Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/ajjdAvGO8woVjDPfL0EuSvayop8.roa
File: ajjdAvGO8woVjDPfL0EuSvayop8.roa (raw, json)
Hash identifier: j/nMEhgyI1ogmAIq830Fog77KHcLFm6A66rKtjo8c5g=
Subject key identifier: 6A:38:DD:02:F1:8E:F3:0A:15:8C:33:DF:2F:41:2E:4A:F6:B2:A2:9F
Certificate issuer: /CN=f4b769a53dd86352d3440f222bdf907cf09c2dba
Certificate serial: 018B3780760FFC99F2C9126FB6A44685CF40
Authority key identifier: F4:B7:69:A5:3D:D8:63:52:D3:44:0F:22:2B:DF:90:7C:F0:9C:2D:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9LdppT3YY1LTRA8iK9-QfPCcLbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/ajjdAvGO8woVjDPfL0EuSvayop8.roa
Signing time: Mon 16 Oct 2023 08:00:47 +0000
ROA not before: Mon 16 Oct 2023 08:00:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20880
IP address blocks: 158.181.68.0/22 maxlen: 22
158.181.76.0/22 maxlen: 22
158.181.72.0/22 maxlen: 22
158.181.80.0/20 maxlen: 20
158.181.80.0/22 maxlen: 22
82.119.0.0/19 maxlen: 19
82.119.0.0/20 maxlen: 20
82.119.16.0/20 maxlen: 20
62.117.16.0/20 maxlen: 20
158.181.64.0/19 maxlen: 19
158.181.64.0/20 maxlen: 20
5.28.64.0/19 maxlen: 19
5.28.64.0/18 maxlen: 18
89.16.128.0/19 maxlen: 19
89.16.128.0/20 maxlen: 20
89.16.144.0/20 maxlen: 20
5.28.96.0/19 maxlen: 19
185.9.224.0/22 maxlen: 22
62.117.0.192/28 maxlen: 28
86.56.64.0/18 maxlen: 18
37.120.64.0/18 maxlen: 18
62.117.0.128/26 maxlen: 26
62.117.0.0/19 maxlen: 20
62.117.0.0/20 maxlen: 24
37.120.0.0/17 maxlen: 17
37.120.0.0/18 maxlen: 18
86.56.0.0/17 maxlen: 17
86.56.0.0/18 maxlen: 18
2a02:2450::/32 maxlen: 32
2a02:2454::/33 maxlen: 33
2a02:2450::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:37:80:76:0f:fc:99:f2:c9:12:6f:b6:a4:46:85:cf:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4b769a53dd86352d3440f222bdf907cf09c2dba
Validity
Not Before: Oct 16 08:00:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6a38dd02f18ef30a158c33df2f412e4af6b2a29f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:71:3d:48:0f:a5:1c:fe:0b:5d:84:57:35:95:
ab:32:e7:a4:8b:b3:c3:36:c1:4b:3c:3c:87:76:61:
49:aa:e3:fe:4a:4f:3e:76:26:42:7f:dd:da:92:50:
67:ad:e7:d2:fb:48:5e:ed:40:ab:1e:a1:ba:ff:7b:
fd:6b:a5:d8:7c:07:2e:4a:4a:b8:eb:f5:0c:74:97:
9a:70:e8:d4:e1:32:e4:8d:8e:57:b4:61:ce:9a:ea:
fd:d2:46:94:63:8d:5c:eb:64:b8:e6:45:55:db:5e:
d4:cd:9f:e4:48:48:9d:10:41:e6:d6:b6:98:72:17:
c1:9f:23:16:cb:59:14:3a:dd:74:ec:d5:b6:47:43:
e0:36:f5:e8:e6:8d:e4:2d:38:f3:20:9e:8d:ad:1b:
66:cc:f9:86:b6:ef:70:90:d8:16:92:07:d4:2e:e4:
2a:f3:a7:eb:90:73:47:f1:77:cb:6d:e7:b1:eb:06:
e4:e2:0b:24:7d:58:cf:b4:5d:67:d6:10:1b:c8:eb:
99:10:99:a5:b8:b3:9e:f6:f0:fe:99:c3:e1:29:5d:
05:ca:21:e5:0a:45:1e:b0:50:c1:5d:69:3a:d8:05:
b9:3c:08:3c:86:3e:b1:3c:ac:ef:f8:48:53:b4:da:
0b:2e:5b:28:41:7e:80:9d:be:f0:e5:11:06:49:6c:
ec:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:38:DD:02:F1:8E:F3:0A:15:8C:33:DF:2F:41:2E:4A:F6:B2:A2:9F
X509v3 Authority Key Identifier:
