Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/Wz89oNRqvbs3H_evuBiQAoGH7t4.roa
File: Wz89oNRqvbs3H_evuBiQAoGH7t4.roa (raw, json)
Hash identifier: q3yPzxm322hH8Aq9w/9+ZZAK+dIbJwsB3Sd+XQ9J+ww=
Subject key identifier: 5B:3F:3D:A0:D4:6A:BD:BB:37:1F:F7:AF:B8:18:90:02:81:87:EE:DE
Certificate issuer: /CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Certificate serial: 018F5835E0176F71CABCAB268E02A615A7C6
Authority key identifier: 92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/Wz89oNRqvbs3H_evuBiQAoGH7t4.roa
Signing time: Wed 08 May 2024 12:37:56 +0000
ROA not before: Wed 08 May 2024 12:37:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203020
IP address blocks: 5.154.174.0/24 maxlen: 24
45.95.24.0/22 maxlen: 32
45.144.88.0/22 maxlen: 24
45.149.28.0/22 maxlen: 24
45.153.157.0/24 maxlen: 24
45.153.158.0/23 maxlen: 32
45.156.224.0/22 maxlen: 32
80.246.30.0/24 maxlen: 32
86.105.183.0/24 maxlen: 32
89.35.249.0/24 maxlen: 32
89.40.24.0/24 maxlen: 32
89.44.205.0/24 maxlen: 32
91.228.216.0/24 maxlen: 24
94.46.206.0/24 maxlen: 32
185.36.254.0/24 maxlen: 32
185.96.162.0/24 maxlen: 32
185.108.104.0/24 maxlen: 32
185.108.105.0/24 maxlen: 32
185.147.140.0/22 maxlen: 32
185.152.36.0/22 maxlen: 32
185.152.248.0/22 maxlen: 32
185.153.151.0/24 maxlen: 32
185.160.44.0/22 maxlen: 32
185.166.84.0/24 maxlen: 32
185.184.228.0/24 maxlen: 32
185.188.61.0/24 maxlen: 24
185.201.188.0/24 maxlen: 24
185.217.64.0/22 maxlen: 22
185.242.217.0/24 maxlen: 24
188.119.154.0/24 maxlen: 32
193.36.89.0/24 maxlen: 32
195.47.194.0/24 maxlen: 32
2a01:4740::/32 maxlen: 32
2a05:28c0::/29 maxlen: 32
2a05:f4c0::/29 maxlen: 29
2a06:3040::/29 maxlen: 48
2a06:46c0::/29 maxlen: 32
2a06:4a00::/29 maxlen: 32
2a06:5000::/29 maxlen: 32
2a06:5700::/29 maxlen: 32
2a06:df80::/29 maxlen: 29
2a06:e480::/29 maxlen: 29
2a07:4780::/29 maxlen: 29
2a07:9c80::/29 maxlen: 29
2a07:f2c0::/29 maxlen: 29
2a0a:3080::/29 maxlen: 29
2a0b:3f40::/29 maxlen: 29
2a0c:d8c0::/29 maxlen: 29
2a0c:ec40::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 11 Jun 2024 10:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:58:35:e0:17:6f:71:ca:bc:ab:26:8e:02:a6:15:a7:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Validity
Not Before: May 8 12:37:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5b3f3da0d46abdbb371ff7afb81890028187eede
