Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/UFtaRtvpBuD-EgicECBbS6yK9Dk.roa
File: UFtaRtvpBuD-EgicECBbS6yK9Dk.roa (raw, json)
Hash identifier: XFCi1w1qY3fL4LdrPrtFCCH5OtLICLzkFzRRdAoqzjY=
Subject key identifier: 50:5B:5A:46:DB:E9:06:E0:FE:12:08:9C:10:20:5B:4B:AC:8A:F4:39
Certificate issuer: /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Certificate serial: 0190356A90AE6B3E9ADC827F9D81088A9C5D
Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/UFtaRtvpBuD-EgicECBbS6yK9Dk.roa
Signing time: Thu 20 Jun 2024 11:31:34 +0000
ROA not before: Thu 20 Jun 2024 11:31:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6762
IP address blocks: 2.16.19.0/24 maxlen: 24
2.16.70.0/23 maxlen: 23
2.16.220.0/22 maxlen: 22
2.18.0.0/22 maxlen: 22
2.18.31.0/24 maxlen: 24
2.20.47.0/24 maxlen: 24
2.20.224.0/20 maxlen: 20
2.20.252.0/24 maxlen: 24
2.21.14.0/24 maxlen: 24
2.22.20.0/23 maxlen: 23
2.22.216.0/22 maxlen: 22
2.22.234.0/24 maxlen: 24
2.23.16.0/20 maxlen: 20
88.221.28.0/22 maxlen: 22
88.221.100.0/22 maxlen: 22
92.122.68.0/22 maxlen: 22
92.122.225.0/24 maxlen: 24
92.122.248.0/22 maxlen: 22
92.123.48.0/24 maxlen: 24
92.123.106.0/24 maxlen: 24
92.123.208.0/22 maxlen: 22
95.101.68.0/22 maxlen: 22
95.101.114.0/24 maxlen: 24
95.101.156.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jul 2024 09:04:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:35:6a:90:ae:6b:3e:9a:dc:82:7f:9d:81:08:8a:9c:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Validity
Not Before: Jun 20 11:31:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=505b5a46dbe906e0fe12089c10205b4bac8af439
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:a5:18:0d:72:5c:86:6e:c2:84:73:4b:7a:9f:
c9:35:65:a1:6e:e4:0f:d9:1f:77:83:e1:06:0e:51:
07:90:01:a1:bc:92:32:56:2d:fb:c2:55:31:fe:d9:
03:1c:be:6e:0a:74:02:c7:ba:b7:9a:28:2f:41:84:
32:b5:7b:25:7b:07:fe:3d:e1:0f:9e:a7:23:8c:c8:
43:fd:3f:43:31:93:c9:1e:f8:24:ac:b1:28:1f:70:
67:bf:d5:a9:06:c7:de:ab:8b:ec:06:6e:0e:b2:98:
ab:90:43:d0:c8:1f:cb:fd:50:5a:91:95:62:1f:be:
e4:5f:70:a4:01:63:e7:f0:07:0c:95:43:9a:c1:76:
a3:62:e8:8d:9f:7a:b7:0a:dd:00:55:b9:df:12:45:
77:be:f8:8e:e7:3b:03:71:27:2e:4d:ce:49:7f:c7:
c6:b3:e6:f1:ca:a8:73:01:88:f1:cc:ec:7b:60:22:
f7:89:d0:e3:e9:af:96:5b:ff:b9:f7:31:77:67:1a:
52:88:d7:89:c1:64:45:93:b8:33:d0:19:3f:70:93:
b2:cb:ef:aa:1a:99:1f:bf:6a:1d:c5:54:d9:44:b4:
ed:2b:56:77:32:4a:e1:0a:ff:9d:5b:1c:32:2a:17:
9d:20:6c:ea:35:34:2b:7c:c1:3f:37:58:90:bd:db:
6d:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:5B:5A:46:DB:E9:06:E0:FE:12:08:9C:10:20:5B:4B:AC:8A:F4:39
X509v3 Authority Key Identifier:
keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/UFtaRtvpBuD-EgicECBbS6yK9Dk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.16.19.0/24
2.16.70.0/23
2.16.220.0/22
2.18.0.0/22
2.18.31.0/24
2.20.47.0/24
2.20.224.0/20
2.20.252.0/24
2.21.14.0/24
