Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/JguQvzcX8P2LliVX_nUwjLFJd4k.roa
File: JguQvzcX8P2LliVX_nUwjLFJd4k.roa (raw, json)
Hash identifier: Ok91UhTsiDElCagb4IHNXFnVCNLiwJhxEP6M+FIQSvI=
Subject key identifier: 26:0B:90:BF:37:17:F0:FD:8B:96:25:57:FE:75:30:8C:B1:49:77:89
Certificate issuer: /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Certificate serial: 018A21E04377B8E17D3D75DC6DFBB308A20A
Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/JguQvzcX8P2LliVX_nUwjLFJd4k.roa
Signing time: Wed 23 Aug 2023 10:11:00 +0000
ROA not before: Wed 23 Aug 2023 10:11:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 32787
IP address blocks: 95.100.157.0/24 maxlen: 24
95.100.215.0/24 maxlen: 24
95.100.214.0/24 maxlen: 24
95.100.253.0/24 maxlen: 24
93.191.172.0/24 maxlen: 24
93.191.168.0/24 maxlen: 24
93.191.169.0/24 maxlen: 24
95.100.180.0/24 maxlen: 24
93.191.170.0/24 maxlen: 24
95.100.213.0/24 maxlen: 24
95.100.212.0/24 maxlen: 24
2.18.212.0/22 maxlen: 22
2.19.4.0/22 maxlen: 22
2.21.112.0/24 maxlen: 24
2.21.118.0/24 maxlen: 24
2.21.114.0/24 maxlen: 24
2.21.115.0/24 maxlen: 24
2.21.116.0/24 maxlen: 24
2.21.117.0/24 maxlen: 24
2.21.113.0/24 maxlen: 24
2.17.192.0/24 maxlen: 24
2.17.192.0/22 maxlen: 22
2.17.193.0/24 maxlen: 24
2.17.195.0/24 maxlen: 24
2.17.194.0/24 maxlen: 24
2.21.175.0/24 maxlen: 24
92.122.207.0/24 maxlen: 24
2.21.122.0/24 maxlen: 24
2.21.123.0/24 maxlen: 24
2.21.119.0/24 maxlen: 24
2.21.124.0/24 maxlen: 24
2.21.120.0/24 maxlen: 24
2.21.125.0/24 maxlen: 24
2.21.121.0/24 maxlen: 24
2.21.126.0/24 maxlen: 24
2.21.127.0/24 maxlen: 24
92.122.185.0/24 maxlen: 24
92.122.184.0/24 maxlen: 24
95.101.118.0/24 maxlen: 24
95.101.117.0/24 maxlen: 24
95.101.204.0/22 maxlen: 22
2.17.108.0/22 maxlen: 22
2a02:2370:209::/48 maxlen: 48
2a02:2370:20c::/48 maxlen: 48
2a02:2370:2::/48 maxlen: 48
2a02:2370:102::/48 maxlen: 48
2a02:2370:202::/48 maxlen: 48
2a02:2370:6::/48 maxlen: 48
2a02:2370:106::/48 maxlen: 48
2a02:2370:206::/48 maxlen: 48
2a02:2370:208::/48 maxlen: 48
2a02:2370:5::/48 maxlen: 48
2a02:2370:105::/48 maxlen: 48
2a02:2370:205::/48 maxlen: 48
2a02:2370:207::/48 maxlen: 48
2a02:2370:20b::/48 maxlen: 48
2a02:2370:1::/48 maxlen: 48
2a02:2370:101::/48 maxlen: 48
2a02:2370:201::/48 maxlen: 48
2a02:2370:204::/48 maxlen: 48
2a02:2370:4::/48 maxlen: 48
2a02:2370:104::/48 maxlen: 48
