Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/W9nOygJIuIq8kE5kJGzk3P0dzeo.roa
File: W9nOygJIuIq8kE5kJGzk3P0dzeo.roa (raw, json)
Hash identifier: nFwtWQ6pnxHt1kYb3oT1A/CX50WZRAsWqDbJsbHFm6g=
Subject key identifier: 5B:D9:CE:CA:02:48:B8:8A:BC:90:4E:64:24:6C:E4:DC:FD:1D:CD:EA
Certificate issuer: /CN=e7f881401abacc88c941fdf740f1ab1536f05dba
Certificate serial: 01856F5DD4AED6F95CE3881E96D5F975E71E
Authority key identifier: E7:F8:81:40:1A:BA:CC:88:C9:41:FD:F7:40:F1:AB:15:36:F0:5D:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5_iBQBq6zIjJQf33QPGrFTbwXbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/W9nOygJIuIq8kE5kJGzk3P0dzeo.roa
Signing time: Sun 01 Jan 2023 22:04:58 +0000
ROA not before: Sun 01 Jan 2023 22:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5578
IP address blocks: 84.245.64.0/18 maxlen: 18
84.245.97.0/24 maxlen: 24
84.245.94.0/24 maxlen: 24
185.130.220.0/22 maxlen: 22
193.110.186.0/23 maxlen: 23
62.168.64.0/18 maxlen: 18
94.124.144.0/21 maxlen: 21
84.245.126.0/24 maxlen: 24
195.168.0.0/16 maxlen: 16
85.248.234.0/24 maxlen: 24
85.248.235.0/24 maxlen: 24
217.67.16.0/20 maxlen: 20
212.26.160.0/19 maxlen: 19
213.215.64.0/18 maxlen: 18
213.215.72.0/22 maxlen: 22
212.26.176.0/20 maxlen: 20
194.1.230.0/24 maxlen: 24
194.1.231.0/24 maxlen: 24
194.1.228.0/24 maxlen: 24
194.1.229.0/24 maxlen: 24
194.1.227.0/24 maxlen: 24
82.119.224.0/20 maxlen: 20
80.250.240.0/20 maxlen: 20
194.1.224.0/24 maxlen: 24
194.1.225.0/24 maxlen: 24
194.1.226.0/24 maxlen: 24
62.197.192.0/18 maxlen: 18
195.12.128.0/19 maxlen: 19
195.46.64.0/19 maxlen: 19
62.197.222.0/24 maxlen: 24
85.248.0.0/16 maxlen: 16
217.75.64.0/19 maxlen: 19
217.75.82.0/23 maxlen: 23
81.88.128.0/20 maxlen: 20
193.58.192.0/22 maxlen: 22
193.58.196.0/23 maxlen: 23
185.220.120.0/22 maxlen: 22
62.65.160.0/19 maxlen: 19
194.1.172.0/22 maxlen: 22
195.72.0.0/19 maxlen: 19
62.152.224.0/19 maxlen: 19
195.98.0.0/19 maxlen: 19
83.168.128.0/18 maxlen: 18
212.81.0.0/19 maxlen: 19
217.172.144.0/20 maxlen: 20
217.118.96.0/20 maxlen: 20
2001:1ba0::/32 maxlen: 32
2a06:dbc0::/29 maxlen: 29
2a02:770::/32 maxlen: 32
2a00:1298::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:5d:d4:ae:d6:f9:5c:e3:88:1e:96:d5:f9:75:e7:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7f881401abacc88c941fdf740f1ab1536f05dba
Validity