2.22.20.0/23
2.22.216.0/22
2.22.234.0/24
2.23.16.0/20
88.221.28.0/22
88.221.100.0/22
92.122.68.0/22
92.122.225.0/24
92.122.248.0/22
92.123.48.0/24
92.123.106.0/24
92.123.208.0/22
95.101.68.0/22
95.101.114.0/24
95.101.156.0/22
Signature Algorithm: sha256WithRSAEncryption
5e:fb:1d:09:3c:67:c3:f4:de:ea:9a:ec:73:ed:7a:58:5a:f0:
07:f9:fd:bc:5e:1d:05:54:8b:1c:87:ad:fc:e2:61:35:f8:b7:
15:9a:13:d0:d5:5b:fe:79:88:c8:be:af:57:3e:dc:13:2b:e7:
11:40:5f:f1:aa:93:e2:77:7a:47:c2:a9:f0:2d:ac:f6:cd:01:
88:fb:83:be:23:a1:bb:c3:0d:88:ee:d5:b6:44:e9:47:62:fc:
59:5e:63:65:ea:d0:c4:8b:e2:b9:a2:da:a7:0e:d4:93:1a:c8:
c3:88:e8:74:12:b3:66:dd:cf:57:46:74:75:bc:42:43:d6:39:
6c:97:0d:c1:78:02:95:9b:d3:36:4b:47:8a:7e:e7:e2:41:57:
10:88:83:a7:39:1b:77:b4:2a:26:d6:b4:7f:fa:f5:bd:1b:8c:
1d:41:93:c2:5b:60:5c:53:1b:e6:f1:91:bf:d2:64:4f:c1:7d:
54:af:ad:22:e6:71:85:8a:51:9f:79:d8:41:c6:09:56:8c:7d:
c4:23:bd:47:87:f3:e0:a7:23:96:54:47:ed:e1:5f:24:fa:01:
1d:c0:7d:c4:8c:81:92:f3:82:d3:e3:c1:3f:c3:e0:7d:2a:a4:
df:d0:64:df:0c:18:86:e2:e9:e4:58:4a:e9:15:42:73:09:21:
11:9a:f0:46
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgISAZA1apCuaz6a3IJ/nYEIipxdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNWZjYmJlYTQ4OTM3YTQ0MmJhYmRiMzMwMjEzMmM0YmM5
YmQ2YWEwHhcNMjQwNjIwMTEzMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDViNWE0NmRiZTkwNmUwZmUxMjA4OWMxMDIwNWI0YmFjOGFmNDM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsKUYDXJchm7ChHNLep/JNWWhbuQP
2R93g+EGDlEHkAGhvJIyVi37wlUx/tkDHL5uCnQCx7q3migvQYQytXslewf+PeEP
nqcjjMhD/T9DMZPJHvgkrLEoH3Bnv9WpBsfeq4vsBm4OspirkEPQyB/L/VBakZVi
H77kX3CkAWPn8AcMlUOawXajYuiNn3q3Ct0AVbnfEkV3vviO5zsDcScuTc5Jf8fG
s+bxyqhzAYjxzOx7YCL3idDj6a+WW/+59zF3ZxpSiNeJwWRFk7gz0Bk/cJOyy++q
Gpkfv2odxVTZRLTtK1Z3MkrhCv+dWxwyKhedIGzqNTQrfME/N1iQvdttjwIDAQAB
o4ICmDCCApQwHQYDVR0OBBYEFFBbWkbb6Qbg/hIInBAgW0usivQ5MB8GA1UdIwQY
MBaAFGtfy76kiTekQrq9szAhMsS8m9aqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQt
ODhkMWNhYzllNGYxLzEvVUZ0YVJ0dnBCdUQtRWdpY0VDQmJTNnlLOURrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQtODhkMWNhYzllNGYx
LzEvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGtBggrBgEFBQcBBwEB/wSBnTCBmjCBlwQCAAEwgZADBAAC
EBMDBAECEEYDBAICENwDBAICEgADBAACEh8DBAACFC8DBAQCFOADBAACFPwDBAAC
FQ4DBAECFhQDBAICFtgDBAACFuoDBAQCFxADBAJY3RwDBAJY3WQDBAJcekQDBABc
euEDBAJcevgDBABcezADBABce2oDBAJce9ADBAJfZUQDBABfZXIDBAJfZZwwDQYJ
KoZIhvcNAQELBQADggEBAF77HQk8Z8P03uqa7HPtelha8Af5/bxeHQVUixyHrfzi
YTX4txWaE9DVW/55iMi+r1c+3BMr5xFAX/Gqk+J3ekfCqfAtrPbNAYj7g74jobvD
DYju1bZE6Udi/FleY2Xq0MSL4rmi2qcO1JMayMOI6HQSs2bdz1dGdHW8QkPWOWyX
DcF4ApWb0zZLR4p+5+JBVxCIg6c5G3e0KibWtH/69b0bjB1Bk8JbYFxTG+bxkb/S
ZE/BfVSvrSLmcYWKUZ952EHGCVaMfcQjvUeH8+CnI5ZUR+3hXyT6AR3AfcSMgZLz
gtPjwT/D4H0qpN/QZN8MGIbi6eRYSukVQnMJIRGa8EY=
-----END CERTIFICATE-----
Generated at Mon Jul 1 10:53:26 2024 by rpki-client on console-ams.rpki-client.org