Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/d1ee4b-e88a-4e41-a616-4b248da6c96c/1/A9wr_NtDm5_3F-lr3GUMVmcO7nM.roa
File: A9wr_NtDm5_3F-lr3GUMVmcO7nM.roa (raw, json)
Hash identifier: IHkq0Jei573LmhEgmWOXkUXwrDs44dd4XLDEnKwnAuI=
Subject key identifier: 03:DC:2B:FC:DB:43:9B:9F:F7:17:E9:6B:DC:65:0C:56:67:0E:EE:73
Certificate issuer: /CN=c2d2a234e224bf87996f2f0df559ead882f9e651
Certificate serial: 01856F82486B6BD757ABEF1ADF6F5E3D1C14
Authority key identifier: C2:D2:A2:34:E2:24:BF:87:99:6F:2F:0D:F5:59:EA:D8:82:F9:E6:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wtKiNOIkv4eZby8N9Vnq2IL55lE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/d1ee4b-e88a-4e41-a616-4b248da6c96c/1/A9wr_NtDm5_3F-lr3GUMVmcO7nM.roa
Signing time: Sun 01 Jan 2023 22:44:47 +0000
ROA not before: Sun 01 Jan 2023 22:44:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50926
IP address blocks: 185.70.92.0/22 maxlen: 22
188.164.192.0/21 maxlen: 21
188.164.192.0/24 maxlen: 24
185.23.68.0/22 maxlen: 22
188.164.197.0/24 maxlen: 24
188.164.199.0/24 maxlen: 24
94.127.186.0/24 maxlen: 24
188.164.198.0/24 maxlen: 24
94.127.185.0/24 maxlen: 24
94.127.184.0/24 maxlen: 24
188.164.196.0/24 maxlen: 24
188.164.195.0/24 maxlen: 24
188.164.194.0/24 maxlen: 24
188.164.193.0/24 maxlen: 24
94.127.191.0/24 maxlen: 24
94.127.190.0/24 maxlen: 24
94.127.188.0/24 maxlen: 24
94.127.187.0/24 maxlen: 24
185.129.248.0/22 maxlen: 22
149.62.172.0/22 maxlen: 22
149.62.168.0/21 maxlen: 21
149.62.168.0/22 maxlen: 22
195.5.116.0/23 maxlen: 23
91.200.140.0/22 maxlen: 22
188.95.112.0/21 maxlen: 21
185.176.9.0/24 maxlen: 24
185.176.8.0/24 maxlen: 24
185.176.11.0/24 maxlen: 24
185.176.10.0/24 maxlen: 24
84.246.213.0/24 maxlen: 24
84.246.212.0/24 maxlen: 24
84.246.211.0/24 maxlen: 24
84.246.210.0/24 maxlen: 24
84.246.209.0/24 maxlen: 24
84.246.208.0/21 maxlen: 21
84.246.208.0/24 maxlen: 24
109.68.84.0/24 maxlen: 24
109.68.82.0/24 maxlen: 24
84.246.215.0/24 maxlen: 24
109.68.80.0/24 maxlen: 24
109.68.80.0/21 maxlen: 21
84.246.214.0/24 maxlen: 24
91.213.46.0/24 maxlen: 24
31.24.152.0/21 maxlen: 21
31.24.152.0/24 maxlen: 24
31.24.159.0/24 maxlen: 24
31.24.158.0/24 maxlen: 24
31.24.157.0/24 maxlen: 24
31.24.156.0/24 maxlen: 24
31.24.155.0/24 maxlen: 24
31.24.154.0/24 maxlen: 24
91.142.208.0/20 maxlen: 20
185.222.156.0/22 maxlen: 22
5.175.42.0/24 maxlen: 24
5.175.41.0/24 maxlen: 24
5.175.40.0/24 maxlen: 24
5.175.40.0/21 maxlen: 21
5.175.44.0/24 maxlen: 24
5.175.43.0/24 maxlen: 24
5.175.47.0/24 maxlen: 24
5.175.46.0/24 maxlen: 24
31.24.43.0/24 maxlen: 24
31.24.40.0/24 maxlen: 24
