Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/5xKzwUyocbitek95L-SmhW81-OA.roa
File: 5xKzwUyocbitek95L-SmhW81-OA.roa (raw, json)
Hash identifier: hG5cu4KS7+Jzn4hFj1TZ2B3KDJo1SHswTujK0+jV+2o=
Subject key identifier: E7:12:B3:C1:4C:A8:71:B8:AD:7A:4F:79:2F:E4:A6:85:6F:35:F8:E0
Certificate issuer: /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Certificate serial: 018A21D9DCE55BE94F29134F4E044DD779E4
Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/5xKzwUyocbitek95L-SmhW81-OA.roa
Signing time: Wed 23 Aug 2023 10:04:00 +0000
ROA not before: Wed 23 Aug 2023 10:04:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 32787
IP address blocks: 95.100.157.0/24 maxlen: 24
95.100.215.0/24 maxlen: 24
95.100.214.0/24 maxlen: 24
95.100.253.0/24 maxlen: 24
93.191.172.0/24 maxlen: 24
93.191.168.0/24 maxlen: 24
93.191.169.0/24 maxlen: 24
95.100.180.0/24 maxlen: 24
93.191.170.0/24 maxlen: 24
95.100.213.0/24 maxlen: 24
95.100.212.0/24 maxlen: 24
2.18.212.0/22 maxlen: 22
2.19.4.0/22 maxlen: 22
2.21.112.0/24 maxlen: 24
2.21.118.0/24 maxlen: 24
2.21.114.0/24 maxlen: 24
2.21.115.0/24 maxlen: 24
2.21.116.0/24 maxlen: 24
2.21.117.0/24 maxlen: 24
2.21.113.0/24 maxlen: 24
2.17.192.0/24 maxlen: 24
2.17.192.0/22 maxlen: 22
2.17.193.0/24 maxlen: 24
2.17.195.0/24 maxlen: 24
2.17.194.0/24 maxlen: 24
2.21.175.0/24 maxlen: 24
92.122.207.0/24 maxlen: 24
2.21.122.0/24 maxlen: 24
2.21.123.0/24 maxlen: 24
2.21.119.0/24 maxlen: 24
2.21.120.0/24 maxlen: 24
2.21.121.0/24 maxlen: 24
92.122.185.0/24 maxlen: 24
92.122.184.0/24 maxlen: 24
95.101.118.0/24 maxlen: 24
95.101.117.0/24 maxlen: 24
95.101.204.0/22 maxlen: 22
2.17.108.0/22 maxlen: 22
2a02:2370:2::/48 maxlen: 48
2a02:2370:102::/48 maxlen: 48
2a02:2370:202::/48 maxlen: 48
2a02:2370:6::/48 maxlen: 48
2a02:2370:106::/48 maxlen: 48
2a02:2370:206::/48 maxlen: 48
2a02:2370:5::/48 maxlen: 48
2a02:2370:105::/48 maxlen: 48
2a02:2370:205::/48 maxlen: 48
2a02:2370:207::/48 maxlen: 48
2a02:2370:1::/48 maxlen: 48
2a02:2370:101::/48 maxlen: 48
2a02:2370:201::/48 maxlen: 48
2a02:2370:204::/48 maxlen: 48
2a02:2370:4::/48 maxlen: 48
2a02:2370:104::/48 maxlen: 48
2a02:2370:103::/48 maxlen: 48
2a02:2370:203::/48 maxlen: 48
2a02:2370:3::/48 maxlen: 48
2a02:2370:200::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:21:d9:dc:e5:5b:e9:4f:29:13:4f:4e:04:4d:d7:79:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Validity
Not Before: Aug 23 10:04:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e712b3c14ca871b8ad7a4f792fe4a6856f35f8e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:82:fd:8a:cc:fe:15:f3:72:c5:56:b0:d6:67:
03:24:16:63:3b:d3:07:aa:f2:f0:d2:97:bd:3f:f6:
21:19:9f:50:b1:9c:92:23:d8:1d:b3:67:23:52:66:
3f:ec:b3:8f:e1:bf:69:2c:ce:5b:67:60:8c:78:4c:
89:f8:78:49:d0:e0:97:9e:36:a0:76:fa:d3:ba:47:
76:1d:c5:b1:ae:88:d8:7d:7d:74:07:75:64:9b:77:
2c:6f:f0:0b:2a:b8:e1:f1:d9:54:af:6f:37:8d:f4:
04:74:13:d5:f6:30:28:e3:2f:af:f2:79:26:26:bf:
e4:d2:a8:9b:02:58:12:90:2e:c2:d6:64:a3:fa:e3:
33:ea:09:0d:83:d9:42:81:90:2f:07:d8:bd:49:2e:
74:05:65:36:13:9d:b0:8d:ca:2e:53:72:09:33:68:
e1:4d:ba:71:32:e7:6d:bc:fc:99:96:a9:6c:90:80:
03:1e:2f:4c:0d:52:83:59:6a:53:a6:59:76:16:10:
d2:11:58:c9:0f:94:62:77:a2:8e:fc:06:e3:68:ff:
4a:c7:0c:bb:41:29:27:3d:9c:39:90:9c:80:cc:16:
80:1a:11:1a:af:c0:68:fb:03:0d:5f:94:1d:6f:82:
57:b3:d4:ac:cc:ed:e0:27:8b:e7:e2:b3:b3:4a:f3:
9a:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:12:B3:C1:4C:A8:71:B8:AD:7A:4F:79:2F:E4:A6:85:6F:35:F8:E0
X509v3 Authority Key Identifier:
keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/5xKzwUyocbitek95L-SmhW81-OA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.17.108.0/22
2.17.192.0/22
2.18.212.0/22
2.19.4.0/22
2.21.112.0-2.21.123.255
2.21.175.0/24
92.122.184.0/23
92.122.207.0/24
93.191.168.0-93.191.170.255
93.191.172.0/24
95.100.157.0/24
95.100.180.0/24
95.100.212.0/22
95.100.253.0/24
95.101.117.0-95.101.118.255
95.101.204.0/22
IPv6:
2a02:2370:1::-2a02:2370:6:ffff:ffff:ffff:ffff:ffff
2a02:2370:101::-2a02:2370:106:ffff:ffff:ffff:ffff:ffff
2a02:2370:200::/45
Signature Algorithm: sha256WithRSAEncryption
5c:86:38:7e:c6:3d:ab:ca:e3:6c:35:be:d7:42:4e:83:81:bb:
09:a2:e3:9f:e7:74:21:ab:c3:41:cf:36:b3:0f:20:d2:04:77:
97:a2:9f:49:2b:12:fd:ec:8b:fc:45:75:69:8d:ef:60:37:14:
97:6f:69:cf:0a:de:62:58:34:74:3f:51:fd:5c:50:62:95:47:
0a:d5:d5:6a:97:d8:42:1e:76:96:4e:2b:fd:49:19:4c:c8:80:
c8:bc:bf:da:ef:6f:10:76:24:95:5d:1e:07:74:62:75:d2:a8:
c7:bc:10:ec:f5:97:9b:3f:26:fa:ca:0c:c6:57:fa:ad:6a:b6:
f5:82:a6:41:76:0a:a2:ad:d1:7b:c7:7e:33:eb:a1:ad:fe:d2:
ca:ae:4d:3f:b4:9f:45:07:47:b6:b3:34:75:e5:19:53:24:ca:
a7:46:68:ab:1f:30:1a:9b:85:cf:2f:82:ef:0b:41:28:61:70:
93:64:83:54:fd:03:67:62:c2:12:6d:72:56:9b:6f:6c:45:95:
c0:14:77:b9:69:64:b6:36:39:af:ce:d2:09:1c:a2:d4:61:aa:
d2:1a:4e:ad:54:f8:5d:19:af:f8:b2:50:a2:a1:c3:fc:8f:dc:
37:48:d4:a5:5b:53:dd:c5:ba:bf:a2:b5:55:b6:a5:ad:b1:14:
a8:6c:54:32
-----BEGIN CERTIFICATE-----
MIIFqzCCBJOgAwIBAgISAYoh2dzlW+lPKRNPTgRN13nkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNWZjYmJlYTQ4OTM3YTQ0MmJhYmRiMzMwMjEzMmM0YmM5
YmQ2YWEwHhcNMjMwODIzMTAwNDAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzEyYjNjMTRjYTg3MWI4YWQ3YTRmNzkyZmU0YTY4NTZmMzVmOGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh4L9isz+FfNyxVaw1mcDJBZjO9MH
qvLw0pe9P/YhGZ9QsZySI9gds2cjUmY/7LOP4b9pLM5bZ2CMeEyJ+HhJ0OCXnjag
dvrTukd2HcWxrojYfX10B3Vkm3csb/ALKrjh8dlUr283jfQEdBPV9jAo4y+v8nkm
Jr/k0qibAlgSkC7C1mSj+uMz6gkNg9lCgZAvB9i9SS50BWU2E52wjcouU3IJM2jh
TbpxMudtvPyZlqlskIADHi9MDVKDWWpTpll2FhDSEVjJD5Rid6KO/AbjaP9Kxwy7
QSknPZw5kJyAzBaAGhEar8Bo+wMNX5Qdb4JXs9SszO3gJ4vn4rOzSvOaRwIDAQAB
o4ICtzCCArMwHQYDVR0OBBYEFOcSs8FMqHG4rXpPeS/kpoVvNfjgMB8GA1UdIwQY
MBaAFGtfy76kiTekQrq9szAhMsS8m9aqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQt
ODhkMWNhYzllNGYxLzEvNXhLendVeW9jYml0ZWs5NUwtU21oVzgxLU9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQtODhkMWNhYzllNGYx
LzEvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHMBggrBgEFBQcBBwEB/wSBvDCBuTB+BAIAATB4AwQCAhFs
AwQCAhHAAwQCAhLUAwQCAhMEMAwDBAQCFXADBAICFXgDBAACFa8DBAFcergDBABc
es8wDAMEA12/qAMEAF2/qgMEAF2/rAMEAF9knQMEAF9ktAMEAl9k1AMEAF9k/TAM
AwQAX2V1AwQAX2V2AwQCX2XMMDcEAgACMDEwEgMHACoCI3AAAQMHACoCI3AABjAS
AwcAKgIjcAEBAwcAKgIjcAEGAwcDKgIjcAIAMA0GCSqGSIb3DQEBCwUAA4IBAQBc
hjh+xj2ryuNsNb7XQk6DgbsJouOf53Qhq8NBzzazDyDSBHeXop9JKxL97Iv8RXVp
je9gNxSXb2nPCt5iWDR0P1H9XFBilUcK1dVql9hCHnaWTiv9SRlMyIDIvL/a728Q
diSVXR4HdGJ10qjHvBDs9ZebPyb6ygzGV/qtarb1gqZBdgqirdF7x34z66Gt/tLK
rk0/tJ9FB0e2szR15RlTJMqnRmirHzAam4XPL4LvC0EoYXCTZINU/QNnYsISbXJW
m29sRZXAFHe5aWS2NjmvztIJHKLUYarSGk6tVPhdGa/4slCiocP8j9w3SNSlW1Pd
xbq/orVVtqWtsRSobFQy
-----END CERTIFICATE-----
Generated at Wed Aug 23 10:53:35 2023 by rpki-client on console-fra.rpki-client.org