Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/452c2b-f2cf-4a92-a1cd-f0198c6c2474/1/1-2bswLOWXe9YpTS8YvFTDq263y8.roa
File: 1-2bswLOWXe9YpTS8YvFTDq263y8.roa (raw, json)
Hash identifier: 3/h+VT+8UcNlHRkVuQK9YkWespdxbyTHTvB/tR7ndCs=
Subject key identifier: FB:66:EC:C0:B3:96:5D:EF:58:A5:34:BC:62:F1:53:0E:AD:BA:DF:2F
Certificate issuer: /CN=6696aea6bab79c48f5ddee4a46bf4ab64d863160
Certificate serial: 018D36839D75C67BF71A0DDEC72941DDAD55
Authority key identifier: 66:96:AE:A6:BA:B7:9C:48:F5:DD:EE:4A:46:BF:4A:B6:4D:86:31:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zpauprq3nEj13e5KRr9Ktk2GMWA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/452c2b-f2cf-4a92-a1cd-f0198c6c2474/1/1-2bswLOWXe9YpTS8YvFTDq263y8.roa
Signing time: Tue 23 Jan 2024 13:30:11 +0000
ROA not before: Tue 23 Jan 2024 13:30:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39122
IP address blocks: 46.22.128.0/20 maxlen: 20
78.153.192.0/19 maxlen: 24
81.17.240.0/20 maxlen: 24
91.197.234.0/23 maxlen: 23
176.52.222.0/23 maxlen: 23
185.2.64.0/22 maxlen: 22
185.206.192.0/22 maxlen: 22
185.209.164.0/22 maxlen: 22
194.36.58.0/23 maxlen: 23
194.36.64.0/23 maxlen: 23
200.69.8.0/21 maxlen: 21
2a01:a8::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 26 Jan 2024 16:46:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:36:83:9d:75:c6:7b:f7:1a:0d:de:c7:29:41:dd:ad:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6696aea6bab79c48f5ddee4a46bf4ab64d863160
Validity
Not Before: Jan 23 13:30:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fb66ecc0b3965def58a534bc62f1530eadbadf2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:d0:91:e6:0c:4f:42:ad:a9:a9:8a:c1:ec:99:
c0:ba:06:23:9b:cb:28:d2:da:76:76:24:c3:01:98:
2e:cf:a3:78:a7:83:02:ba:57:7e:15:8a:ff:d3:74:
4c:91:e2:76:10:18:c3:9a:bd:61:61:ca:a2:dd:bc:
b9:f0:a4:d8:cb:39:6a:0f:85:78:81:9d:f2:a7:36:
e0:a6:28:73:f2:37:95:d8:ba:37:5c:a2:be:c6:c1:
5b:9c:f3:b9:63:92:28:77:90:a4:d7:7b:ec:ef:ec:
ff:6c:78:e4:20:b8:52:d9:9b:eb:7f:a0:0f:f8:3d:
15:17:d4:23:8b:12:2c:b2:ec:b8:3e:73:35:54:97:
81:21:d0:ad:42:76:06:4b:7a:9b:94:a9:d9:1b:94:
f8:4f:12:d3:47:1a:0a:a0:7a:2c:d5:46:e4:55:4e:
ea:d4:4d:fd:ae:ba:cf:3c:35:49:f0:3f:f9:92:50:
5d:78:7f:77:56:fa:33:0e:0d:8f:66:39:9a:63:80:
4f:5a:81:ef:c9:97:14:f7:b4:97:92:4c:5f:15:cb:
6a:06:30:98:aa:bc:a8:6d:d3:5a:71:85:95:da:cb:
22:f2:4b:40:65:ac:4b:fe:4b:b5:43:11:8a:06:69:
f6:da:87:61:1a:a5:db:89:ab:9b:38:b7:38:84:d4:
dc:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:66:EC:C0:B3:96:5D:EF:58:A5:34:BC:62:F1:53:0E:AD:BA:DF:2F
X509v3 Authority Key Identifier:
keyid:66:96:AE:A6:BA:B7:9C:48:F5:DD:EE:4A:46:BF:4A:B6:4D:86:31:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zpauprq3nEj13e5KRr9Ktk2GMWA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/452c2b-f2cf-4a92-a1cd-f0198c6c2474/1/1-2bswLOWXe9YpTS8YvFTDq263y8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/452c2b-f2cf-4a92-a1cd-f0198c6c2474/1/Zpauprq3nEj13e5KRr9Ktk2GMWA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.22.128.0/20
