Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/83df5b-d153-4cb6-baf3-4cd38b758d5c/1/AhcDFwwGAws7yAaPVDagSLgH6V0.roa
File: AhcDFwwGAws7yAaPVDagSLgH6V0.roa (raw, json)
Hash identifier: Eb18RpS7wNhGsvHGXqrBkDX9AnBG5ERjrqNTPZWsxcM=
Subject key identifier: 02:17:03:17:0C:06:03:0B:3B:C8:06:8F:54:36:A0:48:B8:07:E9:5D
Certificate issuer: /CN=1e5aaf3d0683dc8a0d58c643826e166d3c28cca9
Certificate serial: 018E3264B741B240C82724893910835B0161
Authority key identifier: 1E:5A:AF:3D:06:83:DC:8A:0D:58:C6:43:82:6E:16:6D:3C:28:CC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HlqvPQaD3IoNWMZDgm4WbTwozKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/83df5b-d153-4cb6-baf3-4cd38b758d5c/1/AhcDFwwGAws7yAaPVDagSLgH6V0.roa
Signing time: Tue 12 Mar 2024 11:20:45 +0000
ROA not before: Tue 12 Mar 2024 11:20:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57910
IP address blocks: 31.214.176.0/20 maxlen: 24
37.10.72.0/21 maxlen: 24
37.152.88.0/21 maxlen: 24
45.149.228.0/22 maxlen: 24
46.18.72.0/21 maxlen: 24
87.117.96.0/20 maxlen: 24
91.132.116.0/22 maxlen: 24
95.214.0.0/22 maxlen: 24
109.69.48.0/21 maxlen: 24
185.11.236.0/22 maxlen: 24
185.161.12.0/22 maxlen: 24
185.226.236.0/22 maxlen: 24
193.57.36.0/22 maxlen: 24
194.56.236.0/22 maxlen: 24
194.127.158.0/23 maxlen: 24
194.127.162.0/23 maxlen: 24
2a00:b5c0::/32 maxlen: 32
2a02:2110::/32 maxlen: 32
2a0c:7a00::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 09 Apr 2024 15:08:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:32:64:b7:41:b2:40:c8:27:24:89:39:10:83:5b:01:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e5aaf3d0683dc8a0d58c643826e166d3c28cca9
Validity
Not Before: Mar 12 11:20:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=021703170c06030b3bc8068f5436a048b807e95d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:33:17:db:ee:9e:1f:4e:23:ac:12:e3:b8:ec:
fb:c9:b3:c9:b3:a5:92:e9:a7:16:26:e5:6d:4f:a8:
bf:4a:b3:35:70:77:fd:39:73:52:b3:96:48:8e:dc:
02:0b:3b:a9:dd:ed:6f:e1:df:3e:88:8f:01:c6:fa:
23:a5:19:c1:9e:35:0f:cb:16:29:46:ff:44:58:62:
b0:55:c9:14:9e:2c:b5:55:ff:00:81:33:bc:23:8a:
4e:33:26:54:7f:bc:15:a7:17:57:9d:5e:0a:74:38:
dc:4d:71:31:8b:99:e1:6b:4e:74:b2:4d:22:3e:30:
23:b5:44:88:9b:7e:7b:a4:8f:40:66:2d:31:61:b2:
74:75:80:c4:47:2c:60:93:19:52:e6:9e:aa:10:31:
3a:fd:5a:5c:98:6a:12:b6:35:b8:73:60:25:59:7b:
12:78:ae:b7:69:da:62:57:b1:23:53:b3:39:f6:db:
dd:dc:de:2d:ea:77:3c:3b:f6:0e:e7:d5:c1:57:6b:
2c:10:01:47:cf:a4:b2:92:77:a7:a8:a9:ad:45:8f:
7a:23:1d:26:19:48:37:3c:8e:53:52:57:ee:53:f0:
ce:7d:ba:de:ca:74:b9:d2:81:1b:f5:67:49:8b:c5:
e6:85:42:29:66:9b:3f:4b:cc:a7:55:7c:15:87:3e:
f3:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:17:03:17:0C:06:03:0B:3B:C8:06:8F:54:36:A0:48:B8:07:E9:5D
X509v3 Authority Key Identifier:
keyid:1E:5A:AF:3D:06:83:DC:8A:0D:58:C6:43:82:6E:16:6D:3C:28:CC:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HlqvPQaD3IoNWMZDgm4WbTwozKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/83df5b-d153-4cb6-baf3-4cd38b758d5c/1/AhcDFwwGAws7yAaPVDagSLgH6V0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/83df5b-d153-4cb6-baf3-4cd38b758d5c/1/HlqvPQaD3IoNWMZDgm4WbTwozKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.214.176.0/20
