Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/xJ2DNldjg5lJMmann5lUtNNmokc.roa
File: xJ2DNldjg5lJMmann5lUtNNmokc.roa (raw, json)
Hash identifier: G7067IqO4Bnetheb3KdPZDhMsFWFbEA6LqDDMtTa5Cg=
Subject key identifier: C4:9D:83:36:57:63:83:99:49:32:66:A7:9F:99:54:B4:D3:66:A2:47
Certificate issuer: /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Certificate serial: 018BD83D5C6075A0F455CFEB21B61FB8DFAB
Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/xJ2DNldjg5lJMmann5lUtNNmokc.roa
Signing time: Thu 16 Nov 2023 13:06:21 +0000
ROA not before: Thu 16 Nov 2023 13:06:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 32787
IP address blocks: 95.100.157.0/24 maxlen: 24
95.100.215.0/24 maxlen: 24
95.100.214.0/24 maxlen: 24
2.23.128.0/23 maxlen: 23
95.100.253.0/24 maxlen: 24
93.191.172.0/24 maxlen: 24
93.191.168.0/24 maxlen: 24
93.191.169.0/24 maxlen: 24
95.100.180.0/24 maxlen: 24
93.191.170.0/24 maxlen: 24
95.100.213.0/24 maxlen: 24
95.100.212.0/24 maxlen: 24
2.18.212.0/22 maxlen: 22
2.19.4.0/22 maxlen: 22
2.21.112.0/24 maxlen: 24
2.21.118.0/24 maxlen: 24
2.21.114.0/24 maxlen: 24
2.21.115.0/24 maxlen: 24
2.21.116.0/24 maxlen: 24
2.21.117.0/24 maxlen: 24
2.21.113.0/24 maxlen: 24
2.17.192.0/24 maxlen: 24
2.17.192.0/22 maxlen: 22
2.17.193.0/24 maxlen: 24
2.17.195.0/24 maxlen: 24
2.17.194.0/24 maxlen: 24
2.21.175.0/24 maxlen: 24
92.122.207.0/24 maxlen: 24
2.21.122.0/24 maxlen: 24
2.21.123.0/24 maxlen: 24
2.21.119.0/24 maxlen: 24
2.21.124.0/24 maxlen: 24
2.21.120.0/24 maxlen: 24
2.21.125.0/24 maxlen: 24
2.21.121.0/24 maxlen: 24
2.21.126.0/24 maxlen: 24
2.21.127.0/24 maxlen: 24
92.122.185.0/24 maxlen: 24
92.122.184.0/24 maxlen: 24
95.101.118.0/24 maxlen: 24
95.101.117.0/24 maxlen: 24
95.101.204.0/22 maxlen: 22
2.17.108.0/22 maxlen: 22
2a02:2370:209::/48 maxlen: 48
2a02:2370:20c::/48 maxlen: 48
2a02:2370:2::/48 maxlen: 48
2a02:2370:102::/48 maxlen: 48
2a02:2370:202::/48 maxlen: 48
2a02:2370:6::/48 maxlen: 48
2a02:2370:106::/48 maxlen: 48
2a02:2370:206::/48 maxlen: 48
2a02:2370:208::/48 maxlen: 48
2a02:2370:5::/48 maxlen: 48
2a02:2370:105::/48 maxlen: 48
2a02:2370:205::/48 maxlen: 48
2a02:2370:207::/48 maxlen: 48
2a02:2370:20b::/48 maxlen: 48
2a02:2370:1::/48 maxlen: 48
2a02:2370:101::/48 maxlen: 48
2a02:2370:201::/48 maxlen: 48
2a02:2370:204::/48 maxlen: 48
2a02:2370:4::/48 maxlen: 48
