Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/aqBrEr6A_xNnlgEZqKZAOoxaWvA.roa
File: aqBrEr6A_xNnlgEZqKZAOoxaWvA.roa (raw, json)
Hash identifier: +IN43/VXrsEgRS+Ux44yBBdWd1EEHEZJi3BshJOdxxs=
Subject key identifier: 6A:A0:6B:12:BE:80:FF:13:67:96:01:19:A8:A6:40:3A:8C:5A:5A:F0
Certificate issuer: /CN=5ebba0735a07e40ca32026278b2678678f8bacd9
Certificate serial: 018CFBB60BDBD8F66742D1D95C5B051FB595
Authority key identifier: 5E:BB:A0:73:5A:07:E4:0C:A3:20:26:27:8B:26:78:67:8F:8B:AC:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xrugc1oH5AyjICYniyZ4Z4-LrNk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/aqBrEr6A_xNnlgEZqKZAOoxaWvA.roa
Signing time: Fri 12 Jan 2024 03:27:40 +0000
ROA not before: Fri 12 Jan 2024 03:27:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29555
IP address blocks: 85.117.96.0/24 maxlen: 24
85.117.97.0/24 maxlen: 24
85.117.98.0/24 maxlen: 24
85.117.105.0/24 maxlen: 24
85.117.99.0/24 maxlen: 24
85.117.100.0/24 maxlen: 24
85.117.101.0/24 maxlen: 24
85.117.102.0/24 maxlen: 24
85.117.103.0/24 maxlen: 24
85.117.104.0/24 maxlen: 24
85.117.106.0/24 maxlen: 24
85.117.107.0/24 maxlen: 24
85.117.108.0/24 maxlen: 24
85.117.109.0/24 maxlen: 24
185.57.72.0/24 maxlen: 24
185.57.73.0/24 maxlen: 24
185.57.74.0/24 maxlen: 24
185.57.75.0/24 maxlen: 24
217.76.68.0/24 maxlen: 24
217.76.71.0/24 maxlen: 24
217.76.72.0/24 maxlen: 24
217.76.74.0/24 maxlen: 24
217.76.75.0/24 maxlen: 24
217.76.76.0/24 maxlen: 24
217.76.77.0/24 maxlen: 24
217.76.78.0/24 maxlen: 24
217.76.79.0/24 maxlen: 24
2a03:32c0:300e::/48 maxlen: 48
2a03:32c0:18::/48 maxlen: 48
2a03:32c0:17::/48 maxlen: 48
2a03:32c0:b::/48 maxlen: 48
2a03:32c0:d::/48 maxlen: 48
2a03:32c0:16::/48 maxlen: 48
2a03:32c0:c::/48 maxlen: 48
2a03:32c0:a::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 15 Jan 2024 03:05:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:fb:b6:0b:db:d8:f6:67:42:d1:d9:5c:5b:05:1f:b5:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ebba0735a07e40ca32026278b2678678f8bacd9
Validity
Not Before: Jan 12 03:27:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6aa06b12be80ff1367960119a8a6403a8c5a5af0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:b4:7e:9f:63:9a:14:fd:a3:ea:1e:a3:50:f1:
18:01:bb:4e:49:ba:89:53:8c:f4:f1:d6:b9:da:20:
2e:24:38:51:90:96:ff:8b:fe:3c:c8:e6:aa:5b:0e:
19:da:e1:8d:bb:62:3e:26:67:3a:53:93:b1:c7:17:
4c:8d:da:1f:76:1b:28:22:25:0e:96:67:61:f7:c0:
fc:1a:cd:f2:e1:65:2b:6f:5b:f0:b7:a6:83:63:ca:
97:3b:0c:e5:1d:22:97:0e:14:7f:4b:a7:3a:08:9d:
e6:8b:57:54:04:61:1d:81:1a:2c:a0:e4:96:7f:81:
20:79:6e:2f:3d:49:55:28:3e:b9:d6:39:72:c6:31:
d7:4e:39:0b:99:87:a0:6a:e3:f1:77:60:7f:e8:e2:
b6:a7:53:44:d8:32:6a:05:cb:b3:4a:ac:6e:4d:0e:
46:2a:c9:38:5a:45:64:46:7a:0f:77:68:7d:94:55:
ab:51:a8:b0:36:20:c2:68:40:04:97:06:7b:12:8b:
f4:74:58:3a:04:c1:0b:43:79:09:c9:68:0a:09:67:
fa:4f:91:d8:71:8b:10:37:e3:4d:4a:38:38:2a:70:
ef:26:51:02:3d:63:dd:56:13:b8:29:be:ac:01:00:
32:95:03:07:35:cb:52:46:b7:38:e7:a6:51:8b:9a:
0c:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:A0:6B:12:BE:80:FF:13:67:96:01:19:A8:A6:40:3A:8C:5A:5A:F0
X509v3 Authority Key Identifier:
