Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/ar3BSnQAzQCwDc_gWFlUwS7tMu8.roa
File: ar3BSnQAzQCwDc_gWFlUwS7tMu8.roa (raw, json)
Hash identifier: aJGsDGn3lr4adrDySWTvZOC+v8rfRzFDVJzpdehUs/4=
Subject key identifier: 6A:BD:C1:4A:74:00:CD:00:B0:0D:CF:E0:58:59:54:C1:2E:ED:32:EF
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 01904AE0A5402181A607491C19F70B87DC50
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/ar3BSnQAzQCwDc_gWFlUwS7tMu8.roa
Signing time: Mon 24 Jun 2024 15:32:34 +0000
ROA not before: Mon 24 Jun 2024 15:32:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3257
IP address blocks: 2.56.0.0/22 maxlen: 22
5.180.4.0/22 maxlen: 22
5.182.28.0/22 maxlen: 22
45.67.117.0/24 maxlen: 24
45.86.16.0/21 maxlen: 21
85.159.117.0/24 maxlen: 24
89.39.242.0/24 maxlen: 24
89.40.161.0/24 maxlen: 24
91.239.59.0/24 maxlen: 24
91.242.70.0/24 maxlen: 24
91.242.72.0/23 maxlen: 23
91.242.73.0/24 maxlen: 24
91.242.74.0/23 maxlen: 23
91.242.94.0/24 maxlen: 24
91.242.95.0/24 maxlen: 24
91.242.103.0/24 maxlen: 24
91.242.105.0/24 maxlen: 24
91.242.123.0/24 maxlen: 24
91.242.124.0/24 maxlen: 24
91.242.125.0/24 maxlen: 24
91.242.126.0/24 maxlen: 24
91.242.127.0/24 maxlen: 24
94.231.198.0/24 maxlen: 24
176.126.223.0/24 maxlen: 24
178.175.176.0/22 maxlen: 22
185.40.105.0/24 maxlen: 24
185.173.244.0/24 maxlen: 24
185.173.247.0/24 maxlen: 24
185.180.145.0/24 maxlen: 24
185.212.11.0/24 maxlen: 24
193.46.204.0/24 maxlen: 24
194.50.200.0/23 maxlen: 24
194.50.201.0/24 maxlen: 24
194.50.206.0/23 maxlen: 24
195.138.103.0/24 maxlen: 24
195.138.104.0/22 maxlen: 22
195.138.104.0/24 maxlen: 24
195.138.105.0/24 maxlen: 24
195.138.106.0/24 maxlen: 24
195.138.107.0/24 maxlen: 24
195.138.108.0/24 maxlen: 24
195.138.111.0/24 maxlen: 24
195.138.112.0/24 maxlen: 24
195.138.114.0/24 maxlen: 24
195.138.116.0/24 maxlen: 24
195.138.118.0/24 maxlen: 24
195.138.120.0/24 maxlen: 24
195.138.122.0/23 maxlen: 23
195.138.124.0/22 maxlen: 22
195.138.124.0/24 maxlen: 24
195.216.156.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 24 Jun 2024 17:50:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:4a:e0:a5:40:21:81:a6:07:49:1c:19:f7:0b:87:dc:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jun 24 15:32:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6abdc14a7400cd00b00dcfe0585954c12eed32ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:1b:21:f0:21:a8:53:46:0a:27:9d:cd:bc:30:
30:a7:5c:8a:af:3d:66:58:8e:1a:2f:ff:94:5e:6c:
cc:a6:47:db:ea:0f:4d:42:88:12:a4:2a:f4:73:7d:
48:6d:92:2f:71:47:73:11:12:50:0d:d8:4c:55:ae:
36:7b:34:75:44:ea:29:58:0e:0e:80:56:01:af:5f:
2d:a3:ae:eb:40:3b:1f:b1:fa:e9:c5:5d:99:8e:05:
9e:c3:c6:ab:d0:c0:4a:9e:9a:87:f6:c6:c3:18:65:
ba:47:4a:f2:bc:18:78:55:88:9c:82:c5:e5:30:d1:
39:bc:18:96:80:51:86:d6:25:eb:17:7d:4b:f9:77:
06:56:af:2d:83:97:9d:52:f2:f7:0d:31:a8:4e:79:
42:5d:17:23:4b:bf:51:a9:d0:e0:82:dc:8a:af:ee:
82:ee:b4:ff:64:a0:2c:2f:01:73:1f:f8:c7:2c:0a:
11:24:cb:3b:39:27:52:26:99:3d:f3:72:04:f5:b3:
84:c6:32:14:88:db:d0:85:e9:e3:db:e4:60:e9:b8:
75:08:43:20:68:e8:e7:e3:32:07:ae:f1:48:4e:58:
e1:73:f1:d7:b5:30:bc:3c:f8:31:8c:9c:95:35:45:
f1:a4:3f:e5:be:8b:d7:fb:da:18:d1:06:f4:7e:3a:
83:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:BD:C1:4A:74:00:CD:00:B0:0D:CF:E0:58:59:54:C1:2E:ED:32:EF
