Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/d1ee4b-e88a-4e41-a616-4b248da6c96c/1/W8gd-NkQqNmUBScVuXY3lwYzKqY.roa
File: W8gd-NkQqNmUBScVuXY3lwYzKqY.roa (raw, json)
Hash identifier: rXfOMGUahgKr16LhqvocZP7dBPIlmPjRT7+R+vNDVQQ=
Subject key identifier: 5B:C8:1D:F8:D9:10:A8:D9:94:05:27:15:B9:76:37:97:06:33:2A:A6
Certificate issuer: /CN=c2d2a234e224bf87996f2f0df559ead882f9e651
Certificate serial: 018805E4EE1D3C9066F4FEAFFE8C69C13FCB
Authority key identifier: C2:D2:A2:34:E2:24:BF:87:99:6F:2F:0D:F5:59:EA:D8:82:F9:E6:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wtKiNOIkv4eZby8N9Vnq2IL55lE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/d1ee4b-e88a-4e41-a616-4b248da6c96c/1/W8gd-NkQqNmUBScVuXY3lwYzKqY.roa
Signing time: Wed 10 May 2023 13:41:09 +0000
ROA not before: Wed 10 May 2023 13:41:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50926
IP address blocks: 188.95.112.0/21 maxlen: 24
185.101.227.0/24 maxlen: 24
185.176.9.0/24 maxlen: 24
185.176.8.0/24 maxlen: 24
185.176.11.0/24 maxlen: 24
185.176.10.0/24 maxlen: 24
84.246.208.0/21 maxlen: 24
109.68.80.0/21 maxlen: 24
91.213.46.0/24 maxlen: 24
31.24.152.0/21 maxlen: 24
185.70.92.0/22 maxlen: 24
91.142.208.0/20 maxlen: 24
188.164.192.0/21 maxlen: 24
185.23.68.0/22 maxlen: 24
94.127.186.0/24 maxlen: 24
94.127.185.0/24 maxlen: 24
94.127.184.0/24 maxlen: 24
94.127.188.0/24 maxlen: 24
94.127.187.0/24 maxlen: 24
94.127.191.0/24 maxlen: 24
94.127.190.0/24 maxlen: 24
185.222.156.0/22 maxlen: 24
185.129.248.0/22 maxlen: 24
149.62.168.0/21 maxlen: 24
195.5.116.0/23 maxlen: 24
5.175.40.0/21 maxlen: 24
91.200.140.0/22 maxlen: 24
185.101.226.0/24 maxlen: 24
185.101.225.0/24 maxlen: 24
31.24.40.0/21 maxlen: 24
2a01:4b80::/32 maxlen: 32
2a00:5ac0::/44 maxlen: 44
Validation: Failed, certificate revoked on Mon 29 May 2023 14:24:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:05:e4:ee:1d:3c:90:66:f4:fe:af:fe:8c:69:c1:3f:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2d2a234e224bf87996f2f0df559ead882f9e651
Validity
Not Before: May 10 13:41:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5bc81df8d910a8d994052715b976379706332aa6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:ea:fa:c6:10:fc:09:0a:6a:92:4e:22:d0:7f:
54:b8:a9:f1:11:3c:57:7c:5f:c1:24:63:b5:38:a9:
d2:7e:fd:5e:75:da:db:1a:58:3a:48:57:6d:65:5e:
42:7e:ba:3f:bc:b0:0a:f5:87:c8:17:54:b5:f2:2f:
59:5e:8e:c7:96:c4:33:4d:ec:32:25:4a:30:ee:d9:
ba:73:ba:07:9e:52:5b:90:89:33:38:01:99:7e:f0:
73:41:d6:ff:b6:be:89:32:db:85:3a:e6:ae:00:cc:
16:b9:98:79:69:b7:bd:eb:c3:29:fe:34:ab:0f:8c:
28:a3:23:67:b8:9c:49:8e:61:39:03:8c:1f:fb:d7:
32:66:65:c5:df:0a:b6:88:87:b8:ff:18:62:79:67:
f6:5a:01:ec:55:ec:1a:ae:99:2f:ad:49:18:35:fe:
d9:d2:f2:24:20:46:34:fc:2a:61:09:20:80:27:dc:
39:7c:62:af:e0:91:73:34:13:0a:62:6f:63:6b:03:
cf:6d:34:5f:26:80:c4:f6:56:57:17:71:b2:0f:39:
d5:e8:c9:32:76:61:a3:69:c9:2b:9f:b2:80:bf:26:
ab:2f:60:aa:4e:71:f5:3d:9b:30:4a:59:0d:72:32:
7f:0f:09:79:5b:fb:3a:9e:8a:8c:2a:a3:3e:9a:b4:
dc:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:C8:1D:F8:D9:10:A8:D9:94:05:27:15:B9:76:37:97:06:33:2A:A6
X509v3 Authority Key Identifier:
keyid:C2:D2:A2:34:E2:24:BF:87:99:6F:2F:0D:F5:59:EA:D8:82:F9:E6:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wtKiNOIkv4eZby8N9Vnq2IL55lE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/d1ee4b-e88a-4e41-a616-4b248da6c96c/1/W8gd-NkQqNmUBScVuXY3lwYzKqY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/d1ee4b-e88a-4e41-a616-4b248da6c96c/1/wtKiNOIkv4eZby8N9Vnq2IL55lE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.175.40.0/21
