Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/tvxZAN9KUtKZxxONaN9PPbmkMvE.roa
File: tvxZAN9KUtKZxxONaN9PPbmkMvE.roa (raw, json)
Hash identifier: q39IgIWOUP0VzADQhPJq0FVEeQ/mrHjK+wDDdb+qd4I=
Subject key identifier: B6:FC:59:00:DF:4A:52:D2:99:C7:13:8D:68:DF:4F:3D:B9:A4:32:F1
Certificate issuer: /CN=5cf4501b755002d9143e8fa6736815e9f0f93695
Certificate serial: 018FCA369CEE19C0DA640F0E8D0EA30F3890
Authority key identifier: 5C:F4:50:1B:75:50:02:D9:14:3E:8F:A6:73:68:15:E9:F0:F9:36:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XPRQG3VQAtkUPo-mc2gV6fD5NpU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/tvxZAN9KUtKZxxONaN9PPbmkMvE.roa
Signing time: Thu 30 May 2024 15:55:27 +0000
ROA not before: Thu 30 May 2024 15:55:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13037
IP address blocks: 51.148.0.0/16 maxlen: 16
51.155.0.0/16 maxlen: 16
62.3.64.0/18 maxlen: 18
77.104.128.0/18 maxlen: 18
82.68.0.0/14 maxlen: 14
82.71.240.0/20 maxlen: 20
88.97.0.0/18 maxlen: 18
88.97.64.0/19 maxlen: 19
88.97.96.0/20 maxlen: 20
88.97.160.0/23 maxlen: 23
88.97.162.0/23 maxlen: 23
88.97.164.0/23 maxlen: 23
88.97.166.0/23 maxlen: 23
88.97.168.0/24 maxlen: 24
88.97.169.0/24 maxlen: 24
88.97.170.0/24 maxlen: 24
88.97.171.0/24 maxlen: 24
88.97.172.0/24 maxlen: 24
88.97.173.0/24 maxlen: 24
88.97.174.0/24 maxlen: 24
88.97.175.0/24 maxlen: 24
88.97.176.0/20 maxlen: 20
88.98.0.0/20 maxlen: 20
88.98.16.0/23 maxlen: 23
88.98.18.0/24 maxlen: 24
88.98.21.0/24 maxlen: 24
88.98.22.0/23 maxlen: 23
88.98.24.0/21 maxlen: 21
88.98.32.0/19 maxlen: 19
88.98.64.0/19 maxlen: 19
88.98.128.0/19 maxlen: 19
88.98.160.0/21 maxlen: 21
88.98.170.0/23 maxlen: 23
88.98.172.0/22 maxlen: 22
88.98.176.0/20 maxlen: 20
146.66.64.0/18 maxlen: 18
212.23.0.0/19 maxlen: 19
217.155.0.0/16 maxlen: 16
2a02:8010::/29 maxlen: 29
Validation: Failed, certificate revoked on Sun 02 Jun 2024 18:18:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ca:36:9c:ee:19:c0:da:64:0f:0e:8d:0e:a3:0f:38:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cf4501b755002d9143e8fa6736815e9f0f93695
Validity
Not Before: May 30 15:55:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b6fc5900df4a52d299c7138d68df4f3db9a432f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:a3:ee:3c:a0:bf:49:ea:ff:f0:fc:a0:c6:a0:
38:54:bd:c7:74:39:38:99:69:8b:be:89:b9:7f:48:
ec:fa:a9:75:0d:31:1c:15:c7:61:ef:11:bb:1d:d0:
65:1c:20:9b:ec:74:ae:08:2b:27:93:c8:6b:5b:7f:
54:d9:02:ce:bd:50:ff:29:8a:04:b6:79:91:65:41:
4c:69:8f:c5:f1:94:07:d1:b1:6c:dd:d8:9c:ab:c5:
b4:f6:46:03:c5:0e:01:44:45:16:31:5f:6d:8c:cf:
6e:ee:8f:4f:8c:e9:db:1d:54:1c:cf:53:51:cd:ad:
6c:89:ca:7b:89:61:52:51:f5:72:98:c0:75:3c:f5:
93:c4:26:76:0a:2a:bc:b4:ac:29:2f:db:5c:d5:75:
06:3c:56:bb:f1:25:eb:ae:fc:10:e1:1b:b2:1c:7a:
6b:ef:64:31:1d:b8:57:40:3d:b1:e2:f0:68:19:cd:
4f:f8:e1:ef:b1:23:ff:e9:75:05:8a:78:b0:04:1f:
35:ca:2f:4f:0f:83:5a:4a:7d:8c:d3:5d:84:7e:ed:
a1:2b:9b:48:2d:25:10:22:e2:7d:07:73:3d:47:45:
4d:f3:ff:31:ef:7d:5d:4d:c1:58:5a:85:a1:2a:de:
6b:16:9f:a6:5f:92:b3:97:7d:d3:5d:c3:46:f5:ba:
e6:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:FC:59:00:DF:4A:52:D2:99:C7:13:8D:68:DF:4F:3D:B9:A4:32:F1
X509v3 Authority Key Identifier:
keyid:5C:F4:50:1B:75:50:02:D9:14:3E:8F:A6:73:68:15:E9:F0:F9:36:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XPRQG3VQAtkUPo-mc2gV6fD5NpU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/tvxZAN9KUtKZxxONaN9PPbmkMvE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/XPRQG3VQAtkUPo-mc2gV6fD5NpU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.148.0.0/16
51.155.0.0/16
62.3.64.0/18
77.104.128.0/18
82.68.0.0/14
88.97.0.0-88.97.111.255
88.97.160.0/19
88.98.0.0-88.98.18.255
88.98.21.0-88.98.95.255
88.98.128.0-88.98.167.255
88.98.170.0-88.98.191.255
146.66.64.0/18
212.23.0.0/19
217.155.0.0/16
IPv6:
2a02:8010::/29
Signature Algorithm: sha256WithRSAEncryption
8d:11:38:7c:28:87:b8:83:37:f9:db:11:a0:9d:7a:48:5b:67:
5c:a2:f3:96:9e:ad:ca:9d:fa:e4:7c:d2:5a:b0:27:56:e3:f4:
a7:a6:41:3b:35:64:f0:09:4f:7c:1d:27:fa:43:d8:a9:1f:88:
71:ef:57:69:ef:ca:0f:bc:16:32:66:dd:06:78:d3:c3:d9:01:
9c:5d:12:88:2a:5f:5b:60:9a:8f:b0:96:66:d6:f6:25:52:ca:
cc:2d:a6:bb:28:e8:f5:b0:99:17:63:6c:87:a4:b5:4b:2c:bb:
c6:bd:b4:c8:bb:9d:79:f4:d8:98:31:1b:1b:f7:69:3d:d4:95:
1e:1a:82:c3:ee:74:9b:ec:e4:28:71:ed:e9:3a:47:95:af:4b:
67:01:e1:6e:21:21:49:44:37:9b:02:d3:78:b6:d8:0a:05:d4:
8a:64:23:8f:57:67:e8:76:72:62:00:da:6c:a4:50:ae:f9:45:
34:d9:0f:e7:48:a4:68:89:cd:ae:63:d4:68:6a:28:2b:c4:67:
67:82:80:66:83:89:de:38:fd:e2:0f:a4:b5:cb:35:97:50:74:
4c:4f:58:13:21:84:2a:ca:38:84:d2:2a:08:e0:0a:77:55:cd:
2c:fb:8d:21:8d:69:05:97:55:e1:b3:0c:79:60:5e:32:62:ff:
a6:85:18:18
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgISAY/KNpzuGcDaZA8OjQ6jDziQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZjQ1MDFiNzU1MDAyZDkxNDNlOGZhNjczNjgxNWU5ZjBm
OTM2OTUwHhcNMjQwNTMwMTU1NTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmZjNTkwMGRmNGE1MmQyOTljNzEzOGQ2OGRmNGYzZGI5YTQzMmYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqKPuPKC/Ser/8PygxqA4VL3HdDk4
mWmLvom5f0js+ql1DTEcFcdh7xG7HdBlHCCb7HSuCCsnk8hrW39U2QLOvVD/KYoE
tnmRZUFMaY/F8ZQH0bFs3dicq8W09kYDxQ4BREUWMV9tjM9u7o9PjOnbHVQcz1NR
za1sicp7iWFSUfVymMB1PPWTxCZ2Ciq8tKwpL9tc1XUGPFa78SXrrvwQ4RuyHHpr
72QxHbhXQD2x4vBoGc1P+OHvsSP/6XUFiniwBB81yi9PD4NaSn2M012Efu2hK5tI
LSUQIuJ9B3M9R0VN8/8x731dTcFYWoWhKt5rFp+mX5Kzl33TXcNG9brmtwIDAQAB
o4ICizCCAocwHQYDVR0OBBYEFLb8WQDfSlLSmccTjWjfTz25pDLxMB8GA1UdIwQY
MBaAFFz0UBt1UALZFD6PpnNoFenw+TaVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFBSUUczVlFBdGtVUG8tbWMyZ1Y2ZkQ1TnBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9jMWNhMDctOTY1OC00NDQ2LThjYjUt
NjBjZjlhYjFiMTNlLzEvdHZ4WkFOOUtVdEtaeHhPTmFOOVBQYm1rTXZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9jMWNhMDctOTY1OC00NDQ2LThjYjUtNjBjZjlhYjFiMTNl
LzEvWFBSUUczVlFBdGtVUG8tbWMyZ1Y2ZkQ1TnBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGgBggrBgEFBQcBBwEB/wSBkDCBjTB8BAIAATB2AwMAM5QD
AwAzmwMEBj4DQAMEBk1ogAMDAlJEMAsDAwBYYQMEBFhhYAMEBVhhoDALAwMBWGID
BABYYhIwDAMEAFhiFQMEBVhiQDAMAwQHWGKAAwQDWGKgMAwDBAFYYqoDBAZYYoAD
BAaSQkADBAXUFwADAwDZmzANBAIAAjAHAwUDKgKAEDANBgkqhkiG9w0BAQsFAAOC
AQEAjRE4fCiHuIM3+dsRoJ16SFtnXKLzlp6typ365HzSWrAnVuP0p6ZBOzVk8AlP
fB0n+kPYqR+Ice9Xae/KD7wWMmbdBnjTw9kBnF0SiCpfW2Caj7CWZtb2JVLKzC2m
uyjo9bCZF2Nsh6S1Syy7xr20yLudefTYmDEbG/dpPdSVHhqCw+50m+zkKHHt6TpH
la9LZwHhbiEhSUQ3mwLTeLbYCgXUimQjj1dn6HZyYgDabKRQrvlFNNkP50ikaInN
rmPUaGooK8RnZ4KAZoOJ3jj94g+ktcs1l1B0TE9YEyGEKso4hNIqCOAKd1XNLPuN
IY1pBZdV4bMMeWBeMmL/poUYGA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:15 2024 by rpki-client on console-fra.rpki-client.org