Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/aGU8zK_kki6kOFvys88XHgjErlk.roa
File: aGU8zK_kki6kOFvys88XHgjErlk.roa (raw, json)
Hash identifier: SwsgaAEpZ0c+7ROXOcKgxDz9NMjhpLvXcrRDJ4ypeIs=
Subject key identifier: 68:65:3C:CC:AF:E4:92:2E:A4:38:5B:F2:B3:CF:17:1E:08:C4:AE:59
Certificate issuer: /CN=5cf4501b755002d9143e8fa6736815e9f0f93695
Certificate serial: 018A272DFCD2D530FA732AB1C8A4B7385611
Authority key identifier: 5C:F4:50:1B:75:50:02:D9:14:3E:8F:A6:73:68:15:E9:F0:F9:36:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XPRQG3VQAtkUPo-mc2gV6fD5NpU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/aGU8zK_kki6kOFvys88XHgjErlk.roa
Signing time: Thu 24 Aug 2023 10:53:59 +0000
ROA not before: Thu 24 Aug 2023 10:53:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13037
IP address blocks: 212.23.0.0/19 maxlen: 19
82.71.240.0/20 maxlen: 20
88.97.64.0/19 maxlen: 19
88.98.160.0/21 maxlen: 21
88.98.172.0/22 maxlen: 22
88.98.170.0/23 maxlen: 23
88.98.176.0/20 maxlen: 20
88.97.0.0/18 maxlen: 18
51.148.0.0/16 maxlen: 16
88.97.128.0/17 maxlen: 17
62.3.64.0/18 maxlen: 18
51.170.0.0/16 maxlen: 18
88.97.96.0/20 maxlen: 20
88.98.0.0/20 maxlen: 20
88.98.16.0/23 maxlen: 23
88.98.24.0/21 maxlen: 21
88.98.22.0/23 maxlen: 23
88.98.21.0/24 maxlen: 24
88.98.18.0/24 maxlen: 24
88.96.0.0/16 maxlen: 16
217.155.0.0/16 maxlen: 16
51.155.0.0/16 maxlen: 16
82.68.0.0/14 maxlen: 14
88.98.128.0/19 maxlen: 19
88.98.32.0/19 maxlen: 19
88.98.64.0/19 maxlen: 19
2a02:8010::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:30:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:27:2d:fc:d2:d5:30:fa:73:2a:b1:c8:a4:b7:38:56:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cf4501b755002d9143e8fa6736815e9f0f93695
Validity
Not Before: Aug 24 10:53:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=68653cccafe4922ea4385bf2b3cf171e08c4ae59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:c4:58:ff:40:a6:52:c3:a8:5a:a6:15:71:35:
8e:2e:29:eb:f6:96:51:9e:75:b9:86:a2:59:fa:85:
ce:12:2f:b7:d8:a6:a1:9f:43:8d:f0:92:9c:2e:db:
96:76:ea:ce:61:62:1b:d0:57:30:b4:58:78:1e:04:
03:11:c1:22:2e:51:bb:e6:65:ab:10:de:e7:06:45:
40:79:bd:2c:fd:30:d2:8c:dc:86:d8:44:c4:df:24:
1f:a8:65:eb:2d:ce:96:10:f8:6f:3b:26:a6:62:e5:
10:95:a0:8c:c7:ec:ea:e8:24:7c:0c:91:f7:06:08:
54:db:2b:8c:86:26:74:36:8b:83:95:7a:9b:46:6c:
96:48:39:72:a4:47:63:99:61:1f:cc:d4:06:08:cd:
db:69:31:d7:07:99:07:01:20:e9:a7:e7:5d:45:8c:
8d:35:81:ce:24:bc:f7:cc:df:c4:1c:4e:69:fd:5a:
5b:ca:e5:b5:e5:df:be:6f:2a:d0:ad:a1:0e:df:47:
6a:4d:37:ed:a4:76:db:a7:de:39:8c:9b:cd:15:fd:
cb:a6:bf:71:24:fc:70:dd:21:6c:e6:67:ae:da:0a:
6d:84:f5:98:01:fa:5a:97:9e:3b:8a:66:8a:4c:48:
d6:66:4d:c9:15:8b:70:8e:d9:dc:fb:25:b3:f1:7d:
16:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:65:3C:CC:AF:E4:92:2E:A4:38:5B:F2:B3:CF:17:1E:08:C4:AE:59
X509v3 Authority Key Identifier:
keyid:5C:F4:50:1B:75:50:02:D9:14:3E:8F:A6:73:68:15:E9:F0:F9:36:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XPRQG3VQAtkUPo-mc2gV6fD5NpU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/aGU8zK_kki6kOFvys88XHgjErlk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/XPRQG3VQAtkUPo-mc2gV6fD5NpU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.148.0.0/16
