Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/699292-3da0-4772-af82-8334e362236d/1/Cq-I-KT0RZXw8nGUkHMlDRZbcX4.roa
File: Cq-I-KT0RZXw8nGUkHMlDRZbcX4.roa (raw, json)
Hash identifier: Lyg1S9cUMoYy81ZBRwZb5RmsiTUJcPyR5qCYvHtQiCg=
Subject key identifier: 0A:AF:88:F8:A4:F4:45:95:F0:F2:71:94:90:73:25:0D:16:5B:71:7E
Certificate issuer: /CN=8ceb23e2c5d9f2c734488904505835ef2809fb3b
Certificate serial: 018D111451B27929A1B803B22822778431DA
Authority key identifier: 8C:EB:23:E2:C5:D9:F2:C7:34:48:89:04:50:58:35:EF:28:09:FB:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jOsj4sXZ8sc0SIkEUFg17ygJ-zs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/699292-3da0-4772-af82-8334e362236d/1/Cq-I-KT0RZXw8nGUkHMlDRZbcX4.roa
Signing time: Tue 16 Jan 2024 07:02:40 +0000
ROA not before: Tue 16 Jan 2024 07:02:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49813
IP address blocks: 109.105.128.0/20 maxlen: 20
109.105.137.0/24 maxlen: 24
109.105.139.0/24 maxlen: 24
109.105.138.0/24 maxlen: 24
109.105.133.0/24 maxlen: 24
109.105.135.0/24 maxlen: 24
109.105.144.0/23 maxlen: 24
109.105.144.0/24 maxlen: 24
109.105.144.0/21 maxlen: 24
109.105.146.0/24 maxlen: 24
109.105.147.0/24 maxlen: 24
109.105.148.0/24 maxlen: 24
5.63.132.0/22 maxlen: 24
5.63.128.0/21 maxlen: 21
5.63.134.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 24 Jul 2024 08:08:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:11:14:51:b2:79:29:a1:b8:03:b2:28:22:77:84:31:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ceb23e2c5d9f2c734488904505835ef2809fb3b
Validity
Not Before: Jan 16 07:02:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0aaf88f8a4f44595f0f271949073250d165b717e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:97:36:a9:82:0b:fd:77:de:73:af:3f:1e:ab:
f9:4c:14:fa:73:81:c7:4e:f4:89:c7:50:8c:e3:75:
14:62:5a:7f:4b:29:34:ea:4d:89:f8:55:2d:a3:e0:
15:6e:be:52:32:06:9f:bd:7d:cf:48:be:0a:5c:92:
8d:e2:d8:32:d6:60:4b:3b:2b:49:bc:c5:3e:2a:88:
d5:54:02:32:e1:38:3d:ea:5b:e2:1d:bf:8b:a9:3c:
5d:a4:e0:de:23:d4:d6:9e:6d:cc:17:66:87:3a:6e:
78:28:b7:69:bc:b0:d8:f9:f5:58:7a:af:7b:23:3f:
6d:46:d1:56:4b:a2:5e:0b:05:aa:84:74:6f:5b:f1:
a9:08:e6:d8:3d:ee:9d:d2:ed:63:34:2a:14:18:97:
9b:a3:76:40:80:ef:d6:a5:fa:36:ff:b8:4b:30:02:
28:02:38:48:68:a9:5d:e4:4b:d2:24:41:e7:a9:a9:
5f:25:9d:3b:0b:77:30:81:d3:16:2b:71:51:ed:33:
4e:8e:fa:81:b4:b6:69:ac:d4:e9:a3:c4:ef:ef:7a:
62:4b:bc:1d:fa:c9:dc:a7:f2:82:e0:78:0d:6d:62:
56:f4:b4:fd:b1:0f:56:1a:b2:1d:be:22:ae:be:24:
d8:57:9e:9b:b5:22:82:88:c4:6f:dc:ec:12:3b:b4:
bb:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:AF:88:F8:A4:F4:45:95:F0:F2:71:94:90:73:25:0D:16:5B:71:7E
X509v3 Authority Key Identifier:
