Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/aqlaXflKbYUWM8a9IZZ6JE9S49M.roa
File: aqlaXflKbYUWM8a9IZZ6JE9S49M.roa (raw, json)
Hash identifier: 2siqO5lXCfAD2MfmIAMKaaYYzQQFUJqNBtTgZsMKg2o=
Subject key identifier: 6A:A9:5A:5D:F9:4A:6D:85:16:33:C6:BD:21:96:7A:24:4F:52:E3:D3
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01887A7B2B0D926C8CF1DB0646ABFB82CE8D
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/aqlaXflKbYUWM8a9IZZ6JE9S49M.roa
Signing time: Fri 02 Jun 2023 05:01:12 +0000
ROA not before: Fri 02 Jun 2023 05:01:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 193.19.106.0/24 maxlen: 24
213.32.249.0/24 maxlen: 24
103.205.25.0/24 maxlen: 24
185.230.248.0/24 maxlen: 24
185.230.249.0/24 maxlen: 24
192.166.212.0/22 maxlen: 24
193.42.52.0/24 maxlen: 24
193.42.54.0/23 maxlen: 24
185.9.54.0/24 maxlen: 24
62.197.132.0/24 maxlen: 24
62.197.135.0/24 maxlen: 24
185.103.73.0/24 maxlen: 24
185.103.75.0/24 maxlen: 24
185.115.146.0/24 maxlen: 24
77.75.62.0/24 maxlen: 24
77.75.60.0/24 maxlen: 24
194.4.156.0/23 maxlen: 24
194.4.159.0/24 maxlen: 24
185.115.144.0/24 maxlen: 24
185.115.144.0/23 maxlen: 24
185.115.145.0/24 maxlen: 24
78.142.242.0/23 maxlen: 24
45.159.152.0/24 maxlen: 24
45.159.154.0/24 maxlen: 24
45.159.153.0/24 maxlen: 24
185.229.104.0/24 maxlen: 24
185.229.105.0/24 maxlen: 24
185.229.106.0/24 maxlen: 24
185.229.107.0/24 maxlen: 24
89.43.210.0/23 maxlen: 24
89.43.211.0/24 maxlen: 24
185.245.238.0/24 maxlen: 24
185.245.236.0/24 maxlen: 24
203.0.8.0/24 maxlen: 24
89.43.208.0/24 maxlen: 24
89.43.210.0/24 maxlen: 24
185.245.237.0/24 maxlen: 24
185.121.231.0/24 maxlen: 24
178.239.203.0/24 maxlen: 24
185.121.228.0/24 maxlen: 24
178.239.200.0/24 maxlen: 24
185.121.230.0/24 maxlen: 24
185.236.62.0/24 maxlen: 24
185.236.63.0/24 maxlen: 24
223.27.112.0/24 maxlen: 24
178.239.192.0/23 maxlen: 24
178.239.192.0/24 maxlen: 24
178.239.193.0/24 maxlen: 24
178.239.194.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:7a:7b:2b:0d:92:6c:8c:f1:db:06:46:ab:fb:82:ce:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jun 2 05:01:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6aa95a5df94a6d851633c6bd21967a244f52e3d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:13:72:01:f1:c7:10:e2:9d:c0:af:b1:fa:22:
cf:f8:7f:bd:1d:46:3a:cf:e5:53:19:a5:ad:58:7c:
fa:4a:25:62:dc:38:58:f1:bb:fe:33:bd:ba:56:91:
35:91:1e:7f:b2:e3:d5:49:da:8f:02:0b:bc:8c:32:
92:39:db:87:cb:17:e0:c6:d9:d5:9e:a3:1f:ba:0d:
ef:ab:46:e0:b4:d4:5c:12:87:0d:a2:41:fe:4a:9d:
2c:a4:0d:51:60:34:81:77:1e:67:5a:04:e2:6b:d7:
f1:09:2d:7b:43:43:01:ec:a8:27:01:7f:ce:5e:fa:
c1:01:ea:a8:be:de:86:a9:3e:5e:95:f4:83:97:39:
48:1e:3d:9f:a4:81:a2:86:8d:93:e7:1c:0c:84:9b:
1a:c6:07:e9:cb:b9:20:66:c8:ee:38:88:4a:15:08:
4b:99:3d:9e:5c:ba:b9:6d:e2:78:2b:6e:e1:1b:9c:
49:ec:98:d6:ea:8e:9d:0a:d2:da:80:94:fc:20:d5:
fe:72:95:16:04:50:ea:ce:cb:04:b7:73:65:92:47:
c3:77:fc:98:0d:cc:d0:61:72:53:2a:d2:d3:56:bd:
6f:e4:5a:70:ec:40:6f:0e:97:5e:bb:0c:2d:8e:33:
4a:f3:80:34:fa:da:2c:50:35:0f:db:c0:a5:20:6a:
64:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:A9:5A:5D:F9:4A:6D:85:16:33:C6:BD:21:96:7A:24:4F:52:E3:D3
