Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/2T3KI2_gQ7bqsdPfkfYLvB6Ihe8.roa
File: 2T3KI2_gQ7bqsdPfkfYLvB6Ihe8.roa (raw, json)
Hash identifier: GNWd60IZvOiMslPQ75IU9owEGKol9UEs4AmIuRk2B78=
Subject key identifier: D9:3D:CA:23:6F:E0:43:B6:EA:B1:D3:DF:91:F6:0B:BC:1E:88:85:EF
Certificate issuer: /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Certificate serial: 018E7F8C84E97EFEEDEC4EA1DAC98C58A5F1
Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/2T3KI2_gQ7bqsdPfkfYLvB6Ihe8.roa
Signing time: Wed 27 Mar 2024 10:54:59 +0000
ROA not before: Wed 27 Mar 2024 10:54:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6762
IP address blocks: 2.16.19.0/24 maxlen: 24
2.16.70.0/23 maxlen: 23
2.16.220.0/22 maxlen: 22
2.18.0.0/22 maxlen: 22
2.18.31.0/24 maxlen: 24
2.20.252.0/24 maxlen: 24
2.21.14.0/24 maxlen: 24
88.221.28.0/22 maxlen: 22
88.221.100.0/22 maxlen: 22
92.122.68.0/22 maxlen: 22
92.122.225.0/24 maxlen: 24
92.122.248.0/22 maxlen: 22
92.123.48.0/24 maxlen: 24
92.123.106.0/24 maxlen: 24
92.123.208.0/22 maxlen: 22
95.100.128.0/22 maxlen: 22
95.101.68.0/22 maxlen: 22
95.101.114.0/24 maxlen: 24
95.101.156.0/22 maxlen: 22
2a02:26f0:9700::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 27 Mar 2024 12:51:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:7f:8c:84:e9:7e:fe:ed:ec:4e:a1:da:c9:8c:58:a5:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Validity
Not Before: Mar 27 10:54:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d93dca236fe043b6eab1d3df91f60bbc1e8885ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:ef:c8:54:e0:b4:3e:f3:04:a6:19:a6:a2:59:
50:0e:18:92:0d:c1:8e:d7:70:43:1f:09:9a:21:bc:
dd:6a:87:14:5c:dc:5d:ce:6e:b1:83:e7:7d:ce:22:
e9:34:bc:29:71:03:88:f1:cd:0c:21:75:fd:b5:39:
0c:c6:53:b4:69:5a:aa:d8:72:92:15:2d:99:24:33:
e4:5c:84:d8:07:02:9a:79:4c:f6:13:ec:7d:e8:f3:
7c:b6:81:94:60:3b:7b:fc:62:c1:a9:27:97:d4:e0:
0e:e8:0c:83:3f:b3:6a:da:ed:a4:d5:8f:82:cb:b4:
d6:52:f7:ab:ab:78:94:1d:04:8e:bc:c3:18:06:0e:
cd:0f:b4:b3:f8:bb:38:ae:1d:66:51:c3:c8:5d:ad:
f9:df:88:bb:e8:26:33:c6:b3:8d:d5:b0:2c:6d:ed:
62:76:ad:10:c1:01:6d:3c:4f:70:95:e6:aa:5a:87:
50:8d:1b:f8:bf:66:4d:46:9b:8a:3b:b2:4b:5a:bc:
ff:8b:79:23:af:1f:d9:75:f3:05:ca:be:2b:1e:81:
85:82:32:f6:c9:b0:cd:e1:01:67:8a:8f:cb:ea:94:
44:b8:78:1b:0a:1c:45:c7:bf:b2:b7:9d:73:ef:af:
cb:be:b5:d5:2a:47:03:fd:8f:ab:43:d8:79:f9:8c:
97:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:3D:CA:23:6F:E0:43:B6:EA:B1:D3:DF:91:F6:0B:BC:1E:88:85:EF
X509v3 Authority Key Identifier:
keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/2T3KI2_gQ7bqsdPfkfYLvB6Ihe8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.16.19.0/24
2.16.70.0/23
2.16.220.0/22
2.18.0.0/22
2.18.31.0/24
2.20.252.0/24
2.21.14.0/24
88.221.28.0/22
88.221.100.0/22