keyid:5E:BB:A0:73:5A:07:E4:0C:A3:20:26:27:8B:26:78:67:8F:8B:AC:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xrugc1oH5AyjICYniyZ4Z4-LrNk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/aqBrEr6A_xNnlgEZqKZAOoxaWvA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/Xrugc1oH5AyjICYniyZ4Z4-LrNk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.117.96.0-85.117.109.255
185.57.72.0/22
217.76.68.0/24
217.76.71.0-217.76.72.255
217.76.74.0-217.76.79.255
IPv6:
2a03:32c0:a::-2a03:32c0:d:ffff:ffff:ffff:ffff:ffff
2a03:32c0:16::-2a03:32c0:18:ffff:ffff:ffff:ffff:ffff
2a03:32c0:300e::/48
Signature Algorithm: sha256WithRSAEncryption
b0:51:f6:f6:63:5a:bc:6d:cd:7b:73:dc:4f:71:22:81:8c:0a:
db:8c:19:db:20:f4:24:f6:1c:18:1c:d7:ee:9b:60:8d:3a:3d:
6b:1a:05:a1:58:a8:c4:ce:2e:a5:5f:09:c9:90:d6:2c:4d:40:
c1:18:ee:44:1a:41:5f:57:4d:92:71:b9:c1:5f:4f:54:c3:1b:
43:e4:2b:c1:08:82:e6:fa:c3:9c:5d:3e:46:de:39:ef:d2:f1:
c6:f7:f2:4d:9c:a7:b8:11:23:bc:f9:8e:02:9d:c2:6a:5e:87:
b0:f3:ea:fa:f9:03:ff:10:54:21:36:eb:79:97:84:42:0a:45:
aa:ef:5f:cf:e9:13:e4:0e:ef:e2:00:46:85:f3:00:01:f4:6b:
25:55:17:23:05:a7:41:07:56:20:87:5f:c6:ac:91:81:8d:6a:
32:a5:62:30:31:66:6a:1c:ab:e1:0e:89:88:bf:0d:cd:dc:ca:
3b:e8:aa:5d:af:e0:f3:ee:7a:05:d7:1d:b9:d9:53:fd:20:3e:
4e:9a:31:37:c5:f6:f6:de:24:77:b6:f3:07:60:27:00:09:6f:
ed:9a:8f:c9:8c:50:54:3d:d5:82:fd:7a:90:cb:75:c3:91:36:
1f:0c:f0:4d:9b:4b:2e:61:99:20:d9:c5:e3:c1:0b:1e:20:40:
8a:dc:5b:32
-----BEGIN CERTIFICATE-----
MIIFZzCCBE+gAwIBAgISAYz7tgvb2PZnQtHZXFsFH7WVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlYmJhMDczNWEwN2U0MGNhMzIwMjYyNzhiMjY3ODY3OGY4
YmFjZDkwHhcNMjQwMTEyMDMyNzQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWEwNmIxMmJlODBmZjEzNjc5NjAxMTlhOGE2NDAzYThjNWE1YWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn7R+n2OaFP2j6h6jUPEYAbtOSbqJ
U4z08da52iAuJDhRkJb/i/48yOaqWw4Z2uGNu2I+Jmc6U5OxxxdMjdofdhsoIiUO
lmdh98D8Gs3y4WUrb1vwt6aDY8qXOwzlHSKXDhR/S6c6CJ3mi1dUBGEdgRosoOSW
f4EgeW4vPUlVKD651jlyxjHXTjkLmYegauPxd2B/6OK2p1NE2DJqBcuzSqxuTQ5G
Ksk4WkVkRnoPd2h9lFWrUaiwNiDCaEAElwZ7Eov0dFg6BMELQ3kJyWgKCWf6T5HY
cYsQN+NNSjg4KnDvJlECPWPdVhO4Kb6sAQAylQMHNctSRrc456ZRi5oM/wIDAQAB
o4ICczCCAm8wHQYDVR0OBBYEFGqgaxK+gP8TZ5YBGaimQDqMWlrwMB8GA1UdIwQY
MBaAFF67oHNaB+QMoyAmJ4smeGePi6zZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHJ1Z2Mxb0g1QXlqSUNZbml5WjRaNC1Mck5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC82MDc3ZDgtMjg3Ny00Njk4LTgwNDAt
MzIxMmI2ODU4NGU5LzEvYXFCckVyNkFfeE5ubGdFWnFLWkFPb3hhV3ZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC82MDc3ZDgtMjg3Ny00Njk4LTgwNDAtMzIxMmI2ODU4NGU5
LzEvWHJ1Z2Mxb0g1QXlqSUNZbml5WjRaNC1Mck5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGIBggrBgEFBQcBBwEB/wR5MHcwPAQCAAEwNjAMAwQFVXVg
AwQBVXVsAwQCuTlIAwQA2UxEMAwDBADZTEcDBADZTEgwDAMEAdlMSgMEBNlMQDA3
BAIAAjAxMBIDBwEqAzLAAAoDBwEqAzLAAAwwEgMHASoDMsAAFgMHACoDMsAAGAMH
ACoDMsAwDjANBgkqhkiG9w0BAQsFAAOCAQEAsFH29mNavG3Ne3PcT3EigYwK24wZ
2yD0JPYcGBzX7ptgjTo9axoFoVioxM4upV8JyZDWLE1AwRjuRBpBX1dNknG5wV9P
VMMbQ+QrwQiC5vrDnF0+Rt4579LxxvfyTZynuBEjvPmOAp3Cal6HsPPq+vkD/xBU
ITbreZeEQgpFqu9fz+kT5A7v4gBGhfMAAfRrJVUXIwWnQQdWIIdfxqyRgY1qMqVi
MDFmahyr4Q6JiL8NzdzKO+iqXa/g8+56BdcdudlT/SA+TpoxN8X29t4kd7bzB2An
AAlv7ZqPyYxQVD3Vgv16kMt1w5E2HwzwTZtLLmGZINnF48ELHiBAitxbMg==
Generated at Mon Jan 15 05:30:01 2024 by rpki-client on console-ams.rpki-client.org