Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/ABYUSomRDkqGqtxtr0qxOrlbPSE.roa
File: ABYUSomRDkqGqtxtr0qxOrlbPSE.roa (raw, json)
Hash identifier: 7eiJcSFvVf+JnlsmDdf7TcBe2FwQTThe/8dvTF4MaDs=
Subject key identifier: 00:16:14:4A:89:91:0E:4A:86:AA:DC:6D:AF:4A:B1:3A:B9:5B:3D:21
Certificate issuer: /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Certificate serial: 01902FF48ED7832C27659F4C6B1D57C873EB
Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/ABYUSomRDkqGqtxtr0qxOrlbPSE.roa
Signing time: Wed 19 Jun 2024 10:04:34 +0000
ROA not before: Wed 19 Jun 2024 10:04:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 32787
IP address blocks: 2.17.108.0/22 maxlen: 22
2.17.120.0/22 maxlen: 22
2.17.192.0/22 maxlen: 22
2.17.192.0/24 maxlen: 24
2.17.193.0/24 maxlen: 24
2.17.194.0/24 maxlen: 24
2.17.195.0/24 maxlen: 24
2.18.212.0/22 maxlen: 22
2.19.4.0/22 maxlen: 22
2.21.112.0/24 maxlen: 24
2.21.113.0/24 maxlen: 24
2.21.114.0/24 maxlen: 24
2.21.115.0/24 maxlen: 24
2.21.116.0/24 maxlen: 24
2.21.117.0/24 maxlen: 24
2.21.118.0/24 maxlen: 24
2.21.119.0/24 maxlen: 24
2.21.120.0/24 maxlen: 24
2.21.121.0/24 maxlen: 24
2.21.122.0/24 maxlen: 24
2.21.123.0/24 maxlen: 24
2.21.124.0/24 maxlen: 24
2.21.125.0/24 maxlen: 24
2.21.126.0/24 maxlen: 24
2.21.127.0/24 maxlen: 24
2.21.175.0/24 maxlen: 24
2.23.128.0/23 maxlen: 23
2.23.130.0/23 maxlen: 23
2.23.132.0/23 maxlen: 23
92.122.184.0/24 maxlen: 24
92.122.185.0/24 maxlen: 24
92.122.207.0/24 maxlen: 24
93.191.168.0/24 maxlen: 24
93.191.169.0/24 maxlen: 24
93.191.170.0/24 maxlen: 24
93.191.172.0/24 maxlen: 24
95.100.157.0/24 maxlen: 24
95.100.180.0/24 maxlen: 24
95.100.212.0/24 maxlen: 24
95.100.213.0/24 maxlen: 24
95.100.214.0/24 maxlen: 24
95.100.215.0/24 maxlen: 24
95.100.253.0/24 maxlen: 24
95.101.117.0/24 maxlen: 24
95.101.118.0/24 maxlen: 24
95.101.204.0/22 maxlen: 22
2a02:2370:1::/48 maxlen: 48
2a02:2370:2::/48 maxlen: 48
2a02:2370:3::/48 maxlen: 48
2a02:2370:4::/48 maxlen: 48
2a02:2370:5::/48 maxlen: 48
2a02:2370:6::/48 maxlen: 48
2a02:2370:101::/48 maxlen: 48
2a02:2370:102::/48 maxlen: 48
2a02:2370:103::/48 maxlen: 48
2a02:2370:104::/48 maxlen: 48
2a02:2370:105::/48 maxlen: 48
2a02:2370:106::/48 maxlen: 48
2a02:2370:200::/48 maxlen: 48
2a02:2370:201::/48 maxlen: 48
2a02:2370:202::/48 maxlen: 48
2a02:2370:203::/48 maxlen: 48
2a02:2370:204::/48 maxlen: 48
2a02:2370:205::/48 maxlen: 48
2a02:2370:206::/48 maxlen: 48
2a02:2370:207::/48 maxlen: 48
2a02:2370:208::/48 maxlen: 48
