Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/Vfvj3q--qD9pw_BDaGF13Q6960w.roa
File: Vfvj3q--qD9pw_BDaGF13Q6960w.roa (raw, json)
Hash identifier: 91cs637eUQGeVD5tV9TsnIZvyNjr9VBD2SXAe/O0bJI=
Subject key identifier: 55:FB:E3:DE:AF:BE:A8:3F:69:C3:F0:43:68:61:75:DD:0E:BD:EB:4C
Certificate issuer: /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Certificate serial: 01906D89FDE996733B676726060093D0866D
Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/Vfvj3q--qD9pw_BDaGF13Q6960w.roa
Signing time: Mon 01 Jul 2024 09:04:38 +0000
ROA not before: Mon 01 Jul 2024 09:04:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6762
IP address blocks: 2.16.19.0/24 maxlen: 24
2.16.70.0/23 maxlen: 23
2.16.220.0/22 maxlen: 22
2.18.0.0/22 maxlen: 22
2.18.31.0/24 maxlen: 24
2.20.47.0/24 maxlen: 24
2.20.224.0/20 maxlen: 20
2.20.252.0/24 maxlen: 24
2.21.14.0/24 maxlen: 24
2.22.20.0/23 maxlen: 23
2.22.216.0/22 maxlen: 22
2.22.234.0/24 maxlen: 24
2.23.16.0/20 maxlen: 20
88.221.28.0/22 maxlen: 22
88.221.100.0/22 maxlen: 22
92.122.68.0/22 maxlen: 22
92.122.225.0/24 maxlen: 24
92.122.248.0/22 maxlen: 22
92.123.48.0/24 maxlen: 24
92.123.106.0/24 maxlen: 24
92.123.208.0/22 maxlen: 22
95.100.136.0/22 maxlen: 22
95.101.68.0/22 maxlen: 22
95.101.114.0/24 maxlen: 24
95.101.156.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 29 Aug 2024 10:57:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:6d:89:fd:e9:96:73:3b:67:67:26:06:00:93:d0:86:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Validity
Not Before: Jul 1 09:04:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=55fbe3deafbea83f69c3f043686175dd0ebdeb4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:40:4e:e6:8a:16:5a:73:b0:a8:c0:97:9a:80:
85:52:0d:79:41:e5:eb:09:8f:7c:16:46:96:a9:38:
ac:30:d3:40:56:83:80:5c:90:16:42:39:3c:f1:25:
85:b1:ea:5d:67:19:cb:31:63:3a:b3:76:cb:7a:ee:
c3:41:65:b1:7d:00:70:5a:9f:f8:43:c9:43:65:08:
e3:93:86:9f:bd:12:73:19:36:2b:d1:1a:1a:bf:49:
62:06:f5:1e:0d:fb:4f:19:dd:86:19:69:e1:ab:e8:
42:06:d3:72:da:f4:32:c9:cc:b7:79:c5:71:a6:d6:
33:9e:41:03:42:f9:15:82:40:dc:48:23:24:b5:e4:
7f:20:61:d1:86:b5:6d:35:62:0e:dc:34:f4:74:d7:
2c:34:51:bd:f7:60:c7:8a:7e:3f:89:e1:5c:0e:cf:
33:12:42:38:10:b7:59:e2:af:54:92:9a:09:e1:57:
77:9d:a5:b1:e9:2c:cd:eb:c5:27:9f:5a:44:1d:bf:
4a:7e:d3:7a:3d:21:a4:bb:6d:4a:d3:61:89:89:99:
e8:ca:cb:0c:44:d6:aa:64:e9:42:1a:6c:95:be:d2:
4b:69:6d:26:f1:4e:5e:c7:f7:ed:38:0f:af:90:c1:
a9:a8:33:34:38:07:3a:7d:50:17:38:e8:93:f6:77:
99:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:FB:E3:DE:AF:BE:A8:3F:69:C3:F0:43:68:61:75:DD:0E:BD:EB:4C
X509v3 Authority Key Identifier:
keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/Vfvj3q--qD9pw_BDaGF13Q6960w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.16.19.0/24
2.16.70.0/23
2.16.220.0/22
2.18.0.0/22
2.18.31.0/24
2.20.47.0/24
2.20.224.0/20
2.20.252.0/24
2.21.14.0/24