92.122.68.0/22
92.122.225.0/24
92.122.248.0/22
92.123.48.0/24
92.123.106.0/24
92.123.208.0/22
95.100.128.0/22
95.101.68.0/22
95.101.114.0/24
95.101.156.0/22
IPv6:
2a02:26f0:9700::/48
Signature Algorithm: sha256WithRSAEncryption
a6:33:12:5b:04:fd:1c:9f:18:48:79:40:40:a5:65:34:a5:fa:
d7:de:15:18:77:8d:c9:3b:19:66:e5:15:27:7f:03:9c:d4:fb:
be:64:0a:d8:09:4a:b4:ab:a8:56:a1:8f:06:07:a2:a1:6c:48:
6f:c8:1d:35:ef:a4:aa:35:e8:96:2e:14:bd:8c:2b:19:ff:51:
8d:41:65:55:93:6d:30:23:33:8c:ca:06:28:75:17:84:f7:1c:
45:c0:b5:3e:27:a3:3e:5f:88:3a:0e:d7:05:32:e5:c4:3e:14:
1a:1d:b2:ed:80:ef:c9:29:7c:c6:fc:8c:47:ec:e1:9b:16:42:
63:79:67:18:a4:0b:05:8d:ca:44:0d:30:3b:91:ac:55:02:80:
c5:44:11:a7:2b:96:18:f5:38:ed:0e:bb:6b:0d:70:a6:82:f5:
57:3a:ca:d5:4c:a9:48:0c:53:8e:ea:89:0e:7c:6d:34:5c:02:
50:94:67:25:8f:1b:02:f6:ed:f4:8b:c5:12:75:9b:fb:c4:3e:
1f:a1:06:5c:c1:bf:9d:cd:39:62:44:ae:fd:54:c5:f4:a1:a2:
84:f9:8e:42:04:fb:c3:2a:79:bd:a7:33:5b:bc:03:22:34:1f:
a7:4c:38:6b:52:6b:fa:c1:9e:c8:86:96:bf:e1:90:6a:24:b7:
ee:0c:ef:1f
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgISAY5/jITpfv7t7E6h2smMWKXxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNWZjYmJlYTQ4OTM3YTQ0MmJhYmRiMzMwMjEzMmM0YmM5
YmQ2YWEwHhcNMjQwMzI3MTA1NDU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTNkY2EyMzZmZTA0M2I2ZWFiMWQzZGY5MWY2MGJiYzFlODg4NWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm+/IVOC0PvMEphmmollQDhiSDcGO
13BDHwmaIbzdaocUXNxdzm6xg+d9ziLpNLwpcQOI8c0MIXX9tTkMxlO0aVqq2HKS
FS2ZJDPkXITYBwKaeUz2E+x96PN8toGUYDt7/GLBqSeX1OAO6AyDP7Nq2u2k1Y+C
y7TWUverq3iUHQSOvMMYBg7ND7Sz+Ls4rh1mUcPIXa3534i76CYzxrON1bAsbe1i
dq0QwQFtPE9wleaqWodQjRv4v2ZNRpuKO7JLWrz/i3kjrx/ZdfMFyr4rHoGFgjL2
ybDN4QFnio/L6pREuHgbChxFx7+yt51z76/LvrXVKkcD/Y+rQ9h5+YyXnwIDAQAB
o4ICiTCCAoUwHQYDVR0OBBYEFNk9yiNv4EO26rHT35H2C7weiIXvMB8GA1UdIwQY
MBaAFGtfy76kiTekQrq9szAhMsS8m9aqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQt
ODhkMWNhYzllNGYxLzEvMlQzS0kyX2dRN2Jxc2RQZmtmWUx2QjZJaGU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQtODhkMWNhYzllNGYx
LzEvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGeBggrBgEFBQcBBwEB/wSBjjCBizB4BAIAATByAwQAAhAT
AwQBAhBGAwQCAhDcAwQCAhIAAwQAAhIfAwQAAhT8AwQAAhUOAwQCWN0cAwQCWN1k
AwQCXHpEAwQAXHrhAwQCXHr4AwQAXHswAwQAXHtqAwQCXHvQAwQCX2SAAwQCX2VE
AwQAX2VyAwQCX2WcMA8EAgACMAkDBwAqAibwlwAwDQYJKoZIhvcNAQELBQADggEB
AKYzElsE/RyfGEh5QEClZTSl+tfeFRh3jck7GWblFSd/A5zU+75kCtgJSrSrqFah
jwYHoqFsSG/IHTXvpKo16JYuFL2MKxn/UY1BZVWTbTAjM4zKBih1F4T3HEXAtT4n
oz5fiDoO1wUy5cQ+FBodsu2A78kpfMb8jEfs4ZsWQmN5ZxikCwWNykQNMDuRrFUC
gMVEEacrlhj1OO0Ou2sNcKaC9Vc6ytVMqUgMU47qiQ58bTRcAlCUZyWPGwL27fSL
xRJ1m/vEPh+hBlzBv53NOWJErv1UxfShooT5jkIE+8Mqeb2nM1u8AyI0H6dMOGtS
a/rBnsiGlr/hkGokt+4M7x8=
-----END CERTIFICATE-----
Generated at Wed Mar 27 17:41:38 2024 by rpki-client on console-ams.rpki-client.org