Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/6f0269-834e-47c5-98e1-f1f802e6613b/1/ChqaWS-ap-xANH2H6j-pGhQc14o.roa
File: ChqaWS-ap-xANH2H6j-pGhQc14o.roa (raw, json)
Hash identifier: m47NEOfY28huYIWLSWJe1ZdglDsfU2lfyhOT5qTavoM=
Subject key identifier: 0A:1A:9A:59:2F:9A:A7:EC:40:34:7D:87:EA:3F:A9:1A:14:1C:D7:8A
Certificate issuer: /CN=cc2eb5b38bb62ede5c98cbfbcff9532852180516
Certificate serial: 018CC94E70822BCA7780420B294EAD06E136
Authority key identifier: CC:2E:B5:B3:8B:B6:2E:DE:5C:98:CB:FB:CF:F9:53:28:52:18:05:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zC61s4u2Lt5cmMv7z_lTKFIYBRY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/6f0269-834e-47c5-98e1-f1f802e6613b/1/ChqaWS-ap-xANH2H6j-pGhQc14o.roa
Signing time: Tue 02 Jan 2024 08:33:30 +0000
ROA not before: Tue 02 Jan 2024 08:33:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210083
IP address blocks: 199.231.235.0/24 maxlen: 24
121.127.33.0/24 maxlen: 24
185.130.44.0/24 maxlen: 24
185.130.47.0/24 maxlen: 24
185.130.45.0/24 maxlen: 24
185.130.46.0/24 maxlen: 24
2a07:e04::/36 maxlen: 36
2a07:e00:a::/48 maxlen: 48
2a07:e00::/48 maxlen: 48
2a07:e00:b::/48 maxlen: 48
2a07:e00:bb::/48 maxlen: 48
2a07:e03::/32 maxlen: 48
2a07:e02:41::/48 maxlen: 48
2a07:e00:19f::/48 maxlen: 48
2a07:e00:ff::/48 maxlen: 48
2a07:e02:a00::/40 maxlen: 40
2a07:e02:1000::/36 maxlen: 40
2a07:e02:b00::/40 maxlen: 56
2a07:e00:bc::/48 maxlen: 48
2a07:e00:c::/48 maxlen: 48
2a07:e00:ac::/48 maxlen: 48
2a07:e01::/32 maxlen: 32
Validation: Failed, certificate revoked on Sat 10 Feb 2024 06:11:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:70:82:2b:ca:77:80:42:0b:29:4e:ad:06:e1:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cc2eb5b38bb62ede5c98cbfbcff9532852180516
Validity
Not Before: Jan 2 08:33:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0a1a9a592f9aa7ec40347d87ea3fa91a141cd78a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:02:9a:28:56:59:54:36:a4:d9:3f:3e:9e:3a:
36:01:73:c1:25:e9:05:af:a9:3f:c8:9d:9c:82:a4:
d0:23:64:c4:7c:29:51:e4:34:4c:1b:92:9e:c7:8e:
6a:f8:ca:91:0d:37:f8:e9:fb:7f:4c:e7:37:63:1b:
7f:7f:bc:c2:3f:5c:1c:dd:9d:70:e8:49:92:e2:45:
7a:72:82:1e:9a:b0:1e:d6:67:4a:17:d1:80:e4:8d:
29:3d:1d:c4:f2:7c:1e:77:e5:82:64:34:06:fc:b4:
29:4d:31:b6:c4:38:63:a6:6f:d3:f7:42:7c:de:02:
b1:49:7c:0b:5c:9a:47:81:a6:4d:07:f4:9d:47:ac:
ad:90:20:d3:bc:a7:89:ae:e4:38:26:cf:c5:bd:ac:
11:79:5d:78:8b:05:e2:b6:b3:8d:51:d6:e0:eb:35:
57:1e:76:aa:35:dd:bf:6e:25:3a:eb:55:22:94:27:
23:38:ea:40:b6:dc:34:b4:83:52:7e:29:95:55:6a:
51:20:4c:95:ac:22:f4:0f:dc:a2:15:b0:bb:2a:19:
d3:66:9c:72:f3:90:2d:d6:0d:35:71:50:da:70:8f:
47:74:ad:f0:14:5d:5d:40:78:30:80:65:bb:f0:e1:
f1:c5:2e:8b:ce:64:fc:5a:00:95:93:28:8b:ac:74:
4a:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:1A:9A:59:2F:9A:A7:EC:40:34:7D:87:EA:3F:A9:1A:14:1C:D7:8A
X509v3 Authority Key Identifier:
keyid:CC:2E:B5:B3:8B:B6:2E:DE:5C:98:CB:FB:CF:F9:53:28:52:18:05:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zC61s4u2Lt5cmMv7z_lTKFIYBRY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/6f0269-834e-47c5-98e1-f1f802e6613b/1/ChqaWS-ap-xANH2H6j-pGhQc14o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/6f0269-834e-47c5-98e1-f1f802e6613b/1/zC61s4u2Lt5cmMv7z_lTKFIYBRY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
