Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/8fbc7e-1f47-487c-8292-e5a77f7a7aa2/1/w1s1RlT5_j1---HfC4aERgnax8A.roa
File: w1s1RlT5_j1---HfC4aERgnax8A.roa (raw, json)
Hash identifier: OKUvOGKAElb4UgGFnJGFXogT1ioxUq3+LkQABEh0M/g=
Subject key identifier: C3:5B:35:46:54:F9:FE:3D:7E:FB:E1:DF:0B:86:84:46:09:DA:C7:C0
Certificate issuer: /CN=b09fff8e8ffd8f8e7d9a7b66d1cc73dc39281ef6
Certificate serial: 0190161021D2602486E8C19AF6EDA8A37124
Authority key identifier: B0:9F:FF:8E:8F:FD:8F:8E:7D:9A:7B:66:D1:CC:73:DC:39:28:1E:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sJ__jo_9j459mntm0cxz3DkoHvY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/8fbc7e-1f47-487c-8292-e5a77f7a7aa2/1/w1s1RlT5_j1---HfC4aERgnax8A.roa
Signing time: Fri 14 Jun 2024 09:24:34 +0000
ROA not before: Fri 14 Jun 2024 09:24:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200590
IP address blocks: 5.188.64.0/22 maxlen: 24
5.188.152.0/22 maxlen: 24
77.240.44.0/22 maxlen: 24
79.143.20.0/22 maxlen: 24
82.115.60.0/24 maxlen: 24
82.115.61.0/24 maxlen: 24
82.115.62.0/24 maxlen: 24
84.252.156.0/22 maxlen: 24
87.255.194.0/23 maxlen: 24
87.255.196.0/22 maxlen: 24
87.255.200.0/23 maxlen: 24
89.223.0.0/24 maxlen: 24
89.223.2.0/24 maxlen: 24
91.147.100.0/22 maxlen: 24
93.190.240.0/22 maxlen: 24
94.126.201.0/24 maxlen: 24
178.238.78.0/23 maxlen: 24
185.97.112.0/22 maxlen: 24
188.94.152.0/23 maxlen: 24
194.76.124.0/22 maxlen: 24
2a06:580::/29 maxlen: 40
2a06:580:4::/48 maxlen: 48
2a06:580:5::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 03 Jul 2024 04:55:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:16:10:21:d2:60:24:86:e8:c1:9a:f6:ed:a8:a3:71:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b09fff8e8ffd8f8e7d9a7b66d1cc73dc39281ef6
Validity
Not Before: Jun 14 09:24:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c35b354654f9fe3d7efbe1df0b86844609dac7c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:5b:62:b3:98:4b:91:86:8c:14:01:04:b2:e4:
a2:6a:2d:d7:09:28:23:d8:9f:68:89:4b:d2:d6:3f:
a4:8e:17:3c:68:3a:71:55:7b:ce:27:64:0b:ce:f8:
dd:7b:22:40:1e:8d:16:af:71:20:c8:6b:b7:97:9f:
a1:b4:e6:2a:3e:2a:73:cb:7c:95:22:b3:7f:4f:a0:
5c:41:d1:c1:8b:78:ee:de:f1:c6:ae:7c:8a:ed:cb:
43:f5:ce:f5:4c:21:43:33:30:82:1b:e7:c8:14:5c:
10:bc:76:62:53:38:25:bf:b9:75:e8:e7:e0:75:ff:
1b:c3:f4:46:7b:59:fe:f5:2e:49:e7:46:5e:1f:5d:
b9:b8:33:24:22:9d:e7:2e:00:c5:de:2e:7b:77:35:
b9:1d:51:d1:a4:d4:f8:02:85:f5:c3:13:75:cb:e6:
3c:e5:a7:d5:6c:2d:18:3c:42:6a:c2:9b:80:05:c7:
31:76:d2:b6:d8:64:d1:82:48:6f:13:e2:97:ea:9f:
00:d2:c8:04:e0:45:2d:06:b0:4b:15:ee:50:ac:13:
56:4d:f2:f2:66:9b:9b:08:bf:9f:7d:64:2e:4c:30:
27:d0:61:b7:1c:09:5a:a5:ae:9f:5c:93:51:1b:dc:
b4:54:81:bf:e5:e6:2c:41:d0:8a:d1:8c:7f:8b:43:
d8:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:5B:35:46:54:F9:FE:3D:7E:FB:E1:DF:0B:86:84:46:09:DA:C7:C0
X509v3 Authority Key Identifier:
keyid:B0:9F:FF:8E:8F:FD:8F:8E:7D:9A:7B:66:D1:CC:73:DC:39:28:1E:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sJ__jo_9j459mntm0cxz3DkoHvY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/8fbc7e-1f47-487c-8292-e5a77f7a7aa2/1/w1s1RlT5_j1---HfC4aERgnax8A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/8fbc7e-1f47-487c-8292-e5a77f7a7aa2/1/sJ__jo_9j459mntm0cxz3DkoHvY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.188.64.0/22