Not Before: Jan 1 22:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5bd9ceca0248b88abc904e64246ce4dcfd1dcdea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:35:44:85:54:ec:c9:b7:52:df:a5:a1:8e:e3:
82:d1:d9:8f:c5:e8:46:87:73:63:9a:b2:94:13:8a:
40:04:82:d3:1c:88:b6:75:af:87:5e:18:14:f1:1a:
91:5e:5c:19:45:e7:f3:41:87:1e:8c:17:8f:b4:2d:
54:80:f0:f9:90:c9:24:36:79:50:ce:e3:03:64:91:
dd:34:91:93:3a:19:72:78:93:b3:26:e0:52:3d:50:
d8:f6:ec:b5:f6:00:f2:15:8d:ff:d3:05:d4:96:d0:
71:1c:e8:02:c9:4c:e4:45:ee:85:08:f4:3d:d3:4b:
2f:63:0a:21:25:2b:4a:2c:ab:42:f4:ae:89:1b:52:
e3:03:8c:48:24:4c:b4:66:6f:1c:7c:3d:d8:1a:c2:
7c:20:f1:40:ca:34:6d:59:10:c3:36:cf:d7:49:d9:
bc:fc:30:b3:c3:6f:d4:ab:65:4f:27:cc:94:05:d4:
b3:ac:c1:62:c8:08:bc:5a:e3:71:d5:fd:fc:3e:c8:
a9:15:ca:3b:79:b1:65:81:8a:00:4d:c4:bc:21:0b:
a1:af:c9:c8:1a:3d:27:99:dd:36:21:8c:fc:99:b4:
3f:c5:d7:28:6f:6c:e3:6d:ae:35:c7:85:32:1a:7d:
d3:88:ea:e7:d3:59:f9:f9:53:e9:82:9d:c2:9e:8d:
f1:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:D9:CE:CA:02:48:B8:8A:BC:90:4E:64:24:6C:E4:DC:FD:1D:CD:EA
X509v3 Authority Key Identifier:
keyid:E7:F8:81:40:1A:BA:CC:88:C9:41:FD:F7:40:F1:AB:15:36:F0:5D:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5_iBQBq6zIjJQf33QPGrFTbwXbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/W9nOygJIuIq8kE5kJGzk3P0dzeo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/5_iBQBq6zIjJQf33QPGrFTbwXbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.65.160.0/19
62.152.224.0/19
62.168.64.0/18
62.197.192.0/18
80.250.240.0/20
81.88.128.0/20
82.119.224.0/20
83.168.128.0/18
84.245.64.0/18
85.248.0.0/16
94.124.144.0/21
185.130.220.0/22
185.220.120.0/22
193.58.192.0-193.58.197.255
193.110.186.0/23
194.1.172.0/22
194.1.224.0/21
195.12.128.0/19
195.46.64.0/19
195.72.0.0/19
195.98.0.0/19
195.168.0.0/16
212.26.160.0/19
212.81.0.0/19
213.215.64.0/18
217.67.16.0/20
217.75.64.0/19
217.118.96.0/20
217.172.144.0/20
IPv6:
2001:1ba0::/32
2a00:1298::/32
2a02:770::/32
2a06:dbc0::/29
Signature Algorithm: sha256WithRSAEncryption
3a:db:01:1f:ec:d0:ef:db:2b:81:52:30:05:1e:f1:52:29:87:
b5:74:bd:5d:f4:e7:88:14:3e:22:fc:c2:13:f0:c2:e8:c5:6d:
f6:22:dd:9c:c7:8d:19:7c:80:8e:51:ab:9d:21:6b:b0:e5:05:
4a:c7:8b:b3:68:9d:be:49:8d:1b:3e:30:b0:94:51:6c:8f:ee:
ad:00:62:26:a5:65:6e:60:a0:dc:65:94:e8:89:8f:eb:74:67:
58:3e:6b:91:82:65:53:e7:09:90:95:50:0f:13:1b:f9:6d:fe:
e0:d0:67:a6:3c:dc:71:77:c9:bb:ac:1c:2c:60:c2:ec:47:5a:
e6:ff:6d:2a:f3:8f:85:13:8d:31:17:21:b9:d3:73:f7:9c:99:
16:b1:00:7f:00:1a:27:7e:c7:50:8b:67:66:54:6b:86:7c:3c:
57:6c:69:f7:a4:0f:1d:84:1b:af:66:de:2c:ce:7d:ca:d2:d2:
7e:35:6c:02:7d:a7:40:57:d5:0d:f1:45:dc:1f:ff:e6:2f:f8:
ec:35:4f:fd:9a:7a:e0:dd:4c:e1:aa:fc:56:bd:a8:1c:80:b3:
36:7f:2e:84:61:a6:8b:22:9e:6d:a8:f6:19:4c:e4:1d:e5:98:
49:9f:75:41:6a:14:78:e3:32:1f:99:39:8d:a9:3a:df:7a:84:
bb:55:26:90
-----BEGIN CERTIFICATE-----
MIIF1DCCBLygAwIBAgISAYVvXdSu1vlc44geltX5deceMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Zjg4MTQwMWFiYWNjODhjOTQxZmRmNzQwZjFhYjE1MzZm
MDVkYmEwHhcNMjMwMTAxMjIwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmQ5Y2VjYTAyNDhiODhhYmM5MDRlNjQyNDZjZTRkY2ZkMWRjZGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkTVEhVTsybdS36WhjuOC0dmPxehG
h3NjmrKUE4pABILTHIi2da+HXhgU8RqRXlwZRefzQYcejBePtC1UgPD5kMkkNnlQ
zuMDZJHdNJGTOhlyeJOzJuBSPVDY9uy19gDyFY3/0wXUltBxHOgCyUzkRe6FCPQ9
00svYwohJStKLKtC9K6JG1LjA4xIJEy0Zm8cfD3YGsJ8IPFAyjRtWRDDNs/XSdm8
/DCzw2/Uq2VPJ8yUBdSzrMFiyAi8WuNx1f38PsipFco7ebFlgYoATcS8IQuhr8nI
Gj0nmd02IYz8mbQ/xdcob2zjba41x4UyGn3TiOrn01n5+VPpgp3Cno3x1QIDAQAB
o4IC4DCCAtwwHQYDVR0OBBYEFFvZzsoCSLiKvJBOZCRs5Nz9Hc3qMB8GA1UdIwQY
MBaAFOf4gUAausyIyUH990DxqxU28F26MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNV9pQlFCcTZ6SWpKUWYzM1FQR3JGVGJ3WGJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS9mNTUzNGEtYTYxMy00N2JlLWI0MmIt
ZTJmYmMzYTY4ODAwLzEvVzluT3lnSkl1SXE4a0U1a0pHemszUDBkemVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS9mNTUzNGEtYTYxMy00N2JlLWI0MmItZTJmYmMzYTY4ODAw
LzEvNV9pQlFCcTZ6SWpKUWYzM1FQR3JGVGJ3WGJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH1BggrBgEFBQcBBwEB/wSB5TCB4jCBuwQCAAEwgbQDBAU+
QaADBAU+mOADBAY+qEADBAY+xcADBARQ+vADBARRWIADBARSd+ADBAZTqIADBAZU
9UADAwBV+AMEA158kAMEArmC3AMEArnceDAMAwQGwTrAAwQBwTrEAwQBwW66AwQC
wgGsAwQDwgHgAwQFwwyAAwQFwy5AAwQFw0gAAwQFw2IAAwMAw6gDBAXUGqADBAXU
UQADBAbV10ADBATZQxADBAXZS0ADBATZdmADBATZrJAwIgQCAAIwHAMFACABG6AD
BQAqABKYAwUAKgIHcAMFAyoG28AwDQYJKoZIhvcNAQELBQADggEBADrbAR/s0O/b
K4FSMAUe8VIph7V0vV3054gUPiL8whPwwujFbfYi3ZzHjRl8gI5Rq50ha7DlBUrH
i7Nonb5JjRs+MLCUUWyP7q0AYialZW5goNxllOiJj+t0Z1g+a5GCZVPnCZCVUA8T
G/lt/uDQZ6Y83HF3ybusHCxgwuxHWub/bSrzj4UTjTEXIbnTc/ecmRaxAH8AGid+
x1CLZ2ZUa4Z8PFdsafekDx2EG69m3izOfcrS0n41bAJ9p0BX1Q3xRdwf/+Yv+Ow1
T/2aeuDdTOGq/Fa9qByAszZ/LoRhposinm2o9hlM5B3lmEmfdUFqFHjjMh+ZOY2p
Ot96hLtVJpA=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:04 2023 by rpki-client on console-ams.rpki-client.org