Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/gvO77oU8ZPgJ1zym3lnxMWVJCP0.roa
File: gvO77oU8ZPgJ1zym3lnxMWVJCP0.roa (raw, json)
Hash identifier: 8FEoCWkbFFH7kumwS0rcY3cqap7M7WeXGi43/rudItI=
Subject key identifier: 82:F3:BB:EE:85:3C:64:F8:09:D7:3C:A6:DE:59:F1:31:65:49:08:FD
Certificate issuer: /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Certificate serial: 0194A85A23004BBE3F38B9EBB0EAF352E2CB
Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/gvO77oU8ZPgJ1zym3lnxMWVJCP0.roa
Signing time: Mon 27 Jan 2025 15:21:06 +0000
ROA not before: Mon 27 Jan 2025 15:21:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6762
IP address blocks: 2.16.19.0/24 maxlen: 24
2.16.70.0/23 maxlen: 23
2.16.146.0/23 maxlen: 23
2.16.220.0/22 maxlen: 22
2.18.0.0/22 maxlen: 22
2.18.31.0/24 maxlen: 24
2.19.16.0/20 maxlen: 20
2.20.4.0/22 maxlen: 22
2.20.109.0/24 maxlen: 24
2.20.112.0/22 maxlen: 22
2.20.252.0/24 maxlen: 24
2.21.2.0/24 maxlen: 24
2.21.14.0/24 maxlen: 24
2.21.100.0/22 maxlen: 22
2.22.216.0/22 maxlen: 22
2.22.234.0/24 maxlen: 24
88.221.28.0/22 maxlen: 22
88.221.100.0/22 maxlen: 22
92.122.68.0/22 maxlen: 22
92.122.225.0/24 maxlen: 24
92.122.248.0/22 maxlen: 22
92.123.48.0/24 maxlen: 24
92.123.106.0/24 maxlen: 24
92.123.208.0/22 maxlen: 22
95.100.136.0/22 maxlen: 22
95.101.35.0/24 maxlen: 24
95.101.68.0/22 maxlen: 22
95.101.78.0/24 maxlen: 24
95.101.114.0/24 maxlen: 24
95.101.156.0/22 maxlen: 22
2a02:26f0:b00::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 28 Feb 2025 13:08:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:a8:5a:23:00:4b:be:3f:38:b9:eb:b0:ea:f3:52:e2:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Validity
Not Before: Jan 27 15:21:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=82f3bbee853c64f809d73ca6de59f131654908fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:1b:41:cd:de:07:7b:46:7d:64:dd:85:7c:27:
dd:ab:b4:ef:b8:fe:20:69:4e:9c:36:6e:61:06:d1:
ff:da:e2:36:ff:da:60:7e:7d:52:27:ef:ac:30:a0:
c0:01:52:ce:51:de:3e:b7:48:18:2f:1a:86:d5:16:
62:aa:e7:e4:f0:68:46:97:cc:a8:dd:cf:e2:ad:fb:
74:88:f5:f8:f1:d5:fa:97:c6:55:b6:b9:93:a7:80:
f4:b8:1b:74:b8:e8:7f:bb:84:00:64:b8:7f:c1:42:
c4:92:d9:56:96:42:bc:73:9e:df:3e:ff:d1:7d:9e:
f4:f3:f6:c4:a1:94:8f:3e:16:d0:15:45:ec:c1:f6:
06:6c:9f:c7:d6:90:a7:f9:b9:66:50:08:af:d6:72:
3a:27:4f:d4:f4:a0:ac:c9:6f:83:2b:ca:19:e6:8a:
18:7a:02:c7:d9:ce:16:8a:1c:a7:7a:b5:6f:07:10:
40:76:96:82:49:bf:60:75:6d:87:41:81:34:93:e4:
87:d0:1b:8e:68:13:b1:6b:97:7c:6a:91:7f:97:ec:
15:61:80:84:dd:1a:91:49:3c:1b:e0:48:7e:11:c6:
a3:b9:10:27:1b:31:3c:8b:e6:c8:e3:5a:db:99:e1:
b3:74:86:2a:c4:39:a8:f3:94:a4:de:59:ee:52:50:
58:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:F3:BB:EE:85:3C:64:F8:09:D7:3C:A6:DE:59:F1:31:65:49:08:FD
X509v3 Authority Key Identifier:
keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/gvO77oU8ZPgJ1zym3lnxMWVJCP0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.16.19.0/24
2.16.70.0/23
2.16.146.0/23
2.16.220.0/22
2.18.0.0/22
2.18.31.0/24
2.19.16.0/20
