Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/17e663-eb10-45ed-81f2-bfbe1bc15fc2/1/wzxE_L5X8Yt5bmArREaFo6AM6_k.roa
File: wzxE_L5X8Yt5bmArREaFo6AM6_k.roa (raw, json)
Hash identifier: wRMbiCUbouECuN5HKPMpCfvNOsf7Q9anbdz+plX7QG8=
Subject key identifier: C3:3C:44:FC:BE:57:F1:8B:79:6E:60:2B:44:46:85:A3:A0:0C:EB:F9
Certificate issuer: /CN=384872e817b3a45f98d4b15b65dd452b5da2d611
Certificate serial: 018CC56EF362817EB7ED45218C89DAE640F2
Authority key identifier: 38:48:72:E8:17:B3:A4:5F:98:D4:B1:5B:65:DD:45:2B:5D:A2:D6:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OEhy6BezpF-Y1LFbZd1FK12i1hE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/17e663-eb10-45ed-81f2-bfbe1bc15fc2/1/wzxE_L5X8Yt5bmArREaFo6AM6_k.roa
Signing time: Mon 01 Jan 2024 14:30:31 +0000
ROA not before: Mon 01 Jan 2024 14:30:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56329
IP address blocks: 194.233.152.0/21 maxlen: 21
88.202.240.0/20 maxlen: 20
188.95.40.0/21 maxlen: 21
195.180.16.0/20 maxlen: 20
195.180.32.0/21 maxlen: 21
195.180.48.0/20 maxlen: 20
213.18.128.0/18 maxlen: 18
216.213.128.0/18 maxlen: 18
194.233.224.0/20 maxlen: 20
83.151.200.0/21 maxlen: 21
82.163.184.0/21 maxlen: 21
88.202.128.0/19 maxlen: 19
212.237.220.0/22 maxlen: 22
185.82.156.0/22 maxlen: 22
82.163.144.0/20 maxlen: 20
46.227.144.0/21 maxlen: 21
88.202.192.0/20 maxlen: 20
185.111.224.0/22 maxlen: 22
212.132.32.0/19 maxlen: 19
88.202.232.0/22 maxlen: 22
185.147.88.0/22 maxlen: 22
88.212.164.0/22 maxlen: 22
88.212.168.0/21 maxlen: 21
88.212.176.0/21 maxlen: 21
88.212.184.0/22 maxlen: 22
78.143.192.0/19 maxlen: 19
82.163.252.0/22 maxlen: 22
2a06:61c0::/29 maxlen: 29
2a02:fb8::/32 maxlen: 32
2a00:d200::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 13 May 2024 10:10:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:f3:62:81:7e:b7:ed:45:21:8c:89:da:e6:40:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=384872e817b3a45f98d4b15b65dd452b5da2d611
Validity
Not Before: Jan 1 14:30:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c33c44fcbe57f18b796e602b444685a3a00cebf9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:33:93:1b:08:f7:7c:69:d2:9b:67:df:aa:c7:
21:af:fd:9c:de:ea:e1:41:8e:32:e4:39:04:55:1b:
cd:cb:b3:de:08:31:6d:ca:6f:46:02:42:51:96:7b:
f4:b3:9b:c0:65:18:94:ea:32:cc:5d:cd:2e:34:2c:
d3:5f:d5:07:d6:44:8f:57:e7:bc:d3:f2:7f:0b:32:
38:8a:78:08:6e:78:95:98:12:02:91:79:60:e3:08:
01:46:31:26:02:b6:aa:0f:d9:35:38:85:16:53:46:
07:59:86:a3:9a:39:ac:23:86:d8:92:2d:3c:76:d7:
57:4d:b9:f9:07:61:11:56:cf:6a:6b:12:85:a6:bb:
8f:2e:f6:64:77:b6:57:86:1c:e6:4e:a5:fe:c6:a0:
3d:f2:e9:ae:2c:26:0d:d5:02:cd:ac:42:a6:6b:6b:
72:07:b4:6a:99:87:ea:22:de:06:40:4a:65:36:45:
08:e7:98:a0:88:58:67:2e:f8:6e:17:fd:75:d4:c7:
4b:ed:6a:22:bf:c3:1d:80:9a:36:d2:32:ee:3d:56:
10:86:5c:f6:b5:d2:d0:28:9f:63:20:af:02:17:c2:
ca:b3:9d:b2:fd:14:d3:ce:6c:90:a8:98:ab:f5:78:
6a:f3:1c:33:e4:89:e8:60:71:85:02:3b:0b:73:8d:
2f:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:3C:44:FC:BE:57:F1:8B:79:6E:60:2B:44:46:85:A3:A0:0C:EB:F9
X509v3 Authority Key Identifier:
keyid:38:48:72:E8:17:B3:A4:5F:98:D4:B1:5B:65:DD:45:2B:5D:A2:D6:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OEhy6BezpF-Y1LFbZd1FK12i1hE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/17e663-eb10-45ed-81f2-bfbe1bc15fc2/1/wzxE_L5X8Yt5bmArREaFo6AM6_k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/17e663-eb10-45ed-81f2-bfbe1bc15fc2/1/OEhy6BezpF-Y1LFbZd1FK12i1hE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.227.144.0/21
