Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/W_z2C4s4iLnEd5pSmO3tYu72Yvg.roa
File: W_z2C4s4iLnEd5pSmO3tYu72Yvg.roa (raw, json)
Hash identifier: KXr4oKdPD5w/4uzjpazzbmTz0Q6vIv0rP0RBFnLFjvc=
Subject key identifier: 5B:FC:F6:0B:8B:38:88:B9:C4:77:9A:52:98:ED:ED:62:EE:F6:62:F8
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 018CD8B7B8BC203227A46B39984F545DA0CE
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/W_z2C4s4iLnEd5pSmO3tYu72Yvg.roa
Signing time: Fri 05 Jan 2024 08:22:48 +0000
ROA not before: Fri 05 Jan 2024 08:22:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2588
IP address blocks: 83.223.128.0/19 maxlen: 24
83.223.145.0/24 maxlen: 24
91.190.32.0/19 maxlen: 24
159.148.0.0/16 maxlen: 24
91.190.36.0/24 maxlen: 24
159.148.10.0/24 maxlen: 24
85.254.49.0/24 maxlen: 24
91.190.56.0/23 maxlen: 24
91.190.52.0/24 maxlen: 24
91.190.60.0/24 maxlen: 24
85.254.62.0/23 maxlen: 23
85.254.69.0/24 maxlen: 24
159.148.49.0/24 maxlen: 24
159.148.50.0/24 maxlen: 24
46.19.200.0/21 maxlen: 24
83.223.155.0/24 maxlen: 24
185.176.116.0/22 maxlen: 24
85.254.0.0/17 maxlen: 24
85.254.8.0/21 maxlen: 21
159.148.116.0/24 maxlen: 24
159.148.117.0/24 maxlen: 24
80.81.32.0/19 maxlen: 24
80.81.35.0/24 maxlen: 24
159.148.131.0/24 maxlen: 24
159.148.138.0/24 maxlen: 24
159.148.150.0/24 maxlen: 24
217.69.112.0/20 maxlen: 24
217.69.113.0/24 maxlen: 24
109.205.120.0/21 maxlen: 24
159.148.63.0/24 maxlen: 24
109.205.127.0/24 maxlen: 24
159.148.78.0/24 maxlen: 24
85.254.104.0/22 maxlen: 22
159.148.80.0/24 maxlen: 24
85.254.108.0/22 maxlen: 22
85.254.116.0/22 maxlen: 22
85.254.122.0/23 maxlen: 23
85.254.128.0/18 maxlen: 24
159.148.222.0/24 maxlen: 24
159.148.233.0/24 maxlen: 24
159.148.229.0/24 maxlen: 24
94.101.224.0/20 maxlen: 24
185.27.92.0/22 maxlen: 24
159.148.186.0/24 maxlen: 24
159.148.188.0/24 maxlen: 24
159.148.201.0/24 maxlen: 24
2a02:610::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 24 Jan 2024 08:40:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d8:b7:b8:bc:20:32:27:a4:6b:39:98:4f:54:5d:a0:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 5 08:22:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5bfcf60b8b3888b9c4779a5298eded62eef662f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:ba:7a:be:18:24:21:ad:6b:61:9e:73:0e:38:
d3:f1:94:66:7d:11:f8:b9:64:d7:b6:9b:56:28:a8:
b2:f0:02:b4:f7:6b:c7:e8:1b:6c:34:51:42:b4:b2:
eb:47:00:d8:54:1c:9c:2e:c5:0f:e9:d4:26:4f:17:
68:53:d5:92:e9:37:5e:b0:ce:3d:69:e8:74:93:80:
81:77:4e:e4:92:5b:6c:d0:6c:2d:94:c0:ee:7a:57:
05:3e:76:4a:49:0b:b4:89:cf:59:33:8d:5b:b3:bb:
b7:90:3c:28:84:9e:c3:d6:fd:ca:b9:e4:d7:ac:fe:
a7:e2:ed:3b:65:77:fa:0d:67:04:c7:0b:a6:24:0e:
e7:3b:da:e2:b9:56:1e:13:f6:9f:3d:4a:61:40:7c:
bd:2c:84:7c:30:01:7d:c9:83:92:82:db:50:14:ba:
74:4c:db:5d:b9:7e:08:33:d9:3a:cc:08:bf:65:71:
a7:6d:93:69:42:2d:59:02:6a:8f:1b:f4:a7:a5:2d:
b3:da:72:ce:7e:92:b1:22:24:6b:59:6a:b9:82:f0:
90:0b:e8:d7:56:8d:79:cc:b5:ba:4c:a3:00:1c:07:
65:27:59:3a:2e:b3:56:f7:9e:e6:13:f8:fb:53:02:
3a:1d:19:71:a5:0c:a8:fa:94:56:15:6a:87:5f:9f:
66:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:FC:F6:0B:8B:38:88:B9:C4:77:9A:52:98:ED:ED:62:EE:F6:62:F8
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/W_z2C4s4iLnEd5pSmO3tYu72Yvg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.19.200.0/21
80.81.32.0/19
83.223.128.0/19
85.254.0.0-85.254.191.255
91.190.32.0/19
94.101.224.0/20
109.205.120.0/21
159.148.0.0/16
185.27.92.0/22
185.176.116.0/22
217.69.112.0/20
IPv6:
2a02:610::/32
Signature Algorithm: sha256WithRSAEncryption
62:37:f9:78:f5:53:02:f5:5f:75:bd:f4:66:e0:c5:70:f6:7a:
81:3b:f6:e9:de:08:10:f5:f7:65:3f:22:11:cd:53:ef:ab:46:
62:a9:81:03:46:62:4c:83:15:fc:40:e3:8f:2e:de:71:9e:cb:
7a:a1:cc:07:4e:c5:51:8d:0b:ed:f6:b0:de:ca:32:dd:1a:8f:
e5:7d:c6:4e:2e:4a:cb:74:fe:83:5f:51:d3:2f:45:4a:5d:db:
ac:ab:81:af:d4:25:f4:7f:4c:48:02:2d:49:4e:30:f8:af:d1:
86:e5:9e:b2:1a:ae:7d:49:b1:72:bd:28:a2:61:35:58:71:a6:
6f:97:30:a6:43:4f:ee:3d:bf:14:2b:40:d2:08:13:4a:05:b4:
2b:64:45:fa:bf:3a:a6:6f:b3:f3:9f:0b:6f:b0:05:cb:77:7a:
16:06:23:c5:53:6c:8c:ee:7b:14:ce:4e:29:e9:ff:50:8c:ff:
f3:ee:d4:f5:55:33:cc:15:a7:9d:ae:4b:a5:19:84:46:08:d7:
39:c7:73:f6:10:c8:52:ac:bb:f7:46:aa:ce:61:89:bd:c6:44:
e2:56:60:f7:8e:b3:0a:42:00:32:c0:c1:54:fa:aa:93:a6:be:
02:f3:89:3e:5c:94:9b:55:d3:6b:ac:f5:95:e2:55:a8:1b:82:
dd:f4:1c:5f
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAYzYt7i8IDInpGs5mE9UXaDOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjQwMTA1MDgyMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmZjZjYwYjhiMzg4OGI5YzQ3NzlhNTI5OGVkZWQ2MmVlZjY2MmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxLp6vhgkIa1rYZ5zDjjT8ZRmfRH4
uWTXtptWKKiy8AK092vH6BtsNFFCtLLrRwDYVBycLsUP6dQmTxdoU9WS6TdesM49
aeh0k4CBd07kklts0GwtlMDuelcFPnZKSQu0ic9ZM41bs7u3kDwohJ7D1v3KueTX
rP6n4u07ZXf6DWcExwumJA7nO9riuVYeE/afPUphQHy9LIR8MAF9yYOSgttQFLp0
TNtduX4IM9k6zAi/ZXGnbZNpQi1ZAmqPG/SnpS2z2nLOfpKxIiRrWWq5gvCQC+jX
Vo15zLW6TKMAHAdlJ1k6LrNW957mE/j7UwI6HRlxpQyo+pRWFWqHX59mIQIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFFv89guLOIi5xHeaUpjt7WLu9mL4MB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvV196MkM0czRpTG5FZDVwU21PM3RZdTcyWXZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQDLhPIAwQF
UFEgAwQFU9+AMAsDAwFV/gMEBlX+gAMEBVu+IAMEBF5l4AMEA23NeAMDAJ+UAwQC
uRtcAwQCubB0AwQE2UVwMA0EAgACMAcDBQAqAgYQMA0GCSqGSIb3DQEBCwUAA4IB
AQBiN/l49VMC9V91vfRm4MVw9nqBO/bp3ggQ9fdlPyIRzVPvq0ZiqYEDRmJMgxX8
QOOPLt5xnst6ocwHTsVRjQvt9rDeyjLdGo/lfcZOLkrLdP6DX1HTL0VKXdusq4Gv
1CX0f0xIAi1JTjD4r9GG5Z6yGq59SbFyvSiiYTVYcaZvlzCmQ0/uPb8UK0DSCBNK
BbQrZEX6vzqmb7PznwtvsAXLd3oWBiPFU2yM7nsUzk4p6f9QjP/z7tT1VTPMFaed
rkulGYRGCNc5x3P2EMhSrLv3RqrOYYm9xkTiVmD3jrMKQgAywMFU+qqTpr4C84k+
XJSbVdNrrPWV4lWoG4Ld9Bxf
-----END CERTIFICATE-----
Generated at Wed Jan 24 13:24:17 2024 by rpki-client on console-fra.rpki-client.org