Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/5f6aff-13bb-4db8-957f-8d23ac5cb502/1/WtRfftuB7aI03TS--tEn5PSmZ40.roa
File: WtRfftuB7aI03TS--tEn5PSmZ40.roa (raw, json)
Hash identifier: skT6RD5V5hdsCsxeFwNYaSe56g6O33yVvbzDifLl5wQ=
Subject key identifier: 5A:D4:5F:7E:DB:81:ED:A2:34:DD:34:BE:FA:D1:27:E4:F4:A6:67:8D
Certificate issuer: /CN=d50697943676399ac5cac6a3e476545af0df49dd
Certificate serial: 01889AE929E5B039C71DD14494E21BC25EBC
Authority key identifier: D5:06:97:94:36:76:39:9A:C5:CA:C6:A3:E4:76:54:5A:F0:DF:49:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1QaXlDZ2OZrFysaj5HZUWvDfSd0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/5f6aff-13bb-4db8-957f-8d23ac5cb502/1/WtRfftuB7aI03TS--tEn5PSmZ40.roa
Signing time: Thu 08 Jun 2023 12:09:11 +0000
ROA not before: Thu 08 Jun 2023 12:09:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 375
IP address blocks: 192.49.173.0/24 maxlen: 24
192.49.174.0/23 maxlen: 23
192.49.176.0/20 maxlen: 20
131.207.0.0/17 maxlen: 17
192.49.20.0/24 maxlen: 24
192.49.19.0/24 maxlen: 24
192.49.22.0/24 maxlen: 24
192.49.36.0/22 maxlen: 22
192.49.40.0/23 maxlen: 23
192.49.52.0/23 maxlen: 23
192.49.56.0/21 maxlen: 21
192.49.55.0/24 maxlen: 24
192.49.64.0/22 maxlen: 22
192.49.0.0/21 maxlen: 21
192.49.9.0/24 maxlen: 24
192.49.10.0/24 maxlen: 24
192.49.124.0/23 maxlen: 23
192.49.119.0/24 maxlen: 24
192.49.120.0/22 maxlen: 22
192.49.126.0/24 maxlen: 24
192.49.131.0/24 maxlen: 24
192.49.134.0/24 maxlen: 24
192.49.136.0/23 maxlen: 23
192.49.139.0/24 maxlen: 24
192.49.140.0/23 maxlen: 23
192.49.144.0/24 maxlen: 24
192.49.152.0/21 maxlen: 21
192.49.146.0/24 maxlen: 24
192.49.148.0/22 maxlen: 22
192.49.160.0/23 maxlen: 23
192.49.164.0/22 maxlen: 22
192.49.163.0/24 maxlen: 24
192.49.168.0/23 maxlen: 23
192.49.170.0/24 maxlen: 24
192.49.68.0/24 maxlen: 24
192.49.70.0/23 maxlen: 23
192.49.86.0/23 maxlen: 23
192.49.91.0/24 maxlen: 24
192.49.96.0/24 maxlen: 24
192.49.98.0/23 maxlen: 23
192.49.92.0/22 maxlen: 22
192.49.100.0/23 maxlen: 23
192.49.103.0/24 maxlen: 24
192.49.104.0/24 maxlen: 24
192.49.106.0/23 maxlen: 23
192.49.108.0/22 maxlen: 22
192.49.114.0/23 maxlen: 23
2a03:9b80::/34 maxlen: 34
Validation: Failed, certificate revoked on Tue 15 Aug 2023 09:24:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:9a:e9:29:e5:b0:39:c7:1d:d1:44:94:e2:1b:c2:5e:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d50697943676399ac5cac6a3e476545af0df49dd
Validity
