Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/ACjIojfFXOlXcxdUm5alVFVUQzI.roa
File: ACjIojfFXOlXcxdUm5alVFVUQzI.roa (raw, json)
Hash identifier: /HfOz/nJOEKhbOqA5w8SsuSRzlqMzyo56EEBO6oWjyw=
Subject key identifier: 00:28:C8:A2:37:C5:5C:E9:57:73:17:54:9B:96:A5:54:55:54:43:32
Certificate issuer: /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Certificate serial: 01856CC17BA2F37DFF575FC0D9E643064548
Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/ACjIojfFXOlXcxdUm5alVFVUQzI.roa
Signing time: Sun 01 Jan 2023 09:54:57 +0000
ROA not before: Sun 01 Jan 2023 09:54:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34164
IP address blocks: 92.122.120.0/23 maxlen: 23
95.101.12.0/24 maxlen: 24
2.21.237.0/24 maxlen: 24
2.21.236.0/24 maxlen: 24
2.16.49.0/24 maxlen: 24
92.122.191.0/24 maxlen: 24
92.122.204.0/23 maxlen: 23
193.108.152.0/24 maxlen: 24
2.20.48.0/24 maxlen: 24
2.18.25.0/24 maxlen: 24
95.101.121.0/24 maxlen: 24
195.245.126.0/24 maxlen: 24
92.122.152.0/24 maxlen: 24
2a02:26f0:5400::/48 maxlen: 48
2a02:26f0:33::/48 maxlen: 48
2a02:26f0:1d::/48 maxlen: 48
2a02:26f0:36::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:c1:7b:a2:f3:7d:ff:57:5f:c0:d9:e6:43:06:45:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Validity
Not Before: Jan 1 09:54:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0028c8a237c55ce9577317549b96a55455544332
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:82:94:05:45:b0:ad:a8:9f:97:0f:04:c9:5e:
b1:eb:5c:00:e0:85:19:6e:57:26:19:a0:c1:fa:33:
b5:e1:ed:92:1d:52:3b:f0:78:00:44:7f:34:f4:ee:
56:e1:e4:9b:23:a5:a2:c4:28:6b:7d:ae:b8:f1:81:
98:67:a8:60:47:c6:f3:85:3a:c2:88:71:87:de:1d:
24:ea:b0:6b:2c:a7:9f:85:b9:b8:a1:b3:3c:49:8b:
b9:5e:f9:01:34:38:96:ac:c3:07:26:4b:e1:2a:c2:
f8:af:1b:c4:db:e1:95:93:b9:f4:e7:24:1d:6a:40:
dc:4d:f4:db:b2:7a:68:30:c5:44:52:5e:31:96:11:
ed:b3:32:6f:30:66:c5:4c:fd:bd:e6:94:4d:73:f9:
c3:bc:ab:97:b5:f1:2f:20:a9:5a:b5:d7:01:35:e7:
e7:48:2a:6a:4e:0e:b8:99:e6:f8:7e:69:d4:23:86:
dc:a8:bd:ba:a1:0b:d6:71:46:38:ea:1b:50:b4:ec:
46:60:ab:f6:ec:3f:9a:40:d0:73:5d:0a:40:81:98:
58:ac:48:dc:24:db:96:fc:35:97:d7:ca:b8:bb:7d:
5f:a5:d8:fb:51:a6:3f:ef:29:a3:ed:1c:18:07:e7:
6f:27:65:6b:7c:43:25:64:c1:f4:2c:98:4b:2c:9c:
8a:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:28:C8:A2:37:C5:5C:E9:57:73:17:54:9B:96:A5:54:55:54:43:32
X509v3 Authority Key Identifier:
keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/ACjIojfFXOlXcxdUm5alVFVUQzI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.16.49.0/24
2.18.25.0/24
2.20.48.0/24
2.21.236.0/23
92.122.120.0/23
92.122.152.0/24
92.122.191.0/24
92.122.204.0/23
95.101.12.0/24
95.101.121.0/24
193.108.152.0/24