keyid:8C:EB:23:E2:C5:D9:F2:C7:34:48:89:04:50:58:35:EF:28:09:FB:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jOsj4sXZ8sc0SIkEUFg17ygJ-zs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/699292-3da0-4772-af82-8334e362236d/1/Cq-I-KT0RZXw8nGUkHMlDRZbcX4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/699292-3da0-4772-af82-8334e362236d/1/jOsj4sXZ8sc0SIkEUFg17ygJ-zs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.63.128.0/21
109.105.128.0-109.105.151.255
Signature Algorithm: sha256WithRSAEncryption
97:34:09:d3:8f:4e:d0:eb:c3:dd:f8:e0:a3:6d:d8:d6:06:1c:
f2:ac:c9:09:f3:73:c7:1c:b2:f4:39:79:c8:94:7d:71:89:93:
9f:52:a3:14:30:b1:8c:b0:26:62:32:a4:cb:03:5b:91:d0:03:
76:c3:bb:77:c4:c9:f1:5f:b9:69:52:bc:a6:aa:01:72:6f:5d:
6d:4e:c9:ed:45:8a:eb:e2:ca:21:f7:7c:cb:d9:75:96:0a:b4:
83:c2:c4:40:26:f0:29:10:e8:e2:0e:cc:95:3c:ed:8c:8d:49:
10:0f:32:72:cc:ea:ee:de:f5:a8:1d:84:f9:e1:bd:a1:7b:19:
ea:2e:ad:12:07:8c:d2:7b:79:e4:ff:9b:44:4f:4d:19:bc:7a:
74:c1:62:80:8b:ee:98:0e:8a:fc:33:92:7e:73:11:65:f8:98:
33:17:00:6c:0e:d7:7d:ed:4a:90:3f:5e:fc:9e:5c:5e:a0:92:
e3:80:5b:ba:ed:93:d8:f8:06:99:aa:64:a4:2f:83:8b:89:5d:
12:7f:0a:b3:fb:a2:61:b3:ae:3e:48:9b:6b:ab:aa:ae:38:87:
32:9d:7d:3e:81:d0:bb:b0:dc:7f:95:06:ac:d4:3c:64:45:cd:
48:82:5a:9a:17:87:64:59:2b:13:dd:91:49:67:16:59:de:72:
6b:76:4b:26
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAY0RFFGyeSmhuAOyKCJ3hDHaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjZWIyM2UyYzVkOWYyYzczNDQ4ODkwNDUwNTgzNWVmMjgw
OWZiM2IwHhcNMjQwMTE2MDcwMjQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWFmODhmOGE0ZjQ0NTk1ZjBmMjcxOTQ5MDczMjUwZDE2NWI3MTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqpc2qYIL/Xfec68/Hqv5TBT6c4HH
TvSJx1CM43UUYlp/Syk06k2J+FUto+AVbr5SMgafvX3PSL4KXJKN4tgy1mBLOytJ
vMU+KojVVAIy4Tg96lviHb+LqTxdpODeI9TWnm3MF2aHOm54KLdpvLDY+fVYeq97
Iz9tRtFWS6JeCwWqhHRvW/GpCObYPe6d0u1jNCoUGJebo3ZAgO/Wpfo2/7hLMAIo
AjhIaKld5EvSJEHnqalfJZ07C3cwgdMWK3FR7TNOjvqBtLZprNTpo8Tv73piS7wd
+sncp/KC4HgNbWJW9LT9sQ9WGrIdviKuviTYV56btSKCiMRv3OwSO7S7LwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFAqviPik9EWV8PJxlJBzJQ0WW3F+MB8GA1UdIwQY
MBaAFIzrI+LF2fLHNEiJBFBYNe8oCfs7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvak9zajRzWFo4c2MwU0lrRVVGZzE3eWdKLXpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82OTkyOTItM2RhMC00NzcyLWFmODIt
ODMzNGUzNjIyMzZkLzEvQ3EtSS1LVDBSWlh3OG5HVWtITWxEUlpiY1g0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82OTkyOTItM2RhMC00NzcyLWFmODItODMzNGUzNjIyMzZk
LzEvak9zajRzWFo4c2MwU0lrRVVGZzE3eWdKLXpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQDBT+AMAwD
BAdtaYADBANtaZAwDQYJKoZIhvcNAQELBQADggEBAJc0CdOPTtDrw9344KNt2NYG
HPKsyQnzc8ccsvQ5eciUfXGJk59SoxQwsYywJmIypMsDW5HQA3bDu3fEyfFfuWlS
vKaqAXJvXW1Oye1FiuviyiH3fMvZdZYKtIPCxEAm8CkQ6OIOzJU87YyNSRAPMnLM
6u7e9agdhPnhvaF7GeourRIHjNJ7eeT/m0RPTRm8enTBYoCL7pgOivwzkn5zEWX4
mDMXAGwO133tSpA/XvyeXF6gkuOAW7rtk9j4BpmqZKQvg4uJXRJ/CrP7omGzrj5I
m2urqq44hzKdfT6B0Luw3H+VBqzUPGRFzUiCWpoXh2RZKxPdkUlnFlnecmt2SyY=
-----END CERTIFICATE-----
Generated at Wed Jul 24 09:54:23 2024 by rpki-client on console-ams.rpki-client.org