Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/navTvkYnyEVi3W5IqVJAo5g9B9k.roa
File: navTvkYnyEVi3W5IqVJAo5g9B9k.roa (raw, json)
Hash identifier: QC8fm4AaejH305tSxtl3VVi92b52ulFnQT1xHllvuSE=
Subject key identifier: 9D:AB:D3:BE:46:27:C8:45:62:DD:6E:48:A9:52:40:A3:98:3D:07:D9
Certificate issuer: /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Certificate serial: 018E7FF76C48FA3D80476D70732933AE0740
Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/navTvkYnyEVi3W5IqVJAo5g9B9k.roa
Signing time: Wed 27 Mar 2024 12:51:45 +0000
ROA not before: Wed 27 Mar 2024 12:51:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6762
IP address blocks: 2.16.19.0/24 maxlen: 24
2.16.70.0/23 maxlen: 23
2.16.220.0/22 maxlen: 22
2.18.0.0/22 maxlen: 22
2.18.31.0/24 maxlen: 24
2.20.224.0/20 maxlen: 20
2.20.252.0/24 maxlen: 24
2.21.14.0/24 maxlen: 24
88.221.28.0/22 maxlen: 22
88.221.100.0/22 maxlen: 22
92.122.68.0/22 maxlen: 22
92.122.225.0/24 maxlen: 24
92.122.248.0/22 maxlen: 22
92.123.48.0/24 maxlen: 24
92.123.106.0/24 maxlen: 24
92.123.208.0/22 maxlen: 22
95.100.128.0/22 maxlen: 22
95.101.68.0/22 maxlen: 22
95.101.114.0/24 maxlen: 24
95.101.156.0/22 maxlen: 22
2a02:26f0:9700::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 27 Mar 2024 12:54:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:7f:f7:6c:48:fa:3d:80:47:6d:70:73:29:33:ae:07:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Validity
Not Before: Mar 27 12:51:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9dabd3be4627c84562dd6e48a95240a3983d07d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:11:be:07:cf:05:45:d5:d4:b8:ad:19:0d:05:
43:5c:f0:4f:cd:72:f5:4f:6c:d4:03:8e:84:a8:a6:
76:fc:f5:68:bf:33:fd:98:a7:3d:63:5c:3f:20:c7:
eb:e3:80:81:9b:44:4b:e7:38:a9:fb:1a:6e:f1:5c:
b7:a3:28:7e:4a:b3:08:bd:fa:81:a7:f3:23:1d:15:
94:d5:40:9d:20:ad:d2:fa:9c:2c:1e:ee:b3:33:bd:
a2:ff:e1:e2:b2:be:3a:e9:0d:c0:ab:80:9a:eb:b4:
35:ad:62:af:c8:88:9b:09:5d:0d:c3:a4:19:21:d9:
64:1d:57:82:f0:40:cf:c3:1d:58:3d:d9:e6:a2:d4:
ee:69:ca:a8:59:15:3d:c6:73:6d:e6:03:5f:81:7b:
bb:8e:ed:3a:1d:d6:60:ab:40:88:d5:10:45:87:f2:
23:34:e3:33:eb:81:06:d1:a9:b1:5c:6c:6b:a8:07:
60:bc:fc:56:1c:e2:04:49:8d:a8:17:23:09:ee:bd:
ef:70:dd:07:24:8c:1b:d2:04:6b:fb:92:d5:9e:0f:
40:99:b8:83:79:8e:27:20:b6:ac:b9:b0:4e:3d:75:
08:1a:1f:2d:60:db:6f:51:e3:36:42:e0:5d:72:b4:
03:a1:ea:02:26:33:36:1c:26:00:0e:04:15:06:2b:
0c:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:AB:D3:BE:46:27:C8:45:62:DD:6E:48:A9:52:40:A3:98:3D:07:D9
X509v3 Authority Key Identifier:
keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/navTvkYnyEVi3W5IqVJAo5g9B9k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.16.19.0/24
2.16.70.0/23
2.16.220.0/22
2.18.0.0/22
2.18.31.0/24
2.20.224.0/20
2.20.252.0/24
2.21.14.0/24
88.221.28.0/22
