Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/6n30LGZGTvxaetctJ2fx_EbFyRs.roa
File: 6n30LGZGTvxaetctJ2fx_EbFyRs.roa (raw, json)
Hash identifier: SEvhzQlk40ukBf07FkXYXYHGAxErFvb7XQz4do1GSmQ=
Subject key identifier: EA:7D:F4:2C:66:46:4E:FC:5A:7A:D7:2D:27:67:F1:FC:46:C5:C9:1B
Certificate issuer: /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Certificate serial: 01902B3B5C30F1DFE4F386B94F20C3D7266D
Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/6n30LGZGTvxaetctJ2fx_EbFyRs.roa
Signing time: Tue 18 Jun 2024 12:03:48 +0000
ROA not before: Tue 18 Jun 2024 12:03:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 32787
IP address blocks: 2.17.108.0/22 maxlen: 22
2.17.120.0/22 maxlen: 22
2.17.192.0/22 maxlen: 22
2.17.192.0/24 maxlen: 24
2.17.193.0/24 maxlen: 24
2.17.194.0/24 maxlen: 24
2.17.195.0/24 maxlen: 24
2.18.212.0/22 maxlen: 22
2.19.4.0/22 maxlen: 22
2.21.112.0/24 maxlen: 24
2.21.113.0/24 maxlen: 24
2.21.114.0/24 maxlen: 24
2.21.115.0/24 maxlen: 24
2.21.116.0/24 maxlen: 24
2.21.117.0/24 maxlen: 24
2.21.118.0/24 maxlen: 24
2.21.119.0/24 maxlen: 24
2.21.120.0/24 maxlen: 24
2.21.121.0/24 maxlen: 24
2.21.122.0/24 maxlen: 24
2.21.123.0/24 maxlen: 24
2.21.124.0/24 maxlen: 24
2.21.125.0/24 maxlen: 24
2.21.126.0/24 maxlen: 24
2.21.127.0/24 maxlen: 24
2.21.175.0/24 maxlen: 24
2.23.128.0/23 maxlen: 23
2.23.130.0/23 maxlen: 23
2.23.132.0/23 maxlen: 23
92.122.184.0/24 maxlen: 24
92.122.185.0/24 maxlen: 24
92.122.207.0/24 maxlen: 24
93.191.168.0/24 maxlen: 24
93.191.169.0/24 maxlen: 24
93.191.170.0/24 maxlen: 24
93.191.172.0/24 maxlen: 24
95.100.157.0/24 maxlen: 24
95.100.180.0/24 maxlen: 24
95.100.212.0/24 maxlen: 24
95.100.213.0/24 maxlen: 24
95.100.214.0/24 maxlen: 24
95.100.215.0/24 maxlen: 24
95.100.253.0/24 maxlen: 24
95.101.117.0/24 maxlen: 24
95.101.118.0/24 maxlen: 24
95.101.204.0/22 maxlen: 22
2a02:2370:1::/48 maxlen: 48
2a02:2370:2::/48 maxlen: 48
2a02:2370:3::/48 maxlen: 48
2a02:2370:4::/48 maxlen: 48
2a02:2370:5::/48 maxlen: 48
2a02:2370:6::/48 maxlen: 48
2a02:2370:101::/48 maxlen: 48
2a02:2370:102::/48 maxlen: 48
2a02:2370:103::/48 maxlen: 48
2a02:2370:104::/48 maxlen: 48
2a02:2370:105::/48 maxlen: 48
2a02:2370:106::/48 maxlen: 48
2a02:2370:200::/48 maxlen: 48
2a02:2370:201::/48 maxlen: 48
2a02:2370:202::/48 maxlen: 48
2a02:2370:203::/48 maxlen: 48
2a02:2370:204::/48 maxlen: 48
2a02:2370:205::/48 maxlen: 48