121.127.33.0/24
185.130.44.0/22
199.231.235.0/24
IPv6:
2a07:e00::/48
2a07:e00:a::-2a07:e00:c:ffff:ffff:ffff:ffff:ffff
2a07:e00:ac::/48
2a07:e00:bb::-2a07:e00:bc:ffff:ffff:ffff:ffff:ffff
2a07:e00:ff::/48
2a07:e00:19f::/48
2a07:e01::/32
2a07:e02:41::/48
2a07:e02:a00::/39
2a07:e02:1000::/36
2a07:e03::-2a07:e04:fff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
18:b2:c0:06:06:c5:df:db:ea:59:f4:46:3a:dc:b1:5c:18:90:
b9:63:06:b2:4f:65:44:49:b0:6b:3d:8a:22:d8:9d:fa:76:c1:
28:93:85:bc:9e:3a:56:fc:7c:9f:f3:48:66:1d:ae:79:b4:69:
4f:f9:48:88:31:3c:77:8c:38:04:7c:19:69:c4:b7:ec:d5:04:
c9:39:a9:73:df:2b:24:43:b7:11:39:06:87:49:76:49:02:3c:
ba:2d:54:55:2c:e8:f4:17:9a:9c:ac:6e:73:82:24:49:ee:1d:
4d:e5:0d:a5:4b:ed:41:3d:f5:80:c1:6b:60:2a:89:83:ec:72:
f5:59:77:9b:d4:23:8e:02:a7:7d:f7:c3:45:ab:6e:3b:f8:57:
4d:4f:59:a7:58:3b:01:c9:c0:66:ec:07:46:8a:d8:cd:39:33:
85:f5:1f:a9:c8:a5:0d:0a:d5:17:b8:0b:1f:1d:2d:fb:21:0f:
a7:f2:bd:26:48:3c:01:7c:03:8a:8c:22:9e:f2:50:7b:2d:48:
05:46:79:6e:e2:8e:3c:5d:ee:51:ba:e1:20:e3:96:3c:3c:3a:
6c:c0:52:fc:2e:b4:dc:99:46:4e:7a:98:4c:24:a2:3f:78:7c:
a6:5b:5c:03:11:58:15:21:ec:7f:ee:9c:80:a1:3d:23:d8:a0:
2c:ea:8d:e0
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgISAYzJTnCCK8p3gEILKU6tBuE2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjMmViNWIzOGJiNjJlZGU1Yzk4Y2JmYmNmZjk1MzI4NTIx
ODA1MTYwHhcNMjQwMTAyMDgzMzMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTFhOWE1OTJmOWFhN2VjNDAzNDdkODdlYTNmYTkxYTE0MWNkNzhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnAKaKFZZVDak2T8+njo2AXPBJekF
r6k/yJ2cgqTQI2TEfClR5DRMG5Kex45q+MqRDTf46ft/TOc3Yxt/f7zCP1wc3Z1w
6EmS4kV6coIemrAe1mdKF9GA5I0pPR3E8nwed+WCZDQG/LQpTTG2xDhjpm/T90J8
3gKxSXwLXJpHgaZNB/SdR6ytkCDTvKeJruQ4Js/FvawReV14iwXitrONUdbg6zVX
HnaqNd2/biU661UilCcjOOpAttw0tINSfimVVWpRIEyVrCL0D9yiFbC7KhnTZpxy
85At1g01cVDacI9HdK3wFF1dQHgwgGW78OHxxS6LzmT8WgCVkyiLrHRK6QIDAQAB
o4ICnjCCApowHQYDVR0OBBYEFAoamlkvmqfsQDR9h+o/qRoUHNeKMB8GA1UdIwQY
MBaAFMwutbOLti7eXJjL+8/5UyhSGAUWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekM2MXM0dTJMdDVjbU12N3pfbFRLRklZQlJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC82ZjAyNjktODM0ZS00N2M1LTk4ZTEt
ZjFmODAyZTY2MTNiLzEvQ2hxYVdTLWFwLXhBTkgySDZqLXBHaFFjMTRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC82ZjAyNjktODM0ZS00N2M1LTk4ZTEtZjFmODAyZTY2MTNi
LzEvekM2MXM0dTJMdDVjbU12N3pfbFRLRklZQlJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGzBggrBgEFBQcBBwEB/wSBozCBoDAYBAIAATASAwQAeX8h
AwQCuYIsAwQAx+frMIGDBAIAAjB9AwcAKgcOAAAAMBIDBwEqBw4AAAoDBwAqBw4A
AAwDBwAqBw4AAKwwEgMHACoHDgAAuwMHACoHDgAAvAMHACoHDgAA/wMHACoHDgAB
nwMFACoHDgEDBwAqBw4CAEEDBgEqBw4CCgMGBCoHDgIQMA8DBQAqBw4DAwYEKgcO
BAAwDQYJKoZIhvcNAQELBQADggEBABiywAYGxd/b6ln0RjrcsVwYkLljBrJPZURJ
sGs9iiLYnfp2wSiThbyeOlb8fJ/zSGYdrnm0aU/5SIgxPHeMOAR8GWnEt+zVBMk5
qXPfKyRDtxE5BodJdkkCPLotVFUs6PQXmpysbnOCJEnuHU3lDaVL7UE99YDBa2Aq
iYPscvVZd5vUI44Cp333w0Wrbjv4V01PWadYOwHJwGbsB0aK2M05M4X1H6nIpQ0K
1Re4Cx8dLfshD6fyvSZIPAF8A4qMIp7yUHstSAVGeW7ijjxd7lG64SDjljw8OmzA
UvwutNyZRk56mEwkoj94fKZbXAMRWBUh7H/unIChPSPYoCzqjeA=
-----END CERTIFICATE-----
Generated at Sat Feb 10 08:35:19 2024 by rpki-client on console-fra.rpki-client.org