2.20.4.0/22
2.20.109.0/24
2.20.112.0/22
2.20.252.0/24
2.21.2.0/24
2.21.14.0/24
2.21.100.0/22
2.22.216.0/22
2.22.234.0/24
88.221.28.0/22
88.221.100.0/22
92.122.68.0/22
92.122.225.0/24
92.122.248.0/22
92.123.48.0/24
92.123.106.0/24
92.123.208.0/22
95.100.136.0/22
95.101.35.0/24
95.101.68.0/22
95.101.78.0/24
95.101.114.0/24
95.101.156.0/22
IPv6:
2a02:26f0:b00::/48
Signature Algorithm: sha256WithRSAEncryption
7b:71:d2:a9:dc:70:68:c8:de:ed:4a:98:03:da:12:61:f6:b2:
eb:06:70:5a:34:1b:d7:ff:ff:ce:68:20:ad:e0:db:b8:87:b5:
ce:3b:55:fd:d8:a7:fe:31:e1:b8:bd:7a:19:28:9c:8f:c3:e4:
56:51:00:c1:b9:39:59:45:30:42:36:d9:68:ef:ba:38:26:8b:
0e:54:c0:74:b7:11:af:ab:29:b6:99:3e:93:8b:92:47:5b:f9:
95:e7:de:58:ed:ce:c1:a7:3f:d9:e1:9c:e0:28:6f:83:ea:d1:
67:22:e1:7a:fc:70:ea:83:44:1e:bd:3c:d2:3b:da:18:35:3c:
df:8f:38:74:75:e6:55:1d:36:51:95:b0:0c:3a:d3:0b:6f:49:
6b:31:ca:19:19:ff:ef:0f:36:d7:3e:fe:e9:94:4e:73:75:57:
e9:f2:97:83:6c:67:95:f5:19:98:a6:d3:d5:db:6e:b6:1a:99:
f7:55:ed:9a:d1:0d:ab:33:8e:13:64:bc:de:0b:57:b2:f7:31:
b6:15:cb:d8:4a:4b:f9:76:83:25:27:b7:a7:8d:2d:98:da:40:
4c:c0:e2:b0:c4:f2:ac:30:8f:de:a8:5d:bb:54:eb:ad:92:1e:
91:11:6e:38:67:56:53:6a:1a:5e:b4:c5:cb:23:ac:bb:3f:71:
4d:18:41:8d
-----BEGIN CERTIFICATE-----
MIIFwTCCBKmgAwIBAgISAZSoWiMAS74/OLnrsOrzUuLLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNWZjYmJlYTQ4OTM3YTQ0MmJhYmRiMzMwMjEzMmM0YmM5
YmQ2YWEwHhcNMjUwMTI3MTUyMTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmYzYmJlZTg1M2M2NGY4MDlkNzNjYTZkZTU5ZjEzMTY1NDkwOGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmhtBzd4He0Z9ZN2FfCfdq7TvuP4g
aU6cNm5hBtH/2uI2/9pgfn1SJ++sMKDAAVLOUd4+t0gYLxqG1RZiqufk8GhGl8yo
3c/irft0iPX48dX6l8ZVtrmTp4D0uBt0uOh/u4QAZLh/wULEktlWlkK8c57fPv/R
fZ708/bEoZSPPhbQFUXswfYGbJ/H1pCn+blmUAiv1nI6J0/U9KCsyW+DK8oZ5ooY
egLH2c4WihynerVvBxBAdpaCSb9gdW2HQYE0k+SH0BuOaBOxa5d8apF/l+wVYYCE
3RqRSTwb4Eh+EcajuRAnGzE8i+bI41rbmeGzdIYqxDmo85Sk3lnuUlBYjwIDAQAB
o4ICzTCCAskwHQYDVR0OBBYEFILzu+6FPGT4Cdc8pt5Z8TFlSQj9MB8GA1UdIwQY
MBaAFGtfy76kiTekQrq9szAhMsS8m9aqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQt
ODhkMWNhYzllNGYxLzEvZ3ZPNzdvVThaUGdKMXp5bTNsbnhNV1ZKQ1AwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQtODhkMWNhYzllNGYx
LzEvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHiBggrBgEFBQcBBwEB/wSB0jCBzzCBuwQCAAEwgbQDBAAC
EBMDBAECEEYDBAECEJIDBAICENwDBAICEgADBAACEh8DBAQCExADBAICFAQDBAAC
FG0DBAICFHADBAACFPwDBAACFQIDBAACFQ4DBAICFWQDBAICFtgDBAACFuoDBAJY
3RwDBAJY3WQDBAJcekQDBABceuEDBAJcevgDBABcezADBABce2oDBAJce9ADBAJf
ZIgDBABfZSMDBAJfZUQDBABfZU4DBABfZXIDBAJfZZwwDwQCAAIwCQMHACoCJvAL
ADANBgkqhkiG9w0BAQsFAAOCAQEAe3HSqdxwaMje7UqYA9oSYfay6wZwWjQb1///
zmggreDbuIe1zjtV/din/jHhuL16GSicj8PkVlEAwbk5WUUwQjbZaO+6OCaLDlTA
dLcRr6sptpk+k4uSR1v5lefeWO3Owac/2eGc4Chvg+rRZyLhevxw6oNEHr080jva
GDU83484dHXmVR02UZWwDDrTC29JazHKGRn/7w821z7+6ZROc3VX6fKXg2xnlfUZ
mKbT1dtuthqZ91XtmtENqzOOE2S83gtXsvcxthXL2EpL+XaDJSe3p40tmNpATMDi
sMTyrDCP3qhdu1TrrZIekRFuOGdWU2oaXrTFyyOsuz9xTRhBjQ==
-----END CERTIFICATE-----
Generated at Wed Apr 9 09:15:07 2025 by rpki-client