Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/aaJd5eLAyQmapqS3wlwCdfcX1s4.roa
File: aaJd5eLAyQmapqS3wlwCdfcX1s4.roa (raw, json)
Hash identifier: VSAbOfNCxngxCzu1RN8nDTaqOFydeDgJI27DvdeVwNc=
Subject key identifier: 69:A2:5D:E5:E2:C0:C9:09:9A:A6:A4:B7:C2:5C:02:75:F7:17:D6:CE
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 018A3F0D6E8A5E9705CB0105719278381918
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/aaJd5eLAyQmapqS3wlwCdfcX1s4.roa
Signing time: Tue 29 Aug 2023 02:09:19 +0000
ROA not before: Tue 29 Aug 2023 02:09:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 37.153.132.0/24 maxlen: 24
188.240.83.0/24 maxlen: 24
84.247.20.0/24 maxlen: 24
89.37.106.0/24 maxlen: 24
91.250.244.0/24 maxlen: 24
89.42.40.0/24 maxlen: 24
62.112.30.0/24 maxlen: 24
89.44.210.0/24 maxlen: 24
89.36.231.0/24 maxlen: 24
46.102.174.0/24 maxlen: 24
89.37.128.0/24 maxlen: 24
93.114.69.0/24 maxlen: 24
89.40.43.0/24 maxlen: 24
176.223.190.0/24 maxlen: 24
188.211.249.0/24 maxlen: 24
94.177.113.0/24 maxlen: 24
94.177.118.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:3f:0d:6e:8a:5e:97:05:cb:01:05:71:92:78:38:19:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Aug 29 02:09:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=69a25de5e2c0c9099aa6a4b7c25c0275f717d6ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:b8:37:00:99:dc:f3:cc:51:59:51:91:f9:76:
fb:8c:51:54:ba:6a:2a:db:77:a0:16:7c:5f:15:f9:
17:97:1b:f5:b5:3a:4e:73:e4:7f:94:26:da:9d:96:
c3:fd:34:46:2b:22:08:f1:40:dd:ba:90:9a:18:35:
85:b1:67:65:f8:cf:63:7e:54:83:f6:ff:40:9e:5e:
d2:b8:f8:1a:8e:71:92:b3:d2:bd:a0:8f:64:39:d2:
4b:80:92:5c:73:33:9a:d4:35:29:07:b3:2b:8f:c0:
9c:c7:e5:a0:08:9c:f9:76:a4:05:78:92:25:2e:18:
79:04:42:0c:0c:4a:e6:2f:7a:f9:98:bd:b8:81:ee:
6f:86:e3:b3:7c:8c:4f:31:21:d7:cc:ea:ef:29:02:
2c:04:f8:eb:f5:eb:43:d9:b4:84:aa:4c:1b:66:78:
2b:24:99:d7:4a:bd:88:ea:1f:57:f9:58:5f:2d:90:
d8:fc:68:a1:95:50:0c:4c:52:75:14:67:34:26:c2:
08:be:c6:b5:d0:ba:60:71:be:51:e5:b2:9c:c0:25:
b6:89:ed:6c:5a:b2:7b:66:c9:8c:91:77:6f:2b:99:
1b:49:02:79:00:66:47:fc:7d:b6:42:4c:b9:50:26:
2d:2a:54:35:27:a3:0c:bc:7a:44:75:d5:c7:39:56:
1c:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:A2:5D:E5:E2:C0:C9:09:9A:A6:A4:B7:C2:5C:02:75:F7:17:D6:CE
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/aaJd5eLAyQmapqS3wlwCdfcX1s4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.153.132.0/24
46.102.174.0/24
62.112.30.0/24
84.247.20.0/24
89.36.231.0/24
89.37.106.0/24
89.37.128.0/24
