Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/wZbsKKKsiHdAHiHcCILAaegTNGw.roa
File: wZbsKKKsiHdAHiHcCILAaegTNGw.roa (raw, json)
Hash identifier: NJJdd/UaBheO8685ZK5ZrUWz1Scf4bIeblsU/Qg8Q9U=
Subject key identifier: C1:96:EC:28:A2:AC:88:77:40:1E:21:DC:08:82:C0:69:E8:13:34:6C
Certificate issuer: /CN=87d990131467b77d11162b79fbe3b06ca8ab2d39
Certificate serial: 0189406273672DA68D2839ABBBEEBE9D74E4
Authority key identifier: 87:D9:90:13:14:67:B7:7D:11:16:2B:79:FB:E3:B0:6C:A8:AB:2D:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h9mQExRnt30RFit5--OwbKirLTk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/wZbsKKKsiHdAHiHcCILAaegTNGw.roa
Signing time: Mon 10 Jul 2023 15:19:01 +0000
ROA not before: Mon 10 Jul 2023 15:19:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57809
IP address blocks: 192.214.192.0/19 maxlen: 19
185.87.100.0/22 maxlen: 22
23.90.192.0/18 maxlen: 18
185.20.16.0/22 maxlen: 22
185.134.156.0/22 maxlen: 22
45.133.68.0/22 maxlen: 22
185.133.80.0/22 maxlen: 22
79.99.160.0/21 maxlen: 21
92.119.232.0/22 maxlen: 22
185.197.108.0/22 maxlen: 22
5.183.248.0/22 maxlen: 22
45.89.76.0/22 maxlen: 22
45.92.180.0/22 maxlen: 22
185.48.252.0/22 maxlen: 22
45.129.218.0/24 maxlen: 24
185.163.136.0/22 maxlen: 22
45.129.216.0/24 maxlen: 24
45.129.217.0/24 maxlen: 24
94.187.150.0/24 maxlen: 24
185.241.140.0/22 maxlen: 22
94.154.4.0/24 maxlen: 24
88.218.12.0/22 maxlen: 22
185.191.36.0/22 maxlen: 22
185.163.212.0/22 maxlen: 22
185.86.88.0/22 maxlen: 22
45.86.96.0/22 maxlen: 22
185.163.220.0/22 maxlen: 22
31.204.80.0/21 maxlen: 21
185.163.228.0/22 maxlen: 22
94.187.128.0/19 maxlen: 19
2.59.144.0/22 maxlen: 22
94.187.144.0/22 maxlen: 22
185.186.88.0/22 maxlen: 22
185.169.156.0/22 maxlen: 22
185.132.64.0/22 maxlen: 22
185.135.176.0/22 maxlen: 22
45.142.108.0/22 maxlen: 22
195.216.140.0/22 maxlen: 22
168.220.128.0/19 maxlen: 19
46.18.120.0/22 maxlen: 22
46.18.124.0/24 maxlen: 24
46.18.125.0/24 maxlen: 24
46.18.126.0/23 maxlen: 23
185.254.8.0/22 maxlen: 22
185.138.116.0/22 maxlen: 22
5.10.128.0/21 maxlen: 21
45.80.252.0/22 maxlen: 22
185.98.116.0/22 maxlen: 22
45.152.16.0/22 maxlen: 22
62.192.156.0/22 maxlen: 22
2a00:41e0::/29 maxlen: 32
2a05:b780::/29 maxlen: 29
2a01:648::/29 maxlen: 32
2a00:6780::/29 maxlen: 32
2a05:c100::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:40:62:73:67:2d:a6:8d:28:39:ab:bb:ee:be:9d:74:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87d990131467b77d11162b79fbe3b06ca8ab2d39
Validity
