Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/l9YqhopIN1lyxo9x0e-1oDUhJxY.roa
File: l9YqhopIN1lyxo9x0e-1oDUhJxY.roa (raw, json)
Hash identifier: TA2u64FWYEPSv7BwE4kcnHr56it62x0FOd2cI7KFVwA=
Subject key identifier: 97:D6:2A:86:8A:48:37:59:72:C6:8F:71:D1:EF:B5:A0:35:21:27:16
Certificate issuer: /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Certificate serial: 018B489CC6F7157FAF8F146E101E2A6D4E4D
Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/l9YqhopIN1lyxo9x0e-1oDUhJxY.roa
Signing time: Thu 19 Oct 2023 15:45:15 +0000
ROA not before: Thu 19 Oct 2023 15:45:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21342
IP address blocks: 2.22.243.0/24 maxlen: 24
92.122.123.0/24 maxlen: 24
88.221.162.0/24 maxlen: 24
88.221.163.0/24 maxlen: 24
2.22.230.0/24 maxlen: 24
2.16.40.0/24 maxlen: 24
95.100.168.0/24 maxlen: 24
84.53.139.0/24 maxlen: 24
95.100.175.0/24 maxlen: 24
95.100.174.0/24 maxlen: 24
2.16.122.0/24 maxlen: 24
95.100.173.0/24 maxlen: 24
2.16.123.0/24 maxlen: 24
2.16.130.0/24 maxlen: 24
2.16.126.0/23 maxlen: 24
95.101.76.0/24 maxlen: 24
2.17.46.0/24 maxlen: 24
2.21.230.0/24 maxlen: 24
95.101.36.0/24 maxlen: 24
88.221.81.0/24 maxlen: 24
92.123.94.0/24 maxlen: 24
92.123.95.0/24 maxlen: 24
193.108.91.0/24 maxlen: 24
193.108.88.0/24 maxlen: 24
2a02:26f0:117::/48 maxlen: 48
2a02:26f0:68::/48 maxlen: 48
2a02:26f0:67::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:48:9c:c6:f7:15:7f:af:8f:14:6e:10:1e:2a:6d:4e:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Validity
Not Before: Oct 19 15:45:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=97d62a868a48375972c68f71d1efb5a035212716
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:f5:b4:85:f2:0d:9d:7a:75:2a:06:39:07:41:
b0:14:2d:6c:72:ec:de:fc:35:39:b1:72:c3:fd:4c:
58:3c:7d:20:0e:ee:f3:1f:09:4e:f9:9f:c4:dd:54:
3d:f3:dd:3e:aa:a1:3d:0e:03:e3:7c:95:8d:c4:35:
2d:89:2c:8e:69:0c:60:b1:c7:de:aa:9f:5b:3e:52:
1a:6e:7c:09:e9:f9:2f:91:84:f1:5e:47:19:69:e1:
7a:59:2d:2c:88:62:64:a7:07:a7:ce:8b:9f:ae:10:
a3:52:d8:45:36:48:cf:77:6c:93:9e:02:ee:9f:cf:
2e:b8:f6:20:b2:87:79:b0:6f:73:a7:55:d9:e1:8c:
5f:dc:9c:2b:80:e6:7b:82:7a:3c:d6:44:5a:31:75:
91:f8:07:fd:82:c4:08:a8:65:02:58:94:7e:bb:89:
35:33:10:d1:a9:d6:7b:61:3c:51:16:89:3e:29:3a:
3f:45:98:8f:0b:24:d7:3b:df:78:95:eb:61:8f:fb:
55:93:62:d2:ea:db:5e:ec:c2:31:37:3f:5b:a4:50:
3d:6e:f0:4c:c7:3f:65:1f:b4:bb:e4:75:6a:00:62:
46:6b:ce:8a:4d:cd:89:71:94:ab:02:48:6f:cf:81:
75:a6:fa:4d:46:08:02:ce:c8:c6:b6:4b:9c:65:d1:
fd:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:D6:2A:86:8A:48:37:59:72:C6:8F:71:D1:EF:B5:A0:35:21:27:16
X509v3 Authority Key Identifier:
keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/l9YqhopIN1lyxo9x0e-1oDUhJxY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.16.40.0/24
2.16.122.0/23
2.16.126.0/23
2.16.130.0/24
2.17.46.0/24
2.21.230.0/24
2.22.230.0/24
2.22.243.0/24
84.53.139.0/24
