Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/790cee-d54e-4598-8bc1-2170c5c1d3ed/1/AjnIXp1oMzvpYvRGTQ_r2CN0XSo.roa
File: AjnIXp1oMzvpYvRGTQ_r2CN0XSo.roa (raw, json)
Hash identifier: +bk+QwZKc2JXHn2tgAtzlEhKr/7A+b0ohvUyivjcsBE=
Subject key identifier: 02:39:C8:5E:9D:68:33:3B:E9:62:F4:46:4D:0F:EB:D8:23:74:5D:2A
Certificate issuer: /CN=4ddb3dcdf5e6bee09825c37bf3b8bdf28b6fb593
Certificate serial: 018CF12CE617A7B7D901395E3443902C03D0
Authority key identifier: 4D:DB:3D:CD:F5:E6:BE:E0:98:25:C3:7B:F3:B8:BD:F2:8B:6F:B5:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tds9zfXmvuCYJcN787i98otvtZM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/790cee-d54e-4598-8bc1-2170c5c1d3ed/1/AjnIXp1oMzvpYvRGTQ_r2CN0XSo.roa
Signing time: Wed 10 Jan 2024 02:21:40 +0000
ROA not before: Wed 10 Jan 2024 02:21:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31200
IP address blocks: 178.49.248.0/22 maxlen: 22
178.49.200.0/22 maxlen: 22
5.130.166.0/24 maxlen: 24
5.129.0.0/17 maxlen: 17
37.193.0.0/16 maxlen: 16
5.129.128.0/19 maxlen: 19
5.131.0.0/16 maxlen: 16
37.195.0.0/16 maxlen: 16
178.49.12.0/22 maxlen: 22
37.194.0.0/16 maxlen: 16
5.130.0.0/16 maxlen: 16
178.49.56.0/22 maxlen: 22
5.128.0.0/16 maxlen: 16
37.192.0.0/16 maxlen: 16
5.129.186.0/24 maxlen: 24
5.129.181.0/24 maxlen: 24
5.129.184.0/23 maxlen: 23
37.192.0.0/14 maxlen: 14
178.49.0.0/17 maxlen: 17
178.49.0.0/16 maxlen: 24
178.49.132.0/24 maxlen: 24
178.49.128.0/17 maxlen: 24
178.49.133.0/24 maxlen: 24
178.49.145.0/24 maxlen: 24
178.49.144.0/24 maxlen: 24
178.49.142.0/24 maxlen: 24
178.49.141.0/24 maxlen: 24
178.49.146.0/24 maxlen: 24
178.49.148.0/24 maxlen: 24
178.49.147.0/24 maxlen: 24
178.49.152.0/23 maxlen: 23
178.49.152.0/24 maxlen: 24
178.49.152.0/22 maxlen: 22
178.49.150.0/23 maxlen: 23
178.49.159.0/24 maxlen: 24
178.49.158.0/24 maxlen: 24
178.49.156.0/23 maxlen: 23
178.49.154.0/24 maxlen: 24
178.49.154.0/23 maxlen: 23
5.128.119.0/24 maxlen: 24
5.131.240.0/20 maxlen: 20
5.131.253.0/24 maxlen: 24
5.131.251.0/24 maxlen: 24
2a00:7700::/32 maxlen: 32
2a00:7700:8a02::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 25 Jun 2024 00:50:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f1:2c:e6:17:a7:b7:d9:01:39:5e:34:43:90:2c:03:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ddb3dcdf5e6bee09825c37bf3b8bdf28b6fb593
Validity
Not Before: Jan 10 02:21:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0239c85e9d68333be962f4464d0febd823745d2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:2f:08:f0:7b:f4:6b:61:f6:a2:45:f9:de:6f:
ed:f5:11:42:a2:41:7c:b4:da:b4:ee:8c:59:8d:cd:
12:d2:91:77:08:9d:2f:3e:8c:3b:0c:4d:1e:d9:fa:
07:41:fa:f6:4d:5f:64:d4:f5:48:11:08:d5:36:05:
b5:92:b6:43:80:dc:aa:da:51:93:42:27:8a:31:7a:
37:5d:86:6f:1b:72:0e:cd:5e:98:6e:95:db:a5:88:
b0:f4:03:0f:24:53:38:11:1f:de:92:27:e9:71:cb:
d6:3c:f3:cc:ba:a4:18:15:62:70:15:47:6b:78:c1:
81:04:08:32:c7:2c:3a:0f:4f:19:4a:3d:53:ae:1e:
55:03:be:5d:ca:44:8d:96:35:7f:12:6d:95:ee:9c:
3b:f0:07:20:4e:57:5b:fd:9e:49:e8:2f:06:87:cb:
ef:52:52:61:e4:14:b0:90:ee:97:78:81:cc:92:ef:
fc:cb:8d:a3:b1:52:ae:a1:a0:10:f4:cc:06:78:d1:
86:08:0e:45:f8:f6:c7:e4:06:37:bb:a2:25:3e:93:
e4:35:00:de:77:fd:e8:86:2c:12:98:22:64:74:9e:
8a:a9:9e:bc:8a:98:e3:9c:3f:af:84:0a:d7:0e:ef:
10:34:6c:4d:5e:0f:1e:da:2c:63:c7:d3:c2:91:aa:
00:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:39:C8:5E:9D:68:33:3B:E9:62:F4:46:4D:0F:EB:D8:23:74:5D:2A
X509v3 Authority Key Identifier:
keyid:4D:DB:3D:CD:F5:E6:BE:E0:98:25:C3:7B:F3:B8:BD:F2:8B:6F:B5:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tds9zfXmvuCYJcN787i98otvtZM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/790cee-d54e-4598-8bc1-2170c5c1d3ed/1/AjnIXp1oMzvpYvRGTQ_r2CN0XSo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/790cee-d54e-4598-8bc1-2170c5c1d3ed/1/Tds9zfXmvuCYJcN787i98otvtZM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.128.0.0-5.129.159.255
5.129.181.0/24
5.129.184.0-5.129.186.255
5.130.0.0/15
37.192.0.0/14
178.49.0.0/16
IPv6:
2a00:7700::/32
Signature Algorithm: sha256WithRSAEncryption
64:7f:44:a1:a5:3b:6d:80:89:b8:ed:ad:8d:07:b8:b3:6a:fc:
6f:ed:37:1f:3d:6b:ee:c2:4f:8b:0c:04:7c:48:8b:12:21:9c:
49:d2:d1:ed:a8:93:28:b9:7e:c9:2a:36:09:68:07:23:f6:5b:
9b:17:49:86:2d:5b:5c:3b:1e:3d:db:c1:e3:26:00:79:8a:6f:
20:8a:09:cc:67:db:b7:8c:78:b9:43:e6:d6:f5:36:8e:2c:80:
5f:88:00:2d:01:c6:52:02:14:53:95:c8:18:e1:a3:ae:48:ba:
c4:97:bf:e9:68:a8:c2:45:9a:04:32:45:26:c1:be:e1:8f:0e:
f3:18:67:ff:da:1c:ac:d9:dd:53:36:a0:8e:e8:65:4b:4a:bf:
87:e8:90:fa:28:d3:fb:d2:e5:ae:77:61:58:75:20:ca:d4:bf:
d8:b3:60:14:07:e7:4f:93:98:8d:70:01:37:1b:b5:ca:78:37:
d6:fc:9d:74:1f:d8:77:b8:71:6b:9d:01:c8:8b:97:1e:1c:8b:
12:7a:0f:0e:58:0c:7e:7a:cc:04:c1:19:eb:2f:74:e7:a5:40:
45:2c:02:9f:0d:c8:3f:a4:2d:f8:65:ec:74:2c:63:82:cb:ce:
4c:bb:56:f7:f3:88:b0:54:31:7f:bf:ba:5e:27:3a:e9:e0:7a:
f4:6d:03:4c
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYzxLOYXp7fZATleNEOQLAPQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkZGIzZGNkZjVlNmJlZTA5ODI1YzM3YmYzYjhiZGYyOGI2
ZmI1OTMwHhcNMjQwMTEwMDIyMTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjM5Yzg1ZTlkNjgzMzNiZTk2MmY0NDY0ZDBmZWJkODIzNzQ1ZDJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoy8I8Hv0a2H2okX53m/t9RFCokF8
tNq07oxZjc0S0pF3CJ0vPow7DE0e2foHQfr2TV9k1PVIEQjVNgW1krZDgNyq2lGT
QieKMXo3XYZvG3IOzV6YbpXbpYiw9AMPJFM4ER/ekifpccvWPPPMuqQYFWJwFUdr
eMGBBAgyxyw6D08ZSj1Trh5VA75dykSNljV/Em2V7pw78AcgTldb/Z5J6C8Gh8vv
UlJh5BSwkO6XeIHMku/8y42jsVKuoaAQ9MwGeNGGCA5F+PbH5AY3u6IlPpPkNQDe
d/3ohiwSmCJkdJ6KqZ68ipjjnD+vhArXDu8QNGxNXg8e2ixjx9PCkaoAZQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFAI5yF6daDM76WL0Rk0P69gjdF0qMB8GA1UdIwQY
MBaAFE3bPc315r7gmCXDe/O4vfKLb7WTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGRzOXpmWG12dUNZSmNONzg3aTk4b3R2dFpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83OTBjZWUtZDU0ZS00NTk4LThiYzEt
MjE3MGM1YzFkM2VkLzEvQWpuSVhwMW9NenZwWXZSR1RRX3IyQ04wWFNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi83OTBjZWUtZDU0ZS00NTk4LThiYzEtMjE3MGM1YzFkM2Vk
LzEvVGRzOXpmWG12dUNZSmNONzg3aTk4b3R2dFpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwMAsDAwcFgAME
BQWBgAMEAAWBtTAMAwQDBYG4AwQABYG6AwMBBYIDAwIlwAMDALIxMA0EAgACMAcD
BQAqAHcAMA0GCSqGSIb3DQEBCwUAA4IBAQBkf0ShpTttgIm47a2NB7izavxv7Tcf
PWvuwk+LDAR8SIsSIZxJ0tHtqJMouX7JKjYJaAcj9lubF0mGLVtcOx4928HjJgB5
im8gignMZ9u3jHi5Q+bW9TaOLIBfiAAtAcZSAhRTlcgY4aOuSLrEl7/paKjCRZoE
MkUmwb7hjw7zGGf/2hys2d1TNqCO6GVLSr+H6JD6KNP70uWud2FYdSDK1L/Ys2AU
B+dPk5iNcAE3G7XKeDfW/J10H9h3uHFrnQHIi5ceHIsSeg8OWAx+eswEwRnrL3Tn
pUBFLAKfDcg/pC34Zex0LGOCy85Mu1b384iwVDF/v7peJzrp4Hr0bQNM
-----END CERTIFICATE-----
Generated at Tue Jun 25 06:41:01 2024 by rpki-client on console-ams.rpki-client.org