Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/Rlq59GYUuOZ4cbMdn2k2oVTQEYQ.roa
File: Rlq59GYUuOZ4cbMdn2k2oVTQEYQ.roa (raw, json)
Hash identifier: ywrqPmhrcBV7P2lQaDQmhk0PBrDTqtO0o2Akxfbnsds=
Subject key identifier: 46:5A:B9:F4:66:14:B8:E6:78:71:B3:1D:9F:69:36:A1:54:D0:11:84
Certificate issuer: /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Certificate serial: 0186EFD8C96522FEEA37D3CFDFE5812A5E4D
Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/Rlq59GYUuOZ4cbMdn2k2oVTQEYQ.roa
Signing time: Fri 17 Mar 2023 13:53:27 +0000
ROA not before: Fri 17 Mar 2023 13:53:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21342
IP address blocks: 2.22.243.0/24 maxlen: 24
2.16.52.0/24 maxlen: 24
95.101.76.0/24 maxlen: 24
92.122.123.0/24 maxlen: 24
2.21.230.0/24 maxlen: 24
95.101.36.0/24 maxlen: 24
88.221.162.0/24 maxlen: 24
88.221.163.0/24 maxlen: 24
2.22.230.0/24 maxlen: 24
2.16.40.0/24 maxlen: 24
88.221.81.0/24 maxlen: 24
92.123.94.0/24 maxlen: 24
92.123.95.0/24 maxlen: 24
95.100.168.0/24 maxlen: 24
84.53.139.0/24 maxlen: 24
95.100.175.0/24 maxlen: 24
95.100.174.0/24 maxlen: 24
95.100.173.0/24 maxlen: 24
2.16.130.0/24 maxlen: 24
193.108.91.0/24 maxlen: 24
193.108.88.0/24 maxlen: 24
2a02:26f0:67::/48 maxlen: 48
2a02:26f0:117::/48 maxlen: 48
2a02:26f0:68::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:ef:d8:c9:65:22:fe:ea:37:d3:cf:df:e5:81:2a:5e:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Validity
Not Before: Mar 17 13:53:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=465ab9f46614b8e67871b31d9f6936a154d01184
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:10:43:7e:56:66:1c:fb:7b:49:40:21:63:f5:
9f:5d:b3:ab:b9:39:89:35:c6:d5:0d:9a:3f:58:a9:
de:f1:d5:38:81:aa:06:86:b0:52:65:15:fc:8d:d4:
e7:46:dc:a8:5a:54:be:13:f6:06:18:e5:3d:3a:ee:
94:cf:13:a5:1d:52:95:fb:e4:82:51:6d:29:2f:d5:
3f:9f:04:a5:5c:cf:5b:e2:3b:16:2c:ba:fe:28:6d:
3f:43:c8:9d:1e:36:5e:c3:f8:fd:01:28:b1:a5:da:
a3:71:11:77:97:41:95:c3:a6:b3:27:84:96:8d:1a:
28:d2:40:91:0c:07:67:47:36:d0:ec:d3:22:94:bb:
59:01:77:8a:e6:ac:cb:a3:a5:fc:f9:6b:30:07:0f:
09:a6:5f:09:3b:7d:ed:0c:54:5e:0b:1c:9b:18:27:
35:a3:6a:ee:37:3d:5c:cd:82:eb:51:73:fe:1f:06:
16:94:3d:cc:26:03:70:18:ed:08:29:01:23:04:8a:
ce:79:31:95:78:43:d3:40:d6:a8:67:9a:44:dd:e9:
6c:c7:2f:83:48:6d:ac:6b:61:85:13:7d:3a:8d:27:
a2:31:7f:ce:9c:e6:f3:0c:09:62:b6:ca:82:89:1f:
d9:ca:f2:f5:8f:d3:bd:12:7f:66:9f:38:14:54:6a:
7e:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:5A:B9:F4:66:14:B8:E6:78:71:B3:1D:9F:69:36:A1:54:D0:11:84
X509v3 Authority Key Identifier:
keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/Rlq59GYUuOZ4cbMdn2k2oVTQEYQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.16.40.0/24
2.16.52.0/24
2.16.130.0/24
2.21.230.0/24
2.22.230.0/24
2.22.243.0/24
84.53.139.0/24
88.221.81.0/24
88.221.162.0/23