2.22.20.0/23
2.22.216.0/22
2.22.234.0/24
2.23.16.0/20
88.221.28.0/22
88.221.100.0/22
92.122.68.0/22
92.122.225.0/24
92.122.248.0/22
92.123.48.0/24
92.123.106.0/24
92.123.208.0/22
95.100.136.0/22
95.101.68.0/22
95.101.114.0/24
95.101.156.0/22
Signature Algorithm: sha256WithRSAEncryption
46:a0:18:a7:a9:ca:e3:e8:b8:d7:69:1a:42:42:b7:e5:aa:8c:
5d:8f:dc:df:c4:b7:f3:e4:a1:22:60:f5:d0:13:e2:86:4a:f9:
03:2d:b6:f3:cb:c4:e2:43:31:78:3b:7a:15:eb:63:9b:f9:2a:
88:c6:17:1f:1b:50:7c:1d:b7:8b:e7:71:e7:c2:51:40:42:f1:
23:ed:3f:28:c2:ef:13:83:6c:ff:0e:f7:07:6e:84:50:f0:ba:
12:5a:cf:60:a9:3c:46:e7:25:dd:0a:0f:e7:f7:38:9c:db:d7:
77:6f:e4:ad:25:6a:1a:ec:7a:26:2f:56:3b:d1:32:dc:3f:e0:
8d:7a:c7:a3:25:95:ae:38:86:cb:f5:70:dd:fd:ce:0b:7d:cb:
77:9f:eb:ad:86:19:38:3e:2d:94:b2:06:ca:70:9e:45:0f:1e:
4a:ff:1e:8b:d9:97:6a:06:8d:87:69:92:79:5e:26:d3:f5:38:
1e:3a:68:6a:ff:db:14:41:36:a3:ee:95:ad:15:81:cc:9a:e8:
78:5d:75:32:2a:de:5f:16:d5:2a:0c:91:af:55:5e:21:ed:44:
1f:81:93:eb:16:c7:49:61:48:9f:2c:f3:12:36:d8:62:14:dd:
a1:a0:90:16:99:51:d0:a2:84:9b:f7:34:03:1b:b2:6b:d0:60:
99:d1:f2:a2
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgISAZBtif3plnM7Z2cmBgCT0IZtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNWZjYmJlYTQ4OTM3YTQ0MmJhYmRiMzMwMjEzMmM0YmM5
YmQ2YWEwHhcNMjQwNzAxMDkwNDM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWZiZTNkZWFmYmVhODNmNjljM2YwNDM2ODYxNzVkZDBlYmRlYjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0UBO5ooWWnOwqMCXmoCFUg15QeXr
CY98FkaWqTisMNNAVoOAXJAWQjk88SWFsepdZxnLMWM6s3bLeu7DQWWxfQBwWp/4
Q8lDZQjjk4afvRJzGTYr0Roav0liBvUeDftPGd2GGWnhq+hCBtNy2vQyycy3ecVx
ptYznkEDQvkVgkDcSCMkteR/IGHRhrVtNWIO3DT0dNcsNFG992DHin4/ieFcDs8z
EkI4ELdZ4q9UkpoJ4Vd3naWx6SzN68Unn1pEHb9KftN6PSGku21K02GJiZnoyssM
RNaqZOlCGmyVvtJLaW0m8U5ex/ftOA+vkMGpqDM0OAc6fVAXOOiT9neZdwIDAQAB
o4ICnjCCApowHQYDVR0OBBYEFFX7496vvqg/acPwQ2hhdd0OvetMMB8GA1UdIwQY
MBaAFGtfy76kiTekQrq9szAhMsS8m9aqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQt
ODhkMWNhYzllNGYxLzEvVmZ2ajNxLS1xRDlwd19CRGFHRjEzUTY5NjB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQtODhkMWNhYzllNGYx
LzEvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGzBggrBgEFBQcBBwEB/wSBozCBoDCBnQQCAAEwgZYDBAAC
EBMDBAECEEYDBAICENwDBAICEgADBAACEh8DBAACFC8DBAQCFOADBAACFPwDBAAC
FQ4DBAECFhQDBAICFtgDBAACFuoDBAQCFxADBAJY3RwDBAJY3WQDBAJcekQDBABc
euEDBAJcevgDBABcezADBABce2oDBAJce9ADBAJfZIgDBAJfZUQDBABfZXIDBAJf
ZZwwDQYJKoZIhvcNAQELBQADggEBAEagGKepyuPouNdpGkJCt+WqjF2P3N/Et/Pk
oSJg9dAT4oZK+QMttvPLxOJDMXg7ehXrY5v5KojGFx8bUHwdt4vncefCUUBC8SPt
PyjC7xODbP8O9wduhFDwuhJaz2CpPEbnJd0KD+f3OJzb13dv5K0lahrseiYvVjvR
Mtw/4I16x6Mlla44hsv1cN39zgt9y3ef662GGTg+LZSyBspwnkUPHkr/HovZl2oG
jYdpknleJtP1OB46aGr/2xRBNqPula0Vgcya6HhddTIq3l8W1SoMka9VXiHtRB+B
k+sWx0lhSJ8s8xI22GIU3aGgkBaZUdCihJv3NAMbsmvQYJnR8qI=
-----END CERTIFICATE-----
Generated at Thu Aug 29 13:19:42 2024 by rpki-client on console-fra.rpki-client.org