51.155.0.0/16
51.170.0.0/16
62.3.64.0/18
82.68.0.0/14
88.96.0.0-88.97.111.255
88.97.128.0-88.98.18.255
88.98.21.0-88.98.95.255
88.98.128.0-88.98.167.255
88.98.170.0-88.98.191.255
212.23.0.0/19
217.155.0.0/16
IPv6:
2a02:8010::/29
Signature Algorithm: sha256WithRSAEncryption
8b:b6:99:8d:5e:2d:df:14:89:7f:46:43:f2:a1:47:53:c6:8f:
4e:29:73:d8:a9:fe:29:76:6d:64:e0:27:56:69:b2:aa:07:1d:
aa:50:65:71:71:78:92:15:99:6c:1b:93:fc:f8:d0:81:8a:5d:
24:70:b6:6e:ef:d0:78:5b:9f:90:d9:57:f3:b3:0c:1c:8f:5e:
48:5f:c7:51:fb:fa:cf:a3:b4:36:b0:0e:d0:83:7b:13:d2:d3:
23:a0:aa:6f:08:45:88:2e:fd:ff:e8:6d:52:b4:d4:22:37:b5:
ec:8f:a7:51:d0:20:3b:1d:4c:06:04:1c:bb:e2:61:d1:41:15:
79:ba:7e:8c:b3:6f:36:b2:52:5e:86:ec:75:18:62:28:9e:a4:
68:dc:6e:af:3b:ae:75:e8:7c:ec:11:9f:0d:81:af:ca:70:fc:
3f:b7:b6:d6:a3:18:1e:29:91:36:07:3b:f8:56:a6:26:14:a7:
82:96:16:96:b9:b9:4e:27:a4:7d:74:3a:8f:e7:8d:9c:77:ef:
07:a2:8b:f4:3e:b6:22:cb:42:37:17:12:c1:81:d3:c1:e4:f9:
76:77:c2:99:88:08:ce:70:ea:be:96:19:fa:a7:7c:45:59:d9:
cd:ec:2f:15:9f:bb:9b:a3:5b:8e:b4:43:d3:27:34:ce:e3:bc:
93:66:13:03
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAYonLfzS1TD6cyqxyKS3OFYRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZjQ1MDFiNzU1MDAyZDkxNDNlOGZhNjczNjgxNWU5ZjBm
OTM2OTUwHhcNMjMwODI0MTA1MzU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODY1M2NjY2FmZTQ5MjJlYTQzODViZjJiM2NmMTcxZTA4YzRhZTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkcRY/0CmUsOoWqYVcTWOLinr9pZR
nnW5hqJZ+oXOEi+32Kahn0ON8JKcLtuWdurOYWIb0FcwtFh4HgQDEcEiLlG75mWr
EN7nBkVAeb0s/TDSjNyG2ETE3yQfqGXrLc6WEPhvOyamYuUQlaCMx+zq6CR8DJH3
BghU2yuMhiZ0NouDlXqbRmyWSDlypEdjmWEfzNQGCM3baTHXB5kHASDpp+ddRYyN
NYHOJLz3zN/EHE5p/VpbyuW15d++byrQraEO30dqTTftpHbbp945jJvNFf3Lpr9x
JPxw3SFs5meu2gpthPWYAfpal547imaKTEjWZk3JFYtwjtnc+yWz8X0WrQIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFGhlPMyv5JIupDhb8rPPFx4IxK5ZMB8GA1UdIwQY
MBaAFFz0UBt1UALZFD6PpnNoFenw+TaVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFBSUUczVlFBdGtVUG8tbWMyZ1Y2ZkQ1TnBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9jMWNhMDctOTY1OC00NDQ2LThjYjUt
NjBjZjlhYjFiMTNlLzEvYUdVOHpLX2traTZrT0Z2eXM4OFhIZ2pFcmxrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9jMWNhMDctOTY1OC00NDQ2LThjYjUtNjBjZjlhYjFiMTNl
LzEvWFBSUUczVlFBdGtVUG8tbWMyZ1Y2ZkQ1TnBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGUBggrBgEFBQcBBwEB/wSBhDCBgTBwBAIAATBqAwMAM5QD
AwAzmwMDADOqAwQGPgNAAwMCUkQwCwMDBVhgAwQEWGFgMAwDBAdYYYADBABYYhIw
DAMEAFhiFQMEBVhiQDAMAwQHWGKAAwQDWGKgMAwDBAFYYqoDBAZYYoADBAXUFwAD
AwDZmzANBAIAAjAHAwUDKgKAEDANBgkqhkiG9w0BAQsFAAOCAQEAi7aZjV4t3xSJ
f0ZD8qFHU8aPTilz2Kn+KXZtZOAnVmmyqgcdqlBlcXF4khWZbBuT/PjQgYpdJHC2
bu/QeFufkNlX87MMHI9eSF/HUfv6z6O0NrAO0IN7E9LTI6CqbwhFiC79/+htUrTU
Ije17I+nUdAgOx1MBgQcu+Jh0UEVebp+jLNvNrJSXobsdRhiKJ6kaNxurzuudeh8
7BGfDYGvynD8P7e21qMYHimRNgc7+FamJhSngpYWlrm5TiekfXQ6j+eNnHfvB6KL
9D62IstCNxcSwYHTweT5dnfCmYgIznDqvpYZ+qd8RVnZzewvFZ+7m6NbjrRD0yc0
zuO8k2YTAw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:53 2024 by rpki-client on console-ams.rpki-client.org