Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/5oT3GapSmzTSxLohwyNiHCZ_Z6c.roa
File: 5oT3GapSmzTSxLohwyNiHCZ_Z6c.roa (raw, json)
Hash identifier: EfhQlfYWBSDWUkaCPfYkk2NC7GvwfYoRIhT02jPBiL8=
Subject key identifier: E6:84:F7:19:AA:52:9B:34:D2:C4:BA:21:C3:23:62:1C:26:7F:67:A7
Certificate issuer: /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Certificate serial: 01919DCFE1895A68F6D51222AF3EF1F3AFAB
Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/5oT3GapSmzTSxLohwyNiHCZ_Z6c.roa
Signing time: Thu 29 Aug 2024 11:05:32 +0000
ROA not before: Thu 29 Aug 2024 11:05:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6762
IP address blocks: 2.16.19.0/24 maxlen: 24
2.16.70.0/23 maxlen: 23
2.16.146.0/23 maxlen: 23
2.16.220.0/22 maxlen: 22
2.18.0.0/22 maxlen: 22
2.18.31.0/24 maxlen: 24
2.19.16.0/20 maxlen: 20
2.20.4.0/22 maxlen: 22
2.20.47.0/24 maxlen: 24
2.20.224.0/20 maxlen: 20
2.20.252.0/24 maxlen: 24
2.21.14.0/24 maxlen: 24
2.22.20.0/23 maxlen: 23
2.22.216.0/22 maxlen: 22
2.22.234.0/24 maxlen: 24
2.23.16.0/20 maxlen: 20
88.221.28.0/22 maxlen: 22
88.221.100.0/22 maxlen: 22
92.122.68.0/22 maxlen: 22
92.122.225.0/24 maxlen: 24
92.122.248.0/22 maxlen: 22
92.123.48.0/24 maxlen: 24
92.123.106.0/24 maxlen: 24
92.123.208.0/22 maxlen: 22
95.100.136.0/22 maxlen: 22
95.101.68.0/22 maxlen: 22
95.101.114.0/24 maxlen: 24
95.101.156.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 02 Sep 2024 12:33:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:9d:cf:e1:89:5a:68:f6:d5:12:22:af:3e:f1:f3:af:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Validity
Not Before: Aug 29 11:05:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e684f719aa529b34d2c4ba21c323621c267f67a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:d6:aa:75:28:73:f3:80:74:85:d4:d9:42:ae:
68:7d:87:b9:f2:43:6b:63:f4:3f:8c:e7:f9:d3:1d:
28:d3:48:94:a2:09:c4:09:dd:61:25:12:21:64:a4:
b4:86:e2:b4:41:3d:a6:c8:bf:0f:d7:6b:0e:76:17:
2f:18:d4:07:b4:dd:1a:15:d5:fd:44:c7:cf:f3:47:
0e:59:d7:0c:1e:0b:55:81:97:35:28:4e:c7:5b:f9:
95:be:eb:38:02:cf:66:03:92:9b:43:a2:f1:b1:ae:
b8:c3:1d:70:86:2e:fa:92:f8:cc:7d:48:f9:05:34:
7f:e6:48:30:e2:19:4c:cd:62:fd:81:d6:f9:d1:4d:
2d:ac:93:db:34:7c:f7:78:d8:21:94:84:48:a7:0c:
8e:82:91:bc:95:e5:9b:64:d0:95:68:97:ec:36:1c:
b3:6b:16:40:98:43:8a:d8:3c:c4:f5:93:2a:8d:0d:
7e:dd:67:0a:d3:3e:1e:e5:8d:9a:fc:de:c0:59:e9:
83:a3:9f:26:a0:c4:87:3e:83:4d:38:f6:81:8b:5f:
b7:34:71:70:f2:37:dc:8d:e4:d1:27:a1:97:80:d5:
c7:b0:91:3a:a0:15:a2:fd:e7:d4:60:a9:f0:66:89:
91:1b:db:41:67:ce:c5:ec:cc:3b:1a:9f:a6:20:4d:
43:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:84:F7:19:AA:52:9B:34:D2:C4:BA:21:C3:23:62:1C:26:7F:67:A7
X509v3 Authority Key Identifier:
keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/5oT3GapSmzTSxLohwyNiHCZ_Z6c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.16.19.0/24
2.16.70.0/23
2.16.146.0/23
2.16.220.0/22
2.18.0.0/22
2.18.31.0/24
2.19.16.0/20
2.20.4.0/22