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:3f:10:c9:4b:0f:63:f6:cc:c0:2a:3c:a4:95:
3e:d0:41:ac:27:e6:a8:fd:af:8c:a3:df:1d:40:38:
18:d8:4a:c2:05:ac:7c:79:89:20:73:89:e2:88:98:
7d:5c:f7:89:94:e3:95:cd:f1:9a:76:27:ec:ad:fb:
ff:13:49:e5:b0:c4:32:11:21:0b:a4:f7:2b:ee:61:
15:04:16:3f:3d:6b:3b:bf:66:d9:01:76:17:9d:f5:
64:64:b0:8f:b0:c3:d4:ce:a9:3f:d7:e9:c7:0f:a7:
c9:02:af:7f:4d:26:eb:e3:a2:54:0c:11:6b:8c:22:
a9:42:0f:b5:db:df:10:08:b8:e0:38:f9:ca:e2:68:
94:f2:41:ab:ee:b6:4c:6d:15:16:63:d2:3c:0c:6f:
7d:bd:07:bc:fa:d6:1a:46:71:a8:68:6f:65:79:ca:
ab:4a:50:bd:95:93:ce:65:56:f0:e1:30:ab:61:c5:
82:62:b2:73:66:2d:d9:f4:2e:85:09:30:a1:95:0a:
a2:da:07:08:d6:5e:46:1f:cb:91:3b:6e:45:89:bd:
78:0c:23:06:9d:97:b5:4c:4a:14:b4:f6:95:3b:ff:
2b:d3:8d:a1:dd:1c:73:b8:dc:67:48:5b:bd:94:fe:
d9:c0:84:af:7c:a2:d2:bb:b8:40:b3:89:01:40:bd:
49:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:3F:3D:A0:D4:6A:BD:BB:37:1F:F7:AF:B8:18:90:02:81:87:EE:DE
X509v3 Authority Key Identifier:
keyid:92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/Wz89oNRqvbs3H_evuBiQAoGH7t4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.174.0/24
45.95.24.0/22
45.144.88.0/22
45.149.28.0/22
45.153.157.0-45.153.159.255
45.156.224.0/22
80.246.30.0/24
86.105.183.0/24
89.35.249.0/24
89.40.24.0/24
89.44.205.0/24
91.228.216.0/24
94.46.206.0/24
185.36.254.0/24
185.96.162.0/24
185.108.104.0/23
185.147.140.0/22
185.152.36.0/22
185.152.248.0/22
185.153.151.0/24
185.160.44.0/22
185.166.84.0/24
185.184.228.0/24
185.188.61.0/24
185.201.188.0/24
185.217.64.0/22
185.242.217.0/24
188.119.154.0/24
193.36.89.0/24
195.47.194.0/24
IPv6:
2a01:4740::/32
2a05:28c0::/29
2a05:f4c0::/29
2a06:3040::/29
2a06:46c0::/29
2a06:4a00::/29
2a06:5000::/29
2a06:5700::/29
2a06:df80::/29
2a06:e480::/29
2a07:4780::/29
2a07:9c80::/29
2a07:f2c0::/29
2a0a:3080::/29
2a0b:3f40::/29
2a0c:d8c0::/29
2a0c:ec40::/29
Signature Algorithm: sha256WithRSAEncryption
33:18:a4:e9:5b:a3:96:99:c1:3b:4a:7f:f2:74:0c:cb:6d:42:
d8:0c:9e:35:ce:4d:e7:d4:49:83:38:28:d6:dd:73:71:97:14:
63:6b:da:fe:dd:98:90:98:69:63:8c:e7:b8:14:1d:1f:c0:d8:
a2:3a:d9:dd:63:0c:9b:95:e2:74:0c:82:b6:81:fc:7a:09:49:
d9:59:04:ff:f9:64:3b:9f:2b:54:e8:d8:9b:4b:0c:c0:c7:9e:
9f:74:2e:7b:77:e4:10:2d:43:a9:4e:9c:bf:3b:7d:67:fd:65:
36:c7:62:2b:82:f8:47:e9:c6:b9:48:2c:ad:94:6e:72:82:44:
45:b3:a4:0a:0f:0c:89:6b:24:a1:48:c3:9d:98:8c:ee:31:19:
