Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/UwDIjkOJHqWQ3yKI2xrTgnJ3zUc.roa
File: UwDIjkOJHqWQ3yKI2xrTgnJ3zUc.roa (raw, json)
Hash identifier: Fo4NC9/C32aVslXGGlIF/4/OskD5vL7IzE3j1Z5Lt4A=
Subject key identifier: 53:00:C8:8E:43:89:1E:A5:90:DF:22:88:DB:1A:D3:82:72:77:CD:47
Certificate issuer: /CN=87d990131467b77d11162b79fbe3b06ca8ab2d39
Certificate serial: 01891C19A6CF8C9526303CE541CBB2AAFC12
Authority key identifier: 87:D9:90:13:14:67:B7:7D:11:16:2B:79:FB:E3:B0:6C:A8:AB:2D:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h9mQExRnt30RFit5--OwbKirLTk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/UwDIjkOJHqWQ3yKI2xrTgnJ3zUc.roa
Signing time: Mon 03 Jul 2023 14:13:10 +0000
ROA not before: Mon 03 Jul 2023 14:13:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16347
IP address blocks: 192.214.192.0/19 maxlen: 19
23.90.192.0/18 maxlen: 18
185.87.100.0/22 maxlen: 22
185.20.16.0/22 maxlen: 22
185.134.156.0/22 maxlen: 22
45.133.68.0/22 maxlen: 22
185.133.80.0/22 maxlen: 22
79.99.160.0/21 maxlen: 21
92.119.232.0/22 maxlen: 22
185.197.108.0/22 maxlen: 22
5.183.248.0/22 maxlen: 22
45.89.76.0/22 maxlen: 22
45.92.180.0/22 maxlen: 22
185.48.252.0/22 maxlen: 22
45.129.218.0/24 maxlen: 24
45.129.217.0/24 maxlen: 24
185.163.136.0/22 maxlen: 22
45.129.216.0/24 maxlen: 24
185.241.140.0/22 maxlen: 22
94.154.4.0/24 maxlen: 24
88.218.12.0/22 maxlen: 22
185.191.36.0/22 maxlen: 22
185.163.212.0/22 maxlen: 22
185.86.88.0/22 maxlen: 22
45.86.96.0/22 maxlen: 22
185.163.220.0/22 maxlen: 22
31.204.80.0/21 maxlen: 21
185.163.228.0/22 maxlen: 22
94.187.128.0/19 maxlen: 19
2.59.144.0/22 maxlen: 22
185.186.88.0/22 maxlen: 22
185.169.156.0/22 maxlen: 22
185.132.64.0/22 maxlen: 22
45.142.108.0/22 maxlen: 22
185.135.176.0/22 maxlen: 22
195.216.140.0/22 maxlen: 22
168.220.128.0/19 maxlen: 19
46.18.120.0/22 maxlen: 22
46.18.124.0/24 maxlen: 24
46.18.125.0/24 maxlen: 24
46.18.126.0/23 maxlen: 23
185.254.8.0/22 maxlen: 22
185.138.116.0/22 maxlen: 22
5.10.128.0/21 maxlen: 21
45.80.252.0/22 maxlen: 22
185.98.116.0/22 maxlen: 22
45.152.16.0/22 maxlen: 22
62.192.156.0/22 maxlen: 22
2a00:41e0::/29 maxlen: 29
2a05:b780::/29 maxlen: 29
2a01:648::/29 maxlen: 29
2a00:6780::/29 maxlen: 29
2a05:c100::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:1c:19:a6:cf:8c:95:26:30:3c:e5:41:cb:b2:aa:fc:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87d990131467b77d11162b79fbe3b06ca8ab2d39
Validity
Not Before: Jul 3 14:13:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5300c88e43891ea590df2288db1ad3827277cd47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:49:d2:0a:4e:92:1c:97:21:a5:21:69:94:6e:
8d:dd:33:6e:8e:00:1e:49:5d:99:0e:e6:c6:ee:bd:
4d:2c:f7:11:d2:20:5e:66:36:fe:58:20:b7:a7:f9:
5a:da:07:18:71:1a:36:97:f9:4e:9e:c7:6c:a3:57:
bd:63:c2:78:42:c5:c3:89:6b:c8:fa:fb:ee:46:24:
75:43:10:aa:53:a1:64:92:7b:95:92:70:d9:ae:ed:
ac:e6:42:dd:b5:ef:36:cf:db:d9:9d:85:b0:ee:d9:
93:82:4a:b2:18:e7:78:61:34:57:b9:3a:c8:3f:11:
5c:16:67:3f:b0:e3:07:6c:5d:f1:94:f0:8b:fa:db:
76:a7:28:51:5f:e9:f1:d0:20:20:28:6d:5a:c9:33:
50:f2:d3:e3:9c:d4:24:ab:ed:78:2b:48:40:81:c1:
68:c0:41:4e:0d:c9:90:42:2d:da:54:c4:30:4e:8f:
d6:2d:43:ae:6d:a1:55:6f:6a:8e:01:55:d4:ee:58:
76:47:38:4b:f0:bf:f8:49:e3:c6:f0:81:fd:33:b9:
61:c4:9a:5b:ab:dc:30:a8:38:b2:59:20:32:e7:02:
d4:54:f7:78:84:68:a4:df:e0:64:7e:cb:11:25:cf:
d8:a5:cd:11:5e:53:80:df:f9:be:72:e2:71:b8:7e:
2d:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:00:C8:8E:43:89:1E:A5:90:DF:22:88:DB:1A:D3:82:72:77:CD:47
X509v3 Authority Key Identifier:
keyid:87:D9:90:13:14:67:B7:7D:11:16:2B:79:FB:E3:B0:6C:A8:AB:2D:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h9mQExRnt30RFit5--OwbKirLTk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/UwDIjkOJHqWQ3yKI2xrTgnJ3zUc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/h9mQExRnt30RFit5--OwbKirLTk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.144.0/22
5.10.128.0/21
5.183.248.0/22
23.90.192.0/18
31.204.80.0/21
45.80.252.0/22
45.86.96.0/22
45.89.76.0/22
45.92.180.0/22
45.129.216.0-45.129.218.255
45.133.68.0/22
45.142.108.0/22
45.152.16.0/22
46.18.120.0/21
62.192.156.0/22
79.99.160.0/21
88.218.12.0/22
92.119.232.0/22
94.154.4.0/24
94.187.128.0/19
168.220.128.0/19
185.20.16.0/22
185.48.252.0/22
185.86.88.0/22
185.87.100.0/22
185.98.116.0/22
185.132.64.0/22
185.133.80.0/22
185.134.156.0/22
185.135.176.0/22
185.138.116.0/22
185.163.136.0/22
185.163.212.0/22
185.163.220.0/22
185.163.228.0/22
185.169.156.0/22
185.186.88.0/22
185.191.36.0/22
185.197.108.0/22
185.241.140.0/22
185.254.8.0/22
192.214.192.0/19
195.216.140.0/22
IPv6:
2a00:41e0::/29
2a00:6780::/29
2a01:648::/29
2a05:b780::/29
2a05:c100::/29
Signature Algorithm: sha256WithRSAEncryption
69:b3:c7:14:0c:f3:d6:4a:16:a6:0f:60:d2:28:5a:a1:29:bc:
e9:97:6a:61:9f:96:e5:6e:c5:74:c0:57:fc:8c:f9:1a:f8:3d:
5b:67:3d:ff:8f:38:fc:61:c0:bd:8e:d2:41:70:95:cd:df:23:
0a:7c:66:a6:3d:28:f8:2c:c6:af:ab:c1:53:0e:16:93:bb:ff:
df:9e:47:bd:a7:e0:b3:9c:df:77:9c:4b:38:9d:b9:4d:2e:29:
70:4e:10:9e:3e:26:45:a6:8e:75:b7:ae:0a:1d:e1:5a:52:3d:
ae:7f:69:68:14:cd:5f:a6:41:8d:4e:f4:77:5d:fb:6b:71:07:
82:60:f6:c9:10:7b:99:45:ec:bb:a6:76:2e:9c:a6:e5:6e:9a:
b9:2b:03:8b:51:e1:5d:34:1b:5d:e7:b6:c9:98:ff:c6:bc:f3:
55:1c:17:73:ba:c3:50:dc:6e:0b:ee:5e:92:6e:f1:e9:be:2c:
79:31:99:31:0d:74:2a:1c:45:0b:36:99:cc:76:ce:51:13:c7:
8a:af:90:f4:e5:73:64:19:d4:c3:e5:58:39:cb:f5:1e:63:1e:
8e:af:62:a0:76:bb:9e:6d:c5:de:6f:ed:96:1f:87:be:fe:be:
f4:50:a2:a4:2e:c2:51:7e:27:67:ef:b9:b9:34:5d:3b:16:c8:
98:dc:9d:a1
-----BEGIN CERTIFICATE-----
MIIGNjCCBR6gAwIBAgISAYkcGabPjJUmMDzlQcuyqvwSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3ZDk5MDEzMTQ2N2I3N2QxMTE2MmI3OWZiZTNiMDZjYThh
YjJkMzkwHhcNMjMwNzAzMTQxMzEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzAwYzg4ZTQzODkxZWE1OTBkZjIyODhkYjFhZDM4MjcyNzdjZDQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtknSCk6SHJchpSFplG6N3TNujgAe
SV2ZDubG7r1NLPcR0iBeZjb+WCC3p/la2gcYcRo2l/lOnsdso1e9Y8J4QsXDiWvI
+vvuRiR1QxCqU6FkknuVknDZru2s5kLdte82z9vZnYWw7tmTgkqyGOd4YTRXuTrI
PxFcFmc/sOMHbF3xlPCL+tt2pyhRX+nx0CAgKG1ayTNQ8tPjnNQkq+14K0hAgcFo
wEFODcmQQi3aVMQwTo/WLUOubaFVb2qOAVXU7lh2RzhL8L/4SePG8IH9M7lhxJpb
q9wwqDiyWSAy5wLUVPd4hGik3+BkfssRJc/Ypc0RXlOA3/m+cuJxuH4tMQIDAQAB
o4IDQjCCAz4wHQYDVR0OBBYEFFMAyI5DiR6lkN8iiNsa04Jyd81HMB8GA1UdIwQY
MBaAFIfZkBMUZ7d9ERYrefvjsGyoqy05MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDltUUV4Um50MzBSRml0NS0tT3diS2lyTFRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni81ZGVhOTctN2VmNy00ZGIwLTk0YmMt
YjhlOGIzNGRiMjkwLzEvVXdESWprT0pIcVdRM3lLSTJ4clRnbkozelVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni81ZGVhOTctN2VmNy00ZGIwLTk0YmMtYjhlOGIzNGRiMjkw
LzEvaDltUUV4Um50MzBSRml0NS0tT3diS2lyTFRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBVgYIKwYBBQUHAQcBAf8EggFFMIIBQTCCARIEAgABMIIB
CgMEAgI7kAMEAwUKgAMEAgW3+AMEBhdawAMEAx/MUAMEAi1Q/AMEAi1WYAMEAi1Z
TAMEAi1ctDAMAwQDLYHYAwQALYHaAwQCLYVEAwQCLY5sAwQCLZgQAwQDLhJ4AwQC
PsCcAwQDT2OgAwQCWNoMAwQCXHfoAwQAXpoEAwQFXruAAwQFqNyAAwQCuRQQAwQC
uTD8AwQCuVZYAwQCuVdkAwQCuWJ0AwQCuYRAAwQCuYVQAwQCuYacAwQCuYewAwQC
uYp0AwQCuaOIAwQCuaPUAwQCuaPcAwQCuaPkAwQCuamcAwQCubpYAwQCub8kAwQC
ucVsAwQCufGMAwQCuf4IAwQFwNbAAwQCw9iMMCkEAgACMCMDBQMqAEHgAwUDKgBn
gAMFAyoBBkgDBQMqBbeAAwUDKgXBADANBgkqhkiG9w0BAQsFAAOCAQEAabPHFAzz
1koWpg9g0ihaoSm86ZdqYZ+W5W7FdMBX/Iz5Gvg9W2c9/484/GHAvY7SQXCVzd8j
Cnxmpj0o+CzGr6vBUw4Wk7v/355Hvafgs5zfd5xLOJ25TS4pcE4Qnj4mRaaOdbeu
Ch3hWlI9rn9paBTNX6ZBjU70d137a3EHgmD2yRB7mUXsu6Z2Lpym5W6auSsDi1Hh
XTQbXee2yZj/xrzzVRwXc7rDUNxuC+5ekm7x6b4seTGZMQ10KhxFCzaZzHbOURPH
iq+Q9OVzZBnUw+VYOcv1HmMejq9ioHa7nm3F3m/tlh+Hvv6+9FCipC7CUX4nZ++5
uTRdOxbImNydoQ==
-----END CERTIFICATE-----
Generated at Mon Jan 1 02:53:57 2024 by rpki-client on console-ams.rpki-client.org