2.20.47.0/24
2.20.224.0/20
2.20.252.0/24
2.21.14.0/24
2.22.20.0/23
2.22.216.0/22
2.22.234.0/24
2.23.16.0/20
88.221.28.0/22
88.221.100.0/22
92.122.68.0/22
92.122.225.0/24
92.122.248.0/22
92.123.48.0/24
92.123.106.0/24
92.123.208.0/22
95.100.136.0/22
95.101.68.0/22
95.101.114.0/24
95.101.156.0/22
Signature Algorithm: sha256WithRSAEncryption
00:29:5b:41:01:64:7b:31:6c:be:11:f8:84:7a:71:25:48:f0:
00:c7:fd:a8:d1:08:36:35:b5:7c:62:1a:c9:d8:95:09:c9:ed:
11:d2:65:6d:50:2d:db:0f:84:7d:2e:f2:97:db:ff:a4:c8:8b:
c6:c5:a4:a6:e3:b3:6a:cd:5e:72:01:3a:ba:58:ea:43:6c:42:
b7:e2:6e:4d:f6:d9:c0:c2:5b:52:d8:ab:95:f2:cc:d3:12:f0:
65:49:a3:6e:59:71:94:4f:c1:bf:68:36:a3:01:5c:62:9e:27:
cb:3e:ed:7b:cd:f4:e9:e5:02:a3:5a:f9:96:c8:8a:9e:2d:0c:
81:1b:8e:2f:ff:9e:cf:07:46:04:d5:0b:69:02:0e:1a:ff:fc:
da:50:0e:09:29:ae:96:9d:ab:6e:ec:59:65:bc:c5:b3:7f:00:
52:fd:91:d4:8d:24:ea:76:82:e2:f1:9b:bb:1b:d9:26:36:8e:
29:c6:62:84:56:f4:74:42:89:51:26:2b:27:fa:29:1e:6d:fb:
2b:7b:33:e9:11:8d:0b:3d:30:c1:04:47:b6:5c:bc:52:5d:89:
d1:39:f5:88:e2:30:f7:81:50:79:9a:2a:a3:a7:eb:06:ef:b2:
ba:20:de:a9:ea:5e:e3:bf:ad:21:2e:99:19:12:63:5c:c6:e2:
a8:3c:4f:54
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgISAZGdz+GJWmj21RIirz7x86+rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNWZjYmJlYTQ4OTM3YTQ0MmJhYmRiMzMwMjEzMmM0YmM5
YmQ2YWEwHhcNMjQwODI5MTEwNTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjg0ZjcxOWFhNTI5YjM0ZDJjNGJhMjFjMzIzNjIxYzI2N2Y2N2E3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxdaqdShz84B0hdTZQq5ofYe58kNr
Y/Q/jOf50x0o00iUognECd1hJRIhZKS0huK0QT2myL8P12sOdhcvGNQHtN0aFdX9
RMfP80cOWdcMHgtVgZc1KE7HW/mVvus4As9mA5KbQ6Lxsa64wx1whi76kvjMfUj5
BTR/5kgw4hlMzWL9gdb50U0trJPbNHz3eNghlIRIpwyOgpG8leWbZNCVaJfsNhyz
axZAmEOK2DzE9ZMqjQ1+3WcK0z4e5Y2a/N7AWemDo58moMSHPoNNOPaBi1+3NHFw
8jfcjeTRJ6GXgNXHsJE6oBWi/efUYKnwZomRG9tBZ87F7Mw7Gp+mIE1DpQIDAQAB
o4ICsDCCAqwwHQYDVR0OBBYEFOaE9xmqUps00sS6IcMjYhwmf2enMB8GA1UdIwQY
MBaAFGtfy76kiTekQrq9szAhMsS8m9aqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQt
ODhkMWNhYzllNGYxLzEvNW9UM0dhcFNtelRTeExvaHd5TmlIQ1pfWjZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQtODhkMWNhYzllNGYx
LzEvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHFBggrBgEFBQcBBwEB/wSBtTCBsjCBrwQCAAEwgagDBAAC
EBMDBAECEEYDBAECEJIDBAICENwDBAICEgADBAACEh8DBAQCExADBAICFAQDBAAC
FC8DBAQCFOADBAACFPwDBAACFQ4DBAECFhQDBAICFtgDBAACFuoDBAQCFxADBAJY
3RwDBAJY3WQDBAJcekQDBABceuEDBAJcevgDBABcezADBABce2oDBAJce9ADBAJf
ZIgDBAJfZUQDBABfZXIDBAJfZZwwDQYJKoZIhvcNAQELBQADggEBAAApW0EBZHsx
bL4R+IR6cSVI8ADH/ajRCDY1tXxiGsnYlQnJ7RHSZW1QLdsPhH0u8pfb/6TIi8bF
pKbjs2rNXnIBOrpY6kNsQrfibk322cDCW1LYq5XyzNMS8GVJo25ZcZRPwb9oNqMB
XGKeJ8s+7XvN9OnlAqNa+ZbIip4tDIEbji//ns8HRgTVC2kCDhr//NpQDgkprpad
q27sWWW8xbN/AFL9kdSNJOp2guLxm7sb2SY2jinGYoRW9HRCiVEmKyf6KR5t+yt7
M+kRjQs9MMEER7ZcvFJdidE59YjiMPeBUHmaKqOn6wbvsrog3qnqXuO/rSEumRkS
Y1zG4qg8T1Q=
-----END CERTIFICATE-----
Generated at Mon Sep 2 15:35:04 2024 by rpki-client on console-ams.rpki-client.org