2a02:2370:104::/48 maxlen: 48
2a02:2370:103::/48 maxlen: 48
2a02:2370:203::/48 maxlen: 48
2a02:2370:3::/48 maxlen: 48
2a02:2370:200::/48 maxlen: 48
2a02:2370:20a::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:30:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d8:3d:5c:60:75:a0:f4:55:cf:eb:21:b6:1f:b8:df:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Validity
Not Before: Nov 16 13:06:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c49d833657638399493266a79f9954b4d366a247
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:2a:60:e9:5a:0e:37:c2:7c:30:ec:d3:6b:ec:
f8:7d:d3:2c:f2:0b:3f:ac:11:75:09:b5:45:b3:83:
5e:31:d6:34:6d:b0:22:1c:0f:1c:e5:32:0b:b3:ed:
f4:19:99:fb:70:b5:c3:d4:81:2f:37:f7:bc:57:7a:
56:68:78:36:2d:81:28:cd:c5:ea:1a:e8:2c:ba:6d:
e2:58:3c:59:7d:6f:8d:7a:34:78:12:b4:2c:20:09:
b5:e5:f3:52:e5:01:5c:f2:ac:2b:76:21:75:a1:3b:
6c:cc:2b:4c:d0:da:53:a5:33:2c:65:30:32:a1:31:
fb:b3:d6:20:f1:1e:e5:6d:ee:cd:ac:45:40:4a:b8:
cf:31:1f:0f:98:0e:2c:77:63:b1:9d:e6:77:22:e4:
ce:a3:8b:a5:a6:d8:be:6c:2d:d1:89:ee:39:56:fe:
e9:0b:63:16:4f:af:ac:14:07:1f:11:ca:29:a5:a2:
11:f6:ce:58:2d:99:4b:95:c1:20:d5:c9:1a:a6:46:
9c:d6:90:46:66:18:88:63:ad:17:e2:f0:d4:97:d4:
55:41:ce:92:7a:d3:15:13:eb:1b:4b:a2:42:69:41:
c4:c8:82:bb:0f:e7:29:ec:50:bb:95:65:72:df:25:
51:a5:e6:2f:0f:70:5a:71:f1:be:31:c8:03:8d:85:
fd:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:9D:83:36:57:63:83:99:49:32:66:A7:9F:99:54:B4:D3:66:A2:47
X509v3 Authority Key Identifier:
keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/xJ2DNldjg5lJMmann5lUtNNmokc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.17.108.0/22
2.17.192.0/22
2.18.212.0/22
2.19.4.0/22
2.21.112.0/20
2.21.175.0/24
2.23.128.0/23
92.122.184.0/23
92.122.207.0/24
93.191.168.0-93.191.170.255
93.191.172.0/24
95.100.157.0/24
95.100.180.0/24
95.100.212.0/22
95.100.253.0/24
95.101.117.0-95.101.118.255
95.101.204.0/22
IPv6:
2a02:2370:1::-2a02:2370:6:ffff:ffff:ffff:ffff:ffff
2a02:2370:101::-2a02:2370:106:ffff:ffff:ffff:ffff:ffff
2a02:2370:200::-2a02:2370:20c:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
01:66:e4:72:a9:02:fa:53:c6:ea:a1:41:21:72:36:88:97:e4:
5c:58:a8:cb:f3:fa:72:54:56:2f:f4:0e:7d:69:7b:b0:69:0c:
5f:de:ee:ab:2f:2a:d0:bc:98:1d:ea:47:4e:28:dc:47:41:78:
aa:27:49:4a:67:b6:a4:16:70:62:39:74:f3:c0:8d:3d:95:6d:
d6:8f:05:05:1f:43:d8:3f:c7:04:cd:0a:61:b4:59:35:71:4b:
14:ac:16:bd:65:34:13:3a:66:b7:aa:d0:86:89:ff:c4:3a:00:
59:d1:8b:d0:6f:28:2d:ba:40:b2:75:4a:97:5a:8c:74:6a:3a:
60:d6:d8:27:cb:fe:06:2f:1f:c2:94:2b:68:76:4e:75:c9:46:
f5:e6:40:1e:f2:87:63:75:72:a0:8a:df:c7:a0:29:2d:c4:21:
37:ae:9d:c9:4d:52:fd:ba:82:e5:66:fa:05:c6:9f:17:25:2d:
6b:15:00:1c:d0:c3:11:f5:39:97:15:17:0a:c2:f4:ba:0b:3b:
06:d1:d6:d9:15:27:3c:10:60:a6:17:c2:1d:54:e1:fd:e7:53:
19:3e:62:0f:2e:f6:d4:cd:90:81:7b:5e:82:d7:19:4d:57:0c:
56:03:7f:b9:c5:13:c9:d7:08:6a:88:61:34:da:17:7a:cd:ce:
54:6a:e0:81
-----BEGIN CERTIFICATE-----
MIIFszCCBJugAwIBAgISAYvYPVxgdaD0Vc/rIbYfuN+rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNWZjYmJlYTQ4OTM3YTQ0MmJhYmRiMzMwMjEzMmM0YmM5
YmQ2YWEwHhcNMjMxMTE2MTMwNjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDlkODMzNjU3NjM4Mzk5NDkzMjY2YTc5Zjk5NTRiNGQzNjZhMjQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoipg6VoON8J8MOzTa+z4fdMs8gs/
rBF1CbVFs4NeMdY0bbAiHA8c5TILs+30GZn7cLXD1IEvN/e8V3pWaHg2LYEozcXq
Gugsum3iWDxZfW+NejR4ErQsIAm15fNS5QFc8qwrdiF1oTtszCtM0NpTpTMsZTAy
oTH7s9Yg8R7lbe7NrEVASrjPMR8PmA4sd2OxneZ3IuTOo4ulpti+bC3Rie45Vv7p
C2MWT6+sFAcfEcoppaIR9s5YLZlLlcEg1ckapkac1pBGZhiIY60X4vDUl9RVQc6S
etMVE+sbS6JCaUHEyIK7D+cp7FC7lWVy3yVRpeYvD3BacfG+McgDjYX92QIDAQAB
o4ICvzCCArswHQYDVR0OBBYEFMSdgzZXY4OZSTJmp5+ZVLTTZqJHMB8GA1UdIwQY
MBaAFGtfy76kiTekQrq9szAhMsS8m9aqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQt
ODhkMWNhYzllNGYxLzEveEoyRE5sZGpnNWxKTW1hbm41bFV0Tk5tb2tjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQtODhkMWNhYzllNGYx
LzEvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHUBggrBgEFBQcBBwEB/wSBxDCBwTB8BAIAATB2AwQCAhFs
AwQCAhHAAwQCAhLUAwQCAhMEAwQEAhVwAwQAAhWvAwQBAheAAwQBXHq4AwQAXHrP
MAwDBANdv6gDBABdv6oDBABdv6wDBABfZJ0DBABfZLQDBAJfZNQDBABfZP0wDAME
AF9ldQMEAF9ldgMEAl9lzDBBBAIAAjA7MBIDBwAqAiNwAAEDBwAqAiNwAAYwEgMH
ACoCI3ABAQMHACoCI3ABBjARAwYBKgIjcAIDBwAqAiNwAgwwDQYJKoZIhvcNAQEL
BQADggEBAAFm5HKpAvpTxuqhQSFyNoiX5FxYqMvz+nJUVi/0Dn1pe7BpDF/e7qsv
KtC8mB3qR04o3EdBeKonSUpntqQWcGI5dPPAjT2VbdaPBQUfQ9g/xwTNCmG0WTVx
SxSsFr1lNBM6Zreq0IaJ/8Q6AFnRi9BvKC26QLJ1SpdajHRqOmDW2CfL/gYvH8KU
K2h2TnXJRvXmQB7yh2N1cqCK38egKS3EITeunclNUv26guVm+gXGnxclLWsVABzQ
wxH1OZcVFwrC9LoLOwbR1tkVJzwQYKYXwh1U4f3nUxk+Yg8u9tTNkIF7XoLXGU1X
DFYDf7nFE8nXCGqIYTTaF3rNzlRq4IE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:33 2024 by rpki-client on console-fra.rpki-client.org