Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/aghGxZSmgnZqAkh6zPuwa4DHMAs.roa
File: aghGxZSmgnZqAkh6zPuwa4DHMAs.roa (raw, json)
Hash identifier: hET6jXqK4stwMlkGglZFzfMlaMr42USWiqVP8exxD7Y=
Subject key identifier: 6A:08:46:C5:94:A6:82:76:6A:02:48:7A:CC:FB:B0:6B:80:C7:30:0B
Certificate issuer: /CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Certificate serial: 01877FE930C4386165F2A0FB0896363A6951
Authority key identifier: E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/aghGxZSmgnZqAkh6zPuwa4DHMAs.roa
Signing time: Fri 14 Apr 2023 13:16:41 +0000
ROA not before: Fri 14 Apr 2023 13:16:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209372
IP address blocks: 88.218.80.0/24 maxlen: 24
194.124.41.0/24 maxlen: 24
176.118.189.0/24 maxlen: 24
176.118.188.0/24 maxlen: 24
176.118.191.0/24 maxlen: 24
45.130.184.0/24 maxlen: 24
45.130.185.0/24 maxlen: 24
45.130.186.0/24 maxlen: 24
194.53.188.0/22 maxlen: 24
5.104.74.0/24 maxlen: 24
5.104.72.0/24 maxlen: 24
5.104.75.0/24 maxlen: 24
88.218.239.0/24 maxlen: 24
194.28.157.0/24 maxlen: 24
84.252.64.0/22 maxlen: 24
45.140.4.0/24 maxlen: 24
45.140.7.0/24 maxlen: 24
45.140.6.0/24 maxlen: 24
193.160.68.0/24 maxlen: 24
193.160.72.0/24 maxlen: 24
91.245.239.0/24 maxlen: 24
95.214.83.0/24 maxlen: 24
185.177.76.0/24 maxlen: 24
185.177.77.0/24 maxlen: 24
95.214.92.0/24 maxlen: 24
95.214.95.0/24 maxlen: 24
95.214.93.0/24 maxlen: 24
212.69.135.0/24 maxlen: 24
77.83.20.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:7f:e9:30:c4:38:61:65:f2:a0:fb:08:96:36:3a:69:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Validity
Not Before: Apr 14 13:16:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6a0846c594a682766a02487accfbb06b80c7300b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:c3:d3:4e:1a:e5:34:0e:03:c0:11:13:0a:22:
82:7c:44:43:3b:4c:be:74:72:8e:24:e8:97:44:f3:
97:e5:cc:ae:ec:a6:aa:38:6a:35:ef:d4:b0:66:43:
ee:39:ab:21:7c:1d:02:ee:de:8b:d4:45:ef:ff:e9:
55:c4:2d:bb:02:0f:33:9a:fd:fd:60:1c:b1:80:22:
e4:98:08:c5:68:2f:a0:c6:fb:ee:64:5a:73:60:4f:
5b:78:52:94:76:ab:e8:1b:d0:0d:14:c1:c5:33:ae:
b9:98:73:2d:6e:ac:b7:e6:18:8f:bc:93:13:5e:e7:
fd:4a:82:bd:fe:2a:c5:1c:ec:69:3a:6d:16:71:42:
26:ec:3f:b4:eb:3a:21:ba:8c:82:3b:32:c4:94:60:
53:32:ac:1f:66:db:cd:77:fc:10:f9:9d:73:70:f1:
f0:5c:0a:15:de:04:b6:68:c1:9f:d1:c1:5e:de:db:
8a:6d:0f:3b:4c:5f:94:62:55:8f:87:df:6e:aa:fc:
4a:45:cf:a0:a4:3e:8a:1a:bf:f0:fa:fc:10:d5:20:
d9:45:61:22:b7:41:23:01:86:d3:81:e5:e3:31:1c:
88:fe:c4:ae:f3:55:7d:1b:d2:bb:30:46:2f:62:99:
ec:e5:3c:03:83:db:7e:e3:10:5f:6d:42:6e:f3:65:
77:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:08:46:C5:94:A6:82:76:6A:02:48:7A:CC:FB:B0:6B:80:C7:30:0B
X509v3 Authority Key Identifier:
keyid:E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/aghGxZSmgnZqAkh6zPuwa4DHMAs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.104.72.0/24
5.104.74.0/23
45.130.184.0-45.130.186.255
