Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/aaY8_iR65UJDmlRb4ckyDZoFx0w.roa
File: aaY8_iR65UJDmlRb4ckyDZoFx0w.roa (raw, json)
Hash identifier: eYVJu6QXo57YmY0f7sNw3b4aQxzebDKdZRlmIJs0v+g=
Subject key identifier: 69:A6:3C:FE:24:7A:E5:42:43:9A:54:5B:E1:C9:32:0D:9A:05:C7:4C
Certificate issuer: /CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Certificate serial: 01922908B39DCD2C5D2457F081C7E6EB78F0
Authority key identifier: 9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/aaY8_iR65UJDmlRb4ckyDZoFx0w.roa
Signing time: Wed 25 Sep 2024 11:54:49 +0000
ROA not before: Wed 25 Sep 2024 11:54:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49100
IP address blocks: 5.202.0.0/16 maxlen: 24
5.202.16.0/23 maxlen: 23
5.202.22.0/23 maxlen: 23
5.202.76.0/24 maxlen: 24
5.202.82.0/24 maxlen: 24
5.202.100.0/24 maxlen: 24
5.202.110.0/24 maxlen: 24
5.202.166.0/23 maxlen: 23
77.237.160.0/19 maxlen: 19
85.9.64.0/18 maxlen: 18
85.9.68.0/24 maxlen: 24
85.9.76.0/24 maxlen: 24
91.209.242.0/24 maxlen: 24
95.215.160.0/22 maxlen: 22
109.125.160.0/19 maxlen: 19
109.125.160.0/23 maxlen: 23
109.125.162.0/23 maxlen: 23
109.125.164.0/23 maxlen: 23
109.125.176.0/22 maxlen: 22
109.125.182.0/23 maxlen: 23
109.125.184.0/22 maxlen: 22
109.125.187.0/24 maxlen: 24
109.125.188.0/24 maxlen: 24
109.125.189.0/24 maxlen: 24
109.125.190.0/24 maxlen: 24
109.125.191.0/24 maxlen: 24
109.232.5.0/24 maxlen: 24
109.232.6.0/24 maxlen: 24
109.232.7.0/24 maxlen: 24
185.72.24.0/22 maxlen: 22
185.72.27.0/24 maxlen: 24
185.83.88.0/24 maxlen: 24
185.83.89.0/24 maxlen: 24
185.83.90.0/23 maxlen: 23
185.103.128.0/22 maxlen: 22
185.125.244.0/22 maxlen: 22
185.125.248.0/21 maxlen: 21
185.125.255.0/24 maxlen: 24
185.126.0.0/20 maxlen: 20
185.126.16.0/22 maxlen: 22
185.126.16.0/23 maxlen: 23
185.126.40.0/22 maxlen: 22
185.131.28.0/22 maxlen: 22
185.131.30.0/23 maxlen: 23
185.155.8.0/21 maxlen: 21
185.169.20.0/22 maxlen: 22
185.169.36.0/22 maxlen: 22
185.169.37.0/24 maxlen: 24
185.177.232.0/22 maxlen: 22
185.180.52.0/22 maxlen: 22
188.253.32.0/19 maxlen: 24
188.253.64.0/19 maxlen: 24
193.32.80.0/23 maxlen: 23
194.33.122.0/23 maxlen: 23
2001:4c88::/32 maxlen: 32
2a02:cd80::/29 maxlen: 29
2a07:8f00::/29 maxlen: 29
2a07:8f40::/29 maxlen: 29