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/ar3BSnQAzQCwDc_gWFlUwS7tMu8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.0.0/22
5.180.4.0/22
5.182.28.0/22
45.67.117.0/24
45.86.16.0/21
85.159.117.0/24
89.39.242.0/24
89.40.161.0/24
91.239.59.0/24
91.242.70.0/24
91.242.72.0/22
91.242.94.0/23
91.242.103.0/24
91.242.105.0/24
91.242.123.0-91.242.127.255
94.231.198.0/24
176.126.223.0/24
178.175.176.0/22
185.40.105.0/24
185.173.244.0/24
185.173.247.0/24
185.180.145.0/24
185.212.11.0/24
193.46.204.0/24
194.50.200.0/23
194.50.206.0/23
195.138.103.0-195.138.108.255
195.138.111.0-195.138.112.255
195.138.114.0/24
195.138.116.0/24
195.138.118.0/24
195.138.120.0/24
195.138.122.0-195.138.127.255
195.216.156.0/22
Signature Algorithm: sha256WithRSAEncryption
16:2f:d3:e8:b8:94:32:f9:1e:c6:8b:3d:59:1a:e7:da:3d:83:
34:eb:7c:b3:24:f8:16:c3:14:54:ec:18:4d:bb:8c:3a:33:2b:
ac:66:90:ad:bd:8d:c9:18:59:d1:fe:9e:cd:4d:88:f8:8b:1e:
13:7d:b7:69:e7:38:c4:e8:dd:43:e6:f3:8d:e3:e8:50:e1:06:
3c:57:3f:c3:a3:c2:af:68:ed:90:7d:d4:33:24:57:7b:9d:3b:
1c:4e:19:e2:05:8c:9f:be:15:16:69:5b:ad:51:4e:16:07:d0:
44:d1:93:d9:c5:0f:03:8b:5b:6e:b3:87:0b:cd:53:09:0f:5a:
db:a1:ad:45:4a:f8:12:a7:1b:ff:f6:d4:c3:b7:94:af:a1:a5:
1a:29:b5:ec:84:8e:67:7e:a0:46:20:f3:10:96:23:37:a3:81:
66:4e:f2:7c:77:c4:4e:e9:a9:c9:99:a6:83:1c:a1:03:7b:8b:
29:fc:c3:1c:f6:ba:b6:59:0d:f9:42:b4:9c:79:75:6b:db:6d:
57:ba:20:a6:5b:40:05:ea:31:ef:7f:a3:ba:d1:10:df:57:a3:
07:99:31:ba:47:c0:0c:85:8f:f2:30:6b:93:1a:75:57:95:98:
c1:d6:54:ba:30:6f:67:b5:79:1a:f3:e8:df:e6:fd:76:aa:57:
ba:81:09:e2
-----BEGIN CERTIFICATE-----
MIIF6TCCBNGgAwIBAgISAZBK4KVAIYGmB0kcGfcLh9xQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjQwNjI0MTUzMjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWJkYzE0YTc0MDBjZDAwYjAwZGNmZTA1ODU5NTRjMTJlZWQzMmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8Bsh8CGoU0YKJ53NvDAwp1yKrz1m
WI4aL/+UXmzMpkfb6g9NQogSpCr0c31IbZIvcUdzERJQDdhMVa42ezR1ROopWA4O
gFYBr18to67rQDsfsfrpxV2ZjgWew8ar0MBKnpqH9sbDGGW6R0ryvBh4VYicgsXl
MNE5vBiWgFGG1iXrF31L+XcGVq8tg5edUvL3DTGoTnlCXRcjS79RqdDggtyKr+6C
7rT/ZKAsLwFzH/jHLAoRJMs7OSdSJpk983IE9bOExjIUiNvQhenj2+Rg6bh1CEMg
aOjn4zIHrvFITljhc/HXtTC8PPgxjJyVNUXxpD/lvovX+9oY0Qb0fjqDKwIDAQAB
o4IC9TCCAvEwHQYDVR0OBBYEFGq9wUp0AM0AsA3P4FhZVMEu7TLvMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvYXIzQlNuUUF6UUN3RGNfZ1dGbFV3Uzd0TXU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBCQYIKwYBBQUHAQcBAf8EgfkwgfYwgfMEAgABMIHsAwQC
AjgAAwQCBbQEAwQCBbYcAwQALUN1AwQDLVYQAwQAVZ91AwQAWSfyAwQAWSihAwQA
W+87AwQAW/JGAwQCW/JIAwQBW/JeAwQAW/JnAwQAW/JpMAwDBABb8nsDBAdb8gAD
BABe58YDBACwft8DBAKyr7ADBAC5KGkDBAC5rfQDBAC5rfcDBAC5tJEDBAC51AsD
BADBLswDBAHCMsgDBAHCMs4wDAMEAMOKZwMEAMOKbDAMAwQAw4pvAwQAw4pwAwQA
w4pyAwQAw4p0AwQAw4p2AwQAw4p4MAwDBAHDinoDBAfDigADBALD2JwwDQYJKoZI
hvcNAQELBQADggEBABYv0+i4lDL5HsaLPVka59o9gzTrfLMk+BbDFFTsGE27jDoz
K6xmkK29jckYWdH+ns1NiPiLHhN9t2nnOMTo3UPm843j6FDhBjxXP8Ojwq9o7ZB9
1DMkV3udOxxOGeIFjJ++FRZpW61RThYH0ETRk9nFDwOLW26zhwvNUwkPWtuhrUVK
+BKnG//21MO3lK+hpRopteyEjmd+oEYg8xCWIzejgWZO8nx3xE7pqcmZpoMcoQN7
iyn8wxz2urZZDflCtJx5dWvbbVe6IKZbQAXqMe9/o7rREN9XoweZMbpHwAyFj/Iw
a5MadVeVmMHWVLowb2e1eRrz6N/m/XaqV7qBCeI=
-----END CERTIFICATE-----
Generated at Mon Jun 24 23:38:38 2024 by rpki-client on console-ams.rpki-client.org