Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/1xrC_hlR4HIXP9lPPnOqP9VVpUw.roa
File: 1xrC_hlR4HIXP9lPPnOqP9VVpUw.roa (raw, json)
Hash identifier: ABad/V3vavQo+XxBPWfZkHYJp7KxTqJBshrDeHz6+qw=
Subject key identifier: D7:1A:C2:FE:19:51:E0:72:17:3F:D9:4F:3E:73:AA:3F:D5:55:A5:4C
Certificate issuer: /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Certificate serial: 01856CC17943D354BF4596EA73A954013EE5
Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/1xrC_hlR4HIXP9lPPnOqP9VVpUw.roa
Signing time: Sun 01 Jan 2023 09:54:56 +0000
ROA not before: Sun 01 Jan 2023 09:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21342
IP address blocks: 2.22.243.0/24 maxlen: 24
95.101.76.0/24 maxlen: 24
92.122.123.0/24 maxlen: 24
2.21.230.0/24 maxlen: 24
95.101.36.0/24 maxlen: 24
88.221.162.0/24 maxlen: 24
88.221.163.0/24 maxlen: 24
2.22.230.0/24 maxlen: 24
2.16.40.0/24 maxlen: 24
88.221.81.0/24 maxlen: 24
92.123.94.0/24 maxlen: 24
92.123.95.0/24 maxlen: 24
95.100.168.0/24 maxlen: 24
84.53.139.0/24 maxlen: 24
95.100.175.0/24 maxlen: 24
95.100.174.0/24 maxlen: 24
95.100.173.0/24 maxlen: 24
2.16.130.0/24 maxlen: 24
193.108.91.0/24 maxlen: 24
193.108.88.0/24 maxlen: 24
2a02:26f0:67::/48 maxlen: 48
2a02:26f0:117::/48 maxlen: 48
2a02:26f0:68::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:c1:79:43:d3:54:bf:45:96:ea:73:a9:54:01:3e:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Validity
Not Before: Jan 1 09:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d71ac2fe1951e072173fd94f3e73aa3fd555a54c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:7b:c2:3c:cf:22:a9:2d:bf:ec:5e:0a:e6:be:
84:da:1d:1d:c6:c0:98:42:87:dc:c6:cc:7c:85:7e:
c1:91:3e:df:33:d4:13:1c:c1:92:c6:c1:f8:a9:e2:
d3:91:b4:11:44:21:e7:7d:14:4e:e3:e1:e5:60:dc:
11:16:f5:0a:d7:77:b3:f9:d3:10:1f:09:ee:43:d8:
92:bf:84:54:ea:6c:34:7d:bd:9e:a8:ec:aa:8c:6c:
4c:ef:6d:2d:1f:bb:ba:13:61:3e:d6:a7:fe:84:d9:
80:2b:a9:14:6b:1d:c3:95:9f:50:97:49:51:82:14:
09:2a:81:c2:b2:f7:7c:55:23:6f:c8:f6:b8:8c:29:
e9:e1:30:d4:34:cb:a9:24:aa:72:b4:07:22:43:62:
f9:58:48:2a:88:68:e9:05:d6:4c:7d:33:24:62:4e:
36:86:8e:13:ba:6c:9f:96:c0:83:1a:15:84:4e:fa:
e4:e4:81:cb:8a:a4:b8:2c:5e:5f:54:ed:15:07:21:
01:ac:89:8a:3b:6f:fd:d5:a5:27:71:00:1b:b5:62:
6f:f4:ab:d7:5d:66:e9:05:6d:a7:da:61:54:89:e4:
fd:af:d6:3d:fa:f6:c5:90:41:60:77:13:4e:70:5a:
3c:9e:c6:87:84:71:83:7a:9a:23:b0:8f:01:e2:7e:
a4:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:1A:C2:FE:19:51:E0:72:17:3F:D9:4F:3E:73:AA:3F:D5:55:A5:4C
X509v3 Authority Key Identifier:
keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/1xrC_hlR4HIXP9lPPnOqP9VVpUw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.16.40.0/24
2.16.130.0/24
2.21.230.0/24
2.22.230.0/24
2.22.243.0/24
84.53.139.0/24
88.221.81.0/24
88.221.162.0/23
92.122.123.0/24
92.123.94.0/23
