Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/CANvgyABftDs3BQqR4NlLPx6zX8.roa
File: CANvgyABftDs3BQqR4NlLPx6zX8.roa (raw, json)
Hash identifier: t2dlrfglJE4MOG1yOyPEK9DAE8nGWjJzOLhzlBhnRfQ=
Subject key identifier: 08:03:6F:83:20:01:7E:D0:EC:DC:14:2A:47:83:65:2C:FC:7A:CD:7F
Certificate issuer: /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Certificate serial: 018E61D3732BA41DB2CEB4ADD54A4E8DFCF2
Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/CANvgyABftDs3BQqR4NlLPx6zX8.roa
Signing time: Thu 21 Mar 2024 16:23:51 +0000
ROA not before: Thu 21 Mar 2024 16:23:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16625
IP address blocks: 84.53.156.0/22 maxlen: 22
84.53.164.0/22 maxlen: 22
84.53.188.0/22 maxlen: 22
88.221.4.0/22 maxlen: 22
88.221.8.0/22 maxlen: 22
88.221.16.0/22 maxlen: 22
88.221.32.0/22 maxlen: 22
88.221.36.0/22 maxlen: 22
88.221.40.0/22 maxlen: 22
88.221.44.0/22 maxlen: 22
88.221.58.0/23 maxlen: 23
88.221.60.0/22 maxlen: 22
88.221.68.0/22 maxlen: 22
88.221.76.0/22 maxlen: 22
88.221.96.0/22 maxlen: 22
88.221.124.0/22 maxlen: 22
88.221.130.0/23 maxlen: 23
88.221.136.0/21 maxlen: 21
88.221.148.0/22 maxlen: 22
88.221.152.0/21 maxlen: 21
88.221.164.0/22 maxlen: 22
88.221.168.0/22 maxlen: 22
88.221.176.0/21 maxlen: 21
88.221.224.0/21 maxlen: 21
88.221.236.0/22 maxlen: 22
88.221.240.0/21 maxlen: 21
88.221.248.0/22 maxlen: 22
92.123.240.0/22 maxlen: 22
95.100.16.0/20 maxlen: 20
95.100.46.0/23 maxlen: 23
95.100.48.0/20 maxlen: 20
95.100.64.0/20 maxlen: 20
95.100.80.0/22 maxlen: 22
95.100.112.0/20 maxlen: 20
95.100.136.0/24 maxlen: 24
95.100.137.0/24 maxlen: 24
95.100.138.0/24 maxlen: 24
95.100.139.0/24 maxlen: 24
95.100.140.0/22 maxlen: 22
95.100.160.0/22 maxlen: 22
95.100.176.0/22 maxlen: 22
95.100.182.0/23 maxlen: 23
95.100.184.0/22 maxlen: 22
95.100.188.0/22 maxlen: 22
95.100.208.0/22 maxlen: 22
95.100.216.0/22 maxlen: 22
95.100.224.0/20 maxlen: 20
95.100.244.0/22 maxlen: 22
95.100.250.0/23 maxlen: 23
95.101.0.0/21 maxlen: 21
95.101.14.0/23 maxlen: 23
95.101.16.0/22 maxlen: 22
95.101.40.0/22 maxlen: 22
95.101.44.0/22 maxlen: 22
95.101.48.0/22 maxlen: 22
95.101.56.0/22 maxlen: 22
95.101.64.0/22 maxlen: 22
95.101.68.0/24 maxlen: 24
95.101.69.0/24 maxlen: 24
95.101.70.0/24 maxlen: 24
95.101.71.0/24 maxlen: 24
95.101.80.0/22 maxlen: 22
95.101.84.0/22 maxlen: 22
95.101.88.0/22 maxlen: 22
95.101.96.0/22 maxlen: 22
95.101.100.0/22 maxlen: 22
95.101.104.0/22 maxlen: 22
95.101.124.0/22 maxlen: 22
95.101.144.0/22 maxlen: 22
95.101.148.0/22 maxlen: 22
95.101.152.0/22 maxlen: 22
95.101.160.0/22 maxlen: 22
95.101.164.0/22 maxlen: 22
95.101.172.0/22 maxlen: 22
95.101.176.0/22 maxlen: 22
95.101.184.0/22 maxlen: 22
95.101.188.0/22 maxlen: 22
95.101.192.0/22 maxlen: 22