45.140.4.0/24
45.140.6.0/23
77.83.20.0/22
84.252.64.0/22
88.218.80.0/24
88.218.239.0/24
91.245.239.0/24
95.214.83.0/24
95.214.92.0/23
95.214.95.0/24
176.118.188.0/23
176.118.191.0/24
185.177.76.0/23
193.160.68.0/24
193.160.72.0/24
194.28.157.0/24
194.53.188.0/22
194.124.41.0/24
212.69.135.0/24
Signature Algorithm: sha256WithRSAEncryption
40:42:2c:80:25:d5:9a:a7:5d:1c:f6:d6:2c:e3:91:07:f0:6e:
2b:07:7b:be:b7:2c:03:d7:5e:a3:a2:ad:6d:57:53:0b:cf:91:
47:fa:3f:58:e1:a9:94:e4:ca:40:1d:04:6d:1a:98:8a:31:38:
db:2a:6d:14:0e:ac:0d:60:49:6f:f4:df:a7:4f:d2:1a:f7:e1:
f1:4b:03:ff:7b:b8:8f:ea:cf:4e:45:60:b1:18:58:42:eb:eb:
ca:16:60:8e:ea:2a:2b:cf:f1:d4:73:2f:ac:e9:26:13:74:b4:
6c:7d:af:46:3b:67:bf:77:4a:98:2f:f1:01:95:c2:15:02:73:
34:79:36:5a:06:ec:6d:a2:89:13:3d:25:3a:a0:33:ec:85:81:
f1:0d:c0:84:8c:96:d9:d6:d0:92:86:60:a5:a3:f3:5f:d1:f7:
8a:35:1f:4f:34:57:51:e1:cc:db:21:e7:bf:1f:d6:c2:86:a6:
44:55:08:b9:77:93:a4:3c:b7:bd:b3:d0:12:19:51:af:ed:10:
8a:01:c4:ea:97:ec:e9:35:7f:7a:a2:e1:4a:dc:9b:9b:82:11:
1b:11:18:cf:ff:4f:23:50:69:3b:39:c1:bd:58:6e:0f:86:96:
c5:b6:be:b6:bd:2d:d3:4d:43:84:14:71:06:52:df:0f:f4:13:
49:ed:ed:8c
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgISAYd/6TDEOGFl8qD7CJY2OmlRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYzJiODM0ZmJjOTFhZjBlYzZiMWQzNGZkNjQwNTRkMjI2
OWExZmQwHhcNMjMwNDE0MTMxNjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTA4NDZjNTk0YTY4Mjc2NmEwMjQ4N2FjY2ZiYjA2YjgwYzczMDBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwMPTThrlNA4DwBETCiKCfERDO0y+
dHKOJOiXRPOX5cyu7KaqOGo179SwZkPuOashfB0C7t6L1EXv/+lVxC27Ag8zmv39
YByxgCLkmAjFaC+gxvvuZFpzYE9beFKUdqvoG9ANFMHFM665mHMtbqy35hiPvJMT
Xuf9SoK9/irFHOxpOm0WcUIm7D+06zohuoyCOzLElGBTMqwfZtvNd/wQ+Z1zcPHw
XAoV3gS2aMGf0cFe3tuKbQ87TF+UYlWPh99uqvxKRc+gpD6KGr/w+vwQ1SDZRWEi
t0EjAYbTgeXjMRyI/sSu81V9G9K7MEYvYpns5TwDg9t+4xBfbUJu82V3LwIDAQAB
o4IClDCCApAwHQYDVR0OBBYEFGoIRsWUpoJ2agJIesz7sGuAxzALMB8GA1UdIwQY
MBaAFOLCuDT7yRrw7GsdNP1kBU0iaaH9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2Et
OTk0ODA2ZjA4MWYwLzEvYWdoR3haU21nblpxQWtoNnpQdXdhNERITUFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2EtOTk0ODA2ZjA4MWYw
LzEvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGpBggrBgEFBQcBBwEB/wSBmTCBljCBkwQCAAEwgYwDBAAF
aEgDBAEFaEowDAMEAy2CuAMEAC2CugMEAC2MBAMEAS2MBgMEAk1TFAMEAlT8QAME
AFjaUAMEAFja7wMEAFv17wMEAF/WUwMEAV/WXAMEAF/WXwMEAbB2vAMEALB2vwME
AbmxTAMEAMGgRAMEAMGgSAMEAMIcnQMEAsI1vAMEAMJ8KQMEANRFhzANBgkqhkiG
9w0BAQsFAAOCAQEAQEIsgCXVmqddHPbWLOORB/BuKwd7vrcsA9deo6KtbVdTC8+R
R/o/WOGplOTKQB0EbRqYijE42yptFA6sDWBJb/Tfp0/SGvfh8UsD/3u4j+rPTkVg
sRhYQuvryhZgjuoqK8/x1HMvrOkmE3S0bH2vRjtnv3dKmC/xAZXCFQJzNHk2Wgbs
baKJEz0lOqAz7IWB8Q3AhIyW2dbQkoZgpaPzX9H3ijUfTzRXUeHM2yHnvx/Wwoam
RFUIuXeTpDy3vbPQEhlRr+0QigHE6pfs6TV/eqLhStybm4IRGxEYz/9PI1BpOznB
vVhuD4aWxba+tr0t001DhBRxBlLfD/QTSe3tjA==
-----END CERTIFICATE-----
Generated at Tue Oct 3 13:48:34 2023 by rpki-client on console-ams.rpki-client.org