Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/Wtx2ThMpkiY8yjS97d5FUVB4AiI.roa
File: Wtx2ThMpkiY8yjS97d5FUVB4AiI.roa (raw, json)
Hash identifier: R/QFoHK5Kxpr9Fsaz5/5P1H7OM5uIRn1ppozU50GsgA=
Subject key identifier: 5A:DC:76:4E:13:29:92:26:3C:CA:34:BD:ED:DE:45:51:50:78:02:22
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 0191718C42AF9B764156ED6A61CBCE6806AB
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/Wtx2ThMpkiY8yjS97d5FUVB4AiI.roa
Signing time: Tue 20 Aug 2024 20:48:23 +0000
ROA not before: Tue 20 Aug 2024 20:48:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 23959
IP address blocks: 45.14.64.0/22 maxlen: 24
45.14.70.0/24 maxlen: 24
45.14.105.0/24 maxlen: 24
45.14.107.0/24 maxlen: 24
45.66.128.0/22 maxlen: 24
45.66.216.0/22 maxlen: 24
45.130.21.0/24 maxlen: 24
45.142.125.0/24 maxlen: 24
45.142.126.0/24 maxlen: 24
45.142.127.0/24 maxlen: 24
45.143.232.0/22 maxlen: 24
45.143.232.0/24 maxlen: 24
45.143.233.0/24 maxlen: 24
45.143.234.0/24 maxlen: 24
45.143.235.0/24 maxlen: 24
45.149.156.0/22 maxlen: 24
45.159.48.0/22 maxlen: 24
79.143.140.0/22 maxlen: 24
88.214.22.0/24 maxlen: 24
91.200.240.0/24 maxlen: 24
91.200.242.0/24 maxlen: 24
91.200.243.0/24 maxlen: 24
92.60.43.0/24 maxlen: 24
94.124.119.0/24 maxlen: 24
95.214.164.0/24 maxlen: 24
95.214.165.0/24 maxlen: 24
141.98.196.0/24 maxlen: 24
141.98.197.0/24 maxlen: 24
141.98.198.0/24 maxlen: 24
147.78.240.0/21 maxlen: 24
149.62.44.0/24 maxlen: 24
149.62.46.0/24 maxlen: 24
149.62.47.0/24 maxlen: 24
176.119.148.0/22 maxlen: 24
185.194.54.0/24 maxlen: 24
185.200.64.0/24 maxlen: 24
185.200.66.0/24 maxlen: 24
193.32.148.0/22 maxlen: 24
193.111.30.0/23 maxlen: 24
194.36.24.0/24 maxlen: 24
194.104.153.0/24 maxlen: 24
194.104.154.0/24 maxlen: 24
194.104.155.0/24 maxlen: 24
194.169.54.0/24 maxlen: 24
195.245.219.0/24 maxlen: 24
195.245.241.0/24 maxlen: 24
195.245.242.0/24 maxlen: 24
2a09:7::/36 maxlen: 48
2a0d:c7c1::/32 maxlen: 48
Validation: Failed, certificate revoked on Thu 17 Oct 2024 04:25:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:71:8c:42:af:9b:76:41:56:ed:6a:61:cb:ce:68:06:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Aug 20 20:48:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5adc764e132992263cca34bdedde455150780222
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:77:2f:d5:5c:e9:a1:a0:15:4d:47:53:24:3b:
d8:10:f0:47:af:90:42:0f:b4:9e:3e:7a:b9:1d:16:
43:69:59:bb:e6:0f:3b:95:b1:a3:57:fc:73:39:03:
10:f3:09:41:34:5e:19:88:de:d0:96:26:57:ac:37:
b9:2b:ac:d1:76:07:13:63:1b:b0:84:94:e7:bb:bd:
2a:3f:2c:2f:40:2b:8d:87:5a:b3:34:12:07:dc:92:
42:8c:ca:73:69:73:0c:4f:8b:06:e7:2b:30:cc:a7:
36:e7:79:a5:e1:b1:a6:a0:82:b9:a1:bc:a2:53:08:
13:19:37:76:58:d8:30:d1:59:74:60:8f:14:00:41:
91:1a:da:e7:51:c7:fb:36:27:6d:2f:e3:68:bb:29:
56:3b:1a:52:16:9f:c2:de:3b:94:ef:a7:88:d2:4b:
48:bb:de:46:78:bc:51:79:d6:aa:a7:ea:e4:12:43:
fd:03:ab:cc:96:df:57:88:b5:51:a4:72:b3:70:49:
dc:d8:65:5d:a6:ba:bd:a6:75:d9:f2:ae:c9:8e:a7:
87:61:46:8b:a7:66:3d:8a:08:ce:82:ed:4c:e0:e0:
68:40:2e:49:a5:e1:93:11:13:b6:46:4e:ee:93:06:
c0:19:f1:d2:94:e8:ed:7a:7b:3c:a8:89:62:c4:16:
d8:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:DC:76:4E:13:29:92:26:3C:CA:34:BD:ED:DE:45:51:50:78:02:22