2a02:2370:103::/48 maxlen: 48
2a02:2370:203::/48 maxlen: 48
2a02:2370:3::/48 maxlen: 48
2a02:2370:200::/48 maxlen: 48
2a02:2370:20a::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 16 Nov 2023 13:06:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:21:e0:43:77:b8:e1:7d:3d:75:dc:6d:fb:b3:08:a2:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Validity
Not Before: Aug 23 10:11:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=260b90bf3717f0fd8b962557fe75308cb1497789
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:dd:76:ab:bb:39:60:0e:95:d2:94:71:39:62:
b7:6a:7b:5b:79:b6:a2:dd:3e:55:77:44:3b:8c:66:
e4:51:b1:9c:10:af:11:31:97:31:cf:e4:8d:8d:63:
6f:51:1f:1d:55:f4:e8:37:ae:7a:0f:38:ad:6b:ec:
37:74:b5:f4:74:92:24:a9:6b:05:bc:fb:cd:22:6d:
94:a5:00:37:3a:57:fb:21:4b:9e:f3:0b:b3:d2:15:
dd:71:9f:6f:63:90:c3:9a:76:df:7c:a5:44:5e:a4:
2f:9a:b7:88:9d:03:c0:20:18:69:7e:eb:ac:02:60:
d8:ab:5a:e6:7e:0a:75:7e:d8:83:9f:50:c8:8c:fc:
30:62:e3:03:b5:f3:f3:7f:23:97:b2:7e:a7:17:2a:
9d:be:61:4f:09:c9:d1:79:69:9a:04:ad:43:51:16:
39:e8:57:d2:00:f1:e9:cc:80:12:71:c8:6b:86:7f:
71:5d:8f:11:f0:fc:f7:92:bb:65:d7:3a:f7:13:76:
78:2c:0e:87:ab:bd:60:b9:e3:35:a3:d5:ba:8e:6e:
0a:26:d2:a4:bc:ab:a6:00:82:26:f2:41:7f:5f:1f:
3d:c0:42:e3:59:dd:2b:b7:ca:0c:06:34:b5:50:16:
16:56:2e:66:9c:4b:b5:cf:02:73:af:a9:d9:70:81:
3c:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:0B:90:BF:37:17:F0:FD:8B:96:25:57:FE:75:30:8C:B1:49:77:89
X509v3 Authority Key Identifier:
keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/JguQvzcX8P2LliVX_nUwjLFJd4k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.17.108.0/22
2.17.192.0/22
2.18.212.0/22
2.19.4.0/22
2.21.112.0/20
2.21.175.0/24
92.122.184.0/23
92.122.207.0/24
93.191.168.0-93.191.170.255
93.191.172.0/24
95.100.157.0/24
95.100.180.0/24
95.100.212.0/22
95.100.253.0/24
95.101.117.0-95.101.118.255
95.101.204.0/22
IPv6:
2a02:2370:1::-2a02:2370:6:ffff:ffff:ffff:ffff:ffff
2a02:2370:101::-2a02:2370:106:ffff:ffff:ffff:ffff:ffff
2a02:2370:200::-2a02:2370:20c:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
76:ad:7e:42:c4:1c:ea:84:4b:9b:8c:58:68:cf:c5:b7:eb:54:
05:a9:96:d1:17:c7:27:f5:58:4c:f6:9d:75:cc:16:cb:56:90:
df:5f:1c:6c:aa:c2:01:ff:13:f7:b7:ff:d3:3b:fb:cf:fd:61:
ac:1d:a1:d8:d1:ff:4d:4e:73:f2:9e:18:06:e6:6b:e4:a9:1b:
94:b8:eb:22:51:ac:3c:31:de:33:f5:cc:06:4d:a4:13:cc:69:
2d:d1:8e:23:71:f0:7a:f9:93:5f:4f:28:77:86:c2:6b:22:f4:
06:59:2b:55:bd:ca:99:d8:22:0c:89:9f:fe:ab:f9:86:56:16:
ad:71:13:4b:de:16:d9:6a:d3:cb:4d:fd:67:08:c4:fb:bf:b1:
dc:4f:cc:aa:7c:63:c7:af:df:1c:11:e1:5d:70:0b:d3:cd:6d:
f5:bc:fd:9d:d9:73:a5:cf:4f:0f:fb:b9:78:db:8f:0d:23:c0:
e3:d6:ba:21:92:c5:ed:30:60:bb:b3:65:61:a6:ef:ec:8b:c4:
5a:f6:0f:43:bf:b8:6d:c7:92:30:30:b3:db:8b:79:43:a2:9e:
fd:8f:60:61:5c:c9:ee:8f:77:3f:41:6b:0d:de:31:fc:87:a1:
56:f4:dc:36:b0:03:80:a0:b7:00:63:b1:e3:63:fd:e3:3c:c5:
45:d7:06:96
-----BEGIN CERTIFICATE-----
MIIFrTCCBJWgAwIBAgISAYoh4EN3uOF9PXXcbfuzCKIKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNWZjYmJlYTQ4OTM3YTQ0MmJhYmRiMzMwMjEzMmM0YmM5
YmQ2YWEwHhcNMjMwODIzMTAxMTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjBiOTBiZjM3MTdmMGZkOGI5NjI1NTdmZTc1MzA4Y2IxNDk3Nzg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAld12q7s5YA6V0pRxOWK3antbebai
3T5Vd0Q7jGbkUbGcEK8RMZcxz+SNjWNvUR8dVfToN656Dzita+w3dLX0dJIkqWsF
vPvNIm2UpQA3Olf7IUue8wuz0hXdcZ9vY5DDmnbffKVEXqQvmreInQPAIBhpfuus
AmDYq1rmfgp1ftiDn1DIjPwwYuMDtfPzfyOXsn6nFyqdvmFPCcnReWmaBK1DURY5
6FfSAPHpzIAScchrhn9xXY8R8Pz3krtl1zr3E3Z4LA6Hq71gueM1o9W6jm4KJtKk
vKumAIIm8kF/Xx89wELjWd0rt8oMBjS1UBYWVi5mnEu1zwJzr6nZcIE8EQIDAQAB
o4ICuTCCArUwHQYDVR0OBBYEFCYLkL83F/D9i5YlV/51MIyxSXeJMB8GA1UdIwQY
MBaAFGtfy76kiTekQrq9szAhMsS8m9aqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQt
ODhkMWNhYzllNGYxLzEvSmd1UXZ6Y1g4UDJMbGlWWF9uVXdqTEZKZDRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQtODhkMWNhYzllNGYx
LzEvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHOBggrBgEFBQcBBwEB/wSBvjCBuzB2BAIAATBwAwQCAhFs
AwQCAhHAAwQCAhLUAwQCAhMEAwQEAhVwAwQAAhWvAwQBXHq4AwQAXHrPMAwDBANd
v6gDBABdv6oDBABdv6wDBABfZJ0DBABfZLQDBAJfZNQDBABfZP0wDAMEAF9ldQME
AF9ldgMEAl9lzDBBBAIAAjA7MBIDBwAqAiNwAAEDBwAqAiNwAAYwEgMHACoCI3AB
AQMHACoCI3ABBjARAwYBKgIjcAIDBwAqAiNwAgwwDQYJKoZIhvcNAQELBQADggEB
AHatfkLEHOqES5uMWGjPxbfrVAWpltEXxyf1WEz2nXXMFstWkN9fHGyqwgH/E/e3
/9M7+8/9YawdodjR/01Oc/KeGAbma+SpG5S46yJRrDwx3jP1zAZNpBPMaS3RjiNx
8Hr5k19PKHeGwmsi9AZZK1W9ypnYIgyJn/6r+YZWFq1xE0veFtlq08tN/WcIxPu/
sdxPzKp8Y8ev3xwR4V1wC9PNbfW8/Z3Zc6XPTw/7uXjbjw0jwOPWuiGSxe0wYLuz
ZWGm7+yLxFr2D0O/uG3HkjAws9uLeUOinv2PYGFcye6Pdz9Baw3eMfyHoVb03Daw
A4CgtwBjseNj/eM8xUXXBpY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:12 2024 by rpki-client on console-ams.rpki-client.org