Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/768fdb-d1b5-4bef-bcbd-4924fa000b7c/1/qjOngyF9W116NpUGakMRtWzfz4Y.roa
File: qjOngyF9W116NpUGakMRtWzfz4Y.roa (raw, json)
Hash identifier: kzTceBiaaxwQYfg89gO3A1PTxXCNgTQEYoXK1sdmSzw=
Subject key identifier: AA:33:A7:83:21:7D:5B:5D:7A:36:95:06:6A:43:11:B5:6C:DF:CF:86
Certificate issuer: /CN=a63bcc6d25f7476fbb3ec33f6dbc3e9eead92212
Certificate serial: 018824C962299D5AB0AD8FE995B8C9D6D166
Authority key identifier: A6:3B:CC:6D:25:F7:47:6F:BB:3E:C3:3F:6D:BC:3E:9E:EA:D9:22:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pjvMbSX3R2-7PsM_bbw-nurZIhI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/768fdb-d1b5-4bef-bcbd-4924fa000b7c/1/qjOngyF9W116NpUGakMRtWzfz4Y.roa
Signing time: Tue 16 May 2023 13:39:17 +0000
ROA not before: Tue 16 May 2023 13:39:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34400
IP address blocks: 5.108.0.0/14 maxlen: 14
37.124.0.0/14 maxlen: 14
109.82.0.0/15 maxlen: 15
92.48.0.0/18 maxlen: 18
176.224.0.0/15 maxlen: 15
178.80.0.0/15 maxlen: 15
37.240.0.0/14 maxlen: 14
176.16.0.0/14 maxlen: 14
31.166.0.0/15 maxlen: 15
84.23.96.0/20 maxlen: 24
84.23.96.0/19 maxlen: 19
188.132.0.0/17 maxlen: 17
46.52.0.0/17 maxlen: 17
84.23.105.0/24 maxlen: 24
84.23.109.0/24 maxlen: 24
84.23.107.0/24 maxlen: 24
84.23.108.0/24 maxlen: 24
84.23.106.0/24 maxlen: 24
84.23.115.0/24 maxlen: 24
84.23.113.0/24 maxlen: 24
5.244.0.0/14 maxlen: 14
62.120.0.0/16 maxlen: 16
46.152.0.0/15 maxlen: 15
37.121.0.0/16 maxlen: 16
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:24:c9:62:29:9d:5a:b0:ad:8f:e9:95:b8:c9:d6:d1:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a63bcc6d25f7476fbb3ec33f6dbc3e9eead92212
Validity
Not Before: May 16 13:39:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aa33a783217d5b5d7a3695066a4311b56cdfcf86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:4d:e5:74:84:90:4a:ee:fc:19:a7:a5:8b:e5:
f3:ae:e4:7f:ac:ee:ff:e0:f9:79:90:15:99:08:22:
6e:9f:72:89:ea:27:9c:79:78:c9:52:9e:73:cb:23:
51:74:6b:4a:08:4d:92:f3:24:98:f4:38:3f:db:c8:
72:35:4f:fe:0f:8f:0e:c2:1d:a0:2b:8b:ab:8c:91:
63:13:c7:de:fd:8c:65:d8:8b:7b:e6:07:7e:48:7e:
64:20:c8:1c:95:46:ea:26:b2:a7:4a:21:55:28:19:
62:fb:0b:eb:bb:a3:7a:51:54:78:29:7a:a9:64:6f:
bc:85:be:3a:78:13:89:c9:2e:be:f0:31:01:cd:dc:
d8:74:a7:24:fc:d9:d6:6c:02:da:39:35:e7:d4:44:
c8:9b:4c:3d:9e:22:2f:91:ba:48:d5:64:61:0b:48:
17:79:77:13:22:91:ce:d6:42:73:f5:d7:15:13:c3:
b1:f4:e4:89:4f:0c:bd:bc:37:e8:32:81:3f:ca:d1:
69:df:ee:14:3c:ff:29:0e:fe:40:00:2d:47:11:99:
25:23:10:6e:e0:f6:6c:f8:fc:35:71:0e:4a:76:29:
c5:1d:b9:d1:63:0b:12:71:28:b7:8c:78:5f:e0:82:
10:5a:cf:0d:3d:fe:bd:48:21:19:94:0d:17:b7:7c:
f4:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:33:A7:83:21:7D:5B:5D:7A:36:95:06:6A:43:11:B5:6C:DF:CF:86
X509v3 Authority Key Identifier:
keyid:A6:3B:CC:6D:25:F7:47:6F:BB:3E:C3:3F:6D:BC:3E:9E:EA:D9:22:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pjvMbSX3R2-7PsM_bbw-nurZIhI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/768fdb-d1b5-4bef-bcbd-4924fa000b7c/1/qjOngyF9W116NpUGakMRtWzfz4Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/768fdb-d1b5-4bef-bcbd-4924fa000b7c/1/pjvMbSX3R2-7PsM_bbw-nurZIhI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.108.0.0/14