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/aqlaXflKbYUWM8a9IZZ6JE9S49M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.152.0-45.159.154.255
62.197.132.0/24
62.197.135.0/24
77.75.60.0/24
77.75.62.0/24
78.142.242.0/23
89.43.208.0/24
89.43.210.0/23
103.205.25.0/24
178.239.192.0-178.239.194.255
178.239.200.0/24
178.239.203.0/24
185.9.54.0/24
185.103.73.0/24
185.103.75.0/24
185.115.144.0-185.115.146.255
185.121.228.0/24
185.121.230.0/23
185.229.104.0/22
185.230.248.0/23
185.236.62.0/23
185.245.236.0-185.245.238.255
192.166.212.0/22
193.19.106.0/24
193.42.52.0/24
193.42.54.0/23
194.4.156.0/23
194.4.159.0/24
203.0.8.0/24
213.32.249.0/24
223.27.112.0/24
Signature Algorithm: sha256WithRSAEncryption
23:d1:c5:44:9c:98:9a:92:73:f2:9c:2c:46:2b:3f:75:dc:1b:
97:2b:80:5c:71:8f:83:2d:8d:e0:37:d9:ec:2b:21:7c:20:51:
37:91:25:5f:ce:da:a9:5a:c8:4d:33:a2:92:f1:97:de:6f:57:
60:29:06:1b:1c:56:bd:6d:47:d7:ab:97:f3:5d:ba:6a:82:3d:
cd:44:7c:da:40:d0:26:c5:53:26:88:8f:fc:2c:6d:fc:f1:18:
6a:8f:a0:f4:22:90:d7:4a:86:8e:a3:02:ae:97:0f:cc:92:74:
24:9a:7a:65:72:a5:d2:27:9e:82:4e:79:d1:2d:68:ce:4a:24:
b8:0c:3a:6e:9a:45:32:f4:73:d8:bf:84:0d:49:cf:83:7f:d2:
34:35:d1:6d:2f:00:19:00:c1:92:91:be:9d:a4:a9:c4:99:1b:
be:a9:07:7f:77:2e:6b:0e:4a:f4:d7:64:15:59:7c:ba:73:6b:
6b:97:a7:c0:82:1b:74:a4:3d:65:82:7c:f7:fc:2e:f4:16:29:
b4:f3:8f:e0:20:3c:6a:9d:33:41:78:ff:59:a1:44:4b:77:8f:
1e:e5:87:81:ae:7b:c5:73:fb:0f:43:23:8e:61:7d:60:b3:77:
43:18:ec:c2:57:93:54:e1:fa:2d:cc:7d:df:a9:5b:94:a3:7a:
68:fd:ad:86
-----BEGIN CERTIFICATE-----
MIIF1jCCBL6gAwIBAgISAYh6eysNkmyM8dsGRqv7gs6NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNjAyMDUwMTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWE5NWE1ZGY5NGE2ZDg1MTYzM2M2YmQyMTk2N2EyNDRmNTJlM2QzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3hNyAfHHEOKdwK+x+iLP+H+9HUY6
z+VTGaWtWHz6SiVi3DhY8bv+M726VpE1kR5/suPVSdqPAgu8jDKSOduHyxfgxtnV
nqMfug3vq0bgtNRcEocNokH+Sp0spA1RYDSBdx5nWgTia9fxCS17Q0MB7KgnAX/O
XvrBAeqovt6GqT5elfSDlzlIHj2fpIGiho2T5xwMhJsaxgfpy7kgZsjuOIhKFQhL
mT2eXLq5beJ4K27hG5xJ7JjW6o6dCtLagJT8INX+cpUWBFDqzssEt3NlkkfDd/yY
DczQYXJTKtLTVr1v5Fpw7EBvDpdeuwwtjjNK84A0+tosUDUP28ClIGpkRQIDAQAB
o4IC4jCCAt4wHQYDVR0OBBYEFGqpWl35Sm2FFjPGvSGWeiRPUuPTMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvYXFsYVhmbEtiWVVXTThhOUlaWjZKRTlTNDlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH3BggrBgEFBQcBBwEB/wSB5zCB5DCB4QQCAAEwgdowDAME
Ay2fmAMEAC2fmgMEAD7FhAMEAD7FhwMEAE1LPAMEAE1LPgMEAU6O8gMEAFkr0AME
AVkr0gMEAGfNGTAMAwQGsu/AAwQAsu/CAwQAsu/IAwQAsu/LAwQAuQk2AwQAuWdJ
AwQAuWdLMAwDBAS5c5ADBAC5c5IDBAC5eeQDBAG5eeYDBAK55WgDBAG55vgDBAG5
7D4wDAMEArn17AMEALn17gMEAsCm1AMEAMETagMEAMEqNAMEAcEqNgMEAcIEnAME
AMIEnwMEAMsACAMEANUg+QMEAN8bcDANBgkqhkiG9w0BAQsFAAOCAQEAI9HFRJyY
mpJz8pwsRis/ddwblyuAXHGPgy2N4DfZ7CshfCBRN5ElX87aqVrITTOikvGX3m9X
YCkGGxxWvW1H16uX8126aoI9zUR82kDQJsVTJoiP/Cxt/PEYao+g9CKQ10qGjqMC
rpcPzJJ0JJp6ZXKl0ieegk550S1ozkokuAw6bppFMvRz2L+EDUnPg3/SNDXRbS8A
GQDBkpG+naSpxJkbvqkHf3cuaw5K9NdkFVl8unNra5enwIIbdKQ9ZYJ89/wu9BYp
tPOP4CA8ap0zQXj/WaFES3ePHuWHga57xXP7D0MjjmF9YLN3QxjswleTVOH6Lcx9
36lblKN6aP2thg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:02 2023 by rpki-client on console-fra.rpki-client.org