Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/Aq9qK6QJHYdpAxrh6N8CxDFHSjg.roa
File: Aq9qK6QJHYdpAxrh6N8CxDFHSjg.roa (raw, json)
Hash identifier: j6tIY49nrTOfWCPY/ds3gaPscHKOl+or6vF1H8OdCZI=
Subject key identifier: 02:AF:6A:2B:A4:09:1D:87:69:03:1A:E1:E8:DF:02:C4:31:47:4A:38
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 018A4D2721793DC7E8D1F5800586A64732DD
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/Aq9qK6QJHYdpAxrh6N8CxDFHSjg.roa
Signing time: Thu 31 Aug 2023 19:52:04 +0000
ROA not before: Thu 31 Aug 2023 19:52:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208258
IP address blocks: 185.243.112.0/24 maxlen: 24
185.243.113.0/24 maxlen: 24
185.228.83.0/24 maxlen: 24
185.227.82.0/24 maxlen: 24
185.208.208.0/24 maxlen: 24
185.208.209.0/24 maxlen: 24
185.208.210.0/24 maxlen: 24
185.208.211.0/24 maxlen: 24
194.146.48.0/24 maxlen: 24
193.56.239.0/24 maxlen: 24
45.151.156.0/23 maxlen: 24
45.151.158.0/24 maxlen: 24
45.144.244.0/23 maxlen: 24
195.26.6.0/24 maxlen: 24
195.26.7.0/24 maxlen: 24
2a0b:3c40:17::/48 maxlen: 48
2a0b:3c40:12::/48 maxlen: 48
2a0e:5540:11::/48 maxlen: 48
2a0b:3c40:fca6::/48 maxlen: 48
2a0b:3c40:1::/48 maxlen: 48
2a0b:3c40:21::/48 maxlen: 48
2a0e:5540:100::/48 maxlen: 48
2a0e:5540::/48 maxlen: 48
2a0b:3c40:25::/48 maxlen: 48
2a0b:3c40:20::/48 maxlen: 48
2a0b:3c40:16::/48 maxlen: 48
2a0b:3c40:11::/48 maxlen: 48
2a0e:5540:10::/48 maxlen: 48
2a0b:3c40:15::/48 maxlen: 48
2a0e:5540:12::/48 maxlen: 48
2a0b:3c40:9::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 08 Sep 2023 19:57:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:4d:27:21:79:3d:c7:e8:d1:f5:80:05:86:a6:47:32:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Aug 31 19:52:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=02af6a2ba4091d8769031ae1e8df02c431474a38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:84:21:3b:d0:29:1f:81:fc:d7:f0:55:02:44:
d8:e3:f0:c6:fc:46:bb:2c:cd:a8:dd:87:b0:bf:db:
45:b6:eb:54:fb:9b:e8:58:df:a3:44:ce:05:aa:86:
79:c9:65:1e:fe:21:1f:96:1b:76:fe:ff:8b:57:64:
f7:57:89:c0:09:8f:5e:0a:73:4a:4d:27:1e:13:00:
aa:44:97:29:58:bf:2d:34:4d:36:8a:49:94:f3:14:
86:9a:3c:0b:8c:d0:77:25:b3:19:52:86:47:40:82:
98:5a:06:a2:95:0b:54:4d:0a:ba:f6:3c:51:f9:c0:
ee:9a:ba:ac:fb:aa:6d:d7:ae:67:c4:47:b1:4f:c4:
88:e6:d6:fe:12:fc:47:bf:b7:a1:a5:91:2d:31:20:
76:4a:49:2f:5f:69:79:ca:88:0e:b7:a9:a8:91:41:
a9:42:da:ed:14:a5:57:d4:6b:a3:79:3b:67:3d:fe:
cd:f1:83:17:c4:0b:7e:42:8d:c0:58:88:76:3b:80:
d4:db:a7:2e:b9:07:96:6b:0b:84:24:49:93:f9:23:
9e:14:35:d3:7d:a4:73:d8:0d:7e:7f:f3:ed:80:9a:
fd:e1:83:f1:42:a9:d1:b6:50:08:91:c7:8a:a3:11:
98:b1:36:1a:85:55:b9:22:4a:c9:81:be:51:4b:2a:
ef:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:AF:6A:2B:A4:09:1D:87:69:03:1A:E1:E8:DF:02:C4:31:47:4A:38
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/Aq9qK6QJHYdpAxrh6N8CxDFHSjg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.244.0/23
