Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/reSC5rKBKr3W8aeqV99KhNlDGXQ.roa
File: reSC5rKBKr3W8aeqV99KhNlDGXQ.roa (raw, json)
Hash identifier: Z3ebG6UM1Ts1OwjWVAT6j8ZYGnnCWCi0Wqj6yz2OYG4=
Subject key identifier: AD:E4:82:E6:B2:81:2A:BD:D6:F1:A7:AA:57:DF:4A:84:D9:43:19:74
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 018AA86957514A250CD13D2DE5552369D63F
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/reSC5rKBKr3W8aeqV99KhNlDGXQ.roa
Signing time: Mon 18 Sep 2023 13:09:50 +0000
ROA not before: Mon 18 Sep 2023 13:09:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29632
IP address blocks: 95.164.52.0/22 maxlen: 22
95.164.56.0/22 maxlen: 22
195.214.212.0/22 maxlen: 22
195.214.208.0/21 maxlen: 21
195.214.208.0/22 maxlen: 22
95.164.76.0/24 maxlen: 24
195.214.210.0/24 maxlen: 24
95.164.72.0/22 maxlen: 22
95.164.80.0/22 maxlen: 22
95.164.92.0/22 maxlen: 22
95.164.172.0/22 maxlen: 22
95.164.170.0/23 maxlen: 23
94.131.0.0/23 maxlen: 23
94.131.4.0/24 maxlen: 24
94.131.7.0/24 maxlen: 24
94.131.6.0/24 maxlen: 24
62.205.132.0/24 maxlen: 24
62.205.128.0/20 maxlen: 20
62.205.128.0/19 maxlen: 20
62.205.134.0/24 maxlen: 24
62.205.144.0/20 maxlen: 20
62.205.152.0/24 maxlen: 24
62.205.159.0/24 maxlen: 24
95.164.20.0/24 maxlen: 24
95.164.40.0/22 maxlen: 22
95.164.50.0/24 maxlen: 24
95.164.49.0/24 maxlen: 24
2a01:d0:8000::/33 maxlen: 33
2a01:d0::/32 maxlen: 32
2a01:d0:ffff::/48 maxlen: 48
2a01:d0:7fff::/48 maxlen: 48
2a01:d0:317::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:a8:69:57:51:4a:25:0c:d1:3d:2d:e5:55:23:69:d6:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Sep 18 13:09:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ade482e6b2812abdd6f1a7aa57df4a84d9431974
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:b7:e8:76:8b:98:d0:c6:ba:94:69:27:da:c3:
e7:29:47:5c:6d:6e:2c:e5:f4:3c:5b:75:ab:86:81:
06:63:c9:55:65:4f:de:9a:73:37:4f:b4:a5:2a:e0:
b5:0a:3d:ca:53:b5:13:35:20:92:cc:00:16:e3:8a:
35:8e:d2:32:11:77:5b:9a:e4:08:08:fa:1b:f1:2b:
f5:aa:88:31:2d:cb:c8:5e:02:a0:30:ad:20:7b:8f:
4e:37:ba:fb:4b:78:9b:ac:5c:e8:1c:80:c2:28:ea:
92:e4:b3:15:f6:29:5c:99:ce:18:b7:20:71:cb:aa:
86:b8:4c:0c:a6:42:16:be:09:e5:cd:27:02:5a:81:
82:7a:18:dc:0c:46:59:8c:90:a7:06:30:d9:bf:17:
f4:3d:c1:86:f1:5c:af:9f:f3:22:ba:3b:20:20:e8:
59:35:32:aa:6b:f4:b7:56:bf:1c:07:60:49:93:06:
62:d2:2b:c2:0a:65:9f:a3:c4:d1:5f:1b:de:12:89:
60:a7:ed:02:c1:38:8d:11:e5:c9:a4:1a:ad:08:9d:
2e:57:c3:ec:5d:b4:8a:51:17:c7:a7:d1:9f:88:1a:
54:bd:cb:40:da:9e:f7:26:e5:9b:d3:b2:6b:ab:63:
56:96:df:8d:8e:35:80:a0:c5:9e:3f:e1:ee:4f:05:
f3:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:E4:82:E6:B2:81:2A:BD:D6:F1:A7:AA:57:DF:4A:84:D9:43:19:74