37.10.72.0/21
37.152.88.0/21
45.149.228.0/22
46.18.72.0/21
87.117.96.0/20
91.132.116.0/22
95.214.0.0/22
109.69.48.0/21
185.11.236.0/22
185.161.12.0/22
185.226.236.0/22
193.57.36.0/22
194.56.236.0/22
194.127.158.0/23
194.127.162.0/23
IPv6:
2a00:b5c0::/32
2a02:2110::/32
2a0c:7a00::/29
Signature Algorithm: sha256WithRSAEncryption
7e:95:f9:89:d5:87:4b:7f:9a:8a:ad:28:1b:06:19:a7:6e:56:
69:f7:5a:5b:c4:d5:5e:8e:48:e0:b0:70:82:3d:03:e2:56:a2:
64:6f:7d:f3:e5:e9:ba:17:81:51:53:b4:6c:70:82:35:62:38:
d7:91:fa:a4:53:99:ec:33:9d:3b:c0:8e:06:e5:19:57:9a:a2:
18:35:df:14:34:42:5b:3d:1d:20:f2:e0:72:74:14:bc:bd:c6:
c1:cc:b9:7e:5a:52:98:18:e5:54:58:32:b2:96:f3:15:20:56:
f7:2e:0f:72:0a:8a:a0:cd:b7:8d:e1:cc:91:d6:6b:3b:5a:2a:
85:78:b8:64:16:36:f4:a1:65:8a:c1:c4:a2:de:2e:25:87:72:
74:58:f6:36:61:3c:f2:41:2b:7e:d8:26:d1:35:47:9b:39:34:
24:bc:d8:c8:f1:72:a9:16:19:aa:3e:c1:61:82:26:f8:13:66:
d5:8d:de:14:fd:00:62:1a:5e:63:a8:d6:bc:80:b4:34:9e:c1:
16:72:c5:3b:67:73:d7:2b:df:35:1b:a7:3e:3a:fb:ba:8d:ed:
65:90:1c:d6:1d:1f:4e:fe:2d:26:cd:39:71:d5:57:d9:75:92:
b8:8a:ac:7c:64:21:64:ab:f1:f7:0c:d8:96:4a:b1:f9:e2:9e:
f1:e9:ef:64
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAY4yZLdBskDIJySJORCDWwFhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlNWFhZjNkMDY4M2RjOGEwZDU4YzY0MzgyNmUxNjZkM2My
OGNjYTkwHhcNMjQwMzEyMTEyMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjE3MDMxNzBjMDYwMzBiM2JjODA2OGY1NDM2YTA0OGI4MDdlOTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApTMX2+6eH04jrBLjuOz7ybPJs6WS
6acWJuVtT6i/SrM1cHf9OXNSs5ZIjtwCCzup3e1v4d8+iI8BxvojpRnBnjUPyxYp
Rv9EWGKwVckUniy1Vf8AgTO8I4pOMyZUf7wVpxdXnV4KdDjcTXExi5nha050sk0i
PjAjtUSIm357pI9AZi0xYbJ0dYDERyxgkxlS5p6qEDE6/VpcmGoStjW4c2AlWXsS
eK63adpiV7EjU7M59tvd3N4t6nc8O/YO59XBV2ssEAFHz6SyknenqKmtRY96Ix0m
GUg3PI5TUlfuU/DOfbreynS50oEb9WdJi8XmhUIpZps/S8ynVXwVhz7zzQIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFAIXAxcMBgMLO8gGj1Q2oEi4B+ldMB8GA1UdIwQY
MBaAFB5arz0Gg9yKDVjGQ4JuFm08KMypMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGxxdlBRYUQzSW9OV01aRGdtNFdiVHdvektrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi84M2RmNWItZDE1My00Y2I2LWJhZjMt
NGNkMzhiNzU4ZDVjLzEvQWhjREZ3d0dBd3M3eUFhUFZEYWdTTGdINlYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi84M2RmNWItZDE1My00Y2I2LWJhZjMtNGNkMzhiNzU4ZDVj
LzEvSGxxdlBRYUQzSW9OV01aRGdtNFdiVHdvektrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTBmBAIAATBgAwQEH9aw
AwQDJQpIAwQDJZhYAwQCLZXkAwQDLhJIAwQEV3VgAwQCW4R0AwQCX9YAAwQDbUUw
AwQCuQvsAwQCuaEMAwQCueLsAwQCwTkkAwQCwjjsAwQBwn+eAwQBwn+iMBsEAgAC
MBUDBQAqALXAAwUAKgIhEAMFAyoMegAwDQYJKoZIhvcNAQELBQADggEBAH6V+YnV
h0t/moqtKBsGGaduVmn3WlvE1V6OSOCwcII9A+JWomRvffPl6boXgVFTtGxwgjVi
ONeR+qRTmewznTvAjgblGVeaohg13xQ0Qls9HSDy4HJ0FLy9xsHMuX5aUpgY5VRY
MrKW8xUgVvcuD3IKiqDNt43hzJHWaztaKoV4uGQWNvShZYrBxKLeLiWHcnRY9jZh
PPJBK37YJtE1R5s5NCS82MjxcqkWGao+wWGCJvgTZtWN3hT9AGIaXmOo1ryAtDSe
wRZyxTtnc9cr3zUbpz46+7qN7WWQHNYdH07+LSbNOXHVV9l1kriKrHxkIWSr8fcM
2JZKsfninvHp72Q=
-----END CERTIFICATE-----
Generated at Tue Apr 9 18:16:47 2024 by rpki-client on console-ams.rpki-client.org