89.40.43.0/24
89.42.40.0/24
89.44.210.0/24
91.250.244.0/24
93.114.69.0/24
94.177.113.0/24
94.177.118.0/24
176.223.190.0/24
188.211.249.0/24
188.240.83.0/24
Signature Algorithm: sha256WithRSAEncryption
31:20:e0:7d:72:e1:05:10:df:b1:96:75:8c:c8:d1:1c:71:ec:
74:00:99:95:61:c9:c2:f8:91:bd:93:93:00:fe:5e:e7:be:49:
84:4f:6e:ae:f2:ba:a7:22:22:3d:3c:f8:86:ff:9b:1a:ce:6a:
39:24:e0:2e:3f:ce:87:c4:87:69:0d:25:4f:70:42:9a:34:fc:
7e:1d:bd:13:a5:4d:30:97:41:f4:8c:e4:48:82:3e:67:ed:9f:
07:eb:51:51:c2:cb:9e:4b:6e:ef:87:cb:63:b6:da:c4:5c:a0:
54:c2:cd:37:76:1d:96:b7:d6:71:49:1a:f5:50:1c:4b:e5:9d:
8b:c6:0f:c0:97:f2:bb:81:ad:ed:0f:c8:a0:17:36:2e:66:db:
b8:3a:39:ec:9d:e0:12:b2:9d:b3:cb:ac:d6:48:83:34:fc:99:
8b:5a:36:99:93:8c:d0:49:9e:19:56:a9:af:72:96:ae:5e:82:
9f:1e:0a:da:a6:b7:74:36:52:17:62:33:44:3b:d9:05:16:22:
d4:28:21:16:86:7b:70:52:5d:7b:de:95:f5:9f:55:43:af:d3:
30:ff:6a:de:7d:ce:f5:00:df:58:e3:39:54:fc:6d:c9:94:df:
1a:12:a7:6e:fe:49:24:35:f0:aa:6b:18:45:d0:55:de:b8:8a:
27:f1:8e:6a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAYo/DW6KXpcFywEFcZJ4OBkYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjMwODI5MDIwOTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWEyNWRlNWUyYzBjOTA5OWFhNmE0YjdjMjVjMDI3NWY3MTdkNmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhrg3AJnc88xRWVGR+Xb7jFFUumoq
23egFnxfFfkXlxv1tTpOc+R/lCbanZbD/TRGKyII8UDdupCaGDWFsWdl+M9jflSD
9v9Anl7SuPgajnGSs9K9oI9kOdJLgJJcczOa1DUpB7Mrj8Ccx+WgCJz5dqQFeJIl
Lhh5BEIMDErmL3r5mL24ge5vhuOzfIxPMSHXzOrvKQIsBPjr9etD2bSEqkwbZngr
JJnXSr2I6h9X+VhfLZDY/GihlVAMTFJ1FGc0JsIIvsa10Lpgcb5R5bKcwCW2ie1s
WrJ7ZsmMkXdvK5kbSQJ5AGZH/H22Qky5UCYtKlQ1J6MMvHpEddXHOVYcRwIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFGmiXeXiwMkJmqakt8JcAnX3F9bOMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvYWFKZDVlTEF5UW1hcHFTM3dsd0NkZmNYMXM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQAJZmEAwQA
LmauAwQAPnAeAwQAVPcUAwQAWSTnAwQAWSVqAwQAWSWAAwQAWSgrAwQAWSooAwQA
WSzSAwQAW/r0AwQAXXJFAwQAXrFxAwQAXrF2AwQAsN++AwQAvNP5AwQAvPBTMA0G
CSqGSIb3DQEBCwUAA4IBAQAxIOB9cuEFEN+xlnWMyNEccex0AJmVYcnC+JG9k5MA
/l7nvkmET26u8rqnIiI9PPiG/5sazmo5JOAuP86HxIdpDSVPcEKaNPx+Hb0TpU0w
l0H0jORIgj5n7Z8H61FRwsueS27vh8tjttrEXKBUws03dh2Wt9ZxSRr1UBxL5Z2L
xg/Al/K7ga3tD8igFzYuZtu4OjnsneASsp2zy6zWSIM0/JmLWjaZk4zQSZ4ZVqmv
cpauXoKfHgraprd0NlIXYjNEO9kFFiLUKCEWhntwUl173pX1n1VDr9Mw/2refc71
AN9Y4zlU/G3JlN8aEqdu/kkkNfCqaxhF0FXeuIon8Y5q
-----END CERTIFICATE-----
Generated at Wed Sep 6 01:36:47 2023 by rpki-client on console-ams.rpki-client.org