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/reSC5rKBKr3W8aeqV99KhNlDGXQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.205.128.0/19
94.131.0.0/23
94.131.4.0/24
94.131.6.0/23
95.164.20.0/24
95.164.40.0/22
95.164.49.0-95.164.50.255
95.164.52.0-95.164.59.255
95.164.72.0-95.164.76.255
95.164.80.0/22
95.164.92.0/22
95.164.170.0-95.164.175.255
195.214.208.0/21
IPv6:
2a01:d0::/32
Signature Algorithm: sha256WithRSAEncryption
92:87:8a:18:97:0a:da:da:b6:3a:4d:0b:43:c1:97:01:e5:ca:
a7:73:eb:d1:58:8d:b5:43:68:c8:5f:cb:ce:3e:3d:f1:6c:2f:
ce:26:bb:11:5f:65:64:fe:97:8a:33:e1:db:35:cf:d0:92:cf:
8c:0f:e0:1d:33:48:88:b2:40:d9:99:fd:e1:7d:39:88:c4:f6:
08:6d:99:4d:c8:79:d5:b7:13:7d:fc:e8:2c:e4:48:a9:c1:19:
1d:32:42:5f:a7:43:19:53:7d:1b:50:cf:59:23:49:34:f9:9f:
91:72:0c:08:b6:bd:a8:d2:74:ab:b7:17:6b:fe:23:9e:7b:b5:
e7:21:f7:29:e4:61:bc:4a:83:be:f9:49:17:3a:80:80:9d:32:
18:aa:26:fa:8e:96:9f:b5:42:62:3e:9f:cf:b0:9e:7a:78:ac:
99:ce:64:78:23:78:6b:9f:83:63:0c:0e:2f:7f:3f:ad:cf:36:
f6:70:49:2f:0d:97:3c:4f:65:c4:a2:b2:a1:e5:21:67:07:de:
bb:61:94:21:61:28:cc:aa:65:52:4d:6f:8e:dc:d0:e7:0c:8e:
6e:a5:5b:cb:24:dc:e5:50:96:2c:39:92:db:d3:bf:bc:47:df:
92:33:33:00:70:e4:0c:5c:d4:b3:9c:d2:88:3d:ab:1a:dd:15:
14:67:a3:ba
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAYqoaVdRSiUM0T0t5VUjadY/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjMwOTE4MTMwOTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGU0ODJlNmIyODEyYWJkZDZmMWE3YWE1N2RmNGE4NGQ5NDMxOTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl7fodouY0Ma6lGkn2sPnKUdcbW4s
5fQ8W3WrhoEGY8lVZU/emnM3T7SlKuC1Cj3KU7UTNSCSzAAW44o1jtIyEXdbmuQI
CPob8Sv1qogxLcvIXgKgMK0ge49ON7r7S3ibrFzoHIDCKOqS5LMV9ilcmc4YtyBx
y6qGuEwMpkIWvgnlzScCWoGCehjcDEZZjJCnBjDZvxf0PcGG8Vyvn/MiujsgIOhZ
NTKqa/S3Vr8cB2BJkwZi0ivCCmWfo8TRXxveEolgp+0CwTiNEeXJpBqtCJ0uV8Ps
XbSKURfHp9GfiBpUvctA2p73JuWb07Jrq2NWlt+NjjWAoMWeP+HuTwXzmQIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFK3kguaygSq91vGnqlffSoTZQxl0MB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvcmVTQzVyS0JLcjNXOGFlcVY5OUtoTmxER1hRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTB0BAIAATBuAwQFPs2A
AwQBXoMAAwQAXoMEAwQBXoMGAwQAX6QUAwQCX6QoMAwDBABfpDEDBABfpDIwDAME
Al+kNAMEAl+kODAMAwQDX6RIAwQAX6RMAwQCX6RQAwQCX6RcMAwDBAFfpKoDBARf
pKADBAPD1tAwDQQCAAIwBwMFACoBANAwDQYJKoZIhvcNAQELBQADggEBAJKHihiX
CtratjpNC0PBlwHlyqdz69FYjbVDaMhfy84+PfFsL84muxFfZWT+l4oz4ds1z9CS
z4wP4B0zSIiyQNmZ/eF9OYjE9ghtmU3IedW3E3386CzkSKnBGR0yQl+nQxlTfRtQ
z1kjSTT5n5FyDAi2vajSdKu3F2v+I557tech9ynkYbxKg775SRc6gICdMhiqJvqO
lp+1QmI+n8+wnnp4rJnOZHgjeGufg2MMDi9/P63PNvZwSS8NlzxPZcSisqHlIWcH
3rthlCFhKMyqZVJNb47c0OcMjm6lW8sk3OVQliw5ktvTv7xH35IzMwBw5Axc1LOc
0og9qxrdFRRno7o=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:58 2024 by rpki-client on console-fra.rpki-client.org