Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/756eef-6629-463a-99ff-46a43ef0221b/1/pQAtXYT5TFHtVq48bziVVcKqCxg.roa
File: pQAtXYT5TFHtVq48bziVVcKqCxg.roa (raw, json)
Hash identifier: KYGmRvyU+8FRFlQ4JZU0NnimSOoeFDuA1UUij91XP/E=
Subject key identifier: A5:00:2D:5D:84:F9:4C:51:ED:56:AE:3C:6F:38:95:55:C2:AA:0B:18
Certificate issuer: /CN=bdd244214d76468d3fb72abad1892ef23dede978
Certificate serial: 018CC64B0851D734EF7925CB41D1EDB0CF46
Authority key identifier: BD:D2:44:21:4D:76:46:8D:3F:B7:2A:BA:D1:89:2E:F2:3D:ED:E9:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vdJEIU12Ro0_tyq60Yku8j3t6Xg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/756eef-6629-463a-99ff-46a43ef0221b/1/pQAtXYT5TFHtVq48bziVVcKqCxg.roa
Signing time: Mon 01 Jan 2024 18:30:55 +0000
ROA not before: Mon 01 Jan 2024 18:30:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6730
IP address blocks: 84.20.32.0/21 maxlen: 21
84.20.32.0/20 maxlen: 20
84.74.0.0/15 maxlen: 15
84.20.40.0/21 maxlen: 21
84.20.48.0/22 maxlen: 22
84.20.48.0/21 maxlen: 21
217.168.32.0/19 maxlen: 19
217.168.32.0/20 maxlen: 20
217.168.48.0/20 maxlen: 20
46.140.0.0/17 maxlen: 17
46.140.0.0/16 maxlen: 16
62.2.0.0/17 maxlen: 17
62.2.0.0/16 maxlen: 16
194.29.0.0/19 maxlen: 19
194.29.0.0/20 maxlen: 20
46.140.128.0/17 maxlen: 17
46.127.0.0/16 maxlen: 16
80.218.0.0/16 maxlen: 16
80.218.0.0/15 maxlen: 15
62.2.128.0/17 maxlen: 17
194.29.16.0/20 maxlen: 20
77.56.0.0/15 maxlen: 15
178.83.0.0/16 maxlen: 16
77.56.0.0/14 maxlen: 14
81.7.224.0/20 maxlen: 20
81.7.224.0/19 maxlen: 19
178.82.0.0/17 maxlen: 17
178.82.0.0/16 maxlen: 16
178.82.0.0/15 maxlen: 15
81.7.240.0/20 maxlen: 20
213.193.64.0/19 maxlen: 19
178.82.128.0/17 maxlen: 17
213.193.64.0/18 maxlen: 18
84.72.0.0/15 maxlen: 15
213.193.96.0/19 maxlen: 19
84.72.0.0/14 maxlen: 14
46.126.0.0/16 maxlen: 16
46.126.0.0/15 maxlen: 15
217.162.0.0/17 maxlen: 17
217.162.0.0/16 maxlen: 16
31.10.128.0/18 maxlen: 18
31.10.128.0/17 maxlen: 17
84.20.52.0/22 maxlen: 22
80.219.0.0/16 maxlen: 16
195.202.192.0/19 maxlen: 19
195.202.192.0/18 maxlen: 18
31.10.192.0/18 maxlen: 18
195.202.224.0/19 maxlen: 19
77.58.0.0/15 maxlen: 15
217.162.128.0/17 maxlen: 17
212.47.160.0/20 maxlen: 20
212.47.160.0/19 maxlen: 19
212.47.176.0/20 maxlen: 20
2a02:aa00::/27 maxlen: 27
2a02:aa00::/28 maxlen: 28
2a00:e2c0:8000::/33 maxlen: 33
2a00:e2c0::/33 maxlen: 33
2a00:e2c0::/32 maxlen: 32
2a02:aa10::/28 maxlen: 28
