Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/0e7ed3-48cb-4afe-8d15-dffe17f3db54/1/aGQBFPgvhRqsny4Uh5O7xDGzbvw.roa
File: aGQBFPgvhRqsny4Uh5O7xDGzbvw.roa (raw, json)
Hash identifier: sVsWdgk4t4Z7v3Y/CWa7WBI1adF8ZfB7UYzCBpXCiy8=
Subject key identifier: 68:64:01:14:F8:2F:85:1A:AC:9F:2E:14:87:93:BB:C4:31:B3:6E:FC
Certificate issuer: /CN=9812e491aaa655b6324dbcc0cff00a8d63191076
Certificate serial: 018D0CA07C7879C634B756BB7782296723C5
Authority key identifier: 98:12:E4:91:AA:A6:55:B6:32:4D:BC:C0:CF:F0:0A:8D:63:19:10:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mBLkkaqmVbYyTbzAz_AKjWMZEHY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/0e7ed3-48cb-4afe-8d15-dffe17f3db54/1/aGQBFPgvhRqsny4Uh5O7xDGzbvw.roa
Signing time: Mon 15 Jan 2024 10:17:40 +0000
ROA not before: Mon 15 Jan 2024 10:17:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8362
IP address blocks: 5.158.240.0/20 maxlen: 20
79.141.192.0/24 maxlen: 24
79.141.197.0/24 maxlen: 24
79.141.193.0/24 maxlen: 24
79.141.206.0/23 maxlen: 23
195.146.224.0/20 maxlen: 20
37.220.48.0/20 maxlen: 20
46.162.128.0/18 maxlen: 18
195.146.240.0/20 maxlen: 20
62.64.32.0/19 maxlen: 19
2a01:8e80::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 24 Jan 2024 14:42:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:0c:a0:7c:78:79:c6:34:b7:56:bb:77:82:29:67:23:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9812e491aaa655b6324dbcc0cff00a8d63191076
Validity
Not Before: Jan 15 10:17:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=68640114f82f851aac9f2e148793bbc431b36efc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:39:18:25:0e:cd:d7:86:1c:b4:0e:fb:37:1e:
38:af:d9:c9:36:49:23:a7:8c:53:58:a8:4d:78:ac:
d7:d8:05:c6:4f:74:07:69:b5:e1:2a:cf:64:42:4a:
cc:10:71:46:aa:d7:88:ce:5b:76:ad:ec:9c:78:d3:
f4:62:a9:08:4d:75:68:b3:c6:5a:70:ac:60:d4:c7:
aa:d0:e7:24:d3:6a:90:3b:f8:ad:44:42:45:53:33:
70:a2:6f:c1:74:6a:b3:42:a7:48:45:b9:ad:c2:ff:
a9:2d:f3:95:c9:a0:ea:ad:4c:39:3d:8b:58:5d:9a:
1e:38:01:a5:cc:1b:6e:16:8a:64:ab:f2:0c:3c:65:
81:14:e6:ec:4d:98:d7:46:fd:bf:fc:26:95:6b:21:
08:e4:c6:1f:a7:28:46:63:ca:45:e2:01:33:77:c7:
fc:0d:a2:a4:fd:86:5f:bb:2c:a3:2b:a0:4e:9e:ea:
15:5e:db:c0:ee:f5:65:1e:f6:74:76:66:c9:f8:93:
e7:30:8b:b2:32:a0:ac:90:bd:8b:11:5a:d9:af:a5:
49:56:72:e7:a1:48:dc:6b:50:46:a1:9f:39:44:6b:
a0:df:3e:3a:0a:d1:5d:53:39:5f:ad:a4:ee:76:7e:
cf:38:26:78:d6:33:12:d1:bd:ba:03:45:cf:2c:bf:
65:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:64:01:14:F8:2F:85:1A:AC:9F:2E:14:87:93:BB:C4:31:B3:6E:FC
X509v3 Authority Key Identifier:
keyid:98:12:E4:91:AA:A6:55:B6:32:4D:BC:C0:CF:F0:0A:8D:63:19:10:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mBLkkaqmVbYyTbzAz_AKjWMZEHY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/0e7ed3-48cb-4afe-8d15-dffe17f3db54/1/aGQBFPgvhRqsny4Uh5O7xDGzbvw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/0e7ed3-48cb-4afe-8d15-dffe17f3db54/1/mBLkkaqmVbYyTbzAz_AKjWMZEHY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.158.240.0/20