Not Before: Jun 8 12:09:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5ad45f7edb81eda234dd34befad127e4f4a6678d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:97:57:aa:3a:1c:67:b4:b3:11:8e:b6:a9:05:
cc:ae:ef:f0:b3:ff:da:92:1f:a0:c8:08:fe:14:9f:
65:ce:c0:6a:ff:cf:f9:1d:50:1c:4f:0e:5f:a7:6a:
e6:73:e7:46:a6:86:23:1c:49:45:e0:5d:88:e7:7e:
8b:16:d4:c2:21:eb:4c:7d:cd:a4:ea:1d:35:1d:7f:
19:83:c9:06:30:ed:fe:e8:ed:71:1d:9c:77:06:0f:
84:38:dd:3c:71:c6:bb:61:be:5a:af:7d:27:0f:73:
4e:19:48:00:0f:d2:d1:1a:98:9b:a8:1a:77:c5:3d:
a2:7e:48:8a:7d:1a:02:17:5a:88:7b:06:9e:2a:ab:
45:aa:73:04:49:a4:c5:c5:b0:fe:3a:68:fc:62:48:
77:3b:52:70:1d:64:c8:0a:36:51:a9:71:3f:ed:50:
45:b0:f1:fb:54:03:85:dd:aa:72:b8:20:52:d1:0b:
a3:ee:d4:f4:d8:9d:68:cf:3f:2d:fc:ca:0d:05:e4:
f9:9b:93:d3:fe:86:10:52:44:76:68:06:fe:23:dd:
91:94:ab:e6:54:65:21:91:23:cc:99:77:d4:00:bd:
52:c6:11:16:6c:26:ea:c4:ab:84:29:7c:94:dc:b5:
f3:70:6c:0e:45:e3:21:cb:ee:be:45:ce:4c:40:a2:
07:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:D4:5F:7E:DB:81:ED:A2:34:DD:34:BE:FA:D1:27:E4:F4:A6:67:8D
X509v3 Authority Key Identifier:
keyid:D5:06:97:94:36:76:39:9A:C5:CA:C6:A3:E4:76:54:5A:F0:DF:49:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1QaXlDZ2OZrFysaj5HZUWvDfSd0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/5f6aff-13bb-4db8-957f-8d23ac5cb502/1/WtRfftuB7aI03TS--tEn5PSmZ40.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/5f6aff-13bb-4db8-957f-8d23ac5cb502/1/1QaXlDZ2OZrFysaj5HZUWvDfSd0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
131.207.0.0/17
192.49.0.0/21
192.49.9.0-192.49.10.255
192.49.19.0-192.49.20.255
192.49.22.0/24
192.49.36.0-192.49.41.255
192.49.52.0/23
192.49.55.0-192.49.68.255
192.49.70.0/23
192.49.86.0/23
192.49.91.0-192.49.96.255
192.49.98.0-192.49.101.255
192.49.103.0-192.49.104.255
192.49.106.0-192.49.111.255
192.49.114.0/23
192.49.119.0-192.49.126.255
192.49.131.0/24
192.49.134.0/24
192.49.136.0/23
192.49.139.0-192.49.141.255
192.49.144.0/24
192.49.146.0/24
192.49.148.0-192.49.161.255
192.49.163.0-192.49.170.255
192.49.173.0-192.49.191.255
IPv6:
2a03:9b80::/34
Signature Algorithm: sha256WithRSAEncryption
4e:66:61:d6:03:6c:df:66:32:1e:e3:d7:60:75:8f:00:34:a8:
98:44:2f:78:ba:00:12:3a:c7:2c:2e:69:04:52:29:d5:4d:da:
ba:01:f6:85:30:92:4a:d5:82:de:ab:79:11:76:da:3f:41:45:
4a:52:a5:4b:1d:01:a1:ab:e5:03:76:e2:eb:c0:84:67:97:b3:
a5:e8:3a:8f:f5:1c:d6:9a:12:42:96:5d:49:1f:02:93:39:b2:
28:d5:34:38:a1:f4:c2:b9:f4:60:7f:d2:8e:d7:da:08:4e:6e:
e2:3d:a0:b8:c5:ca:af:cc:61:aa:86:55:8a:4e:4e:43:33:c0:
68:20:63:ad:3d:be:48:1d:38:a0:fd:0e:60:e2:34:69:4c:b7:
4b:e2:07:d2:f4:17:e0:7f:ad:f0:a2:23:26:49:80:76:d8:c3:
0d:54:21:95:60:f9:b8:1e:87:5e:51:c9:2e:2a:b2:ee:be:aa:
a6:27:c1:e4:09:ec:07:2d:a5:97:27:3b:ba:1a:9b:d1:86:d9:
b8:32:f8:b9:6f:fd:5f:e2:6b:86:fd:03:d2:56:45:2a:e9:dd:
1a:c6:92:71:6c:e6:d2:12:81:ea:e3:6a:c0:a3:af:35:34:05:
ff:3f:1f:b2:99:1e:37:4e:45:95:a2:1a:77:7a:68:0f:5f:24:
a1:50:d4:2b
-----BEGIN CERTIFICATE-----
MIIGDjCCBPagAwIBAgISAYia6SnlsDnHHdFElOIbwl68MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1MDY5Nzk0MzY3NjM5OWFjNWNhYzZhM2U0NzY1NDVhZjBk
ZjQ5ZGQwHhcNMjMwNjA4MTIwOTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YWQ0NWY3ZWRiODFlZGEyMzRkZDM0YmVmYWQxMjdlNGY0YTY2NzhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmpdXqjocZ7SzEY62qQXMru/ws//a
kh+gyAj+FJ9lzsBq/8/5HVAcTw5fp2rmc+dGpoYjHElF4F2I536LFtTCIetMfc2k
6h01HX8Zg8kGMO3+6O1xHZx3Bg+EON08cca7Yb5ar30nD3NOGUgAD9LRGpibqBp3
xT2ifkiKfRoCF1qIewaeKqtFqnMESaTFxbD+Omj8Ykh3O1JwHWTICjZRqXE/7VBF
sPH7VAOF3apyuCBS0Quj7tT02J1ozz8t/MoNBeT5m5PT/oYQUkR2aAb+I92RlKvm
VGUhkSPMmXfUAL1SxhEWbCbqxKuEKXyU3LXzcGwOReMhy+6+Rc5MQKIHZQIDAQAB
o4IDGjCCAxYwHQYDVR0OBBYEFFrUX37bge2iNN00vvrRJ+T0pmeNMB8GA1UdIwQY
MBaAFNUGl5Q2djmaxcrGo+R2VFrw30ndMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVFhWGxEWjJPWnJGeXNhajVIWlVXdkRmU2QwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS81ZjZhZmYtMTNiYi00ZGI4LTk1N2Yt
OGQyM2FjNWNiNTAyLzEvV3RSZmZ0dUI3YUkwM1RTLS10RW41UFNtWjQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS81ZjZhZmYtMTNiYi00ZGI4LTk1N2YtOGQyM2FjNWNiNTAy
LzEvMVFhWGxEWjJPWnJGeXNhajVIWlVXdkRmU2QwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBLgYIKwYBBQUHAQcBAf8EggEdMIIBGTCCAQUEAgABMIH+
AwQHg88AAwQDwDEAMAwDBADAMQkDBADAMQowDAMEAMAxEwMEAMAxFAMEAMAxFjAM
AwQCwDEkAwQBwDEoAwQBwDE0MAwDBADAMTcDBADAMUQDBAHAMUYDBAHAMVYwDAME
AMAxWwMEAMAxYDAMAwQBwDFiAwQBwDFkMAwDBADAMWcDBADAMWgwDAMEAcAxagME
BMAxYAMEAcAxcjAMAwQAwDF3AwQAwDF+AwQAwDGDAwQAwDGGAwQBwDGIMAwDBADA
MYsDBAHAMYwDBADAMZADBADAMZIwDAMEAsAxlAMEAcAxoDAMAwQAwDGjAwQAwDGq
MAwDBADAMa0DBAbAMYAwDgQCAAIwCAMGBioDm4AAMA0GCSqGSIb3DQEBCwUAA4IB
AQBOZmHWA2zfZjIe49dgdY8ANKiYRC94ugASOscsLmkEUinVTdq6AfaFMJJK1YLe
q3kRdto/QUVKUqVLHQGhq+UDduLrwIRnl7Ol6DqP9RzWmhJCll1JHwKTObIo1TQ4
ofTCufRgf9KO19oITm7iPaC4xcqvzGGqhlWKTk5DM8BoIGOtPb5IHTig/Q5g4jRp
TLdL4gfS9Bfgf63woiMmSYB22MMNVCGVYPm4HodeUckuKrLuvqqmJ8HkCewHLaWX
Jzu6GpvRhtm4Mvi5b/1f4muG/QPSVkUq6d0axpJxbObSEoHq42rAo681NAX/Px+y
mR43TkWVohp3emgPXyShUNQr
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:01 2024 by rpki-client on console-fra.rpki-client.org