Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/d1ee4b-e88a-4e41-a616-4b248da6c96c/1/iz1lwF_iQRcseIEL58wZFh4_bz0.roa
File: iz1lwF_iQRcseIEL58wZFh4_bz0.roa (raw, json)
Hash identifier: 9QmAevip/QBe6A2Sd8DIvH1CwRq/S5qaLeo17P4oTAo=
Subject key identifier: 8B:3D:65:C0:5F:E2:41:17:2C:78:81:0B:E7:CC:19:16:1E:3F:6F:3D
Certificate issuer: /CN=c2d2a234e224bf87996f2f0df559ead882f9e651
Certificate serial: 018FA4A7F8549E1FF0E37F26EB9565663556
Authority key identifier: C2:D2:A2:34:E2:24:BF:87:99:6F:2F:0D:F5:59:EA:D8:82:F9:E6:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wtKiNOIkv4eZby8N9Vnq2IL55lE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/d1ee4b-e88a-4e41-a616-4b248da6c96c/1/iz1lwF_iQRcseIEL58wZFh4_bz0.roa
Signing time: Thu 23 May 2024 08:53:42 +0000
ROA not before: Thu 23 May 2024 08:53:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50926
IP address blocks: 5.175.40.0/21 maxlen: 24
31.24.40.0/21 maxlen: 24
31.24.152.0/21 maxlen: 24
84.246.208.0/21 maxlen: 24
91.142.208.0/20 maxlen: 24
91.200.140.0/22 maxlen: 24
91.213.46.0/24 maxlen: 24
94.127.184.0/21 maxlen: 24
109.68.80.0/21 maxlen: 24
149.62.168.0/21 maxlen: 24
185.23.68.0/22 maxlen: 24
185.70.92.0/22 maxlen: 24
185.101.224.0/22 maxlen: 24
185.129.248.0/22 maxlen: 24
185.176.8.0/22 maxlen: 24
185.176.8.0/24 maxlen: 24
185.176.9.0/24 maxlen: 24
185.176.10.0/24 maxlen: 24
185.176.11.0/24 maxlen: 24
185.222.156.0/22 maxlen: 24
188.95.112.0/21 maxlen: 24
188.164.192.0/21 maxlen: 24
194.116.147.0/24 maxlen: 24
195.5.116.0/23 maxlen: 24
212.34.156.0/22 maxlen: 24
2a00:5ac0::/44 maxlen: 44
2a00:5ac0:100::/48 maxlen: 48
2a00:5ac0:147::/48 maxlen: 48
2a00:5ac0:180::/48 maxlen: 48
2a00:5ac0:200::/48 maxlen: 48
2a00:5ac0:300::/48 maxlen: 48
2a01:4b80::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 24 May 2024 04:39:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:a4:a7:f8:54:9e:1f:f0:e3:7f:26:eb:95:65:66:35:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2d2a234e224bf87996f2f0df559ead882f9e651
Validity
Not Before: May 23 08:53:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8b3d65c05fe241172c78810be7cc19161e3f6f3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:c3:01:fb:33:1a:99:96:d2:13:55:dd:0c:ef:
48:28:64:da:85:19:4d:c8:57:10:ef:2c:46:95:3f:
19:08:a2:36:9f:d0:09:da:65:62:b3:6c:18:9b:70:
d5:f0:1e:5f:01:38:39:3d:c5:f2:27:17:25:63:e6:
60:08:ab:ff:d7:a7:8c:42:0b:a3:e4:5c:00:fd:87:
d6:17:b2:de:f6:50:77:4f:d5:4d:57:e0:c4:0f:e4:
d1:b0:29:5f:19:32:22:35:0d:29:fd:f1:77:50:31:
bb:24:a9:06:42:18:e6:09:6e:fe:9a:5a:ae:e0:c2:
4b:af:53:50:d3:30:e7:d3:b6:e2:54:ec:1a:54:27:
b7:33:0e:ba:a7:88:37:58:dc:d2:aa:c6:52:71:26:
67:44:54:b9:c5:11:01:9a:a5:c4:1b:af:1b:e6:75:
46:5a:2b:8b:03:97:20:b1:88:1b:c9:94:c8:d4:f9:
cf:be:10:eb:f5:04:ca:fa:46:ba:2b:36:0b:2d:34:
e8:bb:d0:e2:a9:75:b9:ad:e9:2a:cf:fb:56:f7:ed:
cc:99:ef:52:18:94:34:40:36:97:32:1e:94:56:3f:
b1:9d:e9:29:12:79:ff:9a:4c:d5:43:29:77:de:f7:
e5:03:4c:b5:15:c5:16:41:f9:aa:50:37:f9:94:d7:
89:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:3D:65:C0:5F:E2:41:17:2C:78:81:0B:E7:CC:19:16:1E:3F:6F:3D
X509v3 Authority Key Identifier:
keyid:C2:D2:A2:34:E2:24:BF:87:99:6F:2F:0D:F5:59:EA:D8:82:F9:E6:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wtKiNOIkv4eZby8N9Vnq2IL55lE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/d1ee4b-e88a-4e41-a616-4b248da6c96c/1/iz1lwF_iQRcseIEL58wZFh4_bz0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/d1ee4b-e88a-4e41-a616-4b248da6c96c/1/wtKiNOIkv4eZby8N9Vnq2IL55lE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.175.40.0/21