Validation: Failed, certificate revoked on Fri 07 Jun 2024 10:02:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:08:51:d7:34:ef:79:25:cb:41:d1:ed:b0:cf:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bdd244214d76468d3fb72abad1892ef23dede978
Validity
Not Before: Jan 1 18:30:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a5002d5d84f94c51ed56ae3c6f389555c2aa0b18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:77:d3:86:77:ae:1b:b2:43:52:ec:7f:a4:77:
91:9c:10:9e:bf:30:5e:6f:4a:b2:28:64:27:0e:3b:
7e:cf:34:ce:f3:66:cc:ae:09:02:7f:a7:a9:5e:22:
db:12:a1:ba:5b:ee:52:3e:aa:4f:5e:be:86:56:b3:
a1:a8:3a:6c:fa:76:af:4a:83:5a:08:51:17:db:09:
c5:65:01:dc:eb:19:9f:72:cd:ab:42:dc:59:8b:c2:
33:4e:43:c4:68:d2:d7:6e:cd:89:03:be:67:79:ec:
a9:ed:ed:1e:9c:29:38:4b:bc:28:ba:33:d2:67:72:
08:da:10:83:8e:cc:0c:38:94:81:2b:1d:7c:2c:1a:
34:ef:ca:ef:e7:36:76:dd:ae:ac:99:e7:f6:dc:73:
8f:8c:96:27:1f:23:81:3e:a5:d8:3d:c1:21:78:dd:
6b:e4:f4:9c:9b:8d:49:b8:40:bd:ee:ec:55:4a:9d:
7b:96:b6:6d:00:99:48:45:85:2e:44:7d:73:f2:f2:
13:1a:44:87:47:fb:0c:2d:26:4c:14:df:86:14:70:
29:06:22:be:f4:9a:83:8d:2f:c4:17:e6:60:7a:42:
12:e0:44:2a:96:19:36:dd:35:b9:64:86:3a:7b:51:
34:8d:46:b4:d7:55:fa:cc:b3:f5:27:55:93:ea:a6:
f9:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:00:2D:5D:84:F9:4C:51:ED:56:AE:3C:6F:38:95:55:C2:AA:0B:18
X509v3 Authority Key Identifier:
keyid:BD:D2:44:21:4D:76:46:8D:3F:B7:2A:BA:D1:89:2E:F2:3D:ED:E9:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vdJEIU12Ro0_tyq60Yku8j3t6Xg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/756eef-6629-463a-99ff-46a43ef0221b/1/pQAtXYT5TFHtVq48bziVVcKqCxg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/756eef-6629-463a-99ff-46a43ef0221b/1/vdJEIU12Ro0_tyq60Yku8j3t6Xg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.10.128.0/17
46.126.0.0/15
46.140.0.0/16
62.2.0.0/16
77.56.0.0/14
80.218.0.0/15
81.7.224.0/19
84.20.32.0-84.20.55.255
84.72.0.0/14
178.82.0.0/15
194.29.0.0/19
195.202.192.0/18
212.47.160.0/19
213.193.64.0/18
217.162.0.0/16
217.168.32.0/19
IPv6:
2a00:e2c0::/32
2a02:aa00::/27
Signature Algorithm: sha256WithRSAEncryption
0f:23:8c:fb:78:da:5e:08:2e:a3:97:83:19:25:41:1c:1c:81:
d6:2a:0f:32:ba:ac:4a:8f:eb:75:c4:58:11:a9:d6:e7:ab:c2:
ca:5e:f9:d7:e7:d2:6c:f6:f6:53:2c:6f:0f:36:73:49:5b:cd:
38:84:16:8a:f4:00:4c:b2:53:ad:2d:d6:7d:37:52:d3:d7:85:
81:35:fa:bb:6b:59:47:e4:76:41:42:99:1e:98:a3:47:ef:49:
25:6a:f7:06:66:61:98:f7:b8:70:18:3a:94:c3:c7:24:e6:d4:
46:b9:9c:95:84:b1:a2:98:03:dc:0b:1b:53:d6:34:49:9f:ba:
dc:55:25:67:44:82:d8:26:f4:99:36:e3:d1:29:d4:26:57:82:
c2:58:db:86:47:5f:c8:b0:02:ac:e4:e5:8e:7c:95:6b:65:5e:
2a:c5:10:91:13:56:e8:c7:62:ee:8c:98:dd:a7:a4:3f:a4:90:
25:f3:53:a8:ff:08:a6:a5:18:dd:12:f6:32:e3:4a:6e:e4:92:
f5:27:bb:7a:72:fd:0c:a9:c7:fb:cc:b9:22:f9:67:bc:6d:05:
72:fc:ec:56:f5:1f:2a:d6:1c:23:72:73:c9:1c:fc:03:31:ae:
b0:bf:3e:86:57:22:ac:16:e4:44:2f:93:a0:86:32:68:95:76:
26:83:74:18
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgISAYzGSwhR1zTveSXLQdHtsM9GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZDI0NDIxNGQ3NjQ2OGQzZmI3MmFiYWQxODkyZWYyM2Rl
ZGU5NzgwHhcNMjQwMTAxMTgzMDU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTAwMmQ1ZDg0Zjk0YzUxZWQ1NmFlM2M2ZjM4OTU1NWMyYWEwYjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgHfThneuG7JDUux/pHeRnBCevzBe
b0qyKGQnDjt+zzTO82bMrgkCf6epXiLbEqG6W+5SPqpPXr6GVrOhqDps+navSoNa
CFEX2wnFZQHc6xmfcs2rQtxZi8IzTkPEaNLXbs2JA75neeyp7e0enCk4S7woujPS
Z3II2hCDjswMOJSBKx18LBo078rv5zZ23a6smef23HOPjJYnHyOBPqXYPcEheN1r
5PScm41JuEC97uxVSp17lrZtAJlIRYUuRH1z8vITGkSHR/sMLSZMFN+GFHApBiK+
9JqDjS/EF+ZgekIS4EQqlhk23TW5ZIY6e1E0jUa011X6zLP1J1WT6qb5NQIDAQAB
o4ICezCCAncwHQYDVR0OBBYEFKUALV2E+UxR7VauPG84lVXCqgsYMB8GA1UdIwQY
MBaAFL3SRCFNdkaNP7cqutGJLvI97el4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmRKRUlVMTJSbzBfdHlxNjBZa3U4ajN0NlhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC83NTZlZWYtNjYyOS00NjNhLTk5ZmYt
NDZhNDNlZjAyMjFiLzEvcFFBdFhZVDVURkh0VnE0OGJ6aVZWY0txQ3hnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC83NTZlZWYtNjYyOS00NjNhLTk5ZmYtNDZhNDNlZjAyMjFi
LzEvdmRKRUlVMTJSbzBfdHlxNjBZa3U4ajN0NlhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGQBggrBgEFBQcBBwEB/wSBgDB+MGYEAgABMGADBAcfCoAD
AwEufgMDAC6MAwMAPgIDAwJNOAMDAVDaAwQFUQfgMAwDBAVUFCADBANUFDADAwJU
SAMDAbJSAwQFwh0AAwQGw8rAAwQF1C+gAwQG1cFAAwMA2aIDBAXZqCAwFAQCAAIw
DgMFACoA4sADBQUqAqoAMA0GCSqGSIb3DQEBCwUAA4IBAQAPI4z7eNpeCC6jl4MZ
JUEcHIHWKg8yuqxKj+t1xFgRqdbnq8LKXvnX59Js9vZTLG8PNnNJW804hBaK9ABM
slOtLdZ9N1LT14WBNfq7a1lH5HZBQpkemKNH70klavcGZmGY97hwGDqUw8ck5tRG
uZyVhLGimAPcCxtT1jRJn7rcVSVnRILYJvSZNuPRKdQmV4LCWNuGR1/IsAKs5OWO
fJVrZV4qxRCRE1box2LujJjdp6Q/pJAl81Oo/wimpRjdEvYy40pu5JL1J7t6cv0M
qcf7zLki+We8bQVy/OxW9R8q1hwjcnPJHPwDMa6wvz6GVyKsFuREL5OghjJolXYm
g3QY
-----END CERTIFICATE-----
Generated at Fri Jun 7 14:48:49 2024 by rpki-client on console-ams.rpki-client.org