Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/eQHeUZumVUXn-Nb-k27JIU4Fo1w.roa
File: eQHeUZumVUXn-Nb-k27JIU4Fo1w.roa (raw, json)
Hash identifier: v+eKdJXFpLcVjhCnBHmYYU7A8AT5zJXcNj4XmIPfTEI=
Subject key identifier: 79:01:DE:51:9B:A6:55:45:E7:F8:D6:FE:93:6E:C9:21:4E:05:A3:5C
Certificate issuer: /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Certificate serial: 018E13F4347F290BAE89C4811E3547196950
Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/eQHeUZumVUXn-Nb-k27JIU4Fo1w.roa
Signing time: Wed 06 Mar 2024 13:29:15 +0000
ROA not before: Wed 06 Mar 2024 13:29:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34164
IP address blocks: 2.16.49.0/24 maxlen: 24
2.18.25.0/24 maxlen: 24
2.20.48.0/24 maxlen: 24
2.21.236.0/24 maxlen: 24
2.21.237.0/24 maxlen: 24
84.53.176.0/24 maxlen: 24
84.53.186.0/24 maxlen: 24
92.122.120.0/23 maxlen: 23
92.122.152.0/24 maxlen: 24
92.122.191.0/24 maxlen: 24
92.122.204.0/23 maxlen: 23
95.101.12.0/24 maxlen: 24
95.101.121.0/24 maxlen: 24
193.108.152.0/24 maxlen: 24
195.245.126.0/24 maxlen: 24
2a02:26f0:1d::/48 maxlen: 48
2a02:26f0:33::/48 maxlen: 48
2a02:26f0:36::/48 maxlen: 48
2a02:26f0:5400::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 06 Mar 2024 15:03:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:13:f4:34:7f:29:0b:ae:89:c4:81:1e:35:47:19:69:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Validity
Not Before: Mar 6 13:29:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7901de519ba65545e7f8d6fe936ec9214e05a35c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:13:d6:62:ae:53:93:cc:2f:83:fb:b4:6a:c2:
2f:27:49:9f:95:1b:5b:b7:2c:07:15:86:7c:3d:ae:
55:7d:f8:2e:29:2c:36:c7:2f:07:19:81:c8:d2:bf:
d8:22:fa:2f:20:c9:08:6b:6a:e8:3f:60:7f:7f:07:
92:21:f3:53:16:b1:32:b4:d3:40:ca:ca:39:34:15:
d4:fe:c0:c9:0a:e3:95:fe:51:e8:cb:55:4b:d4:e5:
a7:23:a4:98:f0:ef:87:fa:ef:83:3f:84:6b:2d:d7:
15:7c:2c:29:71:39:ad:ac:30:3f:f3:87:d5:62:21:
ad:2f:d9:ac:a2:3c:ef:f1:52:b4:f0:ab:1c:3e:c4:
e3:5a:87:96:63:8d:3b:67:9f:6b:cb:3d:cc:7d:36:
a2:8d:77:29:ea:74:f1:38:71:5e:7b:a2:ab:38:f6:
cd:23:82:4a:d9:8e:60:b5:b7:ee:89:7f:ec:34:97:
2e:02:54:ab:d7:31:f6:5d:b1:42:53:b6:cb:71:42:
6a:f5:4b:a2:69:ff:f3:2f:f0:bd:60:c0:19:28:36:
a0:f2:39:ff:ff:9a:c3:31:19:ef:c8:c0:5a:fc:56:
19:e9:f2:fb:ee:dd:6d:df:4a:f5:0b:60:2c:6c:6a:
dd:de:20:d6:d9:a2:84:4d:b5:25:2b:dd:e2:fc:1c:
a2:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:01:DE:51:9B:A6:55:45:E7:F8:D6:FE:93:6E:C9:21:4E:05:A3:5C
X509v3 Authority Key Identifier:
keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/eQHeUZumVUXn-Nb-k27JIU4Fo1w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.16.49.0/24
2.18.25.0/24
2.20.48.0/24
2.21.236.0/23
84.53.176.0/24
84.53.186.0/24
92.122.120.0/23
92.122.152.0/24
