Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/aGsQIEpkDrKg72rVkrkssPWeoAE.roa
File: aGsQIEpkDrKg72rVkrkssPWeoAE.roa (raw, json)
Hash identifier: 6JLlLJFRoeaERkjkQWwmlToNpsF9ZcZp9QQBv+VldIY=
Subject key identifier: 68:6B:10:20:4A:64:0E:B2:A0:EF:6A:D5:92:B9:2C:B0:F5:9E:A0:01
Certificate issuer: /CN=e754c347d68d15493de71bb962f0a567e134d603
Certificate serial: 018CCC739E2B2077EB19C2AF5F1A20643107
Authority key identifier: E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/aGsQIEpkDrKg72rVkrkssPWeoAE.roa
Signing time: Tue 02 Jan 2024 23:12:58 +0000
ROA not before: Tue 02 Jan 2024 23:12:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43350
IP address blocks: 185.135.212.0/22 maxlen: 24
198.105.96.0/22 maxlen: 24
198.105.104.0/22 maxlen: 24
198.105.112.0/24 maxlen: 24
198.105.118.0/23 maxlen: 24
198.105.114.0/23 maxlen: 24
198.105.113.0/24 maxlen: 24
155.254.40.0/22 maxlen: 22
155.254.44.0/22 maxlen: 24
155.254.50.0/23 maxlen: 24
155.254.52.0/22 maxlen: 24
155.254.56.0/22 maxlen: 24
185.53.131.0/24 maxlen: 24
185.53.128.0/24 maxlen: 24
185.53.130.0/24 maxlen: 24
185.53.129.0/24 maxlen: 24
185.83.219.0/24 maxlen: 24
185.83.218.0/24 maxlen: 24
185.83.216.0/24 maxlen: 24
185.83.217.0/24 maxlen: 24
107.181.137.0/24 maxlen: 24
107.181.156.0/22 maxlen: 22
91.210.64.0/22 maxlen: 24
103.206.232.0/22 maxlen: 24
162.220.246.0/23 maxlen: 24
43.239.88.0/22 maxlen: 22
2a02:2ca0::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 16 Jan 2024 13:56:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:cc:73:9e:2b:20:77:eb:19:c2:af:5f:1a:20:64:31:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e754c347d68d15493de71bb962f0a567e134d603
Validity
Not Before: Jan 2 23:12:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=686b10204a640eb2a0ef6ad592b92cb0f59ea001
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:97:bc:2b:96:d3:0a:98:bb:32:7d:3c:ff:c9:
6c:80:6c:39:77:41:94:41:75:10:52:1e:ae:11:df:
b6:7d:1e:91:0a:5d:64:1e:59:28:1d:7c:ae:f6:31:
9f:fe:ff:f6:25:21:13:6b:9d:48:c8:fc:30:a9:c6:
14:7f:17:6f:85:2a:eb:10:c6:fb:27:6c:07:31:8b:
47:3a:40:47:a7:31:5b:15:ab:59:22:27:92:88:b1:
8b:a6:cc:b6:65:97:22:8a:a4:cc:02:fe:3c:ae:15:
fd:13:7c:76:f6:dd:48:a8:bf:0e:cf:5a:38:14:6f:
73:01:21:4a:21:8a:44:0e:72:7b:24:a2:8a:0d:af:
32:3c:02:e1:75:1e:5e:99:e6:3f:47:b3:72:69:b2:
e7:6a:f7:45:2c:02:78:58:94:43:14:7b:95:67:88:
cf:ae:79:d9:80:10:23:39:34:e1:20:94:52:d8:d8:
a2:41:85:6e:6f:92:69:59:53:e6:91:af:58:3c:cb:
00:38:38:39:dd:45:49:9b:96:c3:13:45:0a:73:73:
bd:77:88:fe:ce:3f:3e:bb:6a:99:7e:00:3d:6e:55:
e1:43:e9:21:af:c3:5e:5f:64:c0:18:d3:97:7f:f1:
0c:8e:1f:2f:48:97:be:65:a1:c3:1c:af:2c:d5:5c:
86:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:6B:10:20:4A:64:0E:B2:A0:EF:6A:D5:92:B9:2C:B0:F5:9E:A0:01
X509v3 Authority Key Identifier:
keyid:E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/aGsQIEpkDrKg72rVkrkssPWeoAE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.239.88.0/22