195.245.126.0/24
IPv6:
2a02:26f0:1d::/48
2a02:26f0:33::/48
2a02:26f0:36::/48
2a02:26f0:5400::/48
Signature Algorithm: sha256WithRSAEncryption
8f:0a:00:e0:44:5f:cb:3a:d1:05:77:b8:84:9d:6b:58:94:a0:
f2:9f:b3:4a:0d:11:df:f5:51:f8:5b:a9:11:51:0d:b9:4d:2c:
a8:0a:bf:2a:57:5b:4b:ff:29:b5:ff:98:2e:cd:dd:45:44:c0:
b6:6e:74:7c:6c:a0:01:b6:11:30:32:e3:ea:f3:3d:00:a3:a5:
5a:85:5b:8f:31:10:ef:6c:e4:48:c2:22:f9:6b:07:08:c0:c2:
29:ae:95:07:74:02:ea:af:24:bc:9a:13:08:5c:1c:6d:a9:79:
68:1e:64:3e:40:88:33:69:82:1c:d1:1e:ba:0b:0b:7c:48:df:
8a:a5:93:0d:74:99:03:11:07:53:47:0f:10:06:f4:5f:6e:c7:
c3:ef:f0:c1:0a:4a:27:87:4a:0c:90:eb:bc:05:d3:be:6a:3a:
fd:a9:53:1b:db:5e:e0:51:99:1f:63:a9:9b:96:80:b1:41:da:
aa:c5:ad:09:22:77:14:45:d0:9f:30:78:2f:a9:07:f8:5b:a5:
5a:4d:de:4a:09:db:39:b0:28:33:ef:13:41:a8:1f:2f:3d:b4:
68:42:30:ba:84:1b:f5:58:c1:c0:2d:91:85:6f:47:98:c3:28:
55:f2:56:78:2a:9a:fc:2d:d5:ca:92:2f:20:a6:88:57:02:93:
2b:79:1a:66
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgISAYVswXui833/V1/A2eZDBkVIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNWZjYmJlYTQ4OTM3YTQ0MmJhYmRiMzMwMjEzMmM0YmM5
YmQ2YWEwHhcNMjMwMTAxMDk1NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDI4YzhhMjM3YzU1Y2U5NTc3MzE3NTQ5Yjk2YTU1NDU1NTQ0MzMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA44KUBUWwraiflw8EyV6x61wA4IUZ
blcmGaDB+jO14e2SHVI78HgARH809O5W4eSbI6WixChrfa648YGYZ6hgR8bzhTrC
iHGH3h0k6rBrLKefhbm4obM8SYu5XvkBNDiWrMMHJkvhKsL4rxvE2+GVk7n05yQd
akDcTfTbsnpoMMVEUl4xlhHtszJvMGbFTP295pRNc/nDvKuXtfEvIKlatdcBNefn
SCpqTg64meb4fmnUI4bcqL26oQvWcUY46htQtOxGYKv27D+aQNBzXQpAgZhYrEjc
JNuW/DWX18q4u31fpdj7UaY/7ymj7RwYB+dvJ2VrfEMlZMH0LJhLLJyKBQIDAQAB
o4ICeDCCAnQwHQYDVR0OBBYEFAAoyKI3xVzpV3MXVJuWpVRVVEMyMB8GA1UdIwQY
MBaAFGtfy76kiTekQrq9szAhMsS8m9aqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQt
ODhkMWNhYzllNGYxLzEvQUNqSW9qZkZYT2xYY3hkVW01YWxWRlZVUXpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQtODhkMWNhYzllNGYx
LzEvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGNBggrBgEFBQcBBwEB/wR+MHwwTgQCAAEwSAMEAAIQMQME
AAISGQMEAAIUMAMEAQIV7AMEAVx6eAMEAFx6mAMEAFx6vwMEAVx6zAMEAF9lDAME
AF9leQMEAMFsmAMEAMP1fjAqBAIAAjAkAwcAKgIm8AAdAwcAKgIm8AAzAwcAKgIm
8AA2AwcAKgIm8FQAMA0GCSqGSIb3DQEBCwUAA4IBAQCPCgDgRF/LOtEFd7iEnWtY
lKDyn7NKDRHf9VH4W6kRUQ25TSyoCr8qV1tL/ym1/5guzd1FRMC2bnR8bKABthEw
MuPq8z0Ao6VahVuPMRDvbORIwiL5awcIwMIprpUHdALqryS8mhMIXBxtqXloHmQ+
QIgzaYIc0R66Cwt8SN+KpZMNdJkDEQdTRw8QBvRfbsfD7/DBCkonh0oMkOu8BdO+
ajr9qVMb217gUZkfY6mbloCxQdqqxa0JIncURdCfMHgvqQf4W6VaTd5KCds5sCgz
7xNBqB8vPbRoQjC6hBv1WMHALZGFb0eYwyhV8lZ4Kpr8LdXKki8gpohXApMreRpm
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:40:22 2024 by rpki-client on console-ams.rpki-client.org