31.24.40.0/21
31.24.152.0/21
84.246.208.0/21
91.142.208.0/20
91.200.140.0/22
91.213.46.0/24
94.127.184.0/21
109.68.80.0/21
149.62.168.0/21
185.23.68.0/22
185.70.92.0/22
185.101.224.0/22
185.129.248.0/22
185.176.8.0/22
185.222.156.0/22
188.95.112.0/21
188.164.192.0/21
194.116.147.0/24
195.5.116.0/23
212.34.156.0/22
IPv6:
2a00:5ac0::/44
2a00:5ac0:100::/48
2a00:5ac0:147::/48
2a00:5ac0:180::/48
2a00:5ac0:200::/48
2a00:5ac0:300::/48
2a01:4b80::/32
Signature Algorithm: sha256WithRSAEncryption
52:43:ac:7e:b8:d1:07:38:01:c5:a8:93:3f:00:29:5b:04:62:
c3:01:b7:59:4a:ab:ca:bf:53:f2:7d:0b:f2:90:56:8c:16:73:
ea:c6:98:6b:e5:0f:ec:e2:9e:2d:42:e8:d8:91:55:26:25:d9:
87:92:ef:cb:31:2b:1f:eb:8c:30:ba:03:1c:b8:43:fb:eb:a1:
a4:c8:fe:d9:51:e5:91:16:05:62:3b:b1:37:10:31:d8:dc:9a:
e4:45:c0:0a:07:63:92:6b:bf:0a:e6:75:64:ef:02:30:3c:75:
b5:1c:ce:c3:19:09:42:8e:73:39:4e:cd:69:7e:09:7e:98:c6:
87:91:06:85:19:00:91:f0:ae:d9:b7:c5:28:61:66:b1:42:c2:
1f:7e:db:9e:ed:60:9f:62:de:4f:80:4f:c6:88:c2:3b:4b:de:
a8:58:ad:35:ee:06:5f:ad:16:5e:e8:8a:66:8a:f7:4e:a0:b2:
11:8d:4b:9e:09:e1:71:47:ef:98:db:46:ed:b6:bf:bc:d1:32:
42:b0:a9:7f:82:d4:0a:e8:81:1d:4a:ed:e7:4b:25:f8:a6:b3:
1d:c7:6b:60:73:11:8e:1a:71:6e:cc:5b:fd:f1:c7:80:20:23:
eb:40:f4:9a:71:43:d1:6a:c2:63:eb:d9:19:f1:97:21:9b:82:
5a:8f:d6:7a
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgISAY+kp/hUnh/w438m65VlZjVWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyZDJhMjM0ZTIyNGJmODc5OTZmMmYwZGY1NTllYWQ4ODJm
OWU2NTEwHhcNMjQwNTIzMDg1MzQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjNkNjVjMDVmZTI0MTE3MmM3ODgxMGJlN2NjMTkxNjFlM2Y2ZjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArcMB+zMamZbSE1XdDO9IKGTahRlN
yFcQ7yxGlT8ZCKI2n9AJ2mVis2wYm3DV8B5fATg5PcXyJxclY+ZgCKv/16eMQguj
5FwA/YfWF7Le9lB3T9VNV+DED+TRsClfGTIiNQ0p/fF3UDG7JKkGQhjmCW7+mlqu
4MJLr1NQ0zDn07biVOwaVCe3Mw66p4g3WNzSqsZScSZnRFS5xREBmqXEG68b5nVG
WiuLA5cgsYgbyZTI1PnPvhDr9QTK+ka6KzYLLTTou9DiqXW5rekqz/tW9+3Mme9S
GJQ0QDaXMh6UVj+xnekpEnn/mkzVQyl33vflA0y1FcUWQfmqUDf5lNeJXwIDAQAB
o4ICyjCCAsYwHQYDVR0OBBYEFIs9ZcBf4kEXLHiBC+fMGRYeP289MB8GA1UdIwQY
MBaAFMLSojTiJL+HmW8vDfVZ6tiC+eZRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3RLaU5PSWt2NGVaYnk4TjlWbnEySUw1NWxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9kMWVlNGItZTg4YS00ZTQxLWE2MTYt
NGIyNDhkYTZjOTZjLzEvaXoxbHdGX2lRUmNzZUlFTDU4d1pGaDRfYnowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9kMWVlNGItZTg4YS00ZTQxLWE2MTYtNGIyNDhkYTZjOTZj
LzEvd3RLaU5PSWt2NGVaYnk4TjlWbnEySUw1NWxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHfBggrBgEFBQcBBwEB/wSBzzCBzDCBhAQCAAEwfgMEAwWv
KAMEAx8YKAMEAx8YmAMEA1T20AMEBFuO0AMEAlvIjAMEAFvVLgMEA15/uAMEA21E
UAMEA5U+qAMEArkXRAMEArlGXAMEArll4AMEArmB+AMEArmwCAMEArnenAMEA7xf
cAMEA7ykwAMEAMJ0kwMEAcMFdAMEAtQinDBDBAIAAjA9AwcEKgBawAAAAwcAKgBa
wAEAAwcAKgBawAFHAwcAKgBawAGAAwcAKgBawAIAAwcAKgBawAMAAwUAKgFLgDAN
BgkqhkiG9w0BAQsFAAOCAQEAUkOsfrjRBzgBxaiTPwApWwRiwwG3WUqryr9T8n0L
8pBWjBZz6saYa+UP7OKeLULo2JFVJiXZh5LvyzErH+uMMLoDHLhD++uhpMj+2VHl
kRYFYjuxNxAx2Nya5EXACgdjkmu/CuZ1ZO8CMDx1tRzOwxkJQo5zOU7NaX4JfpjG
h5EGhRkAkfCu2bfFKGFmsULCH37bnu1gn2LeT4BPxojCO0veqFitNe4GX60WXuiK
Zor3TqCyEY1LngnhcUfvmNtG7ba/vNEyQrCpf4LUCuiBHUrt50sl+KazHcdrYHMR
jhpxbsxb/fHHgCAj60D0mnFD0WrCY+vZGfGXIZuCWo/Weg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:45 2024 by rpki-client on console-ams.rpki-client.org