Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/KuXIjx1yanxhirZTiuqlK4h2rhY.roa
File: KuXIjx1yanxhirZTiuqlK4h2rhY.roa (raw, json)
Hash identifier: E1IxcI2eVGjx32N0zDkZf1BQA1kxppmh5uLmlyaxWXQ=
Subject key identifier: 2A:E5:C8:8F:1D:72:6A:7C:61:8A:B6:53:8A:EA:A5:2B:88:76:AE:16
Certificate issuer: /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Certificate serial: 01954CAC12D386342D50D37FD5F9CA947983
Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/KuXIjx1yanxhirZTiuqlK4h2rhY.roa
Signing time: Fri 28 Feb 2025 13:08:20 +0000
ROA not before: Fri 28 Feb 2025 13:08:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6762
IP address blocks: 2.16.19.0/24 maxlen: 24
2.16.70.0/23 maxlen: 23
2.16.146.0/23 maxlen: 23
2.16.220.0/22 maxlen: 22
2.18.0.0/22 maxlen: 22
2.18.31.0/24 maxlen: 24
2.19.16.0/20 maxlen: 20
2.20.4.0/22 maxlen: 22
2.20.109.0/24 maxlen: 24
2.20.110.0/24 maxlen: 24
2.20.112.0/22 maxlen: 22
2.20.252.0/24 maxlen: 24
2.21.2.0/24 maxlen: 24
2.21.14.0/24 maxlen: 24
2.21.100.0/22 maxlen: 22
2.22.216.0/22 maxlen: 22
2.22.234.0/24 maxlen: 24
88.221.28.0/22 maxlen: 22
88.221.100.0/22 maxlen: 22
92.122.68.0/22 maxlen: 22
92.122.225.0/24 maxlen: 24
92.122.248.0/22 maxlen: 22
92.123.48.0/24 maxlen: 24
92.123.106.0/24 maxlen: 24
92.123.208.0/22 maxlen: 22
95.100.136.0/22 maxlen: 22
95.101.35.0/24 maxlen: 24
95.101.68.0/22 maxlen: 22
95.101.78.0/24 maxlen: 24
95.101.114.0/24 maxlen: 24
95.101.156.0/22 maxlen: 22
2a02:26f0:b00::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 28 Feb 2025 15:02:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:4c:ac:12:d3:86:34:2d:50:d3:7f:d5:f9:ca:94:79:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Validity
Not Before: Feb 28 13:08:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2ae5c88f1d726a7c618ab6538aeaa52b8876ae16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:7e:3f:54:ce:45:b0:14:a0:8d:a8:e8:df:30:
de:02:73:d8:03:7a:27:c1:92:d6:8c:9e:8a:da:a9:
bc:c6:a8:c6:ba:7d:80:ec:69:b6:7d:de:69:70:4e:
52:fd:e9:47:3b:73:a7:d2:3d:eb:7d:4c:6c:46:a8:
ec:04:5e:cd:fe:9c:13:53:29:80:c6:1f:e4:a0:75:
3f:50:2c:dc:d3:97:e9:50:34:84:13:5e:7e:11:82:
8f:5a:af:fc:98:14:c1:f9:76:95:6b:15:be:32:ed:
ff:51:63:0c:b3:a7:32:6c:d2:73:57:3d:94:93:b3:
07:f8:ba:08:88:de:63:38:e2:1a:70:59:65:9e:b0:
45:2a:50:c9:63:a4:59:5c:79:65:74:72:c4:ad:7c:
3c:f0:fd:89:e0:36:f9:c2:d2:fd:55:4f:de:ae:37:
63:c1:75:f2:53:1f:08:00:45:72:30:6d:4f:cb:d4:
ea:1b:a9:b4:d0:ff:72:d5:e7:14:54:30:0c:83:01:
00:80:0b:75:cb:73:01:36:25:b7:61:7f:bc:ea:99:
b3:46:bc:fa:07:92:30:ce:7e:c5:31:08:ab:af:75:
50:6f:50:b2:ec:38:08:95:77:96:d8:b2:58:df:67:
f1:6a:4f:b5:eb:1c:83:ce:e5:a5:dd:3b:4c:ae:94:
4d:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:E5:C8:8F:1D:72:6A:7C:61:8A:B6:53:8A:EA:A5:2B:88:76:AE:16
X509v3 Authority Key Identifier:
keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/KuXIjx1yanxhirZTiuqlK4h2rhY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.16.19.0/24
2.16.70.0/23
2.16.146.0/23
2.16.220.0/22
2.18.0.0/22
2.18.31.0/24
2.19.16.0/20