keyid:F4:B7:69:A5:3D:D8:63:52:D3:44:0F:22:2B:DF:90:7C:F0:9C:2D:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9LdppT3YY1LTRA8iK9-QfPCcLbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/ajjdAvGO8woVjDPfL0EuSvayop8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/9LdppT3YY1LTRA8iK9-QfPCcLbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.28.64.0/18
37.120.0.0/17
62.117.0.0/19
82.119.0.0/19
86.56.0.0/17
89.16.128.0/19
158.181.64.0/19
185.9.224.0/22
IPv6:
2a02:2450::/29
Signature Algorithm: sha256WithRSAEncryption
8a:c5:e3:de:d0:e7:e8:7d:19:cb:83:82:18:3a:5b:21:00:78:
11:49:59:74:e6:60:9c:ad:59:a0:c8:d3:ca:3b:fa:aa:08:51:
f3:f9:83:9b:7c:cd:d1:76:83:c9:dd:39:58:aa:62:8a:fc:08:
0d:f1:81:30:21:91:74:53:11:d6:86:2d:0a:40:9f:41:94:58:
b1:74:b5:d7:c1:19:90:f2:30:9b:ff:e2:1a:c4:dc:9e:f6:08:
4f:a8:cc:78:5f:83:98:e3:e2:6a:84:42:e6:68:41:6f:fc:50:
2b:a4:a3:88:aa:b5:e0:94:e9:4d:c1:6a:a8:4a:c0:e3:11:ef:
a1:8f:bb:33:e6:dd:7b:c6:11:74:1d:42:06:70:6b:77:60:c9:
c9:63:d8:24:26:64:9c:4e:36:8c:8b:66:bc:76:32:07:74:02:
f3:5e:94:58:a2:3a:21:4a:04:aa:16:72:e4:db:81:14:c0:65:
ad:f9:bc:82:09:a6:cb:6e:2e:3c:74:1c:e7:ea:44:50:77:c2:
a5:a8:c8:3d:cf:a6:a5:7a:99:03:5e:59:f0:4a:44:e8:0e:49:
40:4f:95:45:05:38:93:3b:70:32:c0:1f:b4:19:77:6b:ed:2a:
d2:56:ca:6f:98:5a:f1:0d:60:4d:d2:a5:c0:1f:10:04:ba:9c:
ee:88:dd:e7
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYs3gHYP/JnyyRJvtqRGhc9AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0Yjc2OWE1M2RkODYzNTJkMzQ0MGYyMjJiZGY5MDdjZjA5
YzJkYmEwHhcNMjMxMDE2MDgwMDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTM4ZGQwMmYxOGVmMzBhMTU4YzMzZGYyZjQxMmU0YWY2YjJhMjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHE9SA+lHP4LXYRXNZWrMueki7PD
NsFLPDyHdmFJquP+Sk8+diZCf93aklBnrefS+0he7UCrHqG6/3v9a6XYfAcuSkq4
6/UMdJeacOjU4TLkjY5XtGHOmur90kaUY41c62S45kVV217UzZ/kSEidEEHm1raY
chfBnyMWy1kUOt107NW2R0PgNvXo5o3kLTjzIJ6NrRtmzPmGtu9wkNgWkgfULuQq
86frkHNH8XfLbeex6wbk4gskfVjPtF1n1hAbyOuZEJmluLOe9vD+mcPhKV0FyiHl
CkUesFDBXWk62AW5PAg8hj6xPKzv+EhTtNoLLlsoQX6Anb7w5REGSWzssQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFGo43QLxjvMKFYwz3y9BLkr2sqKfMB8GA1UdIwQY
MBaAFPS3aaU92GNS00QPIivfkHzwnC26MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUxkcHBUM1lZMUxUUkE4aUs5LVFmUENjTGJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83MGQ1MGYtZmYzYy00ZjYzLThkZWMt
ZDdjMzZjMjdjMDg3LzEvYWpqZEF2R084d29WakRQZkwwRXVTdmF5b3A4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83MGQ1MGYtZmYzYy00ZjYzLThkZWMtZDdjMzZjMjdjMDg3
LzEvOUxkcHBUM1lZMUxUUkE4aUs5LVFmUENjTGJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQGBRxAAwQH
JXgAAwQFPnUAAwQFUncAAwQHVjgAAwQFWRCAAwQFnrVAAwQCuQngMA0EAgACMAcD
BQMqAiRQMA0GCSqGSIb3DQEBCwUAA4IBAQCKxePe0OfofRnLg4IYOlshAHgRSVl0
5mCcrVmgyNPKO/qqCFHz+YObfM3RdoPJ3TlYqmKK/AgN8YEwIZF0UxHWhi0KQJ9B
lFixdLXXwRmQ8jCb/+IaxNye9ghPqMx4X4OY4+JqhELmaEFv/FArpKOIqrXglOlN
wWqoSsDjEe+hj7sz5t17xhF0HUIGcGt3YMnJY9gkJmScTjaMi2a8djIHdALzXpRY
ojohSgSqFnLk24EUwGWt+byCCabLbi48dBzn6kRQd8KlqMg9z6alepkDXlnwSkTo
DklAT5VFBTiTO3AywB+0GXdr7SrSVspvmFrxDWBN0qXAHxAEupzuiN3n
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:40:40 2024 by rpki-client on console-ams.rpki-client.org