31.24.40.0/21
31.24.152.0/21
84.246.208.0/21
91.142.208.0/20
91.200.140.0/22
91.213.46.0/24
94.127.184.0-94.127.188.255
94.127.190.0/23
109.68.80.0/21
149.62.168.0/21
185.23.68.0/22
185.70.92.0/22
185.101.225.0-185.101.227.255
185.129.248.0/22
185.176.8.0/22
185.222.156.0/22
188.95.112.0/21
188.164.192.0/21
195.5.116.0/23
IPv6:
2a00:5ac0::/44
2a01:4b80::/32
Signature Algorithm: sha256WithRSAEncryption
42:5b:48:f9:e3:ad:7f:46:ae:01:d6:6a:20:76:a6:47:4c:0c:
b4:33:e1:f8:21:6f:42:12:33:d8:2b:15:cf:4d:7f:86:c9:90:
73:f2:40:ec:a0:cc:ee:04:cb:a5:42:fc:59:50:18:c6:5e:09:
c1:1f:e6:d8:5f:64:dd:2f:05:1d:c6:35:17:6c:9b:52:fa:22:
c8:73:1a:1b:c1:af:99:21:da:7f:f0:9d:96:6d:82:b1:42:3e:
5a:5c:56:46:1d:25:20:34:db:44:e3:1e:e9:43:c0:54:0d:14:
52:a9:8d:84:9d:9c:b7:31:b3:90:ca:e2:dd:58:20:67:51:27:
6f:e1:e7:34:7f:65:91:2e:ae:56:84:6c:85:9a:5a:99:f6:0a:
0e:d3:64:85:7f:6f:ac:f9:2b:02:29:52:96:99:89:88:a9:7d:
50:26:b9:c2:d6:64:0d:1d:b4:6a:89:b2:cb:83:f5:e3:25:12:
02:29:22:6f:99:d8:33:31:1f:f9:b6:1c:d1:22:df:16:78:b5:
1d:b3:4a:f1:00:17:26:6b:84:b7:d5:e7:78:dd:f6:f9:a3:ee:
ec:c7:46:2b:e3:bf:e3:7e:b5:cd:d9:6b:49:e0:cf:75:b0:96:
81:a0:9f:2c:ff:9d:e5:41:f2:dc:45:28:31:6f:e3:2d:dd:cd:
1e:a4:f9:37
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgISAYgF5O4dPJBm9P6v/oxpwT/LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyZDJhMjM0ZTIyNGJmODc5OTZmMmYwZGY1NTllYWQ4ODJm
OWU2NTEwHhcNMjMwNTEwMTM0MTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmM4MWRmOGQ5MTBhOGQ5OTQwNTI3MTViOTc2Mzc5NzA2MzMyYWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAker6xhD8CQpqkk4i0H9UuKnxETxX
fF/BJGO1OKnSfv1eddrbGlg6SFdtZV5Cfro/vLAK9YfIF1S18i9ZXo7HlsQzTewy
JUow7tm6c7oHnlJbkIkzOAGZfvBzQdb/tr6JMtuFOuauAMwWuZh5abe968Mp/jSr
D4wooyNnuJxJjmE5A4wf+9cyZmXF3wq2iIe4/xhieWf2WgHsVewarpkvrUkYNf7Z
0vIkIEY0/CphCSCAJ9w5fGKv4JFzNBMKYm9jawPPbTRfJoDE9lZXF3GyDznV6Mky
dmGjackrn7KAvyarL2CqTnH1PZswSlkNcjJ/Dwl5W/s6noqMKqM+mrTcmQIDAQAB
o4ICqDCCAqQwHQYDVR0OBBYEFFvIHfjZEKjZlAUnFbl2N5cGMyqmMB8GA1UdIwQY
MBaAFMLSojTiJL+HmW8vDfVZ6tiC+eZRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3RLaU5PSWt2NGVaYnk4TjlWbnEySUw1NWxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9kMWVlNGItZTg4YS00ZTQxLWE2MTYt
NGIyNDhkYTZjOTZjLzEvVzhnZC1Oa1FxTm1VQlNjVnVYWTNsd1l6S3FZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9kMWVlNGItZTg4YS00ZTQxLWE2MTYtNGIyNDhkYTZjOTZj
LzEvd3RLaU5PSWt2NGVaYnk4TjlWbnEySUw1NWxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG9BggrBgEFBQcBBwEB/wSBrTCBqjCBjwQCAAEwgYgDBAMF
rygDBAMfGCgDBAMfGJgDBANU9tADBARbjtADBAJbyIwDBABb1S4wDAMEA15/uAME
AF5/vAMEAV5/vgMEA21EUAMEA5U+qAMEArkXRAMEArlGXDAMAwQAuWXhAwQCuWXg
AwQCuYH4AwQCubAIAwQCud6cAwQDvF9wAwQDvKTAAwQBwwV0MBYEAgACMBADBwQq
AFrAAAADBQAqAUuAMA0GCSqGSIb3DQEBCwUAA4IBAQBCW0j5461/Rq4B1mogdqZH
TAy0M+H4IW9CEjPYKxXPTX+GyZBz8kDsoMzuBMulQvxZUBjGXgnBH+bYX2TdLwUd
xjUXbJtS+iLIcxobwa+ZIdp/8J2WbYKxQj5aXFZGHSUgNNtE4x7pQ8BUDRRSqY2E
nZy3MbOQyuLdWCBnUSdv4ec0f2WRLq5WhGyFmlqZ9goO02SFf2+s+SsCKVKWmYmI
qX1QJrnC1mQNHbRqibLLg/XjJRICKSJvmdgzMR/5thzRIt8WeLUds0rxABcma4S3
1ed43fb5o+7sx0Yr47/jfrXN2WtJ4M91sJaBoJ8s/53lQfLcRSgxb+Mt3c0epPk3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:04 2024 by rpki-client on console-fra.rpki-client.org