Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/AEsH5SGyEj02z-Erj9K5HdXQVh4.roa
File: AEsH5SGyEj02z-Erj9K5HdXQVh4.roa (raw, json)
Hash identifier: km7ZdNLe987rfXBjkW+jkax3CgThbf55EjPlVabai1w=
Subject key identifier: 00:4B:07:E5:21:B2:12:3D:36:CF:E1:2B:8F:D2:B9:1D:D5:D0:56:1E
Certificate issuer: /CN=a9807f6d50d97d971dcf2e2e5064e9b907adb3ec
Certificate serial: 018BB63DFB774C35685C818C8A0907AAF4C1
Authority key identifier: A9:80:7F:6D:50:D9:7D:97:1D:CF:2E:2E:50:64:E9:B9:07:AD:B3:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qYB_bVDZfZcdzy4uUGTpuQets-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/AEsH5SGyEj02z-Erj9K5HdXQVh4.roa
Signing time: Thu 09 Nov 2023 22:39:57 +0000
ROA not before: Thu 09 Nov 2023 22:39:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13285
IP address blocks: 78.144.0.0/13 maxlen: 24
2.96.0.0/13 maxlen: 24
217.68.128.0/20 maxlen: 24
62.3.192.0/18 maxlen: 24
185.173.120.0/22 maxlen: 24
92.0.0.0/11 maxlen: 24
62.24.128.0/17 maxlen: 24
89.240.0.0/14 maxlen: 24
212.139.24.0/24 maxlen: 24
212.139.148.0/22 maxlen: 22
91.146.112.0/21 maxlen: 24
62.241.160.0/19 maxlen: 24
185.173.116.0/22 maxlen: 24
185.112.212.0/22 maxlen: 24
217.8.0.0/19 maxlen: 24
212.139.133.0/24 maxlen: 24
2001:4a00::/27 maxlen: 27
2a00:4340::/32 maxlen: 32
2001:7e0::/32 maxlen: 32
2a0b:e900::/29 maxlen: 29
2a0b:db00::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b6:3d:fb:77:4c:35:68:5c:81:8c:8a:09:07:aa:f4:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9807f6d50d97d971dcf2e2e5064e9b907adb3ec
Validity
Not Before: Nov 9 22:39:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=004b07e521b2123d36cfe12b8fd2b91dd5d0561e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:a0:82:d3:2b:2a:2f:20:bd:57:ea:83:30:3a:
f1:b0:2e:77:1e:f9:ee:4b:a0:98:cd:35:fe:d4:6b:
5f:e9:51:e5:27:cc:34:84:2f:f5:bf:e8:c2:12:59:
ab:90:13:4d:7b:99:ff:d5:4c:87:82:83:84:b6:ba:
4f:7d:9b:de:ac:f1:5b:93:b3:79:42:6d:9f:63:e4:
09:f2:e1:52:1a:e2:13:42:4a:70:bc:01:31:d1:90:
63:c4:f7:8a:d1:f3:00:e6:2a:6a:d8:78:aa:cb:c9:
f5:0a:11:dc:00:3c:59:23:f4:0e:68:d5:87:50:e4:
7d:c4:27:28:43:c5:05:7f:ca:f2:a7:e7:8c:a7:91:
7d:a9:82:ad:a2:eb:75:3d:bc:ec:94:bf:a1:12:ef:
ee:05:74:73:86:88:29:8e:3c:b7:d7:d7:ec:1c:c0:
9d:26:80:c7:98:4b:db:a9:94:01:de:ae:87:b3:0f:
f7:73:a4:45:fe:8d:10:90:16:a8:66:69:07:c2:a9:
81:40:32:d8:c8:27:78:3f:6d:63:ad:3d:2e:ce:20:
d9:21:c4:25:8a:aa:f9:ed:28:34:d1:42:8f:61:c9:
df:ac:f6:e9:04:e2:79:6c:c6:85:27:b3:db:2c:62:
38:3b:22:82:3c:bf:44:c8:0a:4b:a0:af:ac:d3:95:
af:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:4B:07:E5:21:B2:12:3D:36:CF:E1:2B:8F:D2:B9:1D:D5:D0:56:1E
X509v3 Authority Key Identifier:
keyid:A9:80:7F:6D:50:D9:7D:97:1D:CF:2E:2E:50:64:E9:B9:07:AD:B3:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qYB_bVDZfZcdzy4uUGTpuQets-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/AEsH5SGyEj02z-Erj9K5HdXQVh4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/qYB_bVDZfZcdzy4uUGTpuQets-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.96.0.0/13
62.3.192.0/18
62.24.128.0/17
