Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/aql8LYO35cR9IoqAsTL1dS3JjPs.roa
File: aql8LYO35cR9IoqAsTL1dS3JjPs.roa (raw, json)
Hash identifier: qidCqnHd/v2lOJaTE9kI1OzP/MMxtrwZs8v7W2CWh78=
Subject key identifier: 6A:A9:7C:2D:83:B7:E5:C4:7D:22:8A:80:B1:32:F5:75:2D:C9:8C:FB
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0186CA55F8D9C5D79905EA4D777CD77C6089
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/aql8LYO35cR9IoqAsTL1dS3JjPs.roa
Signing time: Fri 10 Mar 2023 07:04:37 +0000
ROA not before: Fri 10 Mar 2023 07:04:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58057
IP address blocks: 194.50.94.0/24 maxlen: 24
194.50.92.0/24 maxlen: 24
139.28.96.0/22 maxlen: 24
45.131.184.0/22 maxlen: 24
185.232.117.0/24 maxlen: 24
45.136.136.0/22 maxlen: 24
94.177.122.0/24 maxlen: 24
85.202.203.0/24 maxlen: 24
45.12.68.0/22 maxlen: 24
31.42.183.0/24 maxlen: 24
2a0e:97c0:260::/44 maxlen: 44
2a0e:97c3:110::/44 maxlen: 48
2a0c:3b80::/32 maxlen: 48
2a0c:3b86::/32 maxlen: 48
2001:7f8:119::/48 maxlen: 48
2a0e:97c0:170::/48 maxlen: 48
2a0c:3b85::/32 maxlen: 48
2a0c:3b82::/32 maxlen: 48
2a09:4c0::/29 maxlen: 64
2a0c:3b83::/32 maxlen: 48
2a0e:b107:1165::/48 maxlen: 48
2a10:2f00:18d::/48 maxlen: 48
2a0e:97c1:200::/40 maxlen: 48
2a10:2f00:18f::/48 maxlen: 48
2a0e:b107:6f0::/44 maxlen: 44
2a0e:b107:9f2::/48 maxlen: 48
2a0c:3b81::/32 maxlen: 48
2a10:cc40:250::/44 maxlen: 48
2a0f:e404:102::/48 maxlen: 48
2a0c:3b84::/32 maxlen: 48
2a0e:b107:1786::/48 maxlen: 48
2a0e:97c4:120::/44 maxlen: 48
2a0e:97c4:100::/44 maxlen: 48
Validation: Failed, certificate revoked on Thu 16 Mar 2023 09:45:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:ca:55:f8:d9:c5:d7:99:05:ea:4d:77:7c:d7:7c:60:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Mar 10 07:04:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6aa97c2d83b7e5c47d228a80b132f5752dc98cfb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:34:9e:75:4d:4d:a2:67:0b:e4:d3:08:e5:2e:
df:1a:17:60:0f:ec:79:e6:b3:2f:4c:d3:0f:f8:92:
75:c2:b3:7f:c2:41:67:ab:e8:70:98:4e:bb:c1:9e:
69:9f:b5:9e:5f:e7:64:39:5e:db:df:15:5f:8f:79:
93:02:08:91:76:66:38:30:69:7a:dd:65:88:95:09:
b1:6e:d8:e0:be:31:11:a5:ba:01:c7:ed:7e:ba:68:
33:85:0b:cc:bc:0e:48:10:5a:81:d0:da:03:cd:39:
35:36:30:52:c0:60:54:3c:ce:67:5f:69:b8:b0:2b:
93:22:c9:60:cd:82:41:d5:40:18:c2:4b:13:e2:33:
40:c8:28:75:ad:3e:5a:77:d6:fb:5e:c4:69:f0:51:
79:9d:b2:61:5b:85:fd:76:e3:46:10:95:bf:c4:a8:
90:71:a2:30:32:b0:6a:f4:ad:44:bb:60:47:03:e5:
9d:62:c0:c8:86:cb:6d:2f:f6:64:6f:78:b2:76:78:
71:24:de:e5:8d:44:8d:53:9e:4a:07:6f:35:9d:cc:
2c:5e:98:20:eb:07:cb:09:a6:00:00:1f:29:f1:da:
9e:9b:67:e3:37:d1:b9:2f:ba:a4:d2:a0:9d:96:9e:
2d:37:5f:f4:7d:eb:96:e8:f4:b7:de:e2:de:02:77:
ef:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:A9:7C:2D:83:B7:E5:C4:7D:22:8A:80:B1:32:F5:75:2D:C9:8C:FB
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/aql8LYO35cR9IoqAsTL1dS3JjPs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.183.0/24
45.12.68.0/22
