Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/3PduGWDhONiFsE6w8elZtaQvRL0.roa
File: 3PduGWDhONiFsE6w8elZtaQvRL0.roa (raw, json)
Hash identifier: oqqmd4T2oHIvAA6ReVb+kzMgYOhJNbVMYUX+FsXMwCw=
Subject key identifier: DC:F7:6E:19:60:E1:38:D8:85:B0:4E:B0:F1:E9:59:B5:A4:2F:44:BD
Certificate issuer: /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Certificate serial: 018E800E4FDDA2F62FAF9C5EE1C597C02C16
Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/3PduGWDhONiFsE6w8elZtaQvRL0.roa
Signing time: Wed 27 Mar 2024 13:16:45 +0000
ROA not before: Wed 27 Mar 2024 13:16:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6762
IP address blocks: 2.16.19.0/24 maxlen: 24
2.16.70.0/23 maxlen: 23
2.16.220.0/22 maxlen: 22
2.18.0.0/22 maxlen: 22
2.18.31.0/24 maxlen: 24
2.20.224.0/20 maxlen: 20
2.20.252.0/24 maxlen: 24
2.21.14.0/24 maxlen: 24
2.22.20.0/23 maxlen: 23
2.22.216.0/22 maxlen: 22
2.22.234.0/24 maxlen: 24
2.23.16.0/20 maxlen: 20
88.221.28.0/22 maxlen: 22
88.221.100.0/22 maxlen: 22
92.122.68.0/22 maxlen: 22
92.122.225.0/24 maxlen: 24
92.122.248.0/22 maxlen: 22
92.123.48.0/24 maxlen: 24
92.123.106.0/24 maxlen: 24
92.123.208.0/22 maxlen: 22
95.100.128.0/22 maxlen: 22
95.101.68.0/22 maxlen: 22
95.101.114.0/24 maxlen: 24
95.101.156.0/22 maxlen: 22
2a02:26f0:9700::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 09 Apr 2024 14:29:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:80:0e:4f:dd:a2:f6:2f:af:9c:5e:e1:c5:97:c0:2c:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Validity
Not Before: Mar 27 13:16:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dcf76e1960e138d885b04eb0f1e959b5a42f44bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:33:54:fb:3b:63:46:cf:3d:7a:e4:79:6f:5a:
2f:7a:3b:83:3e:61:44:7e:e6:7c:61:70:a2:41:38:
43:30:0f:a2:91:c4:3b:87:14:52:79:fa:2c:93:48:
b4:c4:77:57:56:e5:d6:27:82:33:29:fc:c7:36:38:
89:3f:50:7c:2d:85:06:a2:f8:e7:c3:78:53:4b:9d:
74:53:53:a3:65:8a:ac:81:a6:1a:01:34:92:92:3a:
64:17:36:29:b7:b0:8a:2e:41:8a:f0:d1:62:b4:6a:
d1:2d:67:88:6a:e4:8e:49:68:5b:33:71:75:3c:47:
f9:a6:bc:af:b9:62:07:53:95:0a:eb:69:11:08:50:
0f:d5:8e:46:34:e9:05:95:7c:65:e9:05:dd:65:34:
67:01:0f:dc:65:8c:a4:a9:c8:c9:c9:d9:69:47:69:
d1:e9:94:08:07:94:61:f6:45:6c:46:38:da:2f:4b:
d6:1b:04:60:2e:ce:0d:97:69:a4:2e:fc:d2:80:3b:
2a:e8:12:f2:b5:8f:3e:6a:62:67:41:0f:76:90:6b:
9e:04:0b:c6:a3:a4:10:fd:09:0f:3c:55:84:08:6b:
a4:f7:91:9b:98:04:fc:79:03:99:38:7a:fb:75:e5:
f4:b7:b9:7a:79:19:c1:c0:1c:0e:d1:ab:20:0b:f9:
c2:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:F7:6E:19:60:E1:38:D8:85:B0:4E:B0:F1:E9:59:B5:A4:2F:44:BD
X509v3 Authority Key Identifier:
keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/3PduGWDhONiFsE6w8elZtaQvRL0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.16.19.0/24
2.16.70.0/23
2.16.220.0/22
2.18.0.0/22
2.18.31.0/24
2.20.224.0/20
2.20.252.0/24
2.21.14.0/24
2.22.20.0/23