95.101.196.0/22 maxlen: 22
95.101.200.0/22 maxlen: 22
95.101.208.0/20 maxlen: 20
95.101.224.0/22 maxlen: 22
95.101.240.0/20 maxlen: 20
195.95.192.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 22 Mar 2024 12:35:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:61:d3:73:2b:a4:1d:b2:ce:b4:ad:d5:4a:4e:8d:fc:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Validity
Not Before: Mar 21 16:23:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=08036f8320017ed0ecdc142a4783652cfc7acd7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:a5:14:e3:22:6c:b2:15:cd:3d:3f:0b:d0:41:
59:97:34:c3:b2:35:90:3d:d2:fd:28:2a:0f:10:0d:
94:83:97:40:48:f4:14:cc:e0:5c:57:65:d5:fa:71:
79:fd:7d:68:71:b4:18:c7:cb:4f:a8:f3:0d:fc:bc:
6a:8a:f8:5b:d8:4d:cc:3b:54:f3:ff:14:7f:f4:1c:
9b:29:88:72:f8:65:0c:3f:9b:f9:c5:91:21:ff:37:
bf:28:d0:0f:97:97:e2:ec:21:ea:d8:23:c1:ef:0b:
1d:0a:ac:2f:ed:c0:dc:05:b6:69:50:36:3c:a1:a9:
ca:9b:2a:6e:63:6a:a4:c1:c3:5f:cd:7e:49:b9:2d:
e6:74:ca:ab:00:11:a0:7e:6b:d0:5d:4c:04:d2:fc:
83:f7:6d:58:58:76:f8:70:57:3e:b3:6d:a8:39:ea:
66:78:7d:a8:b7:ba:48:55:45:4e:bc:70:5d:e6:44:
41:ea:d8:fc:75:8c:4b:c3:d2:84:9f:4e:e4:bb:89:
8f:04:f7:3e:5e:2f:31:c4:35:78:7c:4a:4e:a9:44:
41:56:38:f8:41:84:2c:c6:32:7e:02:e9:5e:f0:e4:
d1:06:f8:08:f3:ad:73:43:64:2e:df:3a:bf:87:8e:
0d:f9:59:31:dc:aa:2a:93:4f:43:f1:cf:70:d5:27:
a2:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:03:6F:83:20:01:7E:D0:EC:DC:14:2A:47:83:65:2C:FC:7A:CD:7F
X509v3 Authority Key Identifier:
keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/CANvgyABftDs3BQqR4NlLPx6zX8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.53.156.0/22
84.53.164.0/22
84.53.188.0/22
88.221.4.0-88.221.11.255
88.221.16.0/22
88.221.32.0/20
88.221.58.0-88.221.63.255
88.221.68.0/22
88.221.76.0/22
88.221.96.0/22
88.221.124.0/22
88.221.130.0/23
88.221.136.0/21
88.221.148.0-88.221.159.255
88.221.164.0-88.221.171.255
88.221.176.0/21
88.221.224.0/21
88.221.236.0-88.221.251.255
92.123.240.0/22
95.100.16.0/20
95.100.46.0-95.100.83.255
95.100.112.0/20
95.100.136.0/21
95.100.160.0/22
95.100.176.0/22
95.100.182.0-95.100.191.255
95.100.208.0/22
95.100.216.0/22
95.100.224.0/20
95.100.244.0/22
95.100.250.0/23
95.101.0.0/21
95.101.14.0-95.101.19.255
95.101.40.0-95.101.51.255
95.101.56.0/22
95.101.64.0/21
95.101.80.0-95.101.91.255
95.101.96.0-95.101.107.255
95.101.124.0/22
95.101.144.0-95.101.155.255
95.101.160.0/21
95.101.172.0-95.101.179.255
95.101.184.0-95.101.203.255
95.101.208.0-95.101.227.255
95.101.240.0/20
195.95.192.0/22
Signature Algorithm: sha256WithRSAEncryption
1a:8f:cd:10:47:72:17:e1:f4:e1:4a:42:fe:ad:19:21:ca:58:
07:30:d0:91:94:1b:69:16:22:e3:49:6b:4d:56:68:92:ec:41:
13:8d:99:f9:2e:b7:88:3f:43:7d:0f:f3:6e:36:a7:35:a8:74:
28:66:a6:e8:14:1c:2c:6a:f1:42:6e:95:20:64:42:95:e6:56:
27:b0:6d:23:2e:5a:c3:b9:95:7c:41:00:cd:55:b7:a3:6c:fe:
43:28:11:3f:34:6b:97:15:f5:75:83:d4:3b:f3:eb:9e:7f:25:
5d:74:e7:2b:98:ca:07:1e:29:c1:83:8e:43:0c:23:b0:cb:bd:
c4:35:8e:9e:da:ae:be:c9:3b:ca:03:52:6d:d3:6e:5f:13:70:
92:e7:67:4b:cd:1d:c1:42:fc:b8:c0:52:f0:3c:da:20:43:53:
a6:19:56:b6:47:2a:a9:ea:33:01:11:6a:3c:6d:45:bf:6f:53:
3d:72:9c:ae:58:5a:d3:4c:dd:bc:51:11:89:ad:d0:0b:1e:90:
af:8d:fb:6d:cd:94:71:24:b1:d4:c3:05:58:ae:f4:5c:65:ed:
12:5b:d0:95:30:a9:da:fd:56:b5:3e:21:56:b3:39:55:c3:58:
76:88:7f:82:db:c4:40:ba:2a:24:2b:e1:7a:73:fb:3e:99:a4:
47:dd:ca:1e
-----BEGIN CERTIFICATE-----
MIIGjTCCBXWgAwIBAgISAY5h03MrpB2yzrSt1UpOjfzyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNWZjYmJlYTQ4OTM3YTQ0MmJhYmRiMzMwMjEzMmM0YmM5
YmQ2YWEwHhcNMjQwMzIxMTYyMzUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODAzNmY4MzIwMDE3ZWQwZWNkYzE0MmE0NzgzNjUyY2ZjN2FjZDdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmKUU4yJsshXNPT8L0EFZlzTDsjWQ
PdL9KCoPEA2Ug5dASPQUzOBcV2XV+nF5/X1ocbQYx8tPqPMN/Lxqivhb2E3MO1Tz
/xR/9BybKYhy+GUMP5v5xZEh/ze/KNAPl5fi7CHq2CPB7wsdCqwv7cDcBbZpUDY8
oanKmypuY2qkwcNfzX5JuS3mdMqrABGgfmvQXUwE0vyD921YWHb4cFc+s22oOepm
eH2ot7pIVUVOvHBd5kRB6tj8dYxLw9KEn07ku4mPBPc+Xi8xxDV4fEpOqURBVjj4
QYQsxjJ+Aule8OTRBvgI861zQ2Qu3zq/h44N+Vkx3Koqk09D8c9w1SeiuQIDAQAB
o4IDmTCCA5UwHQYDVR0OBBYEFAgDb4MgAX7Q7NwUKkeDZSz8es1/MB8GA1UdIwQY
MBaAFGtfy76kiTekQrq9szAhMsS8m9aqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQt
ODhkMWNhYzllNGYxLzEvQ0FOdmd5QUJmdERzM0JRcVI0TmxMUHg2elg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQtODhkMWNhYzllNGYx
LzEvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBrQYIKwYBBQUHAQcBAf8EggGcMIIBmDCCAZQEAgABMIIB
jAMEAlQ1nAMEAlQ1pAMEAlQ1vDAMAwQCWN0EAwQCWN0IAwQCWN0QAwQEWN0gMAwD
BAFY3ToDBAZY3QADBAJY3UQDBAJY3UwDBAJY3WADBAJY3XwDBAFY3YIDBANY3Ygw
DAMEAljdlAMEBVjdgDAMAwQCWN2kAwQCWN2oAwQDWN2wAwQDWN3gMAwDBAJY3ewD
BAJY3fgDBAJce/ADBARfZBAwDAMEAV9kLgMEAl9kUAMEBF9kcAMEA19kiAMEAl9k
oAMEAl9ksDAMAwQBX2S2AwQGX2SAAwQCX2TQAwQCX2TYAwQEX2TgAwQCX2T0AwQB
X2T6AwQDX2UAMAwDBAFfZQ4DBAJfZRAwDAMEA19lKAMEAl9lMAMEAl9lOAMEA19l
QDAMAwQEX2VQAwQCX2VYMAwDBAVfZWADBAJfZWgDBAJfZXwwDAMEBF9lkAMEAl9l
mAMEA19loDAMAwQCX2WsAwQCX2WwMAwDBANfZbgDBAJfZcgwDAMEBF9l0AMEAl9l
4AMEBF9l8AMEAsNfwDANBgkqhkiG9w0BAQsFAAOCAQEAGo/NEEdyF+H04UpC/q0Z
IcpYBzDQkZQbaRYi40lrTVZokuxBE42Z+S63iD9DfQ/zbjanNah0KGam6BQcLGrx
Qm6VIGRCleZWJ7BtIy5aw7mVfEEAzVW3o2z+QygRPzRrlxX1dYPUO/Prnn8lXXTn
K5jKBx4pwYOOQwwjsMu9xDWOntquvsk7ygNSbdNuXxNwkudnS80dwUL8uMBS8Dza
IENTphlWtkcqqeozARFqPG1Fv29TPXKcrlha00zdvFERia3QCx6Qr437bc2UcSSx
1MMFWK70XGXtElvQlTCp2v1WtT4hVrM5VcNYdoh/gtvEQLoqJCvhenP7PpmkR93K
Hg==
-----END CERTIFICATE-----
Generated at Fri Mar 22 16:04:36 2024 by rpki-client on console-fra.rpki-client.org