78.143.192.0/19
82.163.144.0/20
82.163.184.0/21
82.163.252.0/22
83.151.200.0/21
88.202.128.0/19
88.202.192.0/20
88.202.232.0/22
88.202.240.0/20
88.212.164.0-88.212.187.255
185.82.156.0/22
185.111.224.0/22
185.147.88.0/22
188.95.40.0/21
194.233.152.0/21
194.233.224.0/20
195.180.16.0-195.180.39.255
195.180.48.0/20
212.132.32.0/19
212.237.220.0/22
213.18.128.0/18
216.213.128.0/18
IPv6:
2a00:d200::/29
2a02:fb8::/32
2a06:61c0::/29
Signature Algorithm: sha256WithRSAEncryption
23:e6:15:aa:92:5b:dd:d4:b8:41:7e:5e:4c:02:36:0f:12:ed:
59:a7:1f:30:72:f8:d8:0a:23:ce:4b:3a:28:fa:02:ca:6a:67:
cc:42:07:e1:8c:8a:da:7e:d8:11:b8:84:9c:8c:21:49:2c:c4:
9d:65:dc:88:df:d8:d5:30:43:4b:4f:6e:d4:76:f5:5d:98:64:
32:05:e3:7b:d2:f5:94:26:cc:ab:32:a2:e5:28:f4:a5:8f:49:
21:a7:14:89:9a:e5:e0:ed:d8:6a:c7:80:ea:3f:2b:04:66:97:
b3:90:61:39:6c:23:63:a6:e4:ae:6e:93:de:88:d8:32:48:e7:
11:72:1d:dc:25:a6:aa:06:3d:07:ca:44:1a:bd:d0:20:25:f0:
a5:66:0e:22:6c:34:de:99:51:8e:c7:44:c4:41:fc:11:af:e0:
c7:df:c0:9b:ff:31:f7:40:1c:2b:b3:08:28:11:3e:76:02:f1:
1b:5e:e3:77:de:3a:a5:ba:53:1a:90:76:2b:71:0e:3c:df:41:
03:4f:7c:64:a6:46:6a:00:dc:14:25:46:31:b9:b8:74:b5:8c:
9f:f8:09:c1:e0:bb:da:6f:06:b7:dc:b9:3d:15:2d:d1:b7:1d:
1d:65:8c:4b:5f:a7:53:b1:49:46:a9:c6:33:2c:66:fe:0a:8e:
04:68:01:c9
-----BEGIN CERTIFICATE-----
MIIFszCCBJugAwIBAgISAYzFbvNigX637UUhjIna5kDyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4NDg3MmU4MTdiM2E0NWY5OGQ0YjE1YjY1ZGQ0NTJiNWRh
MmQ2MTEwHhcNMjQwMTAxMTQzMDMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzNjNDRmY2JlNTdmMThiNzk2ZTYwMmI0NDQ2ODVhM2EwMGNlYmY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAljOTGwj3fGnSm2ffqschr/2c3urh
QY4y5DkEVRvNy7PeCDFtym9GAkJRlnv0s5vAZRiU6jLMXc0uNCzTX9UH1kSPV+e8
0/J/CzI4ingIbniVmBICkXlg4wgBRjEmAraqD9k1OIUWU0YHWYajmjmsI4bYki08
dtdXTbn5B2ERVs9qaxKFpruPLvZkd7ZXhhzmTqX+xqA98umuLCYN1QLNrEKma2ty
B7RqmYfqIt4GQEplNkUI55igiFhnLvhuF/111MdL7Woiv8MdgJo20jLuPVYQhlz2
tdLQKJ9jIK8CF8LKs52y/RTTzmyQqJir9Xhq8xwz5InoYHGFAjsLc40vDwIDAQAB
o4ICvzCCArswHQYDVR0OBBYEFMM8RPy+V/GLeW5gK0RGhaOgDOv5MB8GA1UdIwQY
MBaAFDhIcugXs6RfmNSxW2XdRStdotYRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0VoeTZCZXpwRi1ZMUxGYlpkMUZLMTJpMWhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy8xN2U2NjMtZWIxMC00NWVkLTgxZjIt
YmZiZTFiYzE1ZmMyLzEvd3p4RV9MNVg4WXQ1Ym1BclJFYUZvNkFNNl9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy8xN2U2NjMtZWIxMC00NWVkLTgxZjItYmZiZTFiYzE1ZmMy
LzEvT0VoeTZCZXpwRi1ZMUxGYlpkMUZLMTJpMWhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHUBggrBgEFBQcBBwEB/wSBxDCBwTCBoQQCAAEwgZoDBAMu
45ADBAVOj8ADBARSo5ADBANSo7gDBAJSo/wDBANTl8gDBAVYyoADBARYysADBAJY
yugDBARYyvAwDAMEAljUpAMEAljUuAMEArlSnAMEArlv4AMEArmTWAMEA7xfKAME
A8LpmAMEBMLp4DAMAwQEw7QQAwQDw7QgAwQEw7QwAwQF1IQgAwQC1O3cAwQG1RKA
AwQG2NWAMBsEAgACMBUDBQMqANIAAwUAKgIPuAMFAyoGYcAwDQYJKoZIhvcNAQEL
BQADggEBACPmFaqSW93UuEF+XkwCNg8S7VmnHzBy+NgKI85LOij6AspqZ8xCB+GM
itp+2BG4hJyMIUksxJ1l3Ijf2NUwQ0tPbtR29V2YZDIF43vS9ZQmzKsyouUo9KWP
SSGnFIma5eDt2GrHgOo/KwRml7OQYTlsI2Om5K5uk96I2DJI5xFyHdwlpqoGPQfK
RBq90CAl8KVmDiJsNN6ZUY7HRMRB/BGv4MffwJv/MfdAHCuzCCgRPnYC8Rte43fe
OqW6UxqQditxDjzfQQNPfGSmRmoA3BQlRjG5uHS1jJ/4CcHgu9pvBrfcuT0VLdG3
HR1ljEtfp1OxSUapxjMsZv4KjgRoAck=
-----END CERTIFICATE-----
Generated at Tue Apr 22 10:34:57 2025 by rpki-client