Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/VfsQjwWiuW_rJVzHs61CYMV-OAY.roa
File: VfsQjwWiuW_rJVzHs61CYMV-OAY.roa (raw, json)
Hash identifier: 7MT4m5xCprxCGGqNpmvig/s7tL+LY5aDcmjkYHmMtoY=
Subject key identifier: 55:FB:10:8F:05:A2:B9:6F:EB:25:5C:C7:B3:AD:42:60:C5:7E:38:06
Certificate issuer: /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Certificate serial: 018732D6DB8721981062AEECE14ED9D19BFD
Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/VfsQjwWiuW_rJVzHs61CYMV-OAY.roa
Signing time: Thu 30 Mar 2023 14:05:54 +0000
ROA not before: Thu 30 Mar 2023 14:05:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 32787
IP address blocks: 95.100.157.0/24 maxlen: 24
2.17.192.0/24 maxlen: 24
2.17.192.0/22 maxlen: 22
2.17.193.0/24 maxlen: 24
2.17.195.0/24 maxlen: 24
2.17.194.0/24 maxlen: 24
2.21.175.0/24 maxlen: 24
95.100.215.0/24 maxlen: 24
95.100.214.0/24 maxlen: 24
92.122.207.0/24 maxlen: 24
95.100.253.0/24 maxlen: 24
93.191.172.0/24 maxlen: 24
93.191.168.0/24 maxlen: 24
93.191.169.0/24 maxlen: 24
95.100.180.0/24 maxlen: 24
93.191.170.0/24 maxlen: 24
92.122.185.0/24 maxlen: 24
95.100.213.0/24 maxlen: 24
92.122.184.0/24 maxlen: 24
95.100.212.0/24 maxlen: 24
95.101.118.0/24 maxlen: 24
95.101.117.0/24 maxlen: 24
95.101.204.0/22 maxlen: 22
2.19.4.0/22 maxlen: 22
2a02:2370:2::/48 maxlen: 48
2a02:2370:102::/48 maxlen: 48
2a02:2370:202::/48 maxlen: 48
2a02:2370:6::/48 maxlen: 48
2a02:2370:106::/48 maxlen: 48
2a02:2370:206::/48 maxlen: 48
2a02:2370:1::/48 maxlen: 48
2a02:2370:101::/48 maxlen: 48
2a02:2370:201::/48 maxlen: 48
2a02:2370:204::/48 maxlen: 48
2a02:2370:4::/48 maxlen: 48
2a02:2370:104::/48 maxlen: 48
2a02:2370:103::/48 maxlen: 48
2a02:2370:203::/48 maxlen: 48
2a02:2370:3::/48 maxlen: 48
2a02:2370:200::/48 maxlen: 48
2a02:2370:5::/48 maxlen: 48
2a02:2370:105::/48 maxlen: 48
2a02:2370:205::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:32:d6:db:87:21:98:10:62:ae:ec:e1:4e:d9:d1:9b:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Validity
Not Before: Mar 30 14:05:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=55fb108f05a2b96feb255cc7b3ad4260c57e3806
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:30:52:41:c8:5b:03:51:97:42:e8:04:c3:12:
3e:38:43:9d:f6:8a:4e:32:3c:91:c1:4b:1d:22:1a:
36:3c:df:dc:1f:7b:97:65:dc:bc:d7:f3:74:ec:0b:
d3:7b:f0:34:05:9f:45:ab:7f:b6:a2:6f:c4:ef:99:
f5:c6:f5:7d:22:7f:f5:51:24:19:c2:c2:2f:da:b2:
4d:94:a8:5e:45:c6:17:92:57:15:5c:47:c0:f0:58:
d7:d6:cf:3a:fd:38:61:91:bc:36:ee:12:cb:51:69:
7b:ff:c6:dc:c9:af:8c:74:6b:c8:0f:fd:b9:97:78:
91:9a:30:5b:55:f4:b8:b4:c9:83:00:48:41:22:18:
20:3d:42:b8:f5:5d:8c:13:be:b7:92:7c:2e:0a:74:
7f:4d:3d:4c:a8:42:80:ce:8d:a7:9e:ca:37:2f:5a:
d0:aa:d0:ab:e5:8f:dc:19:d5:b7:44:3e:d8:c4:3b:
37:0e:49:6c:8e:32:a8:ab:52:bd:a8:f0:62:8d:ac:
d1:c4:29:82:78:53:1b:5c:7b:0f:78:6d:30:29:9d:
f4:5e:7b:ad:ba:fe:70:be:24:91:0d:f6:19:03:be:
be:19:c2:25:fa:bd:21:17:5c:85:63:da:40:7d:0b:
2d:50:ba:c6:56:ec:41:bb:14:46:81:71:4f:d7:7e:
84:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:FB:10:8F:05:A2:B9:6F:EB:25:5C:C7:B3:AD:42:60:C5:7E:38:06
X509v3 Authority Key Identifier:
keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/VfsQjwWiuW_rJVzHs61CYMV-OAY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.17.192.0/22
2.19.4.0/22
2.21.175.0/24
92.122.184.0/23
92.122.207.0/24
93.191.168.0-93.191.170.255
93.191.172.0/24
95.100.157.0/24
95.100.180.0/24
95.100.212.0/22
95.100.253.0/24
95.101.117.0-95.101.118.255
95.101.204.0/22
IPv6:
2a02:2370:1::-2a02:2370:6:ffff:ffff:ffff:ffff:ffff
2a02:2370:101::-2a02:2370:106:ffff:ffff:ffff:ffff:ffff
2a02:2370:200::-2a02:2370:206:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
92:a2:d5:7e:6c:19:5d:62:15:35:e7:ea:eb:9b:c0:ed:12:61:
67:63:6b:78:7c:2a:e4:90:0d:1c:00:90:36:b2:3a:9c:6e:81:
93:28:66:b2:7b:7a:47:1d:ba:9f:b3:76:f7:8c:ae:68:a2:ed:
27:cb:64:80:15:ee:af:94:da:3d:0a:2b:ae:e5:c5:77:7f:d6:
b6:d0:e1:15:62:3d:41:d7:36:48:6d:e8:97:64:82:35:5a:fa:
d3:1c:07:19:b8:cd:29:8b:94:96:a0:f4:cd:7f:cb:21:1d:99:
43:d4:b8:ed:1a:5e:ea:aa:c9:ff:54:6e:25:b7:50:b3:bf:f6:
d9:ad:c3:e4:43:da:0c:01:e4:1d:61:b7:31:35:be:5e:da:76:
17:da:a9:a4:29:68:30:c9:95:c6:d2:ab:2e:3d:1c:dc:68:51:
4b:67:55:d6:27:c0:75:41:5f:9b:1e:76:7d:23:b7:31:ee:ab:
4a:65:f9:d5:e9:e1:cc:67:69:12:4e:f9:0e:f9:84:ce:cd:6b:
7b:a2:62:0d:cc:ec:15:ce:d3:e7:86:2b:ac:3f:4c:02:d4:19:
27:99:da:0e:78:cd:32:73:4a:34:45:57:e5:4c:22:8d:f5:a4:
5f:cd:78:22:f5:9a:cd:12:10:37:d7:f1:67:db:10:10:01:26:
69:43:a4:43
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgISAYcy1tuHIZgQYq7s4U7Z0Zv9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNWZjYmJlYTQ4OTM3YTQ0MmJhYmRiMzMwMjEzMmM0YmM5
YmQ2YWEwHhcNMjMwMzMwMTQwNTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWZiMTA4ZjA1YTJiOTZmZWIyNTVjYzdiM2FkNDI2MGM1N2UzODA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1TBSQchbA1GXQugEwxI+OEOd9opO
MjyRwUsdIho2PN/cH3uXZdy81/N07AvTe/A0BZ9Fq3+2om/E75n1xvV9In/1USQZ
wsIv2rJNlKheRcYXklcVXEfA8FjX1s86/Thhkbw27hLLUWl7/8bcya+MdGvID/25
l3iRmjBbVfS4tMmDAEhBIhggPUK49V2ME763knwuCnR/TT1MqEKAzo2nnso3L1rQ
qtCr5Y/cGdW3RD7YxDs3DklsjjKoq1K9qPBijazRxCmCeFMbXHsPeG0wKZ30Xnut
uv5wviSRDfYZA76+GcIl+r0hF1yFY9pAfQstULrGVuxBuxRGgXFP136EmQIDAQAB
o4ICpzCCAqMwHQYDVR0OBBYEFFX7EI8Forlv6yVcx7OtQmDFfjgGMB8GA1UdIwQY
MBaAFGtfy76kiTekQrq9szAhMsS8m9aqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQt
ODhkMWNhYzllNGYxLzEvVmZzUWp3V2l1V19ySlZ6SHM2MUNZTVYtT0FZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQtODhkMWNhYzllNGYx
LzEvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG8BggrBgEFBQcBBwEB/wSBrDCBqTBkBAIAATBeAwQCAhHA
AwQCAhMEAwQAAhWvAwQBXHq4AwQAXHrPMAwDBANdv6gDBABdv6oDBABdv6wDBABf
ZJ0DBABfZLQDBAJfZNQDBABfZP0wDAMEAF9ldQMEAF9ldgMEAl9lzDBBBAIAAjA7
MBIDBwAqAiNwAAEDBwAqAiNwAAYwEgMHACoCI3ABAQMHACoCI3ABBjARAwYBKgIj
cAIDBwAqAiNwAgYwDQYJKoZIhvcNAQELBQADggEBAJKi1X5sGV1iFTXn6uubwO0S
YWdja3h8KuSQDRwAkDayOpxugZMoZrJ7ekcdup+zdveMrmii7SfLZIAV7q+U2j0K
K67lxXd/1rbQ4RViPUHXNkht6JdkgjVa+tMcBxm4zSmLlJag9M1/yyEdmUPUuO0a
Xuqqyf9UbiW3ULO/9tmtw+RD2gwB5B1htzE1vl7adhfaqaQpaDDJlcbSqy49HNxo
UUtnVdYnwHVBX5sedn0jtzHuq0pl+dXp4cxnaRJO+Q75hM7Na3uiYg3M7BXO0+eG
K6w/TALUGSeZ2g54zTJzSjRFV+VMIo31pF/NeCL1ms0SEDfX8WfbEBABJmlDpEM=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:41 2023 by rpki-client on console-fra.rpki-client.org