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/Wtx2ThMpkiY8yjS97d5FUVB4AiI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.64.0/22
45.14.70.0/24
45.14.105.0/24
45.14.107.0/24
45.66.128.0/22
45.66.216.0/22
45.130.21.0/24
45.142.125.0-45.142.127.255
45.143.232.0/22
45.149.156.0/22
45.159.48.0/22
79.143.140.0/22
88.214.22.0/24
91.200.240.0/24
91.200.242.0/23
92.60.43.0/24
94.124.119.0/24
95.214.164.0/23
141.98.196.0-141.98.198.255
147.78.240.0/21
149.62.44.0/24
149.62.46.0/23
176.119.148.0/22
185.194.54.0/24
185.200.64.0/24
185.200.66.0/24
193.32.148.0/22
193.111.30.0/23
194.36.24.0/24
194.104.153.0-194.104.155.255
194.169.54.0/24
195.245.219.0/24
195.245.241.0-195.245.242.255
IPv6:
2a09:7::/36
2a0d:c7c1::/32
Signature Algorithm: sha256WithRSAEncryption
68:1f:d6:cd:03:d1:9b:12:9b:ac:ce:b9:a8:84:9d:2a:2e:19:
bb:eb:16:89:5f:85:96:64:95:ea:98:62:2f:83:79:5b:41:c4:
2d:f6:20:41:c4:31:c5:00:96:07:11:43:1f:a0:3f:dc:df:3d:
0d:3b:bc:58:a4:dd:b5:bd:0b:f4:23:94:47:af:0d:4c:1e:71:
2e:50:00:82:5f:d4:af:26:3b:3c:00:20:0a:ed:c0:08:c1:ae:
21:e0:0b:87:98:46:7c:31:de:f1:74:b2:8b:a0:0f:b0:f8:71:
d7:71:e8:76:f6:ac:ba:2a:26:56:24:bd:9e:eb:61:22:f2:44:
ca:46:07:53:f2:cd:48:23:29:94:5e:95:c6:7e:6e:cf:13:27:
0b:b2:af:fb:80:e9:29:8b:e1:8f:5a:b0:b2:0a:1f:4e:80:b1:
d9:0f:06:63:ca:92:d8:75:13:ba:1e:13:12:70:6b:c7:c2:cb:
3d:39:ce:9f:b8:16:b3:0e:18:b3:ef:ca:a7:82:38:51:36:6b:
0a:a2:c9:57:4b:4c:fb:23:07:72:24:83:83:78:ff:a1:29:1f:
6c:4b:52:aa:d2:21:ec:d3:cf:78:1c:9a:25:c9:3c:78:4f:cc:
39:b8:4c:d5:8d:1d:ae:1b:ba:45:35:89:81:82:39:fd:ef:44:
a1:9a:db:e1
-----BEGIN CERTIFICATE-----
MIIF/DCCBOSgAwIBAgISAZFxjEKvm3ZBVu1qYcvOaAarMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjQwODIwMjA0ODIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YWRjNzY0ZTEzMjk5MjI2M2NjYTM0YmRlZGRlNDU1MTUwNzgwMjIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtncv1VzpoaAVTUdTJDvYEPBHr5BC
D7SePnq5HRZDaVm75g87lbGjV/xzOQMQ8wlBNF4ZiN7QliZXrDe5K6zRdgcTYxuw
hJTnu70qPywvQCuNh1qzNBIH3JJCjMpzaXMMT4sG5yswzKc253ml4bGmoIK5obyi
UwgTGTd2WNgw0Vl0YI8UAEGRGtrnUcf7NidtL+NouylWOxpSFp/C3juU76eI0ktI
u95GeLxRedaqp+rkEkP9A6vMlt9XiLVRpHKzcEnc2GVdprq9pnXZ8q7JjqeHYUaL
p2Y9igjOgu1M4OBoQC5JpeGTERO2Rk7ukwbAGfHSlOjtens8qIlixBbY2wIDAQAB
o4IDCDCCAwQwHQYDVR0OBBYEFFrcdk4TKZImPMo0ve3eRVFQeAIiMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvV3R4MlRoTXBraVk4eWpTOTdkNUZVVkI0QWlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBHAYIKwYBBQUHAQcBAf8EggELMIIBBzCB7QQCAAEwgeYD
BAItDkADBAAtDkYDBAAtDmkDBAAtDmsDBAItQoADBAItQtgDBAAtghUwDAMEAC2O
fQMEBy2OAAMEAi2P6AMEAi2VnAMEAi2fMAMEAk+PjAMEAFjWFgMEAFvI8AMEAVvI
8gMEAFw8KwMEAF58dwMEAV/WpDAMAwQCjWLEAwQAjWLGAwQDk07wAwQAlT4sAwQB
lT4uAwQCsHeUAwQAucI2AwQAuchAAwQAuchCAwQCwSCUAwQBwW8eAwQAwiQYMAwD
BADCaJkDBALCaJgDBADCqTYDBADD9dswDAMEAMP18QMEAMP18jAVBAIAAjAPAwYE
KgkABwADBQAqDcfBMA0GCSqGSIb3DQEBCwUAA4IBAQBoH9bNA9GbEpuszrmohJ0q
Lhm76xaJX4WWZJXqmGIvg3lbQcQt9iBBxDHFAJYHEUMfoD/c3z0NO7xYpN21vQv0
I5RHrw1MHnEuUACCX9SvJjs8ACAK7cAIwa4h4AuHmEZ8Md7xdLKLoA+w+HHXceh2
9qy6KiZWJL2e62Ei8kTKRgdT8s1IIymUXpXGfm7PEycLsq/7gOkpi+GPWrCyCh9O
gLHZDwZjypLYdRO6HhMScGvHwss9Oc6fuBazDhiz78qngjhRNmsKoslXS0z7Iwdy
JIODeP+hKR9sS1Kq0iHs0894HJolyTx4T8w5uEzVjR2uG7pFNYmBgjn970Shmtvh
-----END CERTIFICATE-----
Generated at Thu Oct 17 05:40:58 2024 by rpki-client on console-fra.rpki-client.org