2a02:2370:209::/48 maxlen: 48
2a02:2370:20a::/48 maxlen: 48
2a02:2370:20b::/48 maxlen: 48
2a02:2370:20c::/48 maxlen: 48
2a02:2370:4000::/48 maxlen: 48
2a02:2370:8000::/48 maxlen: 48
2a02:2370:c000::/48 maxlen: 48
2a02:2370:f000::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:50:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:2f:f4:8e:d7:83:2c:27:65:9f:4c:6b:1d:57:c8:73:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Validity
Not Before: Jun 19 10:04:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0016144a89910e4a86aadc6daf4ab13ab95b3d21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:c7:6f:d8:58:d4:da:3d:18:b6:a5:74:3a:27:
d3:9c:3c:dc:e3:21:a7:5c:f3:c4:5b:5e:5f:5d:20:
12:f0:cc:eb:fb:fc:ed:8b:33:52:a6:ae:86:d8:74:
f1:43:8c:bb:b4:06:c6:6f:6c:3a:6c:be:02:ad:7e:
2f:bf:d4:08:ca:be:ff:d8:6b:a5:60:c9:9f:cb:37:
9d:e0:fe:ce:ef:e5:38:ab:6f:d0:e3:d6:32:71:f7:
33:28:f9:ea:3a:5a:07:22:a2:2c:2e:38:c5:34:21:
ce:4e:c9:17:11:37:7e:7f:17:3d:d7:23:f2:37:e6:
e3:98:23:93:7b:be:d1:0c:fd:e3:92:68:3b:05:41:
2b:c3:b8:5b:80:81:a8:ee:83:3d:09:23:68:68:d3:
a7:49:a6:f4:ed:4a:0b:3f:77:4c:2e:46:05:ba:76:
99:dd:c4:e2:f7:5d:7e:c8:91:02:26:df:ed:5b:10:
d1:1f:12:e0:da:ce:cb:cc:e4:bf:8e:29:f3:a9:6d:
f2:fd:3f:a3:bd:83:9e:e3:a6:83:ac:2f:e5:b0:4e:
ec:eb:dc:68:c9:6d:29:d6:36:b6:c5:29:e4:dc:aa:
86:6a:b1:dc:bf:b4:46:de:ee:31:81:0d:25:be:06:
14:2d:b3:86:85:81:95:f9:6d:e0:cf:10:b6:ca:cf:
bd:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:16:14:4A:89:91:0E:4A:86:AA:DC:6D:AF:4A:B1:3A:B9:5B:3D:21
X509v3 Authority Key Identifier:
keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/ABYUSomRDkqGqtxtr0qxOrlbPSE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.17.108.0/22
2.17.120.0/22
2.17.192.0/22
2.18.212.0/22
2.19.4.0/22
2.21.112.0/20
2.21.175.0/24
2.23.128.0-2.23.133.255
92.122.184.0/23
92.122.207.0/24
93.191.168.0-93.191.170.255
93.191.172.0/24
95.100.157.0/24
95.100.180.0/24
95.100.212.0/22
95.100.253.0/24
95.101.117.0-95.101.118.255
95.101.204.0/22
IPv6:
2a02:2370:1::-2a02:2370:6:ffff:ffff:ffff:ffff:ffff
2a02:2370:101::-2a02:2370:106:ffff:ffff:ffff:ffff:ffff
2a02:2370:200::-2a02:2370:20c:ffff:ffff:ffff:ffff:ffff
2a02:2370:4000::/48
2a02:2370:8000::/48
2a02:2370:c000::/48
2a02:2370:f000::/48
Signature Algorithm: sha256WithRSAEncryption
83:21:ee:13:24:79:5a:86:94:92:51:6c:6b:96:e3:5d:dd:95:
81:5b:db:f7:06:26:d5:3f:4b:ae:5c:6a:f4:a6:cd:37:10:5e:
bc:3a:50:99:a5:79:bf:77:7d:65:b7:f2:e4:d5:09:db:83:0c:
52:0f:a6:f0:80:ca:98:18:f8:50:59:db:a2:c5:eb:c7:cf:2c:
b3:3e:12:13:89:47:ad:c4:e9:5b:c7:55:39:ba:e7:49:0f:13:
e4:b2:ca:24:14:02:c6:07:8a:37:7c:3c:03:96:8d:26:bb:ce:
09:ee:3f:93:c3:2d:ba:4e:f3:08:c7:ce:50:d6:4d:33:20:85:
d6:0a:04:fb:61:8e:ca:d1:c2:55:74:2d:9f:d0:c8:61:b1:e2:
6d:d6:a2:14:95:7d:4b:79:94:27:d2:c2:1f:69:86:02:6f:3c:
45:ad:08:e9:19:14:e3:d7:ae:a4:44:d0:c6:fd:d4:9f:79:a7:
8e:8c:c7:4b:2a:b2:d0:31:b6:b9:83:12:80:2f:3e:d5:85:81:
03:ca:ae:cf:9a:d2:37:15:6b:38:48:4c:cd:de:e5:73:75:43:
47:15:57:25:d0:68:0c:a1:86:a0:dc:10:96:25:8c:c6:99:bd:
25:8c:41:62:4e:73:bb:a2:cc:e0:d2:fa:48:32:d0:49:66:f7:
78:cf:c3:a6
-----BEGIN CERTIFICATE-----
MIIF6DCCBNCgAwIBAgISAZAv9I7XgywnZZ9Max1XyHPrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNWZjYmJlYTQ4OTM3YTQ0MmJhYmRiMzMwMjEzMmM0YmM5
YmQ2YWEwHhcNMjQwNjE5MTAwNDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDE2MTQ0YTg5OTEwZTRhODZhYWRjNmRhZjRhYjEzYWI5NWIzZDIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArMdv2FjU2j0YtqV0OifTnDzc4yGn
XPPEW15fXSAS8Mzr+/ztizNSpq6G2HTxQ4y7tAbGb2w6bL4CrX4vv9QIyr7/2Gul
YMmfyzed4P7O7+U4q2/Q49YycfczKPnqOloHIqIsLjjFNCHOTskXETd+fxc91yPy
N+bjmCOTe77RDP3jkmg7BUErw7hbgIGo7oM9CSNoaNOnSab07UoLP3dMLkYFunaZ
3cTi911+yJECJt/tWxDRHxLg2s7LzOS/jinzqW3y/T+jvYOe46aDrC/lsE7s69xo
yW0p1ja2xSnk3KqGarHcv7RG3u4xgQ0lvgYULbOGhYGV+W3gzxC2ys+9iwIDAQAB
o4IC9DCCAvAwHQYDVR0OBBYEFAAWFEqJkQ5Khqrcba9KsTq5Wz0hMB8GA1UdIwQY
MBaAFGtfy76kiTekQrq9szAhMsS8m9aqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQt
ODhkMWNhYzllNGYxLzEvQUJZVVNvbVJEa3FHcXR4dHIwcXhPcmxiUFNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQtODhkMWNhYzllNGYx
LzEvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBCAYIKwYBBQUHAQcBAf8EgfgwgfUwgYsEAgABMIGEAwQC
AhFsAwQCAhF4AwQCAhHAAwQCAhLUAwQCAhMEAwQEAhVwAwQAAhWvMAwDBAcCF4AD
BAECF4QDBAFcergDBABces8wDAMEA12/qAMEAF2/qgMEAF2/rAMEAF9knQMEAF9k
tAMEAl9k1AMEAF9k/TAMAwQAX2V1AwQAX2V2AwQCX2XMMGUEAgACMF8wEgMHACoC
I3AAAQMHACoCI3AABjASAwcAKgIjcAEBAwcAKgIjcAEGMBEDBgEqAiNwAgMHACoC
I3ACDAMHACoCI3BAAAMHACoCI3CAAAMHACoCI3DAAAMHACoCI3DwADANBgkqhkiG
9w0BAQsFAAOCAQEAgyHuEyR5WoaUklFsa5bjXd2VgVvb9wYm1T9Lrlxq9KbNNxBe
vDpQmaV5v3d9Zbfy5NUJ24MMUg+m8IDKmBj4UFnbosXrx88ssz4SE4lHrcTpW8dV
ObrnSQ8T5LLKJBQCxgeKN3w8A5aNJrvOCe4/k8Mtuk7zCMfOUNZNMyCF1goE+2GO
ytHCVXQtn9DIYbHibdaiFJV9S3mUJ9LCH2mGAm88Ra0I6RkU49eupETQxv3Un3mn
jozHSyqy0DG2uYMSgC8+1YWBA8quz5rSNxVrOEhMzd7lc3VDRxVXJdBoDKGGoNwQ
liWMxpm9JYxBYk5zu6LM4NL6SDLQSWb3eM/Dpg==
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:55:54 2025 by rpki-client