95.100.168.0/24
95.100.173.0-95.100.175.255
95.101.36.0/24
95.101.76.0/24
193.108.88.0/24
193.108.91.0/24
IPv6:
2a02:26f0:67::-2a02:26f0:68:ffff:ffff:ffff:ffff:ffff
2a02:26f0:117::/48
Signature Algorithm: sha256WithRSAEncryption
0b:e0:52:58:94:8a:0e:2e:e3:e7:f6:12:b3:2a:5d:cf:65:62:
32:47:6f:a0:61:b9:ab:99:f1:93:ba:bf:d1:02:8d:6c:93:72:
94:d2:11:49:4d:e8:d8:92:be:f2:21:9e:c3:05:01:2f:c3:48:
00:6c:a8:07:56:b9:28:60:81:11:f9:54:be:77:cc:b0:21:06:
e4:ee:1c:9d:a2:75:d5:de:25:ac:7f:84:71:fb:a9:7e:9b:e5:
5c:d2:1e:4c:a8:8b:2d:e9:c7:24:f0:f2:02:0c:24:b7:bc:31:
81:3a:30:9c:bc:f9:ee:73:2e:c7:ab:5d:5e:07:29:a6:1e:87:
de:54:38:12:32:5c:e1:d7:55:7d:bc:e4:d2:4e:30:7d:b5:42:
cf:32:d9:5c:af:01:09:50:1d:87:a7:0b:25:1c:be:6b:22:0b:
54:2e:1f:08:f1:e0:d9:33:1b:a5:aa:ba:ae:ef:03:15:22:d5:
44:74:5c:31:9f:4f:11:58:d8:23:c4:3a:b7:0b:d6:c2:b2:0a:
36:f1:42:31:47:0b:0c:44:79:76:45:c7:d9:ae:6b:04:13:64:
c5:8d:a9:4a:90:e4:20:87:ed:2a:96:1e:6b:3e:b1:e0:f6:53:
7e:1f:de:a4:07:42:33:da:b9:0a:ee:19:1a:03:2d:f0:51:f9:
a4:45:b2:db
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAYVswXlD01S/RZbqc6lUAT7lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNWZjYmJlYTQ4OTM3YTQ0MmJhYmRiMzMwMjEzMmM0YmM5
YmQ2YWEwHhcNMjMwMTAxMDk1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzFhYzJmZTE5NTFlMDcyMTczZmQ5NGYzZTczYWEzZmQ1NTVhNTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkXvCPM8iqS2/7F4K5r6E2h0dxsCY
Qofcxsx8hX7BkT7fM9QTHMGSxsH4qeLTkbQRRCHnfRRO4+HlYNwRFvUK13ez+dMQ
HwnuQ9iSv4RU6mw0fb2eqOyqjGxM720tH7u6E2E+1qf+hNmAK6kUax3DlZ9Ql0lR
ghQJKoHCsvd8VSNvyPa4jCnp4TDUNMupJKpytAciQ2L5WEgqiGjpBdZMfTMkYk42
ho4TumyflsCDGhWETvrk5IHLiqS4LF5fVO0VByEBrImKO2/91aUncQAbtWJv9KvX
XWbpBW2n2mFUieT9r9Y9+vbFkEFgdxNOcFo8nsaHhHGDepojsI8B4n6kuQIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFNcawv4ZUeByFz/ZTz5zqj/VVaVMMB8GA1UdIwQY
MBaAFGtfy76kiTekQrq9szAhMsS8m9aqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQt
ODhkMWNhYzllNGYxLzEvMXhyQ19obFI0SElYUDlsUFBuT3FQOVZWcFV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQtODhkMWNhYzllNGYx
LzEvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGoBggrBgEFBQcBBwEB/wSBmDCBlTBuBAIAATBoAwQAAhAo
AwQAAhCCAwQAAhXmAwQAAhbmAwQAAhbzAwQAVDWLAwQAWN1RAwQBWN2iAwQAXHp7
AwQBXHteAwQAX2SoMAwDBABfZK0DBARfZKADBABfZSQDBABfZUwDBADBbFgDBADB
bFswIwQCAAIwHTASAwcAKgIm8ABnAwcAKgIm8ABoAwcAKgIm8AEXMA0GCSqGSIb3
DQEBCwUAA4IBAQAL4FJYlIoOLuPn9hKzKl3PZWIyR2+gYbmrmfGTur/RAo1sk3KU
0hFJTejYkr7yIZ7DBQEvw0gAbKgHVrkoYIER+VS+d8ywIQbk7hydonXV3iWsf4Rx
+6l+m+Vc0h5MqIst6cck8PICDCS3vDGBOjCcvPnucy7Hq11eBymmHofeVDgSMlzh
11V9vOTSTjB9tULPMtlcrwEJUB2HpwslHL5rIgtULh8I8eDZMxulqrqu7wMVItVE
dFwxn08RWNgjxDq3C9bCsgo28UIxRwsMRHl2RcfZrmsEE2TFjalKkOQgh+0qlh5r
PrHg9lN+H96kB0Iz2rkK7hkaAy3wUfmkRbLb
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:23 2023 by rpki-client on console-ams.rpki-client.org