45.131.184.0/22
45.136.136.0/22
85.202.203.0/24
94.177.122.0/24
139.28.96.0/22
185.232.117.0/24
194.50.92.0/24
194.50.94.0/24
IPv6:
2001:7f8:119::/48
2a09:4c0::/29
2a0c:3b80::-2a0c:3b86:ffff:ffff:ffff:ffff:ffff:ffff
2a0e:97c0:170::/48
2a0e:97c0:260::/44
2a0e:97c1:200::/40
2a0e:97c3:110::/44
2a0e:97c4:100::/44
2a0e:97c4:120::/44
2a0e:b107:6f0::/44
2a0e:b107:9f2::/48
2a0e:b107:1165::/48
2a0e:b107:1786::/48
2a0f:e404:102::/48
2a10:2f00:18d::/48
2a10:2f00:18f::/48
2a10:cc40:250::/44
Signature Algorithm: sha256WithRSAEncryption
9c:2e:76:cd:79:40:ed:57:8a:13:90:ab:40:eb:ca:14:5c:59:
b0:af:a4:8f:cc:55:87:c5:b4:40:2e:e2:4b:1d:02:8d:dc:8a:
c2:d9:ba:69:be:64:2d:05:b1:e2:16:2e:fc:73:71:71:6d:a8:
02:6e:2e:5b:c7:e2:ce:8e:03:2c:4c:31:0d:86:da:08:09:e6:
34:64:50:fe:a9:da:d8:d3:0c:86:96:d3:c7:31:a9:74:89:96:
98:8b:d6:2f:a0:8e:2a:fb:81:72:19:79:88:04:0e:16:57:58:
62:3b:91:aa:8f:52:e3:37:4c:7d:da:93:f2:31:27:d3:01:3f:
42:5e:ee:36:cb:fc:32:a5:f5:0d:fe:1d:2a:f3:f4:29:96:95:
21:1f:35:10:ba:29:21:15:36:3d:03:4a:1f:51:53:36:04:73:
7b:50:70:44:b1:15:ea:ff:cc:26:26:8c:24:07:5d:ef:bd:b3:
9c:f3:c1:ed:4f:98:f7:0b:47:fd:01:fe:81:6a:98:da:a6:ce:
09:6b:57:f1:f5:67:9e:33:d1:c8:70:80:30:b7:25:1c:ed:fe:
99:ba:d6:66:5a:51:c8:45:8b:16:84:24:e7:31:1a:82:f3:ad:
5a:09:d3:42:29:8a:c4:04:d3:16:df:f1:47:df:50:ed:11:e7:
7e:4e:62:b9
-----BEGIN CERTIFICATE-----
MIIF3TCCBMWgAwIBAgISAYbKVfjZxdeZBepNd3zXfGCJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMzEwMDcwNDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWE5N2MyZDgzYjdlNWM0N2QyMjhhODBiMTMyZjU3NTJkYzk4Y2ZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlDSedU1NomcL5NMI5S7fGhdgD+x5
5rMvTNMP+JJ1wrN/wkFnq+hwmE67wZ5pn7WeX+dkOV7b3xVfj3mTAgiRdmY4MGl6
3WWIlQmxbtjgvjERpboBx+1+umgzhQvMvA5IEFqB0NoDzTk1NjBSwGBUPM5nX2m4
sCuTIslgzYJB1UAYwksT4jNAyCh1rT5ad9b7XsRp8FF5nbJhW4X9duNGEJW/xKiQ
caIwMrBq9K1Eu2BHA+WdYsDIhsttL/Zkb3iydnhxJN7ljUSNU55KB281ncwsXpgg
6wfLCaYAAB8p8dqem2fjN9G5L7qk0qCdlp4tN1/0feuW6PS33uLeAnfvVQIDAQAB
o4IC6TCCAuUwHQYDVR0OBBYEFGqpfC2Dt+XEfSKKgLEy9XUtyYz7MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvYXFsOExZTzM1Y1I5SW9xQXNUTDFkUzNKalBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH+BggrBgEFBQcBBwEB/wSB7jCB6zBCBAIAATA8AwQAHyq3
AwQCLQxEAwQCLYO4AwQCLYiIAwQAVcrLAwQAXrF6AwQCixxgAwQAueh1AwQAwjJc
AwQAwjJeMIGkBAIAAjCBnQMHACABB/gBGQMFAyoJBMAwDgMFByoMO4ADBQAqDDuG
AwcAKg6XwAFwAwcEKg6XwAJgAwYAKg6XwQIDBwQqDpfDARADBwQqDpfEAQADBwQq
DpfEASADBwQqDrEHBvADBwAqDrEHCfIDBwAqDrEHEWUDBwAqDrEHF4YDBwAqD+QE
AQIDBwAqEC8AAY0DBwAqEC8AAY8DBwQqEMxAAlAwDQYJKoZIhvcNAQELBQADggEB
AJwuds15QO1XihOQq0DryhRcWbCvpI/MVYfFtEAu4ksdAo3cisLZumm+ZC0FseIW
LvxzcXFtqAJuLlvH4s6OAyxMMQ2G2ggJ5jRkUP6p2tjTDIaW08cxqXSJlpiL1i+g
jir7gXIZeYgEDhZXWGI7kaqPUuM3TH3ak/IxJ9MBP0Je7jbL/DKl9Q3+HSrz9CmW
lSEfNRC6KSEVNj0DSh9RUzYEc3tQcESxFer/zCYmjCQHXe+9s5zzwe1PmPcLR/0B
/oFqmNqmzglrV/H1Z54z0chwgDC3JRzt/pm61mZaUchFixaEJOcxGoLzrVoJ00Ip
isQE0xbf8UffUO0R535OYrk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:07 2024 by rpki-client on console-ams.rpki-client.org