Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/wo2XvjirvnUjScITNNiYprALkTA.roa
File: wo2XvjirvnUjScITNNiYprALkTA.roa (raw, json)
Hash identifier: /v2DbfEwT/kKsywD9eGxtQZGHwdfu0LbrGI75L6GjvA=
Subject key identifier: C2:8D:97:BE:38:AB:BE:75:23:49:C2:13:34:D8:98:A6:B0:0B:91:30
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 018BF9BFDAD8DE322B514AB17397EEDD5EF1
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/wo2XvjirvnUjScITNNiYprALkTA.roa
Signing time: Thu 23 Nov 2023 01:16:22 +0000
ROA not before: Thu 23 Nov 2023 01:16:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8888
IP address blocks: 80.66.196.0/22 maxlen: 24
141.98.196.0/22 maxlen: 24
94.124.116.0/22 maxlen: 24
185.200.64.0/22 maxlen: 24
149.62.44.0/22 maxlen: 24
45.90.210.0/24 maxlen: 24
193.111.30.0/23 maxlen: 24
195.245.219.0/24 maxlen: 24
45.139.192.0/22 maxlen: 24
45.92.157.0/24 maxlen: 24
45.131.152.0/22 maxlen: 24
45.130.20.0/22 maxlen: 24
195.245.242.0/24 maxlen: 24
195.245.241.0/24 maxlen: 24
194.104.152.0/22 maxlen: 24
194.36.24.0/24 maxlen: 24
45.143.233.0/24 maxlen: 24
95.214.164.0/22 maxlen: 24
45.143.232.0/22 maxlen: 24
45.143.235.0/24 maxlen: 24
45.143.234.0/24 maxlen: 24
194.169.54.0/24 maxlen: 24
194.169.54.0/23 maxlen: 24
185.222.216.0/21 maxlen: 24
185.194.52.0/22 maxlen: 24
2a09:0:15::/48 maxlen: 48
2a06:57c0::/29 maxlen: 48
2a09::/29 maxlen: 128
2a07:fa00::/29 maxlen: 48
2a0d:7540::/29 maxlen: 48
2a0d:3640::/29 maxlen: 48
2a0c:ed40::/29 maxlen: 48
2a06:4fc0::/29 maxlen: 48
2a0d:4340::/29 maxlen: 48
2a0d:de80::/29 maxlen: 48
2a0e:6200::/29 maxlen: 48
2a07:e900::/29 maxlen: 48
2a0d:1fc0::/29 maxlen: 48
2a10:2600::/29 maxlen: 48
2a0d:4bc0::/29 maxlen: 48
2a09:6::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f9:bf:da:d8:de:32:2b:51:4a:b1:73:97:ee:dd:5e:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Nov 23 01:16:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c28d97be38abbe752349c21334d898a6b00b9130
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:af:6b:14:bc:ad:91:be:19:da:26:a2:07:31:
06:e4:95:32:4a:13:ef:88:1c:6e:58:95:aa:ef:a7:
83:52:8b:d0:1b:a9:f5:a6:db:40:e5:9f:1d:ab:73:
70:bf:e1:6d:fa:b4:a4:7c:35:e5:9d:37:e5:76:95:
9e:d0:61:16:f4:da:b6:fd:42:3c:68:db:0a:9d:23:
7a:50:0d:1a:17:1c:e9:a9:46:2f:01:ea:ac:ec:3f:
9a:93:76:e7:76:90:c8:22:b6:4c:4e:37:5a:46:04:
21:95:f5:89:44:02:62:ef:96:54:a5:ac:f7:9b:1c:
ed:9d:b8:3a:7e:d2:9d:75:05:7d:84:41:36:62:d8:
b9:f6:68:17:56:7f:90:0e:45:2d:a5:a4:a7:e8:20:
15:85:af:e1:f6:82:02:0e:0d:ca:20:1a:35:1b:8d:
ce:b3:f9:fa:fe:0a:10:ee:e5:c9:5b:f0:e4:7c:d2:
be:69:82:33:9b:4e:c1:33:4f:aa:dd:6b:bd:d5:ea:
e9:cd:6b:b9:6f:ba:6e:97:c6:6c:8a:6e:34:08:b6:
37:db:87:78:82:89:6f:5d:df:1b:c9:7a:8e:40:74:
d4:19:ae:a6:b3:a4:7a:9c:46:a0:e6:a7:8e:27:fa:
7b:92:74:72:e2:38:9a:9c:ef:74:da:90:e4:19:08:
a2:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:8D:97:BE:38:AB:BE:75:23:49:C2:13:34:D8:98:A6:B0:0B:91:30
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/wo2XvjirvnUjScITNNiYprALkTA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.210.0/24