92.122.191.0/24
92.122.204.0/23
95.101.12.0/24
95.101.121.0/24
193.108.152.0/24
195.245.126.0/24
IPv6:
2a02:26f0:1d::/48
2a02:26f0:33::/48
2a02:26f0:36::/48
2a02:26f0:5400::/48
Signature Algorithm: sha256WithRSAEncryption
78:ad:98:da:92:1e:a3:f5:8e:24:d6:e5:55:ac:7c:9d:f1:0c:
e6:21:15:c0:ed:b0:6e:a6:92:61:dd:72:a0:7d:0d:29:c3:5b:
9e:1c:68:23:9c:a3:10:90:f1:38:f1:7b:22:5c:73:e2:00:b1:
97:1d:8a:f9:cd:78:22:14:44:3b:9a:73:e5:5c:49:05:20:1c:
33:cb:18:76:a7:35:0f:63:52:9d:69:69:b2:1b:9a:cd:f8:89:
28:c0:4a:25:cb:64:18:d5:24:fb:62:19:c6:b3:72:31:32:4e:
5b:77:78:f7:c0:38:64:38:78:07:0b:49:9d:c6:70:a6:c5:b1:
0b:be:8c:35:6e:bd:b9:e1:51:ac:f3:d6:68:eb:ea:a2:46:0c:
c5:c3:5b:da:64:24:86:62:e9:4b:98:ab:d3:64:96:5a:7e:ab:
0a:20:e5:02:b0:bf:4d:d7:9a:d2:d3:b4:c4:25:94:c6:a7:e0:
7f:06:b0:0b:59:a3:08:58:4e:ea:f6:bf:31:87:9b:32:0e:a5:
db:bb:3e:df:5e:59:5b:3b:91:27:ce:86:20:19:65:fc:44:2f:
bb:7a:60:ef:88:ad:93:f5:a0:34:5f:77:16:39:65:b3:3f:56:
46:61:fd:e5:19:ef:39:5b:38:12:ae:ab:48:ba:7c:d7:f7:ae:
e9:de:c0:e5
-----BEGIN CERTIFICATE-----
MIIFejCCBGKgAwIBAgISAY4T9DR/KQuuicSBHjVHGWlQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNWZjYmJlYTQ4OTM3YTQ0MmJhYmRiMzMwMjEzMmM0YmM5
YmQ2YWEwHhcNMjQwMzA2MTMyOTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTAxZGU1MTliYTY1NTQ1ZTdmOGQ2ZmU5MzZlYzkyMTRlMDVhMzVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAohPWYq5Tk8wvg/u0asIvJ0mflRtb
tywHFYZ8Pa5VffguKSw2xy8HGYHI0r/YIvovIMkIa2roP2B/fweSIfNTFrEytNNA
yso5NBXU/sDJCuOV/lHoy1VL1OWnI6SY8O+H+u+DP4RrLdcVfCwpcTmtrDA/84fV
YiGtL9msojzv8VK08KscPsTjWoeWY407Z59ryz3MfTaijXcp6nTxOHFee6KrOPbN
I4JK2Y5gtbfuiX/sNJcuAlSr1zH2XbFCU7bLcUJq9Uuiaf/zL/C9YMAZKDag8jn/
/5rDMRnvyMBa/FYZ6fL77t1t30r1C2AsbGrd3iDW2aKETbUlK93i/ByitQIDAQAB
o4IChjCCAoIwHQYDVR0OBBYEFHkB3lGbplVF5/jW/pNuySFOBaNcMB8GA1UdIwQY
MBaAFGtfy76kiTekQrq9szAhMsS8m9aqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQt
ODhkMWNhYzllNGYxLzEvZVFIZVVadW1WVVhuLU5iLWsyN0pJVTRGbzF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQtODhkMWNhYzllNGYx
LzEvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGbBggrBgEFBQcBBwEB/wSBizCBiDBaBAIAATBUAwQAAhAx
AwQAAhIZAwQAAhQwAwQBAhXsAwQAVDWwAwQAVDW6AwQBXHp4AwQAXHqYAwQAXHq/
AwQBXHrMAwQAX2UMAwQAX2V5AwQAwWyYAwQAw/V+MCoEAgACMCQDBwAqAibwAB0D
BwAqAibwADMDBwAqAibwADYDBwAqAibwVAAwDQYJKoZIhvcNAQELBQADggEBAHit
mNqSHqP1jiTW5VWsfJ3xDOYhFcDtsG6mkmHdcqB9DSnDW54caCOcoxCQ8TjxeyJc
c+IAsZcdivnNeCIURDuac+VcSQUgHDPLGHanNQ9jUp1pabIbms34iSjASiXLZBjV
JPtiGcazcjEyTlt3ePfAOGQ4eAcLSZ3GcKbFsQu+jDVuvbnhUazz1mjr6qJGDMXD
W9pkJIZi6UuYq9Nkllp+qwog5QKwv03XmtLTtMQllMan4H8GsAtZowhYTur2vzGH
mzIOpdu7Pt9eWVs7kSfOhiAZZfxEL7t6YO+IrZP1oDRfdxY5ZbM/VkZh/eUZ7zlb
OBKuq0i6fNf3runewOU=
-----END CERTIFICATE-----
Generated at Wed Mar 6 19:11:47 2024 by rpki-client on console-ams.rpki-client.org