2a0a:4e00::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 12 Oct 2024 11:31:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:29:08:b3:9d:cd:2c:5d:24:57:f0:81:c7:e6:eb:78:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Validity
Not Before: Sep 25 11:54:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=69a63cfe247ae542439a545be1c9320d9a05c74c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:fe:6a:59:30:74:59:ca:bd:71:1f:f4:8d:0d:
c0:0e:dd:ab:63:e6:28:b2:61:21:5c:c3:67:c5:13:
1f:70:f7:ce:0e:21:4b:13:aa:bc:86:8e:67:78:eb:
71:d7:d9:20:8c:ed:01:6b:30:d5:16:38:a9:dd:32:
31:b8:91:2a:25:a8:51:da:71:00:3d:a9:a4:86:8f:
d5:2a:72:51:de:30:98:87:ae:b0:6e:05:64:58:9a:
d2:e0:bf:9b:1d:38:7c:f9:ee:e0:06:99:88:dc:b8:
78:a4:e5:c1:ee:31:b7:35:e8:61:a8:37:44:4b:ff:
8f:b7:74:23:58:42:01:e8:b3:8e:6a:57:ba:dd:d4:
eb:27:82:6d:f2:0d:23:df:fd:3f:27:76:99:21:60:
c0:4d:a8:a3:fe:62:cf:ad:62:d1:40:9b:e1:a5:5a:
30:1e:07:ef:f2:a6:d1:0b:6f:68:c0:f5:6d:dc:d9:
dc:31:f6:3d:4c:7e:cc:fd:ed:79:90:d6:d6:42:81:
4d:2b:04:29:d9:2f:57:c8:51:24:f4:28:df:3d:e1:
48:ff:36:8b:3c:2d:5e:af:e8:7b:73:59:59:2f:c5:
d0:a6:45:71:63:3b:80:67:87:71:b9:99:fc:90:03:
f4:b8:b5:2e:6a:f7:74:8c:ed:79:10:02:18:c1:2a:
47:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:A6:3C:FE:24:7A:E5:42:43:9A:54:5B:E1:C9:32:0D:9A:05:C7:4C
X509v3 Authority Key Identifier:
keyid:9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/aaY8_iR65UJDmlRb4ckyDZoFx0w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.202.0.0/16
77.237.160.0/19
85.9.64.0/18
91.209.242.0/24
95.215.160.0/22
109.125.160.0/19
109.232.5.0-109.232.7.255
185.72.24.0/22
185.83.88.0/22
185.103.128.0/22
185.125.244.0-185.126.19.255
185.126.40.0/22
185.131.28.0/22
185.155.8.0/21
185.169.20.0/22
185.169.36.0/22
185.177.232.0/22
185.180.52.0/22
188.253.32.0-188.253.95.255
193.32.80.0/23
194.33.122.0/23
IPv6:
2001:4c88::/32
2a02:cd80::/29
2a07:8f00::/29
2a07:8f40::/29
2a0a:4e00::/29
Signature Algorithm: sha256WithRSAEncryption
36:a5:c1:46:ed:4c:b2:d0:2d:b7:00:49:80:99:fe:14:54:24:
e5:6d:54:0e:2d:86:74:6d:4c:3d:2e:6e:59:15:69:ea:40:05:
6e:87:93:52:4b:0e:88:6b:b2:7b:b1:d4:78:2a:b8:e0:c5:9c:
28:40:7b:1e:78:b3:67:a5:11:7b:98:91:2d:24:67:4d:69:d8:
38:9a:2f:39:bd:e0:6c:3c:86:81:e6:cf:28:f3:c7:7c:df:56:
26:aa:4f:ea:a2:3f:f4:17:c3:0c:a5:e6:24:5f:92:03:40:87:
4e:9f:e1:e9:55:a7:6b:a3:53:e2:56:e9:9e:df:86:f7:05:19:
52:70:db:b9:60:d5:0a:2f:a7:f9:0b:0a:73:06:cd:f5:10:00:
f7:c8:c4:c4:5a:12:f0:33:d6:75:f5:83:d2:51:7f:00:82:87:
5f:c3:2c:7d:a9:98:fa:4f:0a:9f:b2:11:05:d7:25:5b:1a:a0:
f2:bc:ff:1d:f8:be:9d:4a:65:eb:a6:fe:ea:bf:49:0b:16:12:
8a:1c:06:3b:c3:b9:37:81:88:46:cb:6a:8b:6e:bf:2f:86:1e:
87:1d:9c:7d:17:f6:53:aa:ee:62:15:8b:0a:d6:a7:0f:32:7f:
70:10:27:23:1c:66:c0:b2:5b:d9:f6:7c:0e:e3:f3:bc:6b:2a:
e8:60:d0:2d
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgISAZIpCLOdzSxdJFfwgcfm63jwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMWU2OTM2OGFiZDM0NTM4ZmU3N2RkYWFiY2RjODM1YWY1
OTVlYmEwHhcNMjQwOTI1MTE1NDQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWE2M2NmZTI0N2FlNTQyNDM5YTU0NWJlMWM5MzIwZDlhMDVjNzRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8f5qWTB0Wcq9cR/0jQ3ADt2rY+Yo
smEhXMNnxRMfcPfODiFLE6q8ho5neOtx19kgjO0BazDVFjip3TIxuJEqJahR2nEA
Pamkho/VKnJR3jCYh66wbgVkWJrS4L+bHTh8+e7gBpmI3Lh4pOXB7jG3NehhqDdE
S/+Pt3QjWEIB6LOOale63dTrJ4Jt8g0j3/0/J3aZIWDATaij/mLPrWLRQJvhpVow
Hgfv8qbRC29owPVt3NncMfY9TH7M/e15kNbWQoFNKwQp2S9XyFEk9CjfPeFI/zaL
PC1er+h7c1lZL8XQpkVxYzuAZ4dxuZn8kAP0uLUuavd0jO15EAIYwSpHUwIDAQAB
o4ICyDCCAsQwHQYDVR0OBBYEFGmmPP4keuVCQ5pUW+HJMg2aBcdMMB8GA1UdIwQY
MBaAFJoeaTaKvTRTj+d92qvNyDWvWV66MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjIt
MTA5ODJlMDQwZDUzLzEvYWFZOF9pUjY1VUpEbWxSYjRja3lEWm9GeDB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjItMTA5ODJlMDQwZDUz
LzEvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHdBggrBgEFBQcBBwEB/wSBzTCByjCBnAQCAAEwgZUDAwAF
ygMEBU3toAMEBlUJQAMEAFvR8gMEAl/XoAMEBW19oDAMAwQAbegFAwQDbegAAwQC
uUgYAwQCuVNYAwQCuWeAMAwDBAK5ffQDBAK5fhADBAK5figDBAK5gxwDBAO5mwgD
BAK5qRQDBAK5qSQDBAK5segDBAK5tDQwDAMEBbz9IAMEBbz9QAMEAcEgUAMEAcIh
ejApBAIAAjAjAwUAIAFMiAMFAyoCzYADBQMqB48AAwUDKgePQAMFAyoKTgAwDQYJ
KoZIhvcNAQELBQADggEBADalwUbtTLLQLbcASYCZ/hRUJOVtVA4thnRtTD0ublkV
aepABW6Hk1JLDohrsnux1HgquODFnChAex54s2elEXuYkS0kZ01p2DiaLzm94Gw8
hoHmzyjzx3zfViaqT+qiP/QXwwyl5iRfkgNAh06f4elVp2ujU+JW6Z7fhvcFGVJw
27lg1Qovp/kLCnMGzfUQAPfIxMRaEvAz1nX1g9JRfwCCh1/DLH2pmPpPCp+yEQXX
JVsaoPK8/x34vp1KZeum/uq/SQsWEoocBjvDuTeBiEbLaotuvy+GHocdnH0X9lOq
7mIViwrWpw8yf3AQJyMcZsCyW9n2fA7j87xrKuhg0C0=
-----END CERTIFICATE-----
Generated at Sat Oct 12 16:10:32 2024 by rpki-client on console-fra.rpki-client.org