Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/042c33-ab6b-48be-a492-66849019627e/1/rBi5Hjs7yD3eVngmAlsCmD3AqiY.roa
File: rBi5Hjs7yD3eVngmAlsCmD3AqiY.roa (raw, json)
Hash identifier: Cx6je6wiuNxK2QNNF4a7xkgjxjvC2GNsR0n7BkAGrXs=
Subject key identifier: AC:18:B9:1E:3B:3B:C8:3D:DE:56:78:26:02:5B:02:98:3D:C0:AA:26
Certificate issuer: /CN=c868ca82147ed2277b4bcc69a5285bae735f2e44
Certificate serial: 018E3C0BB90629AAC6A8D77288FA8CCF9F96
Authority key identifier: C8:68:CA:82:14:7E:D2:27:7B:4B:CC:69:A5:28:5B:AE:73:5F:2E:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yGjKghR-0id7S8xppShbrnNfLkQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/042c33-ab6b-48be-a492-66849019627e/1/rBi5Hjs7yD3eVngmAlsCmD3AqiY.roa
Signing time: Thu 14 Mar 2024 08:19:44 +0000
ROA not before: Thu 14 Mar 2024 08:19:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60032
IP address blocks: 2.59.68.0/22 maxlen: 22
2.59.72.0/22 maxlen: 22
5.252.60.0/22 maxlen: 22
5.252.88.0/22 maxlen: 22
45.11.148.0/22 maxlen: 22
45.65.104.0/21 maxlen: 21
45.85.176.0/22 maxlen: 22
45.90.224.0/22 maxlen: 22
45.129.48.0/22 maxlen: 22
45.152.184.0/22 maxlen: 22
80.240.176.0/21 maxlen: 21
80.240.184.0/21 maxlen: 21
80.240.184.0/22 maxlen: 22
80.240.188.0/22 maxlen: 22
91.92.18.0/23 maxlen: 23
95.214.44.0/22 maxlen: 22
109.70.16.0/21 maxlen: 22
128.127.16.0/21 maxlen: 22
185.13.180.0/22 maxlen: 22
185.61.144.0/22 maxlen: 22
185.107.84.0/22 maxlen: 24
185.128.140.0/22 maxlen: 23
185.163.60.0/22 maxlen: 22
185.203.180.0/22 maxlen: 22
185.229.176.0/22 maxlen: 22
185.253.36.0/22 maxlen: 22
188.92.64.0/21 maxlen: 22
193.8.116.0/22 maxlen: 22
193.56.168.0/22 maxlen: 22
194.36.137.0/24 maxlen: 24
194.36.167.0/24 maxlen: 24
194.36.169.0/24 maxlen: 24
194.36.221.0/24 maxlen: 24
194.182.112.0/20 maxlen: 22
212.104.240.0/20 maxlen: 20
2a02:79e0::/32 maxlen: 32
2a02:cfc0::/29 maxlen: 32
2a06:4280::/29 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 May 2024 22:45:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:3c:0b:b9:06:29:aa:c6:a8:d7:72:88:fa:8c:cf:9f:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c868ca82147ed2277b4bcc69a5285bae735f2e44
Validity
Not Before: Mar 14 08:19:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ac18b91e3b3bc83dde567826025b02983dc0aa26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:ff:6b:01:cd:25:cd:e6:60:e2:66:2e:4d:70:
6d:b3:bb:f5:3d:c8:c5:26:c4:9a:08:ae:d9:b3:fb:
36:b5:60:42:65:d8:40:b4:21:67:dc:01:31:7b:fc:
7f:d2:be:f2:2c:4d:da:08:61:3e:a5:a6:a8:b2:0a:
f0:38:f5:32:ae:6c:1f:d4:92:2d:54:f6:94:58:51:
5b:f9:09:1c:40:d3:33:c5:c1:47:77:17:56:f6:56:
b2:77:f3:01:00:7a:e6:6c:53:42:38:5c:cb:f0:05:
f0:db:85:b3:b3:0b:5e:81:41:a5:88:f8:ba:21:c1:
e5:31:a1:2a:e7:e1:ef:ab:06:61:13:95:12:ab:6a:
2e:5b:26:b9:62:3d:2b:ca:ce:78:25:3f:50:1f:a9:
9c:31:ac:c7:77:a4:c6:e8:b0:a2:2d:82:88:d4:18:
7d:56:76:30:47:fc:b5:69:f1:d9:c3:e7:74:05:68:
89:69:26:87:b3:53:f8:09:82:eb:dd:01:0e:4b:9e:
a5:64:00:f0:7f:1f:57:66:8b:50:3e:60:a2:3f:70:
23:09:d2:96:16:7c:92:ca:a8:37:e5:e7:f7:df:7d:
a8:73:91:c8:95:ef:71:02:7a:a9:e6:64:3a:94:1a:
46:81:a1:88:e1:46:f4:f2:ad:26:98:37:49:39:5a:
46:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:18:B9:1E:3B:3B:C8:3D:DE:56:78:26:02:5B:02:98:3D:C0:AA:26
X509v3 Authority Key Identifier:
keyid:C8:68:CA:82:14:7E:D2:27:7B:4B:CC:69:A5:28:5B:AE:73:5F:2E:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yGjKghR-0id7S8xppShbrnNfLkQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/042c33-ab6b-48be-a492-66849019627e/1/rBi5Hjs7yD3eVngmAlsCmD3AqiY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/042c33-ab6b-48be-a492-66849019627e/1/yGjKghR-0id7S8xppShbrnNfLkQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.68.0-2.59.75.255
5.252.60.0/22
5.252.88.0/22
45.11.148.0/22
45.65.104.0/21
45.85.176.0/22
45.90.224.0/22
45.129.48.0/22
45.152.184.0/22
80.240.176.0/20
91.92.18.0/23
95.214.44.0/22
109.70.16.0/21
128.127.16.0/21
185.13.180.0/22
185.61.144.0/22
185.107.84.0/22
185.128.140.0/22
185.163.60.0/22
185.203.180.0/22
185.229.176.0/22
185.253.36.0/22
188.92.64.0/21
193.8.116.0/22
193.56.168.0/22
194.36.137.0/24
194.36.167.0/24
194.36.169.0/24
194.36.221.0/24
194.182.112.0/20
212.104.240.0/20
IPv6:
2a02:79e0::/32
2a02:cfc0::/29
2a06:4280::/29
Signature Algorithm: sha256WithRSAEncryption
86:b9:e3:2b:fd:21:71:b7:5d:e7:46:8b:37:8f:8f:2c:3e:16:
e8:f0:92:7d:11:99:e1:5f:58:b7:85:3b:00:5c:ad:44:6e:bb:
88:67:7c:60:a7:eb:9f:03:95:6e:94:50:2d:b5:58:f2:48:d8:
84:6e:f2:57:b1:0b:44:67:a6:5a:24:77:0c:cd:eb:f6:8f:4e:
ce:36:eb:1f:f3:6d:4d:3d:6f:1b:00:b9:81:21:4e:d2:52:0f:
61:a6:43:b0:07:0e:84:0d:d8:20:a2:37:cb:4f:37:1f:01:29:
95:ce:17:9d:8a:38:eb:6f:c1:45:6a:1e:9b:00:d1:d1:7c:48:
c9:34:e7:66:19:f3:f6:c5:af:72:1e:5b:0c:d6:fc:02:db:ef:
04:c5:90:f2:4a:77:ac:47:2a:4e:3c:c7:9d:21:fe:41:a2:43:
fb:c1:f5:90:7a:74:1c:7b:f6:a8:33:20:24:79:36:c4:28:82:
a1:d9:c5:a0:61:0f:e5:e8:00:ec:91:47:87:2c:99:d2:5a:bb:
0b:c9:45:d8:e3:1d:2f:96:ea:06:99:80:79:55:ba:9b:54:7d:
d6:73:81:23:be:a6:ec:58:f0:1a:1e:f8:1b:15:80:09:97:2b:
01:cd:04:3c:eb:6c:71:86:58:54:83:e4:0b:63:19:28:5c:db:
b6:04:82:4f
-----BEGIN CERTIFICATE-----
MIIF2zCCBMOgAwIBAgISAY48C7kGKarGqNdyiPqMz5+WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4NjhjYTgyMTQ3ZWQyMjc3YjRiY2M2OWE1Mjg1YmFlNzM1
ZjJlNDQwHhcNMjQwMzE0MDgxOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzE4YjkxZTNiM2JjODNkZGU1Njc4MjYwMjViMDI5ODNkYzBhYTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/9rAc0lzeZg4mYuTXBts7v1PcjF
JsSaCK7Zs/s2tWBCZdhAtCFn3AExe/x/0r7yLE3aCGE+paaosgrwOPUyrmwf1JIt
VPaUWFFb+QkcQNMzxcFHdxdW9layd/MBAHrmbFNCOFzL8AXw24WzswtegUGliPi6
IcHlMaEq5+HvqwZhE5USq2ouWya5Yj0rys54JT9QH6mcMazHd6TG6LCiLYKI1Bh9
VnYwR/y1afHZw+d0BWiJaSaHs1P4CYLr3QEOS56lZADwfx9XZotQPmCiP3AjCdKW
FnySyqg35ef3332oc5HIle9xAnqp5mQ6lBpGgaGI4Ub08q0mmDdJOVpGEQIDAQAB
o4IC5zCCAuMwHQYDVR0OBBYEFKwYuR47O8g93lZ4JgJbApg9wKomMB8GA1UdIwQY
MBaAFMhoyoIUftIne0vMaaUoW65zXy5EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUdqS2doUi0waWQ3Uzh4cHBTaGJybk5mTGtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8wNDJjMzMtYWI2Yi00OGJlLWE0OTIt
NjY4NDkwMTk2MjdlLzEvckJpNUhqczd5RDNlVm5nbUFsc0NtRDNBcWlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS8wNDJjMzMtYWI2Yi00OGJlLWE0OTItNjY4NDkwMTk2Mjdl
LzEveUdqS2doUi0waWQ3Uzh4cHBTaGJybk5mTGtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH8BggrBgEFBQcBBwEB/wSB7DCB6TCByQQCAAEwgcIwDAME
AgI7RAMEAgI7SAMEAgX8PAMEAgX8WAMEAi0LlAMEAy1BaAMEAi1VsAMEAi1a4AME
Ai2BMAMEAi2YuAMEBFDwsAMEAVtcEgMEAl/WLAMEA21GEAMEA4B/EAMEArkNtAME
Ark9kAMEArlrVAMEArmAjAMEArmjPAMEArnLtAMEArnlsAMEArn9JAMEA7xcQAME
AsEIdAMEAsE4qAMEAMIkiQMEAMIkpwMEAMIkqQMEAMIk3QMEBMK2cAMEBNRo8DAb
BAIAAjAVAwUAKgJ54AMFAyoCz8ADBQMqBkKAMA0GCSqGSIb3DQEBCwUAA4IBAQCG
ueMr/SFxt13nRos3j48sPhbo8JJ9EZnhX1i3hTsAXK1EbruIZ3xgp+ufA5VulFAt
tVjySNiEbvJXsQtEZ6ZaJHcMzev2j07ONusf821NPW8bALmBIU7SUg9hpkOwBw6E
DdggojfLTzcfASmVzhedijjrb8FFah6bANHRfEjJNOdmGfP2xa9yHlsM1vwC2+8E
xZDySnesRypOPMedIf5BokP7wfWQenQce/aoMyAkeTbEKIKh2cWgYQ/l6ADskUeH
LJnSWrsLyUXY4x0vluoGmYB5VbqbVH3Wc4EjvqbsWPAaHvgbFYAJlysBzQQ862xx
hlhUg+QLYxkoXNu2BIJP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:56 2024 by rpki-client on console-fra.rpki-client.org