45.92.157.0/24
45.130.20.0/22
45.131.152.0/22
45.139.192.0/22
45.143.232.0/22
80.66.196.0/22
94.124.116.0/22
95.214.164.0/22
141.98.196.0/22
149.62.44.0/22
185.194.52.0/22
185.200.64.0/22
185.222.216.0/21
193.111.30.0/23
194.36.24.0/24
194.104.152.0/22
194.169.54.0/23
195.245.219.0/24
195.245.241.0-195.245.242.255
IPv6:
2a06:4fc0::/29
2a06:57c0::/29
2a07:e900::/29
2a07:fa00::/29
2a09::/29
2a0c:ed40::/29
2a0d:1fc0::/29
2a0d:3640::/29
2a0d:4340::/29
2a0d:4bc0::/29
2a0d:7540::/29
2a0d:de80::/29
2a0e:6200::/29
2a10:2600::/29
Signature Algorithm: sha256WithRSAEncryption
0e:17:c1:6b:ec:a0:b2:cf:f9:2a:87:51:9e:ed:87:28:47:1f:
56:50:6d:e4:3e:4d:2e:b4:8b:13:2b:9e:c5:62:82:15:c7:cd:
ea:4c:47:45:04:f8:a5:45:1e:f3:38:d2:f5:86:bc:4f:b8:cd:
4d:9a:47:9c:8a:63:df:18:0f:68:e6:8d:2f:12:20:71:80:79:
45:5c:57:06:cc:ac:27:54:97:3c:d7:14:4c:b9:30:e5:12:c8:
21:60:d9:b2:25:82:dc:cd:b2:be:37:b5:7f:16:bf:5d:c1:71:
0c:95:16:20:3b:91:bc:d9:df:93:d8:ff:65:d0:30:c2:02:2d:
74:80:62:37:51:17:70:a2:82:57:4b:f8:a7:98:76:90:b9:ca:
8f:5d:f0:b1:83:aa:3c:28:67:69:5e:2c:70:3b:8e:07:78:4f:
93:71:dc:e8:99:43:b7:ac:aa:a6:b5:52:61:05:06:53:bf:f4:
64:26:2d:b8:f1:15:55:88:ca:ce:e4:52:c3:42:63:55:89:b9:
b8:f9:ae:ed:55:8b:91:20:6a:ae:76:b6:fe:42:81:0b:46:27:
5c:c5:01:4c:f9:71:84:65:94:1e:81:a0:6a:d9:cd:4f:c6:b0:
98:7e:b7:2a:31:64:ac:84:9a:47:4b:16:5a:42:b9:8f:ad:c4:
a3:f7:6e:4e
-----BEGIN CERTIFICATE-----
MIIF5zCCBM+gAwIBAgISAYv5v9rY3jIrUUqxc5fu3V7xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjMxMTIzMDExNjIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjhkOTdiZTM4YWJiZTc1MjM0OWMyMTMzNGQ4OThhNmIwMGI5MTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAja9rFLytkb4Z2iaiBzEG5JUyShPv
iBxuWJWq76eDUovQG6n1pttA5Z8dq3Nwv+Ft+rSkfDXlnTfldpWe0GEW9Nq2/UI8
aNsKnSN6UA0aFxzpqUYvAeqs7D+ak3bndpDIIrZMTjdaRgQhlfWJRAJi75ZUpaz3
mxztnbg6ftKddQV9hEE2Yti59mgXVn+QDkUtpaSn6CAVha/h9oICDg3KIBo1G43O
s/n6/goQ7uXJW/DkfNK+aYIzm07BM0+q3Wu91erpzWu5b7pul8Zsim40CLY324d4
golvXd8byXqOQHTUGa6ms6R6nEag5qeOJ/p7knRy4jianO902pDkGQiibwIDAQAB
o4IC8zCCAu8wHQYDVR0OBBYEFMKNl744q751I0nCEzTYmKawC5EwMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvd28yWHZqaXJ2blVqU2NJVE5OaVlwckFMa1RBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBBwYIKwYBBQUHAQcBAf8EgfcwgfQwgYcEAgABMIGAAwQA
LVrSAwQALVydAwQCLYIUAwQCLYOYAwQCLYvAAwQCLY/oAwQCUELEAwQCXnx0AwQC
X9akAwQCjWLEAwQClT4sAwQCucI0AwQCuchAAwQDud7YAwQBwW8eAwQAwiQYAwQC
wmiYAwQBwqk2AwQAw/XbMAwDBADD9fEDBADD9fIwaAQCAAIwYgMFAyoGT8ADBQMq
BlfAAwUDKgfpAAMFAyoH+gADBQMqCQAAAwUDKgztQAMFAyoNH8ADBQMqDTZAAwUD
Kg1DQAMFAyoNS8ADBQMqDXVAAwUDKg3egAMFAyoOYgADBQMqECYAMA0GCSqGSIb3
DQEBCwUAA4IBAQAOF8Fr7KCyz/kqh1Ge7YcoRx9WUG3kPk0utIsTK57FYoIVx83q
TEdFBPilRR7zONL1hrxPuM1NmkecimPfGA9o5o0vEiBxgHlFXFcGzKwnVJc81xRM
uTDlEsghYNmyJYLczbK+N7V/Fr9dwXEMlRYgO5G82d+T2P9l0DDCAi10gGI3URdw
ooJXS/inmHaQucqPXfCxg6o8KGdpXixwO44HeE+TcdzomUO3rKqmtVJhBQZTv/Rk
Ji248RVViMrO5FLDQmNVibm4+a7tVYuRIGqudrb+QoELRidcxQFM+XGEZZQegaBq
2c1PxrCYfrcqMWSshJpHSxZaQrmPrcSj925O
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:32:43 2024 by rpki-client on console-ams.rpki-client.org