Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pW_HYQkcbMFtq8QlXk8TSZh6x50.roa
File: pW_HYQkcbMFtq8QlXk8TSZh6x50.roa (raw, json)
Hash identifier: buLm2BbPM1E+1UsOQgNwdOqO9bj4qku4vmo1q5TtU9g=
Subject key identifier: A5:6F:C7:61:09:1C:6C:C1:6D:AB:C4:25:5E:4F:13:49:98:7A:C7:9D
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 018682F84AA1EB39B9C53C8DAB29431983DF
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pW_HYQkcbMFtq8QlXk8TSZh6x50.roa
Signing time: Fri 24 Feb 2023 10:29:15 +0000
ROA not before: Fri 24 Feb 2023 10:29:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 23959
IP address blocks: 45.66.216.0/22 maxlen: 24
92.60.43.0/24 maxlen: 24
94.124.119.0/24 maxlen: 24
195.245.219.0/24 maxlen: 24
193.111.30.0/23 maxlen: 24
79.143.140.0/22 maxlen: 24
45.130.21.0/24 maxlen: 24
176.119.148.0/22 maxlen: 24
88.214.20.0/22 maxlen: 24
45.147.48.0/24 maxlen: 24
45.147.51.0/24 maxlen: 24
45.147.49.0/24 maxlen: 24
194.36.24.0/24 maxlen: 24
95.214.165.0/24 maxlen: 24
194.36.27.0/24 maxlen: 24
45.143.232.0/24 maxlen: 24
95.214.164.0/24 maxlen: 24
45.143.233.0/24 maxlen: 24
45.143.232.0/22 maxlen: 24
45.143.234.0/24 maxlen: 24
45.143.235.0/24 maxlen: 24
45.66.128.0/22 maxlen: 24
91.200.240.0/24 maxlen: 24
185.194.54.0/24 maxlen: 24
91.200.242.0/24 maxlen: 24
91.200.243.0/24 maxlen: 24
193.32.148.0/22 maxlen: 24
141.98.196.0/24 maxlen: 24
141.98.198.0/24 maxlen: 24
141.98.197.0/24 maxlen: 24
45.159.48.0/22 maxlen: 24
45.142.125.0/24 maxlen: 24
45.142.127.0/24 maxlen: 24
45.142.126.0/24 maxlen: 24
147.78.240.0/21 maxlen: 24
185.200.64.0/24 maxlen: 24
149.62.44.0/24 maxlen: 24
185.200.66.0/24 maxlen: 24
149.62.46.0/24 maxlen: 24
149.62.47.0/24 maxlen: 24
45.149.156.0/22 maxlen: 24
78.142.228.0/22 maxlen: 24
213.232.112.0/22 maxlen: 24
195.245.241.0/24 maxlen: 24
195.245.242.0/24 maxlen: 24
194.104.155.0/24 maxlen: 24
194.104.153.0/24 maxlen: 24
194.104.154.0/24 maxlen: 24
45.14.64.0/22 maxlen: 24
194.169.54.0/24 maxlen: 24
2a09:7::/36 maxlen: 48
2a0d:c7c1::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:82:f8:4a:a1:eb:39:b9:c5:3c:8d:ab:29:43:19:83:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Feb 24 10:29:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a56fc761091c6cc16dabc4255e4f1349987ac79d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:b5:18:a5:25:b1:00:a9:37:86:22:b4:8f:11:
f2:bb:75:e2:c3:af:31:37:b1:57:51:89:21:5a:65:
6e:68:30:6b:c9:58:d6:91:ad:34:5f:7f:0f:28:72:
fa:13:d4:8b:de:e3:c5:f6:6f:c9:12:7e:40:cc:73:
bd:e9:20:5a:c2:72:59:cd:a6:fb:bf:68:22:78:cc:
3a:f3:9d:ed:e6:0e:8c:d5:03:d1:d0:8b:ab:cd:fa:
5e:10:d8:9f:87:e5:33:b4:7d:54:6e:65:5c:3d:c1:
53:68:08:09:09:5e:11:3e:40:61:c5:28:2c:1a:2e:
9c:1f:c6:27:e9:16:62:05:03:3a:d6:c7:fa:e2:78:
b7:9e:69:8c:ca:a0:5d:e4:3c:52:45:d0:2a:14:11:
73:c9:ef:47:06:eb:63:b1:97:ad:d9:b6:4e:d9:ef:
8c:57:84:c8:d3:3c:31:3a:0e:a1:db:07:8b:59:02:
82:3d:91:f0:79:97:9d:3b:09:0c:59:df:56:15:da:
e7:d2:da:fd:55:ca:04:a4:2b:f8:1d:08:e3:2f:83:
83:1c:56:ad:78:d5:ce:d0:bb:4e:3e:04:15:54:87:
22:7a:00:62:84:a5:1e:d9:ee:62:46:47:2d:21:7b:
5f:b5:f5:7f:77:ab:b0:57:06:62:9e:f5:fe:48:bd:
1b:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:6F:C7:61:09:1C:6C:C1:6D:AB:C4:25:5E:4F:13:49:98:7A:C7:9D