92.122.123.0/24
92.123.94.0/23
95.100.168.0/24
95.100.173.0-95.100.175.255
95.101.36.0/24
95.101.76.0/24
193.108.88.0/24
193.108.91.0/24
IPv6:
2a02:26f0:67::-2a02:26f0:68:ffff:ffff:ffff:ffff:ffff
2a02:26f0:117::/48
Signature Algorithm: sha256WithRSAEncryption
6f:e9:f7:be:af:d5:20:66:9b:2f:05:8d:4a:ee:04:e2:de:e0:
fd:12:79:7f:16:3f:43:77:5e:67:2f:5e:8b:0b:1c:f9:bb:ea:
50:53:71:04:b7:8e:3d:b3:13:87:8d:c9:bd:db:30:a0:75:ed:
ab:65:35:70:5a:89:08:a7:9d:03:95:be:bb:a7:b3:7c:d8:3f:
93:68:fc:fa:a2:39:15:ab:09:42:d8:e5:31:fc:88:4d:b0:af:
69:12:a5:de:fd:f1:b6:0c:35:b0:9a:c1:a0:5a:96:05:2b:2d:
81:62:14:de:4d:ed:23:7e:e5:f1:c7:1d:9d:dd:4e:aa:b2:68:
72:37:f4:0e:b0:c3:34:4a:fa:db:88:3f:66:9b:7e:c1:ce:75:
25:1e:96:a4:45:54:03:57:6a:c9:a9:62:ea:97:79:f4:ca:96:
d5:e7:77:38:0a:5f:f8:52:ea:c8:8a:50:b6:b4:0e:83:ca:04:
87:b8:f4:3b:d2:25:7e:69:5a:c9:5c:af:40:db:d2:a4:09:19:
13:94:78:5c:47:39:87:02:ac:94:f1:28:f5:27:19:55:4a:cb:
88:f8:0a:94:8b:15:1a:14:92:3a:38:f0:88:e2:38:b0:26:51:
75:c5:8a:bf:d9:fa:4a:db:36:6a:00:57:c3:57:4b:53:2e:41:
68:d5:5a:af
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgISAYbv2MllIv7qN9PP3+WBKl5NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNWZjYmJlYTQ4OTM3YTQ0MmJhYmRiMzMwMjEzMmM0YmM5
YmQ2YWEwHhcNMjMwMzE3MTM1MzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjVhYjlmNDY2MTRiOGU2Nzg3MWIzMWQ5ZjY5MzZhMTU0ZDAxMTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoxBDflZmHPt7SUAhY/WfXbOruTmJ
NcbVDZo/WKne8dU4gaoGhrBSZRX8jdTnRtyoWlS+E/YGGOU9Ou6UzxOlHVKV++SC
UW0pL9U/nwSlXM9b4jsWLLr+KG0/Q8idHjZew/j9ASixpdqjcRF3l0GVw6azJ4SW
jRoo0kCRDAdnRzbQ7NMilLtZAXeK5qzLo6X8+WswBw8Jpl8JO33tDFReCxybGCc1
o2ruNz1czYLrUXP+HwYWlD3MJgNwGO0IKQEjBIrOeTGVeEPTQNaoZ5pE3elsxy+D
SG2sa2GFE306jSeiMX/OnObzDAlitsqCiR/ZyvL1j9O9En9mnzgUVGp+LQIDAQAB
o4ICmTCCApUwHQYDVR0OBBYEFEZaufRmFLjmeHGzHZ9pNqFU0BGEMB8GA1UdIwQY
MBaAFGtfy76kiTekQrq9szAhMsS8m9aqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQt
ODhkMWNhYzllNGYxLzEvUmxxNTlHWVV1T1o0Y2JNZG4yazJvVlRRRVlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQtODhkMWNhYzllNGYx
LzEvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGuBggrBgEFBQcBBwEB/wSBnjCBmzB0BAIAATBuAwQAAhAo
AwQAAhA0AwQAAhCCAwQAAhXmAwQAAhbmAwQAAhbzAwQAVDWLAwQAWN1RAwQBWN2i
AwQAXHp7AwQBXHteAwQAX2SoMAwDBABfZK0DBARfZKADBABfZSQDBABfZUwDBADB
bFgDBADBbFswIwQCAAIwHTASAwcAKgIm8ABnAwcAKgIm8ABoAwcAKgIm8AEXMA0G
CSqGSIb3DQEBCwUAA4IBAQBv6fe+r9UgZpsvBY1K7gTi3uD9Enl/Fj9Dd15nL16L
Cxz5u+pQU3EEt449sxOHjcm92zCgde2rZTVwWokIp50Dlb67p7N82D+TaPz6ojkV
qwlC2OUx/IhNsK9pEqXe/fG2DDWwmsGgWpYFKy2BYhTeTe0jfuXxxx2d3U6qsmhy
N/QOsMM0SvrbiD9mm37BznUlHpakRVQDV2rJqWLql3n0ypbV53c4Cl/4UurIilC2
tA6DygSHuPQ70iV+aVrJXK9A29KkCRkTlHhcRzmHAqyU8Sj1JxlVSsuI+AqUixUa
FJI6OPCI4jiwJlF1xYq/2fpK2zZqAFfDV0tTLkFo1Vqv
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:41 2023 by rpki-client on console-fra.rpki-client.org