Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/26e32a-35ba-443f-bc1e-6dc1f56031eb/1/aTHaBn2IqCa4pGqXWoQmAjxOjM8.roa
File: aTHaBn2IqCa4pGqXWoQmAjxOjM8.roa (raw, json)
Hash identifier: GNXd18BMYwCHahgOXb1J13+kgaveUllcHRqIckpsKE4=
Subject key identifier: 69:31:DA:06:7D:88:A8:26:B8:A4:6A:97:5A:84:26:02:3C:4E:8C:CF
Certificate issuer: /CN=7c3e585a59b523bb86d660a7168e1c1eba094da0
Certificate serial: 018655352A0563A02BF5B9198F208352B990
Authority key identifier: 7C:3E:58:5A:59:B5:23:BB:86:D6:60:A7:16:8E:1C:1E:BA:09:4D:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fD5YWlm1I7uG1mCnFo4cHroJTaA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/26e32a-35ba-443f-bc1e-6dc1f56031eb/1/aTHaBn2IqCa4pGqXWoQmAjxOjM8.roa
Signing time: Wed 15 Feb 2023 13:13:12 +0000
ROA not before: Wed 15 Feb 2023 13:13:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210756
IP address blocks: 95.181.180.0/24 maxlen: 24
5.188.121.0/24 maxlen: 24
5.101.68.0/24 maxlen: 24
5.101.69.0/24 maxlen: 24
5.101.70.0/24 maxlen: 24
5.188.176.0/24 maxlen: 24
5.188.177.0/24 maxlen: 24
5.188.178.0/24 maxlen: 24
5.188.179.0/24 maxlen: 24
37.9.37.0/24 maxlen: 24
37.9.38.0/24 maxlen: 24
37.9.36.0/24 maxlen: 24
37.9.39.0/24 maxlen: 24
37.9.54.0/24 maxlen: 24
37.9.55.0/24 maxlen: 24
37.9.52.0/24 maxlen: 24
37.9.53.0/24 maxlen: 24
146.185.197.0/24 maxlen: 24
146.185.198.0/24 maxlen: 24
146.185.199.0/24 maxlen: 24
146.185.196.0/24 maxlen: 24
2a11:27c0:1010::/44 maxlen: 44
2a11:27c0:170::/44 maxlen: 44
2a11:27c0:150::/44 maxlen: 44
2a11:27c0:130::/44 maxlen: 44
2a11:27c0:110::/44 maxlen: 44
2a11:27c0:1000::/44 maxlen: 44
2a11:27c0:120::/44 maxlen: 44
2a11:27c0:140::/44 maxlen: 44
2a11:27c0:160::/44 maxlen: 44
Validation: Failed, certificate revoked on Wed 15 Feb 2023 13:34:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:55:35:2a:05:63:a0:2b:f5:b9:19:8f:20:83:52:b9:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c3e585a59b523bb86d660a7168e1c1eba094da0
Validity
Not Before: Feb 15 13:13:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6931da067d88a826b8a46a975a8426023c4e8ccf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:f7:90:6b:16:42:83:56:8a:9f:b6:57:3b:be:
8b:6d:4d:02:0d:ad:78:85:8b:d2:b0:4d:fe:d6:c9:
f9:c1:1e:c4:7b:a3:40:5f:99:53:67:0a:cd:06:b5:
03:e0:a4:83:0e:e2:aa:6b:ea:8e:5f:62:5f:81:8a:
16:cd:03:d5:f7:0a:36:80:d7:5f:c1:45:b3:36:3f:
3d:b6:67:51:e4:02:54:8d:88:82:d7:e5:e2:70:fe:
96:6c:73:b1:6c:1a:a4:26:0e:83:79:9a:a3:f0:e0:
24:69:02:96:85:96:b1:1e:5c:b5:1d:90:83:2f:05:
b2:73:f1:9c:52:e1:e2:d9:4b:12:6e:e5:15:9b:f6:
92:bb:49:a7:b4:92:cd:07:ee:37:15:86:8d:5f:f3:
a1:ee:e1:e6:6a:2f:4f:31:3c:2e:2b:f8:89:87:11:
89:cc:78:30:21:7f:d3:5b:13:db:2f:0f:a2:e9:43:
7a:2d:fc:90:d7:77:4c:bd:d8:88:b5:8a:1d:b1:28:
e6:9d:20:31:1b:ea:2e:1e:61:06:a1:5b:73:76:54:
0a:0c:e6:39:8d:fe:78:92:95:36:2e:40:82:ba:d0:
90:29:91:aa:1c:01:d7:5d:82:f5:ec:1b:02:c2:4d:
dc:97:bd:35:5e:29:6c:39:07:18:ee:dd:61:34:5b:
38:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:31:DA:06:7D:88:A8:26:B8:A4:6A:97:5A:84:26:02:3C:4E:8C:CF
X509v3 Authority Key Identifier:
keyid:7C:3E:58:5A:59:B5:23:BB:86:D6:60:A7:16:8E:1C:1E:BA:09:4D:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fD5YWlm1I7uG1mCnFo4cHroJTaA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/26e32a-35ba-443f-bc1e-6dc1f56031eb/1/aTHaBn2IqCa4pGqXWoQmAjxOjM8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/26e32a-35ba-443f-bc1e-6dc1f56031eb/1/fD5YWlm1I7uG1mCnFo4cHroJTaA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.101.68.0-5.101.70.255
5.188.121.0/24
5.188.176.0/22
37.9.36.0/22
37.9.52.0/22
95.181.180.0/24
146.185.196.0/22
IPv6:
2a11:27c0:110::-2a11:27c0:17f:ffff:ffff:ffff:ffff:ffff
2a11:27c0:1000::/43
Signature Algorithm: sha256WithRSAEncryption
53:49:54:58:bf:d3:8c:5e:a0:d3:f6:d6:ae:06:8b:e4:44:b6:
74:e8:45:62:b4:8d:c3:f6:d0:0b:04:a5:7c:3e:32:06:e3:3c:
61:11:f6:96:64:00:2d:ba:93:f7:4a:99:37:9d:1b:ae:27:0a:
22:1a:99:c2:0c:1a:3b:db:e8:59:ee:53:6b:f3:94:a1:24:c3:
52:86:26:7b:a8:ac:38:f1:9e:c9:7c:4c:1a:ca:4e:46:9a:78:
2d:b5:d8:1d:ee:28:07:9b:60:78:c3:f8:e8:2d:ce:16:8c:06:
13:23:bc:6b:9e:dd:6d:40:91:a0:ba:7b:46:aa:4f:cb:5c:50:
37:2c:11:dc:dc:56:1f:9e:a5:16:f9:be:31:7c:83:bf:4c:fb:
64:d0:6f:76:53:67:74:dc:17:de:b7:8c:6f:6e:f4:71:d4:bd:
51:3e:96:bd:18:65:52:ef:35:35:e7:01:59:17:71:e6:b9:3c:
1d:88:2f:72:e2:74:54:9a:5f:fc:4f:ff:04:8f:de:07:23:d0:
49:68:a2:f2:b6:57:54:cf:cc:f9:46:2f:67:ee:8a:66:2c:1f:
42:99:a7:cb:01:fd:03:85:bd:ea:86:f7:3f:88:ca:1a:e9:7f:
d6:98:94:63:85:92:84:47:09:fd:08:17:b9:0f:2f:6e:52:11:
c2:98:94:91
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAYZVNSoFY6Ar9bkZjyCDUrmQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjM2U1ODVhNTliNTIzYmI4NmQ2NjBhNzE2OGUxYzFlYmEw
OTRkYTAwHhcNMjMwMjE1MTMxMzEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTMxZGEwNjdkODhhODI2YjhhNDZhOTc1YTg0MjYwMjNjNGU4Y2NmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiveQaxZCg1aKn7ZXO76LbU0CDa14
hYvSsE3+1sn5wR7Ee6NAX5lTZwrNBrUD4KSDDuKqa+qOX2JfgYoWzQPV9wo2gNdf
wUWzNj89tmdR5AJUjYiC1+XicP6WbHOxbBqkJg6DeZqj8OAkaQKWhZaxHly1HZCD
LwWyc/GcUuHi2UsSbuUVm/aSu0mntJLNB+43FYaNX/Oh7uHmai9PMTwuK/iJhxGJ
zHgwIX/TWxPbLw+i6UN6LfyQ13dMvdiItYodsSjmnSAxG+ouHmEGoVtzdlQKDOY5
jf54kpU2LkCCutCQKZGqHAHXXYL17BsCwk3cl701XilsOQcY7t1hNFs44wIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFGkx2gZ9iKgmuKRql1qEJgI8TozPMB8GA1UdIwQY
MBaAFHw+WFpZtSO7htZgpxaOHB66CU2gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkQ1WVdsbTFJN3VHMW1DbkZvNGNIcm9KVGFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS8yNmUzMmEtMzViYS00NDNmLWJjMWUt
NmRjMWY1NjAzMWViLzEvYVRIYUJuMklxQ2E0cEdxWFdvUW1BanhPak04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS8yNmUzMmEtMzViYS00NDNmLWJjMWUtNmRjMWY1NjAzMWVi
LzEvZkQ1WVdsbTFJN3VHMW1DbkZvNGNIcm9KVGFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzA4BAIAATAyMAwDBAIFZUQD
BAAFZUYDBAAFvHkDBAIFvLADBAIlCSQDBAIlCTQDBABftbQDBAKSucQwIwQCAAIw
HTASAwcEKhEnwAEQAwcHKhEnwAEAAwcFKhEnwBAAMA0GCSqGSIb3DQEBCwUAA4IB
AQBTSVRYv9OMXqDT9tauBovkRLZ06EVitI3D9tALBKV8PjIG4zxhEfaWZAAtupP3
Spk3nRuuJwoiGpnCDBo72+hZ7lNr85ShJMNShiZ7qKw48Z7JfEwayk5Gmngttdgd
7igHm2B4w/joLc4WjAYTI7xrnt1tQJGguntGqk/LXFA3LBHc3FYfnqUW+b4xfIO/
TPtk0G92U2d03Bfet4xvbvRx1L1RPpa9GGVS7zU15wFZF3HmuTwdiC9y4nRUml/8
T/8Ej94HI9BJaKLytldUz8z5Ri9n7opmLB9CmafLAf0Dhb3qhvc/iMoa6X/WmJRj
hZKERwn9CBe5Dy9uUhHCmJSR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:00 2024 by rpki-client on console-fra.rpki-client.org