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pW_HYQkcbMFtq8QlXk8TSZh6x50.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.64.0/22
45.66.128.0/22
45.66.216.0/22
45.130.21.0/24
45.142.125.0-45.142.127.255
45.143.232.0/22
45.147.48.0/23
45.147.51.0/24
45.149.156.0/22
45.159.48.0/22
78.142.228.0/22
79.143.140.0/22
88.214.20.0/22
91.200.240.0/24
91.200.242.0/23
92.60.43.0/24
94.124.119.0/24
95.214.164.0/23
141.98.196.0-141.98.198.255
147.78.240.0/21
149.62.44.0/24
149.62.46.0/23
176.119.148.0/22
185.194.54.0/24
185.200.64.0/24
185.200.66.0/24
193.32.148.0/22
193.111.30.0/23
194.36.24.0/24
194.36.27.0/24
194.104.153.0-194.104.155.255
194.169.54.0/24
195.245.219.0/24
195.245.241.0-195.245.242.255
213.232.112.0/22
IPv6:
2a09:7::/36
2a0d:c7c1::/32
Signature Algorithm: sha256WithRSAEncryption
1c:51:ec:d8:fa:6b:29:6b:2a:5e:22:35:51:20:5f:b2:7c:5f:
60:cc:eb:23:4b:a4:73:f5:a9:3f:7f:7d:00:3e:2c:0c:f5:8c:
51:6f:2e:c9:1e:31:35:5e:03:37:0f:83:00:15:2e:6b:fb:b1:
2c:63:ca:a2:8c:84:f6:59:7d:75:93:c6:08:23:9f:0c:86:58:
84:f4:96:c9:35:d0:37:60:9d:0d:fc:fa:95:28:fa:c4:31:bc:
c9:3b:91:f8:88:db:2b:1f:fe:f4:d6:cd:63:76:ca:d7:98:80:
3a:28:bc:f9:e8:34:ce:e5:8c:b8:46:54:88:14:b6:47:b0:7f:
7c:39:be:6d:35:74:55:a8:d9:72:2f:47:96:3f:ef:38:e9:df:
53:23:11:81:da:d5:49:59:96:fd:fd:e3:e8:d9:03:df:7b:b3:
56:96:36:85:1b:80:e2:ec:db:eb:dd:8d:b0:8a:85:6c:7a:c4:
8e:f1:8f:71:f3:72:c7:9d:cd:01:35:15:30:13:d7:61:d1:82:
b8:f4:8d:bf:ea:0b:e3:5e:87:7b:92:75:23:55:19:f6:d1:aa:
9b:6c:a3:43:45:91:b1:f0:6f:bf:64:84:1d:26:e6:a6:92:26:
68:19:62:e6:66:54:b0:e0:38:f5:c2:c8:6a:1b:6b:78:05:c7:
92:2f:ea:4a
-----BEGIN CERTIFICATE-----
MIIGCDCCBPCgAwIBAgISAYaC+Eqh6zm5xTyNqylDGYPfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjMwMjI0MTAyOTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTZmYzc2MTA5MWM2Y2MxNmRhYmM0MjU1ZTRmMTM0OTk4N2FjNzlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq7UYpSWxAKk3hiK0jxHyu3Xiw68x
N7FXUYkhWmVuaDBryVjWka00X38PKHL6E9SL3uPF9m/JEn5AzHO96SBawnJZzab7
v2gieMw6853t5g6M1QPR0IurzfpeENifh+UztH1UbmVcPcFTaAgJCV4RPkBhxSgs
Gi6cH8Yn6RZiBQM61sf64ni3nmmMyqBd5DxSRdAqFBFzye9HButjsZet2bZO2e+M
V4TI0zwxOg6h2weLWQKCPZHweZedOwkMWd9WFdrn0tr9VcoEpCv4HQjjL4ODHFat
eNXO0LtOPgQVVIciegBihKUe2e5iRkctIXtftfV/d6uwVwZinvX+SL0bvQIDAQAB
o4IDFDCCAxAwHQYDVR0OBBYEFKVvx2EJHGzBbavEJV5PE0mYesedMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvcFdfSFlRa2NiTUZ0cThRbFhrOFRTWmg2eDUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBKAYIKwYBBQUHAQcBAf8EggEXMIIBEzCB+QQCAAEwgfID
BAItDkADBAItQoADBAItQtgDBAAtghUwDAMEAC2OfQMEBy2OAAMEAi2P6AMEAS2T
MAMEAC2TMwMEAi2VnAMEAi2fMAMEAk6O5AMEAk+PjAMEAljWFAMEAFvI8AMEAVvI
8gMEAFw8KwMEAF58dwMEAV/WpDAMAwQCjWLEAwQAjWLGAwQDk07wAwQAlT4sAwQB
lT4uAwQCsHeUAwQAucI2AwQAuchAAwQAuchCAwQCwSCUAwQBwW8eAwQAwiQYAwQA
wiQbMAwDBADCaJkDBALCaJgDBADCqTYDBADD9dswDAMEAMP18QMEAMP18gMEAtXo
cDAVBAIAAjAPAwYEKgkABwADBQAqDcfBMA0GCSqGSIb3DQEBCwUAA4IBAQAcUezY
+mspaypeIjVRIF+yfF9gzOsjS6Rz9ak/f30APiwM9YxRby7JHjE1XgM3D4MAFS5r
+7EsY8qijIT2WX11k8YII58MhliE9JbJNdA3YJ0N/PqVKPrEMbzJO5H4iNsrH/70
1s1jdsrXmIA6KLz56DTO5Yy4RlSIFLZHsH98Ob5tNXRVqNlyL0eWP+846d9TIxGB
2tVJWZb9/ePo2QPfe7NWljaFG4Di7Nvr3Y2wioVsesSO8Y9x83LHnc0BNRUwE9dh
0YK49I2/6gvjXod7knUjVRn20aqbbKNDRZGx8G+/ZIQdJuamkiZoGWLmZlSw4Dj1
wshqG2t4BceSL+pK
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:59 2023 by rpki-client on console-fra.rpki-client.org