78.153.192.0/19
81.17.240.0/20
91.197.234.0/23
176.52.222.0/23
185.2.64.0/22
185.206.192.0/22
185.209.164.0/22
194.36.58.0/23
194.36.64.0/23
200.69.8.0/21
IPv6:
2a01:a8::/32
Signature Algorithm: sha256WithRSAEncryption
0f:0c:a3:8f:a7:b7:62:49:e9:1e:d7:07:54:1e:7c:0d:5d:2b:
ab:8d:35:f9:04:0f:36:0f:02:ea:7c:c2:57:e1:0e:7d:37:2f:
83:ea:ea:27:08:77:4a:6b:77:fe:b7:70:be:9a:96:87:fd:32:
37:7e:fc:d3:78:22:9e:d7:17:d3:f5:ac:b3:66:a9:0d:f1:cc:
2f:09:ca:08:36:84:8b:ab:96:b3:6b:ce:bb:46:95:91:dd:1f:
1e:9f:aa:2f:dc:90:72:5f:44:f2:e1:10:ef:f1:f0:02:2b:1a:
b3:04:1a:29:41:7e:43:e9:81:31:93:15:46:1b:57:e6:bb:57:
ae:3a:47:f5:1e:4c:1f:8a:83:aa:9b:7e:21:fc:69:97:e4:bb:
6b:c8:ca:ea:4c:ca:a4:69:d9:04:93:ef:68:f1:cd:3d:12:7e:
4d:7b:c8:fe:cf:d6:e5:4f:70:b4:97:54:50:ab:49:a9:67:17:
ad:44:b7:0e:93:f6:c7:08:a2:3f:39:ad:e1:71:5c:09:f7:a9:
e5:6a:f5:96:38:8a:a6:fa:c9:c4:31:05:4e:bd:3f:70:a7:48:
38:e5:dd:15:81:62:00:88:f3:3f:b0:a2:3c:d1:53:b8:87:e0:
0f:1e:59:62:64:2b:49:b8:77:f1:41:06:c9:ef:8f:8f:a0:b2:
24:1a:e9:40
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAY02g511xnv3Gg3exylB3a1VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2OTZhZWE2YmFiNzljNDhmNWRkZWU0YTQ2YmY0YWI2NGQ4
NjMxNjAwHhcNMjQwMTIzMTMzMDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjY2ZWNjMGIzOTY1ZGVmNThhNTM0YmM2MmYxNTMwZWFkYmFkZjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs9CR5gxPQq2pqYrB7JnAugYjm8so
0tp2diTDAZguz6N4p4MCuld+FYr/03RMkeJ2EBjDmr1hYcqi3by58KTYyzlqD4V4
gZ3ypzbgpihz8jeV2Lo3XKK+xsFbnPO5Y5Iod5Ck13vs7+z/bHjkILhS2Zvrf6AP
+D0VF9QjixIssuy4PnM1VJeBIdCtQnYGS3qblKnZG5T4TxLTRxoKoHos1UbkVU7q
1E39rrrPPDVJ8D/5klBdeH93VvozDg2PZjmaY4BPWoHvyZcU97SXkkxfFctqBjCY
qryobdNacYWV2ssi8ktAZaxL/ku1QxGKBmn22odhGqXbiaubOLc4hNTcwQIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFPtm7MCzll3vWKU0vGLxUw6tut8vMB8GA1UdIwQY
MBaAFGaWrqa6t5xI9d3uSka/SrZNhjFgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnBhdXBycTNuRWoxM2U1S1JyOUt0azJHTVdBLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My80NTJjMmItZjJjZi00YTkyLWExY2Qt
ZjAxOThjNmMyNDc0LzEvMS0yYnN3TE9XWGU5WXBUUzhZdkZURHEyNjN5OC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNjMvNDUyYzJiLWYyY2YtNGE5Mi1hMWNkLWYwMTk4YzZjMjQ3
NC8xL1pwYXVwcnEzbkVqMTNlNUtScjlLdGsyR01XQS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBqBggrBgEFBQcBBwEB/wRbMFkwSAQCAAEwQgMEBC4WgAME
BU6ZwAMEBFER8AMEAVvF6gMEAbA03gMEArkCQAMEArnOwAMEArnRpAMEAcIkOgME
AcIkQAMEA8hFCDANBAIAAjAHAwUAKgEAqDANBgkqhkiG9w0BAQsFAAOCAQEADwyj
j6e3YknpHtcHVB58DV0rq401+QQPNg8C6nzCV+EOfTcvg+rqJwh3Smt3/rdwvpqW
h/0yN37803gintcX0/Wss2apDfHMLwnKCDaEi6uWs2vOu0aVkd0fHp+qL9yQcl9E
8uEQ7/HwAisaswQaKUF+Q+mBMZMVRhtX5rtXrjpH9R5MH4qDqpt+Ifxpl+S7a8jK
6kzKpGnZBJPvaPHNPRJ+TXvI/s/W5U9wtJdUUKtJqWcXrUS3DpP2xwiiPzmt4XFc
Cfep5Wr1ljiKpvrJxDEFTr0/cKdIOOXdFYFiAIjzP7CiPNFTuIfgDx5ZYmQrSbh3
8UEGye+Pj6CyJBrpQA==
-----END CERTIFICATE-----
Generated at Fri Jan 26 21:09:57 2024 by rpki-client on console-fra.rpki-client.org