45.151.156.0-45.151.158.255
185.208.208.0/22
185.227.82.0/24
185.228.83.0/24
185.243.112.0/23
193.56.239.0/24
194.146.48.0/24
195.26.6.0/23
IPv6:
2a0b:3c40:1::/48
2a0b:3c40:9::/48
2a0b:3c40:11::-2a0b:3c40:12:ffff:ffff:ffff:ffff:ffff
2a0b:3c40:15::-2a0b:3c40:17:ffff:ffff:ffff:ffff:ffff
2a0b:3c40:20::/47
2a0b:3c40:25::/48
2a0b:3c40:fca6::/48
2a0e:5540::/48
2a0e:5540:10::-2a0e:5540:12:ffff:ffff:ffff:ffff:ffff
2a0e:5540:100::/48
Signature Algorithm: sha256WithRSAEncryption
8e:c2:f7:54:ef:8c:72:ac:3a:22:e4:fc:c3:84:99:7b:5e:bb:
10:f7:31:a8:c7:93:a0:e4:91:b7:43:b0:aa:8b:93:d6:12:5d:
3a:fc:2f:05:5d:de:09:d1:a0:4d:fd:9d:28:40:13:c8:26:b6:
52:2c:ec:83:54:bd:14:83:b4:e2:ac:02:d3:c6:da:83:be:d1:
9a:ae:51:35:99:22:4d:86:bc:4c:a0:54:46:53:93:c2:3a:39:
c3:41:d6:43:42:b0:7a:ee:75:15:0f:89:04:e9:1f:42:4b:33:
1f:46:b3:78:9b:45:6e:35:59:91:21:2a:78:ce:5c:1e:25:ae:
76:fb:bd:d4:91:af:56:7c:89:53:d1:58:79:6b:be:17:25:7f:
3b:58:73:27:e6:56:1a:d4:a1:65:6b:6d:88:3d:da:a3:11:04:
24:09:d9:99:20:e8:26:ea:ff:02:cf:46:ad:34:71:06:6f:e5:
c9:6c:1b:cb:8a:ca:de:a8:ba:af:ce:01:80:0a:7d:38:0a:b6:
29:5d:42:18:7a:4f:b1:ac:d7:4a:61:23:4b:ef:2c:9d:23:4e:
8d:34:07:ff:df:9e:99:31:09:3a:83:45:df:77:08:1b:e7:07:
68:46:32:27:32:0f:2b:7d:a4:05:b6:54:f6:72:1f:e3:1e:fe:
45:df:bd:0d
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgISAYpNJyF5Pcfo0fWABYamRzLdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjMwODMxMTk1MjA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmFmNmEyYmE0MDkxZDg3NjkwMzFhZTFlOGRmMDJjNDMxNDc0YTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjoQhO9ApH4H81/BVAkTY4/DG/Ea7
LM2o3Yewv9tFtutU+5voWN+jRM4FqoZ5yWUe/iEflht2/v+LV2T3V4nACY9eCnNK
TSceEwCqRJcpWL8tNE02ikmU8xSGmjwLjNB3JbMZUoZHQIKYWgailQtUTQq69jxR
+cDumrqs+6pt165nxEexT8SI5tb+EvxHv7ehpZEtMSB2SkkvX2l5yogOt6mokUGp
QtrtFKVX1GujeTtnPf7N8YMXxAt+Qo3AWIh2O4DU26cuuQeWawuEJEmT+SOeFDXT
faRz2A1+f/PtgJr94YPxQqnRtlAIkceKoxGYsTYahVW5IkrJgb5RSyrvNwIDAQAB
o4ICyDCCAsQwHQYDVR0OBBYEFAKvaiukCR2HaQMa4ejfAsQxR0o4MB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvQXE5cUs2UUpIWWRwQXhyaDZOOEN4REZIU2pnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHdBggrBgEFBQcBBwEB/wSBzTCByjBEBAIAATA+AwQBLZD0
MAwDBAItl5wDBAAtl54DBAK50NADBAC541IDBAC55FMDBAG583ADBADBOO8DBADC
kjADBAHDGgYwgYEEAgACMHsDBwAqCzxAAAEDBwAqCzxAAAkwEgMHACoLPEAAEQMH
ACoLPEAAEjASAwcAKgs8QAAVAwcDKgs8QAAQAwcBKgs8QAAgAwcAKgs8QAAlAwcA
Kgs8QPymAwcAKg5VQAAAMBIDBwQqDlVAABADBwAqDlVAABIDBwAqDlVAAQAwDQYJ
KoZIhvcNAQELBQADggEBAI7C91TvjHKsOiLk/MOEmXteuxD3MajHk6DkkbdDsKqL
k9YSXTr8LwVd3gnRoE39nShAE8gmtlIs7INUvRSDtOKsAtPG2oO+0ZquUTWZIk2G
vEygVEZTk8I6OcNB1kNCsHrudRUPiQTpH0JLMx9Gs3ibRW41WZEhKnjOXB4lrnb7
vdSRr1Z8iVPRWHlrvhclfztYcyfmVhrUoWVrbYg92qMRBCQJ2Zkg6Cbq/wLPRq00
cQZv5clsG8uKyt6ouq/OAYAKfTgKtildQhh6T7Gs10phI0vvLJ0jTo00B//fnpkx
CTqDRd93CBvnB2hGMicyDyt9pAW2VPZyH+Me/kXfvQ0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:17 2024 by rpki-client on console-ams.rpki-client.org