5.244.0.0/14
31.166.0.0/15
37.121.0.0/16
37.124.0.0/14
37.240.0.0/14
46.52.0.0/17
46.152.0.0/15
62.120.0.0/16
84.23.96.0/19
92.48.0.0/18
109.82.0.0/15
176.16.0.0/14
176.224.0.0/15
178.80.0.0/15
188.132.0.0/17
Signature Algorithm: sha256WithRSAEncryption
58:7a:f7:a0:98:97:a9:32:ae:78:0e:3d:e8:6e:af:89:9d:f2:
e3:4d:f5:0d:60:78:9a:c0:45:d3:3c:d6:49:80:51:6d:e5:cd:
70:80:85:eb:3e:24:be:31:50:e4:23:e8:90:5c:b9:f9:d7:26:
2e:b2:1e:0e:50:0c:4b:74:58:f8:f3:05:2f:cc:e4:46:cd:a8:
c6:de:29:d7:a9:d0:ca:a0:92:a9:d5:ad:f7:3c:21:34:5a:13:
03:4d:53:78:54:db:20:94:ed:62:bf:5a:12:31:38:e4:31:3d:
94:3c:4e:54:e6:2f:6d:ff:df:d7:63:c1:45:b2:9a:57:c5:21:
a5:15:2d:5e:5b:a0:27:f6:54:87:c8:fc:9c:da:a4:16:43:11:
a9:00:c3:2c:9a:98:0d:33:10:b4:38:7a:15:9e:d9:ea:f7:50:
13:a8:77:55:3e:1b:63:f1:43:99:10:7b:55:5e:2d:84:89:23:
f5:cc:b4:9f:d4:fa:ea:81:92:95:a5:04:5f:f5:a1:bf:ca:50:
a3:3a:e0:26:eb:f3:c6:53:e9:87:59:b2:87:ed:36:e3:b0:d8:
89:eb:77:7b:08:36:ab:31:98:5e:f4:80:5c:a5:ca:0f:ec:8a:
91:36:15:28:22:8e:c6:29:af:11:fe:96:1a:da:ac:78:2c:d8:
4e:49:21:0b
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYgkyWIpnVqwrY/plbjJ1tFmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2M2JjYzZkMjVmNzQ3NmZiYjNlYzMzZjZkYmMzZTllZWFk
OTIyMTIwHhcNMjMwNTE2MTMzOTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTMzYTc4MzIxN2Q1YjVkN2EzNjk1MDY2YTQzMTFiNTZjZGZjZjg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmk3ldISQSu78Gaeli+XzruR/rO7/
4Pl5kBWZCCJun3KJ6ieceXjJUp5zyyNRdGtKCE2S8ySY9Dg/28hyNU/+D48Owh2g
K4urjJFjE8fe/Yxl2It75gd+SH5kIMgclUbqJrKnSiFVKBli+wvru6N6UVR4KXqp
ZG+8hb46eBOJyS6+8DEBzdzYdKck/NnWbALaOTXn1ETIm0w9niIvkbpI1WRhC0gX
eXcTIpHO1kJz9dcVE8Ox9OSJTwy9vDfoMoE/ytFp3+4UPP8pDv5AAC1HEZklIxBu
4PZs+Pw1cQ5KdinFHbnRYwsScSi3jHhf4IIQWs8NPf69SCEZlA0Xt3z0iwIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFKozp4MhfVtdejaVBmpDEbVs38+GMB8GA1UdIwQY
MBaAFKY7zG0l90dvuz7DP228Pp7q2SISMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGp2TWJTWDNSMi03UHNNX2Jidy1udXJaSWhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS83NjhmZGItZDFiNS00YmVmLWJjYmQt
NDkyNGZhMDAwYjdjLzEvcWpPbmd5RjlXMTE2TnBVR2FrTVJ0V3pmejRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS83NjhmZGItZDFiNS00YmVmLWJjYmQtNDkyNGZhMDAwYjdj
LzEvcGp2TWJTWDNSMi03UHNNX2Jidy1udXJaSWhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwMCBWwDAwIF
9AMDAR+mAwMAJXkDAwIlfAMDAiXwAwQHLjQAAwMBLpgDAwA+eAMEBVQXYAMEBlww
AAMDAW1SAwMCsBADAwGw4AMDAbJQAwQHvIQAMA0GCSqGSIb3DQEBCwUAA4IBAQBY
evegmJepMq54Dj3obq+JnfLjTfUNYHiawEXTPNZJgFFt5c1wgIXrPiS+MVDkI+iQ
XLn51yYush4OUAxLdFj48wUvzORGzajG3inXqdDKoJKp1a33PCE0WhMDTVN4VNsg
lO1iv1oSMTjkMT2UPE5U5i9t/9/XY8FFsppXxSGlFS1eW6An9lSHyPyc2qQWQxGp
AMMsmpgNMxC0OHoVntnq91ATqHdVPhtj8UOZEHtVXi2EiSP1zLSf1PrqgZKVpQRf
9aG/ylCjOuAm6/PGU+mHWbKH7TbjsNiJ63d7CDarMZhe9IBcpcoP7IqRNhUoIo7G
Ka8R/pYa2qx4LNhOSSEL
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:09:46 2024 by rpki-client on console-ams.rpki-client.org