Not Before: Jul 10 15:19:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c196ec28a2ac8877401e21dc0882c069e813346c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:c4:a6:a9:00:c2:ae:6a:45:6c:5d:d7:d9:5e:
b4:96:81:42:a9:58:34:88:15:24:6d:18:94:1c:03:
af:fa:81:dd:f3:ad:b6:14:a0:ed:71:92:e5:25:6c:
8d:5a:03:9f:9c:78:b7:e9:84:0c:8a:89:38:b5:d9:
23:3c:3c:34:47:f3:21:7c:c5:fe:f4:09:34:c4:e0:
ba:84:37:b5:88:c5:4f:8d:c3:b8:dc:86:6c:fe:f3:
23:07:f8:9d:37:af:7d:32:f3:af:f1:c9:3b:1c:a4:
43:2d:23:8c:08:20:30:b8:b1:fe:99:a4:ed:d1:5c:
41:55:e8:7a:be:cf:7b:63:2f:78:8b:55:75:d8:f5:
59:3d:1e:17:99:6a:3f:d0:38:f4:57:04:48:08:98:
b6:60:43:bd:6f:47:95:18:dc:0d:9f:93:14:bb:a0:
de:7f:b9:29:76:fb:45:9a:6b:36:d9:fb:e4:4b:77:
b8:67:0a:2b:72:38:7e:7e:82:ef:bf:f6:15:1f:28:
2b:2b:64:e1:b2:1f:6d:8d:2a:3c:03:d6:48:ac:cc:
40:71:30:e5:b6:a3:75:30:a6:e5:12:e3:05:9e:8e:
c3:69:80:dc:d2:05:81:6d:d4:c3:3f:8e:7e:06:ff:
38:28:5c:9f:e0:ff:62:16:30:58:04:27:71:32:cc:
fb:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:96:EC:28:A2:AC:88:77:40:1E:21:DC:08:82:C0:69:E8:13:34:6C
X509v3 Authority Key Identifier:
keyid:87:D9:90:13:14:67:B7:7D:11:16:2B:79:FB:E3:B0:6C:A8:AB:2D:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h9mQExRnt30RFit5--OwbKirLTk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/wZbsKKKsiHdAHiHcCILAaegTNGw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/h9mQExRnt30RFit5--OwbKirLTk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.144.0/22
5.10.128.0/21
5.183.248.0/22
23.90.192.0/18
31.204.80.0/21
45.80.252.0/22
45.86.96.0/22
45.89.76.0/22
45.92.180.0/22
45.129.216.0-45.129.218.255
45.133.68.0/22
45.142.108.0/22
45.152.16.0/22
46.18.120.0/21
62.192.156.0/22
79.99.160.0/21
88.218.12.0/22
92.119.232.0/22
94.154.4.0/24
94.187.128.0/19
168.220.128.0/19
185.20.16.0/22
185.48.252.0/22
185.86.88.0/22
185.87.100.0/22
185.98.116.0/22
185.132.64.0/22
185.133.80.0/22
185.134.156.0/22
185.135.176.0/22
185.138.116.0/22
185.163.136.0/22
185.163.212.0/22
185.163.220.0/22
185.163.228.0/22
185.169.156.0/22
185.186.88.0/22
185.191.36.0/22
185.197.108.0/22
185.241.140.0/22
185.254.8.0/22
192.214.192.0/19
195.216.140.0/22
IPv6:
2a00:41e0::/29
2a00:6780::/29
2a01:648::/29
2a05:b780::/29
2a05:c100::/29
Signature Algorithm: sha256WithRSAEncryption
17:44:bc:3e:52:b9:e2:10:2e:6c:d3:c7:9b:0b:94:b0:ec:d0:
f8:be:6c:b6:21:a6:67:ab:b4:2a:79:e8:57:4f:47:6f:45:84:
2d:54:ec:bb:e4:a2:90:a9:ca:77:71:e1:0e:1b:74:b6:e5:88:
c6:c1:73:66:4a:07:25:5f:bf:4c:e4:9b:fd:4a:79:8a:bc:ab:
47:2b:71:27:41:e6:cf:0c:ee:42:f0:ab:ba:85:42:d7:8c:d0:
dc:23:22:f8:9d:5f:1e:48:a4:b4:9e:2f:77:80:4b:32:d2:c2:
0b:85:c8:7e:b3:6f:16:fc:04:3c:05:50:68:2b:4d:25:31:20:
67:df:ad:0a:e5:3b:05:7b:aa:7c:c5:17:71:a3:6f:fb:6a:bf:
d2:71:ae:5a:8a:ac:fc:c0:84:27:85:26:e3:87:df:4b:fd:fa:
2a:07:28:04:7b:87:e3:78:e8:ab:4a:1d:47:2c:5a:2b:df:7d:
31:79:e5:df:0a:4a:03:2f:c3:29:50:d0:1c:19:df:07:4c:5a:
49:ab:f4:88:f3:21:cd:23:c4:c0:32:7a:a4:b0:50:8d:e5:81:
83:19:10:6c:0b:c5:13:4d:d7:f6:fb:63:2e:a2:9f:04:22:4c:
c4:d3:01:2d:99:54:d7:9c:80:b8:28:c1:e6:b0:25:cd:71:6b:
1c:2d:02:c4
-----BEGIN CERTIFICATE-----
MIIGNjCCBR6gAwIBAgISAYlAYnNnLaaNKDmru+6+nXTkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3ZDk5MDEzMTQ2N2I3N2QxMTE2MmI3OWZiZTNiMDZjYThh
YjJkMzkwHhcNMjMwNzEwMTUxOTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTk2ZWMyOGEyYWM4ODc3NDAxZTIxZGMwODgyYzA2OWU4MTMzNDZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhMSmqQDCrmpFbF3X2V60loFCqVg0
iBUkbRiUHAOv+oHd8622FKDtcZLlJWyNWgOfnHi36YQMiok4tdkjPDw0R/MhfMX+
9Ak0xOC6hDe1iMVPjcO43IZs/vMjB/idN699MvOv8ck7HKRDLSOMCCAwuLH+maTt
0VxBVeh6vs97Yy94i1V12PVZPR4XmWo/0Dj0VwRICJi2YEO9b0eVGNwNn5MUu6De
f7kpdvtFmms22fvkS3e4Zworcjh+foLvv/YVHygrK2Thsh9tjSo8A9ZIrMxAcTDl
tqN1MKblEuMFno7DaYDc0gWBbdTDP45+Bv84KFyf4P9iFjBYBCdxMsz7ywIDAQAB
o4IDQjCCAz4wHQYDVR0OBBYEFMGW7CiirIh3QB4h3AiCwGnoEzRsMB8GA1UdIwQY
MBaAFIfZkBMUZ7d9ERYrefvjsGyoqy05MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDltUUV4Um50MzBSRml0NS0tT3diS2lyTFRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni81ZGVhOTctN2VmNy00ZGIwLTk0YmMt
YjhlOGIzNGRiMjkwLzEvd1pic0tLS3NpSGRBSGlIY0NJTEFhZWdUTkd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni81ZGVhOTctN2VmNy00ZGIwLTk0YmMtYjhlOGIzNGRiMjkw
LzEvaDltUUV4Um50MzBSRml0NS0tT3diS2lyTFRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBVgYIKwYBBQUHAQcBAf8EggFFMIIBQTCCARIEAgABMIIB
CgMEAgI7kAMEAwUKgAMEAgW3+AMEBhdawAMEAx/MUAMEAi1Q/AMEAi1WYAMEAi1Z
TAMEAi1ctDAMAwQDLYHYAwQALYHaAwQCLYVEAwQCLY5sAwQCLZgQAwQDLhJ4AwQC
PsCcAwQDT2OgAwQCWNoMAwQCXHfoAwQAXpoEAwQFXruAAwQFqNyAAwQCuRQQAwQC
uTD8AwQCuVZYAwQCuVdkAwQCuWJ0AwQCuYRAAwQCuYVQAwQCuYacAwQCuYewAwQC
uYp0AwQCuaOIAwQCuaPUAwQCuaPcAwQCuaPkAwQCuamcAwQCubpYAwQCub8kAwQC
ucVsAwQCufGMAwQCuf4IAwQFwNbAAwQCw9iMMCkEAgACMCMDBQMqAEHgAwUDKgBn
gAMFAyoBBkgDBQMqBbeAAwUDKgXBADANBgkqhkiG9w0BAQsFAAOCAQEAF0S8PlK5
4hAubNPHmwuUsOzQ+L5stiGmZ6u0KnnoV09Hb0WELVTsu+SikKnKd3HhDht0tuWI
xsFzZkoHJV+/TOSb/Up5iryrRytxJ0HmzwzuQvCruoVC14zQ3CMi+J1fHkiktJ4v
d4BLMtLCC4XIfrNvFvwEPAVQaCtNJTEgZ9+tCuU7BXuqfMUXcaNv+2q/0nGuWoqs
/MCEJ4Um44ffS/36KgcoBHuH43joq0odRyxaK999MXnl3wpKAy/DKVDQHBnfB0xa
Sav0iPMhzSPEwDJ6pLBQjeWBgxkQbAvFE03X9vtjLqKfBCJMxNMBLZlU15yAuCjB
5rAlzXFrHC0CxA==
-----END CERTIFICATE-----
Generated at Mon Jan 1 02:53:58 2024 by rpki-client on console-ams.rpki-client.org