88.221.81.0/24
88.221.162.0/23
92.122.123.0/24
92.123.94.0/23
95.100.168.0/24
95.100.173.0-95.100.175.255
95.101.36.0/24
95.101.76.0/24
193.108.88.0/24
193.108.91.0/24
IPv6:
2a02:26f0:67::-2a02:26f0:68:ffff:ffff:ffff:ffff:ffff
2a02:26f0:117::/48
Signature Algorithm: sha256WithRSAEncryption
4c:98:51:fc:7b:59:88:47:4e:98:12:38:6f:e5:43:69:59:bb:
f0:06:a9:69:08:1a:bb:b3:16:4c:d4:c7:6e:a6:64:b1:ab:90:
2e:70:b2:2d:b5:7c:d1:72:af:19:cb:89:f1:30:06:17:50:f2:
6e:d8:9c:4a:69:d8:e4:0d:97:4e:76:c8:03:b7:4b:0f:7a:26:
7b:1b:41:46:58:07:4a:6a:1c:5b:20:3c:ba:fd:59:30:ed:08:
b0:25:2f:9a:31:d1:a7:34:6a:80:fb:93:27:a6:ae:96:69:9e:
bd:50:ca:94:46:85:03:51:83:1c:e1:a1:f3:d1:0c:d6:b1:e3:
c5:cd:a0:70:a0:8a:e7:ca:1f:49:43:af:a6:36:63:8a:25:4d:
2e:7c:7b:9f:77:5c:dd:9b:d2:ca:69:59:1b:b6:95:7f:32:b0:
16:a2:29:33:88:4d:69:9b:b0:22:a2:1f:f8:d0:12:88:46:e5:
43:6b:49:cb:d2:3a:12:62:8d:cf:78:f5:b0:b0:34:35:b2:3a:
1b:a1:54:b8:61:06:1a:c3:70:c2:42:3c:a5:79:dc:7a:5c:38:
76:b8:bd:fe:c4:ce:8b:19:11:a7:72:71:1f:b1:9d:c1:ab:c2:
a4:95:ff:f5:30:20:9e:06:61:a5:ac:f7:b4:e6:9a:5d:9e:f1:
1f:6a:4e:86
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgISAYtInMb3FX+vjxRuEB4qbU5NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNWZjYmJlYTQ4OTM3YTQ0MmJhYmRiMzMwMjEzMmM0YmM5
YmQ2YWEwHhcNMjMxMDE5MTU0NTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2Q2MmE4NjhhNDgzNzU5NzJjNjhmNzFkMWVmYjVhMDM1MjEyNzE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlPW0hfINnXp1KgY5B0GwFC1scuze
/DU5sXLD/UxYPH0gDu7zHwlO+Z/E3VQ9890+qqE9DgPjfJWNxDUtiSyOaQxgscfe
qp9bPlIabnwJ6fkvkYTxXkcZaeF6WS0siGJkpwenzoufrhCjUthFNkjPd2yTngLu
n88uuPYgsod5sG9zp1XZ4Yxf3JwrgOZ7gno81kRaMXWR+Af9gsQIqGUCWJR+u4k1
MxDRqdZ7YTxRFok+KTo/RZiPCyTXO994lethj/tVk2LS6tte7MIxNz9bpFA9bvBM
xz9lH7S75HVqAGJGa86KTc2JcZSrAkhvz4F1pvpNRggCzsjGtkucZdH9fwIDAQAB
o4ICpjCCAqIwHQYDVR0OBBYEFJfWKoaKSDdZcsaPcdHvtaA1IScWMB8GA1UdIwQY
MBaAFGtfy76kiTekQrq9szAhMsS8m9aqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQt
ODhkMWNhYzllNGYxLzEvbDlZcWhvcElOMWx5eG85eDBlLTFvRFVoSnhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQtODhkMWNhYzllNGYx
LzEvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG7BggrBgEFBQcBBwEB/wSBqzCBqDCBgAQCAAEwegMEAAIQ
KAMEAQIQegMEAQIQfgMEAAIQggMEAAIRLgMEAAIV5gMEAAIW5gMEAAIW8wMEAFQ1
iwMEAFjdUQMEAVjdogMEAFx6ewMEAVx7XgMEAF9kqDAMAwQAX2StAwQEX2SgAwQA
X2UkAwQAX2VMAwQAwWxYAwQAwWxbMCMEAgACMB0wEgMHACoCJvAAZwMHACoCJvAA
aAMHACoCJvABFzANBgkqhkiG9w0BAQsFAAOCAQEATJhR/HtZiEdOmBI4b+VDaVm7
8AapaQgau7MWTNTHbqZksauQLnCyLbV80XKvGcuJ8TAGF1DybticSmnY5A2XTnbI
A7dLD3omextBRlgHSmocWyA8uv1ZMO0IsCUvmjHRpzRqgPuTJ6aulmmevVDKlEaF
A1GDHOGh89EM1rHjxc2gcKCK58ofSUOvpjZjiiVNLnx7n3dc3ZvSymlZG7aVfzKw
FqIpM4hNaZuwIqIf+NASiEblQ2tJy9I6EmKNz3j1sLA0NbI6G6FUuGEGGsNwwkI8
pXncelw4dri9/sTOixkRp3JxH7GdwavCpJX/9TAgngZhpaz3tOaaXZ7xH2pOhg==
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:40:22 2024 by rpki-client on console-ams.rpki-client.org