ef:f8:f5:6c:c1:3e:78:fd:a4:30:eb:69:dd:e7:b1:e7:cc:35:
7d:20:12:b6:08:36:45:31:fc:9d:98:c0:55:91:96:ca:97:df:
6e:3e:96:54:35:e3:92:fe:2e:10:52:db:d3:16:a6:05:8d:0b:
ae:f7:96:b7:77:92:b3:26:8d:18:26:e2:78:3a:e3:7d:a4:ec:
51:51:88:ca:f3:ca:86:06:09:89:82:c9:2a:94:2c:2e:01:27:
a3:59:be:1e:5b:bb:dc:61:1d:1e:39:e3:e4:2c:24:30:66:19:
a3:bf:39:e4
-----BEGIN CERTIFICATE-----
MIIGOjCCBSKgAwIBAgISAY9YNeAXb3HKvKsmjgKmFafGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMjIwOGI0N2I2YTg2NGQ5ZDFmZjMzZTA2YWE4MWQxMzgx
OWE3NGUwHhcNMjQwNTA4MTIzNzU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjNmM2RhMGQ0NmFiZGJiMzcxZmY3YWZiODE4OTAwMjgxODdlZWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsj8QyUsPY/bMwCo8pJU+0EGsJ+ao
/a+Mo98dQDgY2ErCBax8eYkgc4niiJh9XPeJlOOVzfGadifsrfv/E0nlsMQyESEL
pPcr7mEVBBY/PWs7v2bZAXYXnfVkZLCPsMPUzqk/1+nHD6fJAq9/TSbr46JUDBFr
jCKpQg+1298QCLjgOPnK4miU8kGr7rZMbRUWY9I8DG99vQe8+tYaRnGoaG9lecqr
SlC9lZPOZVbw4TCrYcWCYrJzZi3Z9C6FCTChlQqi2gcI1l5GH8uRO25Fib14DCMG
nZe1TEoUtPaVO/8r042h3RxzuNxnSFu9lP7ZwISvfKLSu7hAs4kBQL1J5QIDAQAB
o4IDRjCCA0IwHQYDVR0OBBYEFFs/PaDUar27Nx/3r7gYkAKBh+7eMB8GA1UdIwQY
MBaAFJIiCLR7aoZNnR/zPgaqgdE4GadOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTct
OTViMDhlMzY2MGNmLzEvV3o4OW9OUnF2YnMzSF9ldnVCaVFBb0dIN3Q0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTctOTViMDhlMzY2MGNm
LzEva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBWgYIKwYBBQUHAQcBAf8EggFJMIIBRTCBwwQCAAEwgbwD
BAAFmq4DBAItXxgDBAItkFgDBAItlRwwDAMEAC2ZnQMEBS2ZgAMEAi2c4AMEAFD2
HgMEAFZptwMEAFkj+QMEAFkoGAMEAFkszQMEAFvk2AMEAF4uzgMEALkk/gMEALlg
ogMEAblsaAMEArmTjAMEArmYJAMEArmY+AMEALmZlwMEArmgLAMEALmmVAMEALm4
5AMEALm8PQMEALnJvAMEArnZQAMEALny2QMEALx3mgMEAMEkWQMEAMMvwjB9BAIA
AjB3AwUAKgFHQAMFAyoFKMADBQMqBfTAAwUDKgYwQAMFAyoGRsADBQMqBkoAAwUD
KgZQAAMFAyoGVwADBQMqBt+AAwUDKgbkgAMFAyoHR4ADBQMqB5yAAwUDKgfywAMF
AyoKMIADBQMqCz9AAwUDKgzYwAMFAyoM7EAwDQYJKoZIhvcNAQELBQADggEBADMY
pOlbo5aZwTtKf/J0DMttQtgMnjXOTefUSYM4KNbdc3GXFGNr2v7dmJCYaWOM57gU
HR/A2KI62d1jDJuV4nQMgraB/HoJSdlZBP/5ZDufK1To2JtLDMDHnp90Lnt35BAt
Q6lOnL87fWf9ZTbHYiuC+EfpxrlILK2UbnKCREWzpAoPDIlrJKFIw52YjO4xGe/4
9WzBPnj9pDDrad3nsefMNX0gErYINkUx/J2YwFWRlsqX324+llQ145L+LhBS29MW
pgWNC673lrd3krMmjRgm4ng6432k7FFRiMrzyoYGCYmCySqULC4BJ6NZvh5bu9xh
HR454+QsJDBmGaO/OeQ=
-----END CERTIFICATE-----
Generated at Tue Jun 11 13:12:51 2024 by rpki-client on console-fra.rpki-client.org