91.210.64.0/22
103.206.232.0/22
107.181.137.0/24
107.181.156.0/22
155.254.40.0/21
155.254.50.0-155.254.59.255
162.220.246.0/23
185.53.128.0/22
185.83.216.0/22
185.135.212.0/22
198.105.96.0/22
198.105.104.0/22
198.105.112.0/22
198.105.118.0/23
IPv6:
2a02:2ca0::/29
Signature Algorithm: sha256WithRSAEncryption
79:33:da:2e:97:14:b1:62:e9:9a:ff:ec:6c:b8:fb:45:25:4a:
f4:96:2f:96:a2:ad:ee:2e:10:b2:27:b8:d6:a9:4b:ed:54:9c:
fd:db:2a:01:6f:79:59:24:0a:6e:4a:4c:42:3e:92:7c:17:e6:
16:1b:09:cd:63:f3:9b:6f:45:bd:89:fb:2b:83:e9:c2:ac:ae:
31:8d:d2:68:e1:69:be:00:c5:1e:ee:5b:1a:1d:b1:2f:98:5b:
d7:01:db:b1:2d:6a:37:9d:78:06:c1:bd:60:bc:fe:40:0c:62:
af:3b:17:1f:06:f2:cc:d5:75:3f:07:fb:f0:e7:79:f0:ea:12:
d5:a8:8e:f1:18:9d:1a:4b:23:d8:7c:49:01:5d:1a:d2:20:f4:
3e:6c:65:3e:55:f5:f7:31:e7:41:06:d2:65:6c:cf:40:24:bb:
99:43:af:29:1c:db:04:b1:25:c1:97:59:90:eb:1d:ce:c9:c4:
52:3e:ad:ae:d7:13:f9:3b:2a:f6:09:b9:ae:3c:8e:24:fe:e0:
0c:58:b5:bc:41:78:4c:7d:b3:61:ef:d1:08:36:4e:e5:3d:98:
14:d8:4a:35:35:f5:5e:81:70:6d:a4:e6:ac:42:00:25:fa:00:
a6:5b:6a:d1:1a:7e:4c:93:0d:d3:4a:22:67:0b:a0:76:19:23:
7b:3e:24:87
-----BEGIN CERTIFICATE-----
MIIFaTCCBFGgAwIBAgISAYzMc54rIHfrGcKvXxogZDEHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NTRjMzQ3ZDY4ZDE1NDkzZGU3MWJiOTYyZjBhNTY3ZTEz
NGQ2MDMwHhcNMjQwMTAyMjMxMjU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODZiMTAyMDRhNjQwZWIyYTBlZjZhZDU5MmI5MmNiMGY1OWVhMDAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAipe8K5bTCpi7Mn08/8lsgGw5d0GU
QXUQUh6uEd+2fR6RCl1kHlkoHXyu9jGf/v/2JSETa51IyPwwqcYUfxdvhSrrEMb7
J2wHMYtHOkBHpzFbFatZIieSiLGLpsy2ZZciiqTMAv48rhX9E3x29t1IqL8Oz1o4
FG9zASFKIYpEDnJ7JKKKDa8yPALhdR5emeY/R7NyabLnavdFLAJ4WJRDFHuVZ4jP
rnnZgBAjOTThIJRS2NiiQYVub5JpWVPmka9YPMsAODg53UVJm5bDE0UKc3O9d4j+
zj8+u2qZfgA9blXhQ+khr8NeX2TAGNOXf/EMjh8vSJe+ZaHDHK8s1VyG1wIDAQAB
o4ICdTCCAnEwHQYDVR0OBBYEFGhrECBKZA6yoO9q1ZK5LLD1nqABMB8GA1UdIwQY
MBaAFOdUw0fWjRVJPecbuWLwpWfhNNYDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2It
MzdiNjJkMjIzOTI0LzEvYUdzUUlFcGtEcktnNzJyVmtya3NzUFdlb0FFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2ItMzdiNjJkMjIzOTI0
LzEvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGKBggrBgEFBQcBBwEB/wR7MHkwaAQCAAEwYgMEAivvWAME
AlvSQAMEAmfO6AMEAGu1iQMEAmu1nAMEA5v+KDAMAwQBm/4yAwQCm/44AwQBotz2
AwQCuTWAAwQCuVPYAwQCuYfUAwQCxmlgAwQCxmloAwQCxmlwAwQBxml2MA0EAgAC
MAcDBQMqAiygMA0GCSqGSIb3DQEBCwUAA4IBAQB5M9oulxSxYuma/+xsuPtFJUr0
li+Woq3uLhCyJ7jWqUvtVJz92yoBb3lZJApuSkxCPpJ8F+YWGwnNY/Obb0W9ifsr
g+nCrK4xjdJo4Wm+AMUe7lsaHbEvmFvXAduxLWo3nXgGwb1gvP5ADGKvOxcfBvLM
1XU/B/vw53nw6hLVqI7xGJ0aSyPYfEkBXRrSIPQ+bGU+VfX3MedBBtJlbM9AJLuZ
Q68pHNsEsSXBl1mQ6x3OycRSPq2u1xP5Oyr2CbmuPI4k/uAMWLW8QXhMfbNh79EI
Nk7lPZgU2Eo1NfVegXBtpOasQgAl+gCmW2rRGn5Mkw3TSiJnC6B2GSN7PiSH
-----END CERTIFICATE-----
Generated at Tue Jan 16 19:12:51 2024 by rpki-client on console-fra.rpki-client.org