2.22.216.0/22
2.22.234.0/24
2.23.16.0/20
88.221.28.0/22
88.221.100.0/22
92.122.68.0/22
92.122.225.0/24
92.122.248.0/22
92.123.48.0/24
92.123.106.0/24
92.123.208.0/22
95.100.128.0/22
95.101.68.0/22
95.101.114.0/24
95.101.156.0/22
IPv6:
2a02:26f0:9700::/48
Signature Algorithm: sha256WithRSAEncryption
42:92:5a:e6:37:38:b3:26:5b:a4:b2:b4:d3:aa:14:f6:d1:dd:
9b:98:2f:8d:66:51:86:53:16:e5:6e:30:1f:ec:64:4b:f9:6a:
3d:d6:f2:b6:9a:36:b3:7e:75:1b:00:98:e7:02:1f:f0:62:26:
f7:df:4b:81:7b:e4:d9:8a:06:f5:0d:d4:42:fa:21:e1:df:33:
d1:58:d7:ec:16:5b:b5:68:37:aa:91:db:33:dc:d2:13:0d:77:
b0:19:16:cb:e2:fa:0d:0e:84:8d:89:be:f4:cc:c6:f5:3f:14:
48:71:1d:ac:6a:b4:6a:07:c0:63:a2:83:ac:21:77:4f:f5:ab:
96:42:fd:be:26:9a:37:a1:46:07:9c:22:76:f5:19:65:fc:0a:
ee:11:02:17:a0:a8:62:05:6d:41:80:f3:63:9e:67:7c:6f:e8:
ad:a4:5e:09:cc:a9:4a:a3:03:2d:5f:ec:f2:d2:aa:dd:bd:39:
ef:93:52:9d:84:d2:80:7f:10:bd:86:33:30:fc:95:0b:14:11:
69:1c:3e:d1:b3:32:71:57:15:ad:1a:0b:ae:58:05:12:03:e7:
3f:f8:ea:54:5a:db:75:57:2f:32:c9:37:b0:92:3e:30:4e:e0:
a3:c8:37:20:5d:89:b6:0a:7f:4e:e9:d7:7b:49:61:24:b9:09:
e9:5d:15:29
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgISAY6ADk/dovYvr5xe4cWXwCwWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNWZjYmJlYTQ4OTM3YTQ0MmJhYmRiMzMwMjEzMmM0YmM5
YmQ2YWEwHhcNMjQwMzI3MTMxNjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2Y3NmUxOTYwZTEzOGQ4ODViMDRlYjBmMWU5NTliNWE0MmY0NGJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxTNU+ztjRs89euR5b1ovejuDPmFE
fuZ8YXCiQThDMA+ikcQ7hxRSefosk0i0xHdXVuXWJ4IzKfzHNjiJP1B8LYUGovjn
w3hTS510U1OjZYqsgaYaATSSkjpkFzYpt7CKLkGK8NFitGrRLWeIauSOSWhbM3F1
PEf5pryvuWIHU5UK62kRCFAP1Y5GNOkFlXxl6QXdZTRnAQ/cZYykqcjJydlpR2nR
6ZQIB5Rh9kVsRjjaL0vWGwRgLs4Nl2mkLvzSgDsq6BLytY8+amJnQQ92kGueBAvG
o6QQ/QkPPFWECGuk95GbmAT8eQOZOHr7deX0t7l6eRnBwBwO0asgC/nCzQIDAQAB
o4ICqTCCAqUwHQYDVR0OBBYEFNz3bhlg4TjYhbBOsPHpWbWkL0S9MB8GA1UdIwQY
MBaAFGtfy76kiTekQrq9szAhMsS8m9aqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQt
ODhkMWNhYzllNGYxLzEvM1BkdUdXRGhPTmlGc0U2dzhlbFp0YVF2UkwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQtODhkMWNhYzllNGYx
LzEvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG+BggrBgEFBQcBBwEB/wSBrjCBqzCBlwQCAAEwgZADBAAC
EBMDBAECEEYDBAICENwDBAICEgADBAACEh8DBAQCFOADBAACFPwDBAACFQ4DBAEC
FhQDBAICFtgDBAACFuoDBAQCFxADBAJY3RwDBAJY3WQDBAJcekQDBABceuEDBAJc
evgDBABcezADBABce2oDBAJce9ADBAJfZIADBAJfZUQDBABfZXIDBAJfZZwwDwQC
AAIwCQMHACoCJvCXADANBgkqhkiG9w0BAQsFAAOCAQEAQpJa5jc4syZbpLK006oU
9tHdm5gvjWZRhlMW5W4wH+xkS/lqPdbytpo2s351GwCY5wIf8GIm999LgXvk2YoG
9Q3UQvoh4d8z0VjX7BZbtWg3qpHbM9zSEw13sBkWy+L6DQ6EjYm+9MzG9T8USHEd
rGq0agfAY6KDrCF3T/WrlkL9viaaN6FGB5widvUZZfwK7hECF6CoYgVtQYDzY55n
fG/oraReCcypSqMDLV/s8tKq3b0575NSnYTSgH8QvYYzMPyVCxQRaRw+0bMycVcV
rRoLrlgFEgPnP/jqVFrbdVcvMsk3sJI+ME7go8g3IF2Jtgp/TunXe0lhJLkJ6V0V
KQ==
-----END CERTIFICATE-----
Generated at Tue Apr 9 17:28:24 2024 by rpki-client on console-fra.rpki-client.org