2a02:2370:206::/48 maxlen: 48
2a02:2370:207::/48 maxlen: 48
2a02:2370:208::/48 maxlen: 48
2a02:2370:209::/48 maxlen: 48
2a02:2370:20a::/48 maxlen: 48
2a02:2370:20b::/48 maxlen: 48
2a02:2370:20c::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 19 Jun 2024 10:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:2b:3b:5c:30:f1:df:e4:f3:86:b9:4f:20:c3:d7:26:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Validity
Not Before: Jun 18 12:03:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ea7df42c66464efc5a7ad72d2767f1fc46c5c91b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:ff:37:b7:a2:9e:82:4e:ee:98:75:c8:de:cc:
15:76:86:8e:26:be:d2:9a:63:f8:47:97:65:39:db:
02:ee:eb:4f:a3:3a:4a:10:09:5c:78:81:70:55:7c:
80:e9:9d:b1:6e:95:eb:4c:f8:43:5a:b7:46:a4:72:
72:c4:90:4a:59:85:ad:bb:1c:34:ac:be:bd:65:e1:
de:5b:f3:08:e2:50:70:11:d0:19:ad:2d:d0:17:87:
fc:c0:d5:31:a8:82:67:90:5e:c2:34:44:f4:f4:e7:
1e:51:7d:d9:68:e2:21:45:1c:4f:25:87:a8:81:a2:
78:e1:4d:0b:ae:2d:76:ff:c5:68:b7:52:1d:fc:4e:
24:86:84:6b:e8:89:e3:f4:67:24:bb:77:32:d9:66:
a0:20:74:6e:f1:e2:b6:26:97:41:e5:fd:4e:40:de:
48:6c:2e:10:4a:bd:55:62:ac:00:60:f6:67:44:9e:
a7:9c:95:84:51:89:cd:38:27:fa:b7:32:5c:9c:8f:
ed:64:d9:a6:11:81:d5:b5:3e:60:b2:65:34:6e:35:
e3:aa:60:92:72:ba:5b:8b:18:e5:1a:b6:b5:2c:bd:
d6:e0:e8:81:86:91:94:bf:8e:e1:bc:61:aa:c3:ec:
a8:44:e5:9f:3c:18:2d:9e:bd:be:d9:9b:70:a6:df:
0d:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:7D:F4:2C:66:46:4E:FC:5A:7A:D7:2D:27:67:F1:FC:46:C5:C9:1B
X509v3 Authority Key Identifier:
keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/6n30LGZGTvxaetctJ2fx_EbFyRs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.17.108.0/22
2.17.120.0/22
2.17.192.0/22
2.18.212.0/22
2.19.4.0/22
2.21.112.0/20
2.21.175.0/24
2.23.128.0-2.23.133.255
92.122.184.0/23
92.122.207.0/24
93.191.168.0-93.191.170.255
93.191.172.0/24
95.100.157.0/24
95.100.180.0/24
95.100.212.0/22
95.100.253.0/24
95.101.117.0-95.101.118.255
95.101.204.0/22
IPv6:
2a02:2370:1::-2a02:2370:6:ffff:ffff:ffff:ffff:ffff
2a02:2370:101::-2a02:2370:106:ffff:ffff:ffff:ffff:ffff
2a02:2370:200::-2a02:2370:20c:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
96:90:50:ab:0c:3a:52:8b:c3:46:cd:90:4a:90:ee:e0:78:13:
2b:70:21:7f:51:45:27:d7:f5:f2:4c:27:80:b5:f2:b2:56:d2:
b3:ad:c1:09:38:7b:bf:24:57:9b:5d:4c:11:b2:16:65:94:be:
59:f9:3c:15:5c:8b:7f:7a:41:37:95:bf:90:44:ff:85:d2:16:
64:41:68:46:b4:f0:9f:0f:11:c4:0d:61:90:26:63:71:ca:69:
19:95:79:4e:1f:18:d5:29:c4:70:7d:9f:fb:ea:a5:63:e3:13:
87:2a:7c:48:31:c2:ea:91:f0:fd:9a:62:0d:c9:5b:10:c7:d4:
e0:4a:75:68:ab:67:cd:2e:97:15:33:ea:d7:c0:ff:91:09:6e:
8b:15:02:7f:4f:d3:b9:1c:7a:fc:43:cc:e5:8a:14:7b:34:13:
c6:74:ca:f9:44:68:e3:91:82:c9:0b:df:aa:7f:b8:c4:c3:8b:
55:62:53:ed:90:7e:d4:e6:67:03:d3:81:53:ca:0a:66:59:f7:
b3:e6:0c:43:1a:17:e8:5e:84:2f:6b:e4:2c:6f:d7:05:c1:e6:
86:18:57:e8:28:20:7b:a2:1c:68:d4:0b:1c:0b:ca:18:3b:ab:
da:cc:d0:75:e4:89:54:9c:8e:6e:ee:f0:68:04:40:56:f4:c4:
97:05:d7:4a
-----BEGIN CERTIFICATE-----
MIIFwzCCBKugAwIBAgISAZArO1ww8d/k84a5TyDD1yZtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNWZjYmJlYTQ4OTM3YTQ0MmJhYmRiMzMwMjEzMmM0YmM5
YmQ2YWEwHhcNMjQwNjE4MTIwMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTdkZjQyYzY2NDY0ZWZjNWE3YWQ3MmQyNzY3ZjFmYzQ2YzVjOTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyP83t6Kegk7umHXI3swVdoaOJr7S
mmP4R5dlOdsC7utPozpKEAlceIFwVXyA6Z2xbpXrTPhDWrdGpHJyxJBKWYWtuxw0
rL69ZeHeW/MI4lBwEdAZrS3QF4f8wNUxqIJnkF7CNET09OceUX3ZaOIhRRxPJYeo
gaJ44U0Lri12/8Vot1Id/E4khoRr6Inj9Gcku3cy2WagIHRu8eK2JpdB5f1OQN5I
bC4QSr1VYqwAYPZnRJ6nnJWEUYnNOCf6tzJcnI/tZNmmEYHVtT5gsmU0bjXjqmCS
crpbixjlGra1LL3W4OiBhpGUv47hvGGqw+yoROWfPBgtnr2+2Ztwpt8N7wIDAQAB
o4ICzzCCAsswHQYDVR0OBBYEFOp99CxmRk78WnrXLSdn8fxGxckbMB8GA1UdIwQY
MBaAFGtfy76kiTekQrq9szAhMsS8m9aqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQt
ODhkMWNhYzllNGYxLzEvNm4zMExHWkdUdnhhZXRjdEoyZnhfRWJGeVJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQtODhkMWNhYzllNGYx
LzEvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHkBggrBgEFBQcBBwEB/wSB1DCB0TCBiwQCAAEwgYQDBAIC
EWwDBAICEXgDBAICEcADBAICEtQDBAICEwQDBAQCFXADBAACFa8wDAMEBwIXgAME
AQIXhAMEAVx6uAMEAFx6zzAMAwQDXb+oAwQAXb+qAwQAXb+sAwQAX2SdAwQAX2S0
AwQCX2TUAwQAX2T9MAwDBABfZXUDBABfZXYDBAJfZcwwQQQCAAIwOzASAwcAKgIj
cAABAwcAKgIjcAAGMBIDBwAqAiNwAQEDBwAqAiNwAQYwEQMGASoCI3ACAwcAKgIj
cAIMMA0GCSqGSIb3DQEBCwUAA4IBAQCWkFCrDDpSi8NGzZBKkO7geBMrcCF/UUUn
1/XyTCeAtfKyVtKzrcEJOHu/JFebXUwRshZllL5Z+TwVXIt/ekE3lb+QRP+F0hZk
QWhGtPCfDxHEDWGQJmNxymkZlXlOHxjVKcRwfZ/76qVj4xOHKnxIMcLqkfD9mmIN
yVsQx9TgSnVoq2fNLpcVM+rXwP+RCW6LFQJ/T9O5HHr8Q8zlihR7NBPGdMr5RGjj
kYLJC9+qf7jEw4tVYlPtkH7U5mcD04FTygpmWfez5gxDGhfoXoQva+Qsb9cFweaG
GFfoKCB7ohxo1AscC8oYO6vazNB15IlUnI5u7vBoBEBW9MSXBddK
-----END CERTIFICATE-----
Generated at Wed Jun 19 13:46:33 2024 by rpki-client on console-fra.rpki-client.org