2.20.4.0/22
2.20.109.0-2.20.110.255
2.20.112.0/22
2.20.252.0/24
2.21.2.0/24
2.21.14.0/24
2.21.100.0/22
2.22.216.0/22
2.22.234.0/24
88.221.28.0/22
88.221.100.0/22
92.122.68.0/22
92.122.225.0/24
92.122.248.0/22
92.123.48.0/24
92.123.106.0/24
92.123.208.0/22
95.100.136.0/22
95.101.35.0/24
95.101.68.0/22
95.101.78.0/24
95.101.114.0/24
95.101.156.0/22
IPv6:
2a02:26f0:b00::/48
Signature Algorithm: sha256WithRSAEncryption
11:3a:dc:c4:3e:d1:12:22:7a:44:ce:6b:72:64:58:2b:2f:72:
12:39:f7:77:5c:4c:93:b8:18:8a:ce:b0:bf:4e:38:b4:63:34:
cf:93:04:69:8d:13:87:00:07:45:1b:52:b1:f3:9b:e7:49:a8:
4c:9f:77:93:cf:04:8f:c1:5d:1e:c3:b4:43:8b:97:f6:6c:19:
2d:b4:10:73:cc:df:b2:09:0a:f4:7b:a4:e5:32:e4:fa:00:0e:
6b:7c:c9:71:85:8d:c1:6b:ed:3d:1c:21:ad:8c:de:a6:90:12:
fd:79:ac:8a:c1:68:8d:27:18:03:7c:90:f0:ed:57:92:3c:25:
46:a3:b0:ac:47:55:e4:5e:81:75:1f:7a:27:ee:3f:d5:22:81:
91:19:50:80:69:33:4e:9d:b0:1c:fd:5c:c4:ed:10:66:08:b9:
14:1f:f8:25:3c:7d:41:f2:b6:9c:d8:31:99:7f:d8:b8:b8:c7:
e9:a0:0c:29:68:93:5f:3e:f1:c5:e8:ee:1e:e0:58:22:70:18:
fc:8f:aa:e9:56:a0:85:40:c4:d8:99:0f:ac:6a:93:b4:2a:1c:
30:eb:72:2f:94:da:d0:34:2c:8e:9b:f9:46:b0:ab:3d:e8:74:
e4:ef:2e:9c:7d:fa:cc:15:ad:56:f2:21:42:c2:c1:15:0c:9b:
80:da:c5:39
-----BEGIN CERTIFICATE-----
MIIFyTCCBLGgAwIBAgISAZVMrBLThjQtUNN/1fnKlHmDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNWZjYmJlYTQ4OTM3YTQ0MmJhYmRiMzMwMjEzMmM0YmM5
YmQ2YWEwHhcNMjUwMjI4MTMwODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWU1Yzg4ZjFkNzI2YTdjNjE4YWI2NTM4YWVhYTUyYjg4NzZhZTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApn4/VM5FsBSgjajo3zDeAnPYA3on
wZLWjJ6K2qm8xqjGun2A7Gm2fd5pcE5S/elHO3On0j3rfUxsRqjsBF7N/pwTUymA
xh/koHU/UCzc05fpUDSEE15+EYKPWq/8mBTB+XaVaxW+Mu3/UWMMs6cybNJzVz2U
k7MH+LoIiN5jOOIacFllnrBFKlDJY6RZXHlldHLErXw88P2J4Db5wtL9VU/erjdj
wXXyUx8IAEVyMG1Py9TqG6m00P9y1ecUVDAMgwEAgAt1y3MBNiW3YX+86pmzRrz6
B5Iwzn7FMQirr3VQb1Cy7DgIlXeW2LJY32fxak+16xyDzuWl3TtMrpRNtwIDAQAB
o4IC1TCCAtEwHQYDVR0OBBYEFCrlyI8dcmp8YYq2U4rqpSuIdq4WMB8GA1UdIwQY
MBaAFGtfy76kiTekQrq9szAhMsS8m9aqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQt
ODhkMWNhYzllNGYxLzEvS3VYSWp4MXlhbnhoaXJaVGl1cWxLNGgycmhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQtODhkMWNhYzllNGYx
LzEvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHqBggrBgEFBQcBBwEB/wSB2jCB1zCBwwQCAAEwgbwDBAAC
EBMDBAECEEYDBAECEJIDBAICENwDBAICEgADBAACEh8DBAQCExADBAICFAQwDAME
AAIUbQMEAAIUbgMEAgIUcAMEAAIU/AMEAAIVAgMEAAIVDgMEAgIVZAMEAgIW2AME
AAIW6gMEAljdHAMEAljdZAMEAlx6RAMEAFx64QMEAlx6+AMEAFx7MAMEAFx7agME
Alx70AMEAl9kiAMEAF9lIwMEAl9lRAMEAF9lTgMEAF9lcgMEAl9lnDAPBAIAAjAJ
AwcAKgIm8AsAMA0GCSqGSIb3DQEBCwUAA4IBAQAROtzEPtESInpEzmtyZFgrL3IS
Ofd3XEyTuBiKzrC/Tji0YzTPkwRpjROHAAdFG1Kx85vnSahMn3eTzwSPwV0ew7RD
i5f2bBkttBBzzN+yCQr0e6TlMuT6AA5rfMlxhY3Ba+09HCGtjN6mkBL9eayKwWiN
JxgDfJDw7VeSPCVGo7CsR1XkXoF1H3on7j/VIoGRGVCAaTNOnbAc/VzE7RBmCLkU
H/glPH1B8rac2DGZf9i4uMfpoAwpaJNfPvHF6O4e4FgicBj8j6rpVqCFQMTYmQ+s
apO0Khww63IvlNrQNCyOm/lGsKs96HTk7y6cffrMFa1W8iFCwsEVDJuA2sU5
-----END CERTIFICATE-----
Generated at Wed Apr 9 09:43:01 2025 by rpki-client