Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/L7qHVpbuoTEOsyNVA5YqP6w8hpE.roa
File: L7qHVpbuoTEOsyNVA5YqP6w8hpE.roa (raw, json)
Hash identifier: mze79KyHdbYvE4XB6E+T6Bm44BgFMeDQwV8gvVHUyac=
Subject key identifier: 2F:BA:87:56:96:EE:A1:31:0E:B3:23:55:03:96:2A:3F:AC:3C:86:91
Certificate issuer: /CN=1f68138d4ec2ea51cacef09ff1058a370a5be190
Certificate serial: 018CC64A74EB0F8A008F1F9FCC5F52EB68C1
Authority key identifier: 1F:68:13:8D:4E:C2:EA:51:CA:CE:F0:9F:F1:05:8A:37:0A:5B:E1:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/L7qHVpbuoTEOsyNVA5YqP6w8hpE.roa
Signing time: Mon 01 Jan 2024 18:30:17 +0000
ROA not before: Mon 01 Jan 2024 18:30:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3301
IP address blocks: 217.208.0.0/13 maxlen: 13
2.252.0.0/15 maxlen: 15
194.18.0.0/16 maxlen: 16
195.252.32.0/19 maxlen: 19
2.255.128.0/18 maxlen: 18
194.16.0.0/15 maxlen: 15
195.198.0.0/16 maxlen: 16
62.20.0.0/16 maxlen: 16
195.67.0.0/16 maxlen: 16
2.254.0.0/16 maxlen: 16
2.255.191.0/24 maxlen: 24
192.16.152.0/23 maxlen: 23
2.255.190.0/24 maxlen: 24
192.16.153.0/24 maxlen: 24
193.44.0.0/15 maxlen: 15
194.236.0.0/15 maxlen: 15
192.150.58.0/23 maxlen: 23
192.150.64.0/22 maxlen: 22
192.150.60.0/22 maxlen: 22
192.150.68.0/23 maxlen: 23
192.150.78.0/23 maxlen: 23
213.64.0.0/14 maxlen: 14
212.28.192.0/19 maxlen: 19
194.22.0.0/15 maxlen: 15
81.228.4.0/24 maxlen: 24
81.228.4.0/23 maxlen: 23
81.228.5.0/24 maxlen: 24
2.255.0.0/17 maxlen: 17
194.218.0.0/16 maxlen: 16
212.181.0.0/16 maxlen: 16
78.64.0.0/12 maxlen: 12
95.192.0.0/12 maxlen: 12
90.224.0.0/12 maxlen: 12
81.224.0.0/12 maxlen: 12
192.150.80.0/23 maxlen: 23
2.248.0.0/14 maxlen: 14
Validation: Failed, certificate revoked on Thu 02 May 2024 12:21:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:74:eb:0f:8a:00:8f:1f:9f:cc:5f:52:eb:68:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f68138d4ec2ea51cacef09ff1058a370a5be190
Validity
Not Before: Jan 1 18:30:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2fba875696eea1310eb3235503962a3fac3c8691
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:d7:a8:86:96:04:be:5d:83:00:5b:80:81:95:
48:e1:21:1c:bb:93:8d:77:5d:9b:9d:54:1e:f5:cf:
ba:6f:08:84:34:51:f6:58:62:34:f7:3d:71:1a:f4:
a7:8e:ff:60:11:38:46:06:94:de:e0:7e:a9:75:c1:
87:9e:5a:eb:e3:08:a0:68:58:ac:a0:1d:13:54:00:
e4:35:ed:db:5a:e5:b5:08:33:92:d7:51:fe:6a:3a:
a1:41:2d:8b:bc:f1:42:77:9a:0b:97:ff:69:cf:b2:
3e:11:52:b5:95:1b:7e:8f:bb:da:cb:3b:6d:13:ee:
ea:95:01:9a:dc:08:ed:a6:94:28:1c:8b:d2:4f:d5:
f2:fe:76:c5:d7:b4:12:6e:af:00:92:7f:c6:fd:e6:
d5:88:41:d3:3c:67:90:b5:77:af:0a:90:62:2e:6d:
40:28:20:1e:42:de:db:b0:92:5a:b7:6d:3c:f4:7f:
2e:fa:4a:a1:a4:31:d1:99:cd:e5:ba:76:db:91:92:
87:04:46:81:b0:b1:e7:01:75:aa:af:1d:e1:13:44:
f4:bf:96:5a:4d:f7:74:44:29:e3:0e:eb:2e:01:98:
b8:db:b5:99:f9:af:bc:ad:50:35:0f:30:af:5e:c5:
32:c2:bf:b5:07:2c:b5:40:25:0e:f6:42:8a:6f:e1:
3c:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:BA:87:56:96:EE:A1:31:0E:B3:23:55:03:96:2A:3F:AC:3C:86:91
X509v3 Authority Key Identifier:
keyid:1F:68:13:8D:4E:C2:EA:51:CA:CE:F0:9F:F1:05:8A:37:0A:5B:E1:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/L7qHVpbuoTEOsyNVA5YqP6w8hpE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.248.0.0-2.255.191.255