62.241.160.0/19
78.144.0.0/13
89.240.0.0/14
91.146.112.0/21
92.0.0.0/11
185.112.212.0/22
185.173.116.0-185.173.123.255
212.139.24.0/24
212.139.133.0/24
212.139.148.0/22
217.8.0.0/19
217.68.128.0/20
IPv6:
2001:7e0::/32
2001:4a00::/27
2a00:4340::/32
2a0b:db00::/29
2a0b:e900::/29
Signature Algorithm: sha256WithRSAEncryption
6f:b5:b0:cf:ba:2a:8a:41:c6:6e:40:b2:bf:e5:dc:d3:0c:c5:
3a:20:a3:91:78:d0:17:11:ae:d4:42:d5:a7:1e:77:4c:bd:f0:
51:c0:a7:ba:8a:31:bd:8f:96:99:43:9d:5d:90:78:94:35:17:
6b:02:2c:81:5c:ee:f4:c0:b6:1d:04:02:34:42:04:2a:dc:b4:
59:de:41:8e:e7:71:16:ef:85:d6:bf:d9:59:6a:81:db:5b:af:
0d:32:77:43:cf:d8:82:cc:6d:44:fa:66:99:4c:00:31:ca:4b:
fd:61:d1:f7:e0:90:f1:d6:60:4e:5a:97:73:e2:90:58:75:99:
fc:81:85:66:94:b0:c7:bc:1a:0c:38:e0:d1:20:78:d5:25:79:
89:46:20:e2:bf:a1:77:78:20:f4:dd:a6:2f:05:4f:3c:40:e1:
50:fd:72:c2:bf:22:49:53:c0:fd:71:58:56:e9:f9:23:48:27:
fe:16:ea:15:27:48:b2:df:fa:32:6c:db:e7:6f:24:3a:82:b2:
2a:6a:59:f6:02:ba:ef:f4:0d:a7:67:ff:5c:7d:5a:55:9a:cb:
6a:a8:c2:c6:50:f1:d6:f5:c2:95:ed:a7:2e:e8:c7:0b:ef:52:
2c:33:0f:0e:be:d7:da:fc:a1:25:16:d9:d2:80:d4:ea:97:18:
ad:bb:5a:10
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgISAYu2Pft3TDVoXIGMigkHqvTBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5ODA3ZjZkNTBkOTdkOTcxZGNmMmUyZTUwNjRlOWI5MDdh
ZGIzZWMwHhcNMjMxMTA5MjIzOTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDRiMDdlNTIxYjIxMjNkMzZjZmUxMmI4ZmQyYjkxZGQ1ZDA1NjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl6CC0ysqLyC9V+qDMDrxsC53Hvnu
S6CYzTX+1Gtf6VHlJ8w0hC/1v+jCElmrkBNNe5n/1UyHgoOEtrpPfZverPFbk7N5
Qm2fY+QJ8uFSGuITQkpwvAEx0ZBjxPeK0fMA5ipq2Hiqy8n1ChHcADxZI/QOaNWH
UOR9xCcoQ8UFf8ryp+eMp5F9qYKtout1PbzslL+hEu/uBXRzhogpjjy319fsHMCd
JoDHmEvbqZQB3q6Hsw/3c6RF/o0QkBaoZmkHwqmBQDLYyCd4P21jrT0uziDZIcQl
iqr57Sg00UKPYcnfrPbpBOJ5bMaFJ7PbLGI4OyKCPL9EyApLoK+s05WvfwIDAQAB
o4ICjzCCAoswHQYDVR0OBBYEFABLB+UhshI9Ns/hK4/SuR3V0FYeMB8GA1UdIwQY
MBaAFKmAf21Q2X2XHc8uLlBk6bkHrbPsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVlCX2JWRFpmWmNkenk0dVVHVHB1UWV0cy13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9jYTlkYmUtMDA5NS00MGYzLWI5MzIt
MGQ4ZjdkZDhjY2U2LzEvQUVzSDVTR3lFajAyei1Fcmo5SzVIZFhRVmg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9jYTlkYmUtMDA5NS00MGYzLWI5MzItMGQ4ZjdkZDhjY2U2
LzEvcVlCX2JWRFpmWmNkenk0dVVHVHB1UWV0cy13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGkBggrBgEFBQcBBwEB/wSBlDCBkTBkBAIAATBeAwMDAmAD
BAY+A8ADBAc+GIADBAU+8aADAwNOkAMDAlnwAwQDW5JwAwMFXAADBAK5cNQwDAME
ArmtdAMEArmteAMEANSLGAMEANSLhQMEAtSLlAMEBdkIAAMEBNlEgDApBAIAAjAj
AwUAIAEH4AMFBSABSgADBQAqAENAAwUDKgvbAAMFAyoL6QAwDQYJKoZIhvcNAQEL
BQADggEBAG+1sM+6KopBxm5Asr/l3NMMxTogo5F40BcRrtRC1aced0y98FHAp7qK
Mb2PlplDnV2QeJQ1F2sCLIFc7vTAth0EAjRCBCrctFneQY7ncRbvhda/2Vlqgdtb
rw0yd0PP2ILMbUT6ZplMADHKS/1h0ffgkPHWYE5al3PikFh1mfyBhWaUsMe8Ggw4
4NEgeNUleYlGIOK/oXd4IPTdpi8FTzxA4VD9csK/IklTwP1xWFbp+SNIJ/4W6hUn
SLLf+jJs2+dvJDqCsipqWfYCuu/0Dadn/1x9WlWay2qowsZQ8db1wpXtpy7oxwvv
UiwzDw6+19r8oSUW2dKA1OqXGK27WhA=
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:09 2024 by rpki-client on console-ams.rpki-client.org