37.220.48.0/20
46.162.128.0/18
62.64.32.0/19
79.141.192.0/23
79.141.197.0/24
79.141.206.0/23
195.146.224.0/19
IPv6:
2a01:8e80::/29
Signature Algorithm: sha256WithRSAEncryption
ad:9b:2a:91:f5:7d:f5:6a:7b:fc:9f:16:70:03:6c:40:ba:44:
e6:4a:ab:22:5d:80:f8:1d:cf:6c:7e:72:fb:45:ba:a3:54:00:
09:2f:c3:a0:39:9c:ad:c2:63:4d:25:0b:2d:4f:f8:fb:4d:3f:
b3:8e:12:3a:56:ab:f6:fd:40:e1:b1:56:eb:ce:5d:bb:e7:4f:
44:44:3c:c4:cb:11:f5:80:2a:74:7e:81:e1:c8:12:a6:24:87:
00:d8:54:5b:a1:9a:40:cb:6f:15:2e:5b:dc:2d:3e:78:65:60:
31:a0:ef:f9:9b:94:bd:f1:e8:5a:1d:40:f1:5a:a4:dd:f4:b9:
b4:1f:b7:ac:b7:0d:3b:a4:42:5d:44:3f:27:66:b3:63:50:0d:
9d:62:e3:21:7d:af:0c:3f:87:96:0f:13:9d:ba:02:9b:31:d1:
14:9d:ef:4b:b6:b7:ee:30:cb:7a:29:4e:7b:8c:47:27:37:67:
b1:5b:44:6f:63:f1:e9:05:2b:00:82:01:56:6e:a9:ad:99:72:
cc:0e:a2:52:04:3a:05:c8:d9:49:8c:bc:6f:ec:5a:4c:98:c7:
51:26:3d:12:79:a6:6c:4f:37:c6:ec:8e:cc:2d:4d:b2:41:84:
8f:94:2b:7f:4d:f1:72:38:a2:70:86:18:ac:da:83:22:78:4e:
03:03:82:a0
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAY0MoHx4ecY0t1a7d4IpZyPFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MTJlNDkxYWFhNjU1YjYzMjRkYmNjMGNmZjAwYThkNjMx
OTEwNzYwHhcNMjQwMTE1MTAxNzQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODY0MDExNGY4MmY4NTFhYWM5ZjJlMTQ4NzkzYmJjNDMxYjM2ZWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhTkYJQ7N14YctA77Nx44r9nJNkkj
p4xTWKhNeKzX2AXGT3QHabXhKs9kQkrMEHFGqteIzlt2reyceNP0YqkITXVos8Za
cKxg1Meq0Ock02qQO/itREJFUzNwom/BdGqzQqdIRbmtwv+pLfOVyaDqrUw5PYtY
XZoeOAGlzBtuFopkq/IMPGWBFObsTZjXRv2//CaVayEI5MYfpyhGY8pF4gEzd8f8
DaKk/YZfuyyjK6BOnuoVXtvA7vVlHvZ0dmbJ+JPnMIuyMqCskL2LEVrZr6VJVnLn
oUjca1BGoZ85RGug3z46CtFdUzlfraTudn7POCZ41jMS0b26A0XPLL9liwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFGhkART4L4UarJ8uFIeTu8Qxs278MB8GA1UdIwQY
MBaAFJgS5JGqplW2Mk28wM/wCo1jGRB2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUJMa2thcW1WYll5VGJ6QXpfQUtqV01aRUhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni8wZTdlZDMtNDhjYi00YWZlLThkMTUt
ZGZmZTE3ZjNkYjU0LzEvYUdRQkZQZ3ZoUnFzbnk0VWg1Tzd4REd6YnZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni8wZTdlZDMtNDhjYi00YWZlLThkMTUtZGZmZTE3ZjNkYjU0
LzEvbUJMa2thcW1WYll5VGJ6QXpfQUtqV01aRUhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQEBZ7wAwQE
JdwwAwQGLqKAAwQFPkAgAwQBT43AAwQAT43FAwQBT43OAwQFw5LgMA0EAgACMAcD
BQMqAY6AMA0GCSqGSIb3DQEBCwUAA4IBAQCtmyqR9X31anv8nxZwA2xAukTmSqsi
XYD4Hc9sfnL7RbqjVAAJL8OgOZytwmNNJQstT/j7TT+zjhI6Vqv2/UDhsVbrzl27
509ERDzEyxH1gCp0foHhyBKmJIcA2FRboZpAy28VLlvcLT54ZWAxoO/5m5S98eha
HUDxWqTd9Lm0H7estw07pEJdRD8nZrNjUA2dYuMhfa8MP4eWDxOdugKbMdEUne9L
trfuMMt6KU57jEcnN2exW0RvY/HpBSsAggFWbqmtmXLMDqJSBDoFyNlJjLxv7FpM
mMdRJj0SeaZsTzfG7I7MLU2yQYSPlCt/TfFyOKJwhhis2oMieE4DA4Kg
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:16 2024 by rpki-client on console-fra.rpki-client.org