88.221.100.0/22
92.122.68.0/22
92.122.225.0/24
92.122.248.0/22
92.123.48.0/24
92.123.106.0/24
92.123.208.0/22
95.100.128.0/22
95.101.68.0/22
95.101.114.0/24
95.101.156.0/22
IPv6:
2a02:26f0:9700::/48
Signature Algorithm: sha256WithRSAEncryption
09:eb:7a:d0:dd:01:97:9f:29:3a:36:fb:9b:d6:0e:21:76:e6:
15:72:b6:fe:f2:1a:26:fa:2c:1c:15:ee:86:3c:e1:e5:93:0a:
ff:58:7a:30:a3:89:e5:12:10:4a:0c:e3:22:f1:a9:8f:72:71:
fc:43:d1:38:48:3d:06:59:84:58:e0:ab:6b:aa:22:d3:ea:d2:
e3:a3:18:4d:c7:f1:92:5a:73:ea:97:c0:9a:05:2a:77:0b:01:
67:0a:d3:28:6d:45:37:81:ef:ee:d4:97:45:4e:dd:5b:6e:8d:
e5:c7:24:ac:4d:f3:35:1a:cc:c6:62:92:20:de:3e:74:d7:ac:
63:c0:2f:a7:5c:f5:18:44:7b:6b:91:50:47:49:4a:71:4d:b9:
32:b4:75:4f:73:1a:cb:ef:53:20:5a:ee:7f:cc:7d:63:9b:f1:
99:5e:ec:ee:d3:4c:72:91:6c:08:79:e6:ea:4f:75:b0:40:21:
d9:9c:bc:7e:aa:fa:15:58:03:e6:07:19:b4:a2:fe:fa:22:37:
53:cd:a0:a0:cb:09:bb:c5:79:b1:94:13:c0:b4:4e:97:cf:5a:
e6:6a:95:db:24:04:3b:fd:92:1e:6e:be:2b:b6:0f:80:56:15:
c0:5c:52:03:ba:51:a3:8d:69:d4:39:dd:bd:84:7a:51:eb:a6:
ba:1a:0b:1e
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgISAY5/92xI+j2AR21wcykzrgdAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNWZjYmJlYTQ4OTM3YTQ0MmJhYmRiMzMwMjEzMmM0YmM5
YmQ2YWEwHhcNMjQwMzI3MTI1MTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGFiZDNiZTQ2MjdjODQ1NjJkZDZlNDhhOTUyNDBhMzk4M2QwN2Q5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3xG+B88FRdXUuK0ZDQVDXPBPzXL1
T2zUA46EqKZ2/PVovzP9mKc9Y1w/IMfr44CBm0RL5zip+xpu8Vy3oyh+SrMIvfqB
p/MjHRWU1UCdIK3S+pwsHu6zM72i/+Hisr466Q3Aq4Ca67Q1rWKvyIibCV0Nw6QZ
IdlkHVeC8EDPwx1YPdnmotTuacqoWRU9xnNt5gNfgXu7ju06HdZgq0CI1RBFh/Ij
NOMz64EG0amxXGxrqAdgvPxWHOIESY2oFyMJ7r3vcN0HJIwb0gRr+5LVng9AmbiD
eY4nILasubBOPXUIGh8tYNtvUeM2QuBdcrQDoeoCJjM2HCYADgQVBisMLQIDAQAB
o4ICjzCCAoswHQYDVR0OBBYEFJ2r075GJ8hFYt1uSKlSQKOYPQfZMB8GA1UdIwQY
MBaAFGtfy76kiTekQrq9szAhMsS8m9aqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQt
ODhkMWNhYzllNGYxLzEvbmF2VHZrWW55RVZpM1c1SXFWSkFvNWc5QjlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQtODhkMWNhYzllNGYx
LzEvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGkBggrBgEFBQcBBwEB/wSBlDCBkTB+BAIAATB4AwQAAhAT
AwQBAhBGAwQCAhDcAwQCAhIAAwQAAhIfAwQEAhTgAwQAAhT8AwQAAhUOAwQCWN0c
AwQCWN1kAwQCXHpEAwQAXHrhAwQCXHr4AwQAXHswAwQAXHtqAwQCXHvQAwQCX2SA
AwQCX2VEAwQAX2VyAwQCX2WcMA8EAgACMAkDBwAqAibwlwAwDQYJKoZIhvcNAQEL
BQADggEBAAnretDdAZefKTo2+5vWDiF25hVytv7yGib6LBwV7oY84eWTCv9YejCj
ieUSEEoM4yLxqY9ycfxD0ThIPQZZhFjgq2uqItPq0uOjGE3H8ZJac+qXwJoFKncL
AWcK0yhtRTeB7+7Ul0VO3VtujeXHJKxN8zUazMZikiDePnTXrGPAL6dc9RhEe2uR
UEdJSnFNuTK0dU9zGsvvUyBa7n/MfWOb8Zle7O7TTHKRbAh55upPdbBAIdmcvH6q
+hVYA+YHGbSi/voiN1PNoKDLCbvFebGUE8C0TpfPWuZqldskBDv9kh5uviu2D4BW
FcBcUgO6UaONadQ53b2EelHrproaCx4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:32 2024 by rpki-client on console-fra.rpki-client.org