31.24.40.0/21 maxlen: 21
31.24.46.0/24 maxlen: 24
31.24.45.0/24 maxlen: 24
2a00:5ac0:100::/40 maxlen: 40
2a00:5ac0::/44 maxlen: 44
2a01:4b80::/32 maxlen: 32
2a0a:680::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 05 Apr 2023 18:24:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:82:48:6b:6b:d7:57:ab:ef:1a:df:6f:5e:3d:1c:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2d2a234e224bf87996f2f0df559ead882f9e651
Validity
Not Before: Jan 1 22:44:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=03dc2bfcdb439b9ff717e96bdc650c56670eee73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:8b:cd:1e:02:e5:04:d8:7d:54:ee:bd:15:66:
5b:a3:ba:b8:84:fb:ea:17:d0:56:0f:32:3f:11:99:
93:1c:1e:a6:22:60:1a:b4:2e:33:6c:a8:30:bb:2c:
af:be:ee:41:36:1e:ab:df:67:10:f9:50:49:71:ea:
95:5a:a9:6d:ef:80:70:68:77:1a:55:10:29:bb:fb:
57:b8:f9:bd:82:cb:45:3f:8b:e6:12:ca:fd:0f:45:
a8:79:d1:44:21:26:db:e4:7e:46:9f:b6:33:b9:08:
3f:2c:d0:17:48:de:61:86:8d:af:1f:f1:dc:a8:e4:
3e:b3:0f:0f:7d:cb:16:6a:01:f7:8e:5d:5d:c6:60:
d8:26:4e:77:8d:fa:11:cc:d5:0b:a2:91:df:4b:f1:
0a:b9:e8:18:1e:db:ee:db:3b:06:36:c1:ed:c3:67:
cf:8d:93:84:26:1c:13:53:fb:73:2a:f1:f5:5a:e1:
d2:37:96:0c:9e:17:02:e4:df:2e:e9:14:03:c3:78:
a9:25:c8:b1:35:6c:36:6f:66:7d:6d:3d:f2:94:3a:
13:69:64:f9:f1:28:ad:a5:74:cd:97:e0:d6:cc:b6:
d1:e1:77:c8:15:dd:79:8a:c3:10:00:e5:b9:9f:7f:
d7:b6:3a:d9:5d:e4:c8:63:e8:bf:f2:b6:43:e3:a8:
5e:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:DC:2B:FC:DB:43:9B:9F:F7:17:E9:6B:DC:65:0C:56:67:0E:EE:73
X509v3 Authority Key Identifier:
keyid:C2:D2:A2:34:E2:24:BF:87:99:6F:2F:0D:F5:59:EA:D8:82:F9:E6:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wtKiNOIkv4eZby8N9Vnq2IL55lE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/d1ee4b-e88a-4e41-a616-4b248da6c96c/1/A9wr_NtDm5_3F-lr3GUMVmcO7nM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/d1ee4b-e88a-4e41-a616-4b248da6c96c/1/wtKiNOIkv4eZby8N9Vnq2IL55lE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.175.40.0/21
31.24.40.0/21
31.24.152.0/21
84.246.208.0/21
91.142.208.0/20
91.200.140.0/22
91.213.46.0/24
94.127.184.0-94.127.188.255
94.127.190.0/23
109.68.80.0/21
149.62.168.0/21
185.23.68.0/22
185.70.92.0/22
185.129.248.0/22
185.176.8.0/22
185.222.156.0/22
188.95.112.0/21
188.164.192.0/21
195.5.116.0/23
IPv6:
2a00:5ac0::/44
2a00:5ac0:100::/40
2a01:4b80::/32
2a0a:680::/29
Signature Algorithm: sha256WithRSAEncryption
5a:ff:50:7e:99:20:72:8d:95:a0:46:fc:19:d0:a8:b3:07:d0:
ea:11:4f:45:c0:e7:9a:26:10:e3:9d:1f:bf:06:6f:52:c5:f7:
da:c4:2f:6a:28:70:d6:9d:06:57:93:d2:db:20:f2:00:81:01:
50:c4:b7:0f:46:e4:4b:6d:4f:1b:15:78:84:bb:02:eb:c2:7e:
d9:0c:8c:04:42:8f:69:8d:08:ba:de:c5:a5:72:0e:2b:0c:b7:
b1:92:df:fd:5d:36:84:81:eb:6d:69:3c:fa:32:fd:ae:86:72:
47:97:e5:26:7c:79:c1:99:5e:bf:42:dd:e4:6c:c3:35:d2:75:
16:47:02:93:43:92:32:95:96:95:32:c8:43:71:85:57:2a:77:
3d:9f:20:44:92:13:05:51:ff:55:81:2a:37:a3:db:9a:5f:20:
97:23:08:a6:2b:a7:40:68:52:1f:15:9a:f4:67:57:f7:fb:bc:
ab:2a:e8:ba:34:b1:51:4e:ab:09:0c:d5:a6:c6:b4:34:da:3e:
63:a3:53:48:15:89:17:1a:c4:e6:9f:22:f5:09:28:f3:a2:62:
a9:59:c7:27:44:c3:fa:fa:5a:a1:d8:1d:89:a6:93:e9:0d:6b:
63:3f:0d:8c:be:a5:7b:7f:fb:10:1a:55:b1:91:e6:37:be:48:
10:91:3a:5a
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgISAYVvgkhra9dXq+8a329ePRwUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyZDJhMjM0ZTIyNGJmODc5OTZmMmYwZGY1NTllYWQ4ODJm
OWU2NTEwHhcNMjMwMTAxMjI0NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2RjMmJmY2RiNDM5YjlmZjcxN2U5NmJkYzY1MGM1NjY3MGVlZTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqIvNHgLlBNh9VO69FWZbo7q4hPvq
F9BWDzI/EZmTHB6mImAatC4zbKgwuyyvvu5BNh6r32cQ+VBJceqVWqlt74BwaHca
VRApu/tXuPm9gstFP4vmEsr9D0WoedFEISbb5H5Gn7YzuQg/LNAXSN5hho2vH/Hc
qOQ+sw8PfcsWagH3jl1dxmDYJk53jfoRzNULopHfS/EKuegYHtvu2zsGNsHtw2fP
jZOEJhwTU/tzKvH1WuHSN5YMnhcC5N8u6RQDw3ipJcixNWw2b2Z9bT3ylDoTaWT5
8SitpXTNl+DWzLbR4XfIFd15isMQAOW5n3/XtjrZXeTIY+i/8rZD46heIQIDAQAB
o4ICqDCCAqQwHQYDVR0OBBYEFAPcK/zbQ5uf9xfpa9xlDFZnDu5zMB8GA1UdIwQY
MBaAFMLSojTiJL+HmW8vDfVZ6tiC+eZRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3RLaU5PSWt2NGVaYnk4TjlWbnEySUw1NWxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9kMWVlNGItZTg4YS00ZTQxLWE2MTYt
NGIyNDhkYTZjOTZjLzEvQTl3cl9OdERtNV8zRi1scjNHVU1WbWNPN25NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9kMWVlNGItZTg4YS00ZTQxLWE2MTYtNGIyNDhkYTZjOTZj
LzEvd3RLaU5PSWt2NGVaYnk4TjlWbnEySUw1NWxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG9BggrBgEFBQcBBwEB/wSBrTCBqjCBgAQCAAEwegMEAwWv
KAMEAx8YKAMEAx8YmAMEA1T20AMEBFuO0AMEAlvIjAMEAFvVLjAMAwQDXn+4AwQA
Xn+8AwQBXn++AwQDbURQAwQDlT6oAwQCuRdEAwQCuUZcAwQCuYH4AwQCubAIAwQC
ud6cAwQDvF9wAwQDvKTAAwQBwwV0MCUEAgACMB8DBwQqAFrAAAADBgAqAFrAAQMF
ACoBS4ADBQMqCgaAMA0GCSqGSIb3DQEBCwUAA4IBAQBa/1B+mSByjZWgRvwZ0Kiz
B9DqEU9FwOeaJhDjnR+/Bm9SxffaxC9qKHDWnQZXk9LbIPIAgQFQxLcPRuRLbU8b
FXiEuwLrwn7ZDIwEQo9pjQi63sWlcg4rDLexkt/9XTaEgettaTz6Mv2uhnJHl+Um
fHnBmV6/Qt3kbMM10nUWRwKTQ5IylZaVMshDcYVXKnc9nyBEkhMFUf9VgSo3o9ua
XyCXIwimK6dAaFIfFZr0Z1f3+7yrKui6NLFRTqsJDNWmxrQ02j5jo1NIFYkXGsTm
nyL1CSjzomKpWccnRMP6+lqh2B2JppPpDWtjPw2MvqV7f/sQGlWxkeY3vkgQkTpa
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:45 2024 by rpki-client on console-ams.rpki-client.org