4b:3f:54:1a:c2:cd:83:e7:52:ea:cc:7b:4a:94:76:
cf:46:ca:0a:14:fd:90:64:aa:0b:a6:5e:71:1a:47:
51:3b:99:75:a2:fd:14:ae:33:a2:08:2b:2f:4c:e0:
48:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:E4:2C:28:74:24:33:55:E6:E7:1B:B6:A0:23:61:0E:E4:13:9A:95
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/tOQsKHQkM1Xm5xu2oCNhDuQTmpU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.63.144.0/20
2.63.176.0/20
2.63.224.0/20
46.61.150.0/24
46.61.245.0/24
84.42.92.0/22
92.50.204.0/23
176.208.74.0/24
176.211.120.0/22
188.128.76.0/23
188.254.122.0/23
Signature Algorithm: sha256WithRSAEncryption
90:e6:20:89:d3:84:77:d5:52:e6:c2:75:c3:96:3f:bb:65:46:
b8:bc:0e:0b:74:cc:27:5f:4b:02:05:a5:a8:62:7d:3f:b4:83:
f6:71:c5:20:2c:af:94:24:80:78:85:c4:a3:43:dc:21:6f:db:
f8:26:0b:1e:b3:cd:a9:1c:a2:76:f1:76:f0:0c:eb:1f:85:98:
d4:d5:fa:d0:33:e6:3d:47:75:57:71:df:21:e3:81:c7:17:ef:
85:90:51:6a:bf:50:f8:b6:3f:54:c1:8e:0c:a4:15:66:2b:f6:
b5:42:f6:64:68:55:a1:aa:84:db:6f:dc:20:bb:6d:33:9c:28:
72:33:52:d6:67:f1:4e:b9:e7:fc:fd:18:95:36:0f:ef:1a:d2:
77:fe:36:df:19:f1:e2:1c:e1:9a:a0:4c:ed:41:0a:18:67:72:
1f:70:c6:28:b8:69:63:88:b9:90:55:0f:58:96:f9:a2:ae:b0:
6a:6d:d5:c2:47:79:40:db:7c:68:ac:26:4c:7f:1d:3a:7f:45:
9f:4b:b7:5a:5a:9d:aa:6c:4c:c7:dd:b1:6a:5c:d6:08:df:03:
44:e5:29:cb:47:ac:97:d7:89:29:4b:f4:da:5c:61:49:23:f7:
e7:5a:43:66:54:67:8d:6e:92:fa:01:05:10:49:a8:a1:83:1b:
da:bb:6a:d1
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZOWOES2uwxbV+bXv5yk4seiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQxMjA1MDk0ODEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGU0MmMyODc0MjQzMzU1ZTZlNzFiYjZhMDIzNjEwZWU0MTM5YTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA89OjPoDuz8wEm2sbIl0B405skUS5
mCPJ3AVg9vcB/YXlPqD62dRm23RcEMjgt4wXqx9fpXHGHdndfEryb0SS2qEBoOnL
Fs70nVJkmzjk4Va7zvKK4sh7BLPmAeTY3GaCWdw30+Ey+A+jfDRhydaW2C2oEgyC
9bYofqaepzLE+LRFa1ZHBjgGXFjH1qkNYJD3P0AhM9yG4yDexLMgXgcLEPGezZQS
tmCA9XUqNRD3AN0+TmQ+ysoBMptqSs46TTuE4XQ4xsjMUo5PH4kSA9Ik5ZlLP1Qa
ws2D51LqzHtKlHbPRsoKFP2QZKoLpl5xGkdRO5l1ov0UrjOiCCsvTOBIrwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFLTkLCh0JDNV5ucbtqAjYQ7kE5qVMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvdE9Rc0tIUWtNMVhtNXh1Mm9DTmhEdVFUbXBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQEAj+QAwQE
Aj+wAwQEAj/gAwQALj2WAwQALj31AwQCVCpcAwQBXDLMAwQAsNBKAwQCsNN4AwQB
vIBMAwQBvP56MA0GCSqGSIb3DQEBCwUAA4IBAQCQ5iCJ04R31VLmwnXDlj+7ZUa4
vA4LdMwnX0sCBaWoYn0/tIP2ccUgLK+UJIB4hcSjQ9whb9v4Jgses82pHKJ28Xbw
DOsfhZjU1frQM+Y9R3VXcd8h44HHF++FkFFqv1D4tj9UwY4MpBVmK/a1QvZkaFWh
qoTbb9wgu20znChyM1LWZ/FOuef8/RiVNg/vGtJ3/jbfGfHiHOGaoEztQQoYZ3If
cMYouGljiLmQVQ9YlvmirrBqbdXCR3lA23xorCZMfx06f0WfS7daWp2qbEzH3bFq
XNYI3wNE5SnLR6yX14kpS/TaXGFJI/fnWkNmVGeNbpL6AQUQSaihgxvau2rR
-----END CERTIFICATE-----
Generated at Thu Apr 17 10:45:52 2025 by rpki-client