Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/6n43ofE1JqdXHn0gPHgzPYTtHUE.roa
File: 6n43ofE1JqdXHn0gPHgzPYTtHUE.roa (raw, json)
Hash identifier: YVfe0Zqh5iIYOBaeN3nlc8mvV9+1WzuBfOnIlnB9lLE=
Subject key identifier: EA:7E:37:A1:F1:35:26:A7:57:1E:7D:20:3C:78:33:3D:84:ED:1D:41
Certificate issuer: /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Certificate serial: 01856CC17ACFB692823B65033888574DD0E6
Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/6n43ofE1JqdXHn0gPHgzPYTtHUE.roa
Signing time: Sun 01 Jan 2023 09:54:57 +0000
ROA not before: Sun 01 Jan 2023 09:54:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 32787
IP address blocks: 95.100.157.0/24 maxlen: 24
2.17.192.0/24 maxlen: 24
2.17.192.0/22 maxlen: 22
2.17.193.0/24 maxlen: 24
2.17.195.0/24 maxlen: 24
2.17.194.0/24 maxlen: 24
2.21.175.0/24 maxlen: 24
95.100.215.0/24 maxlen: 24
95.100.214.0/24 maxlen: 24
92.122.207.0/24 maxlen: 24
95.100.253.0/24 maxlen: 24
93.191.172.0/24 maxlen: 24
93.191.168.0/24 maxlen: 24
93.191.169.0/24 maxlen: 24
95.100.180.0/24 maxlen: 24
92.122.185.0/24 maxlen: 24
95.100.213.0/24 maxlen: 24
92.122.184.0/24 maxlen: 24
95.100.212.0/24 maxlen: 24
95.101.118.0/24 maxlen: 24
95.101.117.0/24 maxlen: 24
95.101.204.0/22 maxlen: 22
2.19.4.0/22 maxlen: 22
2a02:2370:2::/48 maxlen: 48
2a02:2370:102::/48 maxlen: 48
2a02:2370:202::/48 maxlen: 48
2a02:2370:6::/48 maxlen: 48
2a02:2370:106::/48 maxlen: 48
2a02:2370:206::/48 maxlen: 48
2a02:2370:1::/48 maxlen: 48
2a02:2370:101::/48 maxlen: 48
2a02:2370:201::/48 maxlen: 48
2a02:2370:204::/48 maxlen: 48
2a02:2370:4::/48 maxlen: 48
2a02:2370:104::/48 maxlen: 48
2a02:2370:103::/48 maxlen: 48
2a02:2370:203::/48 maxlen: 48
2a02:2370:3::/48 maxlen: 48
2a02:2370:200::/48 maxlen: 48
2a02:2370:5::/48 maxlen: 48
2a02:2370:105::/48 maxlen: 48
2a02:2370:205::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:c1:7a:cf:b6:92:82:3b:65:03:38:88:57:4d:d0:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Validity
Not Before: Jan 1 09:54:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ea7e37a1f13526a7571e7d203c78333d84ed1d41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:3e:61:d3:f4:18:a6:81:ae:0d:5f:f3:ae:6b:
47:d3:09:17:3f:f9:26:ec:16:9f:6f:de:ca:db:54:
19:9b:e9:17:be:c2:f8:c0:e9:3c:b1:e9:2c:21:b9:
bb:16:e0:ba:cd:44:8d:8b:32:8c:fb:e0:f1:e8:3d:
61:6e:e3:32:0e:73:36:d6:e8:09:70:19:4d:32:03:
14:89:a1:84:99:60:b2:76:06:a8:ba:17:03:7c:bb:
f6:40:7d:d5:d2:bc:65:cd:4f:6d:fd:eb:ea:1c:23:
f3:05:88:b7:8e:a3:b7:61:94:4b:8b:d6:68:12:bc:
73:db:83:54:a1:b0:02:2a:20:e7:b9:7f:7e:78:02:
ca:5f:f6:4c:48:2e:18:18:38:8e:44:17:ca:79:db:
4a:9c:99:d0:6c:4b:bb:38:7a:4f:04:0c:f2:0f:07:
47:bd:4c:aa:68:97:81:0d:70:88:e5:7b:4f:cc:03:
3e:53:f5:89:02:82:8a:3b:8c:f4:b0:4d:18:d3:01:
5d:70:28:71:6f:bb:5b:42:43:db:a8:85:f3:67:1f:
b1:3f:1a:2c:af:cd:6a:5f:e3:cf:54:16:fe:5f:1b:
bb:82:93:8b:57:26:3d:d6:49:c4:9f:d7:35:11:3a:
91:07:a1:f5:98:d7:4d:c2:09:6e:51:d3:01:08:1c:
ca:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:7E:37:A1:F1:35:26:A7:57:1E:7D:20:3C:78:33:3D:84:ED:1D:41
X509v3 Authority Key Identifier:
keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/6n43ofE1JqdXHn0gPHgzPYTtHUE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.17.192.0/22
2.19.4.0/22
2.21.175.0/24
92.122.184.0/23
92.122.207.0/24
93.191.168.0/23
93.191.172.0/24
95.100.157.0/24
95.100.180.0/24
95.100.212.0/22
95.100.253.0/24
95.101.117.0-95.101.118.255
95.101.204.0/22
IPv6:
2a02:2370:1::-2a02:2370:6:ffff:ffff:ffff:ffff:ffff
2a02:2370:101::-2a02:2370:106:ffff:ffff:ffff:ffff:ffff
2a02:2370:200::-2a02:2370:206:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
21:2a:37:23:c4:0d:f8:4c:be:1f:78:c3:dc:3a:62:a4:b6:b6:
4e:b6:4a:95:7f:4a:a5:e5:e4:66:d8:c5:13:84:c0:b1:23:58:
b7:b8:33:60:ac:8c:33:ef:a0:23:92:25:8d:61:51:9e:8d:d5:
f8:d0:0b:33:e3:02:72:b8:2c:93:cd:c5:e1:d3:30:70:25:25:
7d:e7:f5:d9:b6:ea:d5:b9:39:0d:8b:e6:69:59:42:f7:3a:7c:
64:6b:0c:4a:c2:e1:4e:2c:34:6d:86:09:48:77:6b:b4:67:03:
af:df:ca:1e:e6:33:8b:3a:0a:45:2c:d2:af:17:46:a2:29:cf:
33:27:8b:2f:07:56:27:a1:41:80:f0:5f:f8:7f:26:5e:86:35:
b5:2c:48:af:25:c8:50:3c:ed:ae:25:b4:9a:93:6b:6a:c9:1b:
e2:f3:d4:f4:6b:0d:31:48:3e:37:df:49:cf:cd:26:86:7b:c6:
25:ef:b0:5f:ac:5d:a0:25:e2:12:67:0f:72:e8:29:9b:8e:03:
c7:b7:12:72:7c:72:63:f8:b6:b3:bb:d1:fc:ad:27:5b:2c:2d:
98:e6:b6:31:83:08:42:1f:8e:8f:21:4a:67:02:f0:dd:3c:1c:
e2:8f:70:ee:43:74:85:26:fa:90:62:e3:82:38:20:bf:e9:62:
85:a7:66:16
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgISAYVswXrPtpKCO2UDOIhXTdDmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNWZjYmJlYTQ4OTM3YTQ0MmJhYmRiMzMwMjEzMmM0YmM5
YmQ2YWEwHhcNMjMwMTAxMDk1NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTdlMzdhMWYxMzUyNmE3NTcxZTdkMjAzYzc4MzMzZDg0ZWQxZDQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiz5h0/QYpoGuDV/zrmtH0wkXP/km
7Bafb97K21QZm+kXvsL4wOk8seksIbm7FuC6zUSNizKM++Dx6D1hbuMyDnM21ugJ
cBlNMgMUiaGEmWCydgaouhcDfLv2QH3V0rxlzU9t/evqHCPzBYi3jqO3YZRLi9Zo
Erxz24NUobACKiDnuX9+eALKX/ZMSC4YGDiORBfKedtKnJnQbEu7OHpPBAzyDwdH
vUyqaJeBDXCI5XtPzAM+U/WJAoKKO4z0sE0Y0wFdcChxb7tbQkPbqIXzZx+xPxos
r81qX+PPVBb+Xxu7gpOLVyY91knEn9c1ETqRB6H1mNdNwgluUdMBCBzKkwIDAQAB
o4ICnzCCApswHQYDVR0OBBYEFOp+N6HxNSanVx59IDx4Mz2E7R1BMB8GA1UdIwQY
MBaAFGtfy76kiTekQrq9szAhMsS8m9aqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQt
ODhkMWNhYzllNGYxLzEvNm40M29mRTFKcWRYSG4wZ1BIZ3pQWVR0SFVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQtODhkMWNhYzllNGYx
LzEvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG0BggrBgEFBQcBBwEB/wSBpDCBoTBcBAIAATBWAwQCAhHA
AwQCAhMEAwQAAhWvAwQBXHq4AwQAXHrPAwQBXb+oAwQAXb+sAwQAX2SdAwQAX2S0
AwQCX2TUAwQAX2T9MAwDBABfZXUDBABfZXYDBAJfZcwwQQQCAAIwOzASAwcAKgIj
cAABAwcAKgIjcAAGMBIDBwAqAiNwAQEDBwAqAiNwAQYwEQMGASoCI3ACAwcAKgIj
cAIGMA0GCSqGSIb3DQEBCwUAA4IBAQAhKjcjxA34TL4feMPcOmKktrZOtkqVf0ql
5eRm2MUThMCxI1i3uDNgrIwz76AjkiWNYVGejdX40Asz4wJyuCyTzcXh0zBwJSV9
5/XZturVuTkNi+ZpWUL3OnxkawxKwuFOLDRthglId2u0ZwOv38oe5jOLOgpFLNKv
F0aiKc8zJ4svB1YnoUGA8F/4fyZehjW1LEivJchQPO2uJbSak2tqyRvi89T0aw0x
SD4330nPzSaGe8Yl77BfrF2gJeISZw9y6CmbjgPHtxJyfHJj+Lazu9H8rSdbLC2Y
5rYxgwhCH46PIUpnAvDdPBzij3DuQ3SFJvqQYuOCOCC/6WKFp2YW
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:41 2023 by rpki-client on console-fra.rpki-client.org