5.188.152.0/22
77.240.44.0/22
79.143.20.0/22
82.115.60.0-82.115.62.255
84.252.156.0/22
87.255.194.0-87.255.201.255
89.223.0.0/24
89.223.2.0/24
91.147.100.0/22
93.190.240.0/22
94.126.201.0/24
178.238.78.0/23
185.97.112.0/22
188.94.152.0/23
194.76.124.0/22
IPv6:
2a06:580::/29
Signature Algorithm: sha256WithRSAEncryption
98:71:ec:7f:64:7a:bd:b4:5e:d7:64:d1:37:dc:e4:71:5a:58:
82:d1:4e:b6:16:d8:19:74:e8:f8:c9:27:e1:93:52:a8:1d:7b:
11:6f:13:77:49:e9:e5:40:75:3c:68:a4:03:0f:5a:95:ef:18:
fd:88:a6:d2:a0:d4:12:1c:d3:67:11:c0:46:f2:3e:6b:e0:ae:
16:63:f5:d0:36:7f:6a:09:76:b6:86:27:f4:6a:d2:82:4f:03:
54:3d:67:26:01:75:4a:c5:e5:af:a6:e5:40:27:2e:fa:9a:ce:
d6:33:2b:ab:ab:70:70:dd:d4:1d:ee:26:ed:77:77:31:bb:05:
23:8e:a7:ad:5d:69:e5:0b:de:00:5f:23:d2:a2:d2:48:ac:e8:
47:4d:2d:43:31:be:c9:27:40:aa:9e:40:38:9f:86:35:4d:e5:
2a:39:79:5a:f1:66:b9:1f:df:32:28:05:3a:f1:a5:f3:cc:41:
f8:b0:ba:d1:0e:60:3d:06:88:d6:93:b0:00:d1:63:c5:11:fc:
a0:4f:c5:cc:06:de:29:08:6c:24:5f:f9:c2:c5:fd:5d:25:87:
2d:56:96:cd:4d:1c:33:a7:84:f7:7f:c5:c3:2e:45:96:7d:92:
d5:10:b5:6a:07:87:fb:c8:54:b6:0e:50:d0:2a:bb:8c:6b:2b:
f2:0d:6f:82
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAZAWECHSYCSG6MGa9u2oo3EkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwOWZmZjhlOGZmZDhmOGU3ZDlhN2I2NmQxY2M3M2RjMzky
ODFlZjYwHhcNMjQwNjE0MDkyNDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzViMzU0NjU0ZjlmZTNkN2VmYmUxZGYwYjg2ODQ0NjA5ZGFjN2MwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvFtis5hLkYaMFAEEsuSiai3XCSgj
2J9oiUvS1j+kjhc8aDpxVXvOJ2QLzvjdeyJAHo0Wr3EgyGu3l5+htOYqPipzy3yV
IrN/T6BcQdHBi3ju3vHGrnyK7ctD9c71TCFDMzCCG+fIFFwQvHZiUzglv7l16Ofg
df8bw/RGe1n+9S5J50ZeH125uDMkIp3nLgDF3i57dzW5HVHRpNT4AoX1wxN1y+Y8
5afVbC0YPEJqwpuABccxdtK22GTRgkhvE+KX6p8A0sgE4EUtBrBLFe5QrBNWTfLy
ZpubCL+ffWQuTDAn0GG3HAlapa6fXJNRG9y0VIG/5eYsQdCK0Yx/i0PY0QIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFMNbNUZU+f49fvvh3wuGhEYJ2sfAMB8GA1UdIwQY
MBaAFLCf/46P/Y+OfZp7ZtHMc9w5KB72MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0pfX2pvXzlqNDU5bW50bTBjeHozRGtvSHZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy84ZmJjN2UtMWY0Ny00ODdjLTgyOTIt
ZTVhNzdmN2E3YWEyLzEvdzFzMVJsVDVfajEtLS1IZkM0YUVSZ25heDhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy84ZmJjN2UtMWY0Ny00ODdjLTgyOTItZTVhNzdmN2E3YWEy
LzEvc0pfX2pvXzlqNDU5bW50bTBjeHozRGtvSHZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzB2BAIAATBwAwQCBbxA
AwQCBbyYAwQCTfAsAwQCT48UMAwDBAJSczwDBABScz4DBAJU/JwwDAMEAVf/wgME
AVf/yAMEAFnfAAMEAFnfAgMEAluTZAMEAl2+8AMEAF5+yQMEAbLuTgMEArlhcAME
AbxemAMEAsJMfDANBAIAAjAHAwUDKgYFgDANBgkqhkiG9w0BAQsFAAOCAQEAmHHs
f2R6vbRe12TRN9zkcVpYgtFOthbYGXTo+Mkn4ZNSqB17EW8Td0np5UB1PGikAw9a
le8Y/Yim0qDUEhzTZxHARvI+a+CuFmP10DZ/agl2toYn9GrSgk8DVD1nJgF1SsXl
r6blQCcu+prO1jMrq6twcN3UHe4m7Xd3MbsFI46nrV1p5QveAF8j0qLSSKzoR00t
QzG+ySdAqp5AOJ+GNU3lKjl5WvFmuR/fMigFOvGl88xB+LC60Q5gPQaI1pOwANFj
xRH8oE/FzAbeKQhsJF/5wsX9XSWHLVaWzU0cM6eE93/Fwy5Fln2S1RC1ageH+8hU
tg5Q0Cq7jGsr8g1vgg==
-----END CERTIFICATE-----
Generated at Wed Jul 3 06:00:12 2024 by rpki-client on console-fra.rpki-client.org