62.20.0.0/16
78.64.0.0/12
81.224.0.0/12
90.224.0.0/12
95.192.0.0/12
192.16.152.0/23
192.150.58.0-192.150.69.255
192.150.78.0-192.150.81.255
193.44.0.0/15
194.16.0.0-194.18.255.255
194.22.0.0/15
194.218.0.0/16
194.236.0.0/15
195.67.0.0/16
195.198.0.0/16
195.252.32.0/19
212.28.192.0/19
212.181.0.0/16
213.64.0.0/14
217.208.0.0/13
Signature Algorithm: sha256WithRSAEncryption
ab:74:0a:35:b2:29:c5:9b:2e:b3:0f:d9:5f:ca:09:4d:95:08:
ce:e9:94:26:23:c4:8e:22:96:6f:e8:9c:b8:89:c4:d6:f5:d7:
34:a1:8b:09:46:7b:83:0e:d4:a4:fb:bf:4c:2b:d7:6f:dd:8c:
23:fe:b8:3b:90:f9:c7:5c:a3:28:da:ff:8a:86:74:c8:b2:da:
fc:2e:b0:7b:b8:c9:3b:93:40:60:d1:4e:8a:b1:31:bd:02:2a:
4b:98:a8:e5:5b:8c:c3:02:66:dd:85:08:5a:d1:5a:c7:c9:f0:
d6:0c:ba:79:45:54:84:d3:5a:27:e9:69:1a:20:40:ae:8d:6b:
27:60:e8:85:d1:6b:f4:3c:cb:e4:77:aa:7e:42:74:ad:ed:1e:
fa:5a:64:0a:55:03:a8:f6:02:9f:cb:01:6e:6a:5f:4b:94:01:
74:cb:8a:46:f7:4a:8c:5e:1f:c1:fd:05:dd:b9:d1:7d:cf:52:
52:75:b8:76:e9:e0:55:34:9e:f1:3f:21:44:ae:e6:fb:ad:12:
90:02:71:98:4a:01:93:ea:15:c5:bd:73:6a:f6:1b:ff:06:42:
3a:ff:74:59:58:89:4a:23:15:c7:dc:a2:0a:d2:26:70:93:91:
3d:cc:d1:ac:4f:49:38:8e:2e:00:1f:a4:19:f7:ff:e4:19:b2:
42:1a:01:64
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgISAYzGSnTrD4oAjx+fzF9S62jBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNjgxMzhkNGVjMmVhNTFjYWNlZjA5ZmYxMDU4YTM3MGE1
YmUxOTAwHhcNMjQwMTAxMTgzMDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmJhODc1Njk2ZWVhMTMxMGViMzIzNTUwMzk2MmEzZmFjM2M4NjkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnNeohpYEvl2DAFuAgZVI4SEcu5ON
d12bnVQe9c+6bwiENFH2WGI09z1xGvSnjv9gEThGBpTe4H6pdcGHnlrr4wigaFis
oB0TVADkNe3bWuW1CDOS11H+ajqhQS2LvPFCd5oLl/9pz7I+EVK1lRt+j7vayztt
E+7qlQGa3AjtppQoHIvST9Xy/nbF17QSbq8Akn/G/ebViEHTPGeQtXevCpBiLm1A
KCAeQt7bsJJat2089H8u+kqhpDHRmc3lunbbkZKHBEaBsLHnAXWqrx3hE0T0v5Za
Tfd0RCnjDusuAZi427WZ+a+8rVA1DzCvXsUywr+1Byy1QCUO9kKKb+E8JwIDAQAB
o4IClTCCApEwHQYDVR0OBBYEFC+6h1aW7qExDrMjVQOWKj+sPIaRMB8GA1UdIwQY
MBaAFB9oE41OwupRys7wn/EFijcKW+GQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDJnVGpVN0M2bEhLenZDZjhRV0tOd3BiNFpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy9iOWFkZjQtZjkxMC00MzU1LWJmYzgt
NjA4NTY0ODM5ZmQwLzEvTDdxSFZwYnVvVEVPc3lOVkE1WXFQNnc4aHBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy9iOWFkZjQtZjkxMC00MzU1LWJmYzgtNjA4NTY0ODM5ZmQw
LzEvSDJnVGpVN0M2bEhLenZDZjhRV0tOd3BiNFpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGqBggrBgEFBQcBBwEB/wSBmjCBlzCBlAQCAAEwgY0wCwMD
AwL4AwQGAv+AAwMAPhQDAwROQAMDBFHgAwMEWuADAwRfwAMEAcAQmDAMAwQBwJY6
AwQBwJZEMAwDBAHAlk4DBAHAllADAwHBLDAKAwMEwhADAwDCEgMDAcIWAwMAwtoD
AwHC7AMDAMNDAwMAw8YDBAXD/CADBAXUHMADAwDUtQMDAtVAAwMD2dAwDQYJKoZI
hvcNAQELBQADggEBAKt0CjWyKcWbLrMP2V/KCU2VCM7plCYjxI4ilm/onLiJxNb1
1zShiwlGe4MO1KT7v0wr12/djCP+uDuQ+cdcoyja/4qGdMiy2vwusHu4yTuTQGDR
ToqxMb0CKkuYqOVbjMMCZt2FCFrRWsfJ8NYMunlFVITTWifpaRogQK6Naydg6IXR
a/Q8y+R3qn5CdK3tHvpaZApVA6j2Ap/LAW5qX0uUAXTLikb3SoxeH8H9Bd250X3P
UlJ1uHbp4FU0nvE/IUSu5vutEpACcZhKAZPqFcW9c2r2G/8GQjr/dFlYiUojFcfc
ogrSJnCTkT3M0axPSTiOLgAfpBn3/+QZskIaAWQ=
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:59:01 2025 by rpki-client