Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/d0edd5-6087-4be1-b36f-ab3dd5dc6709/1/WAtn7iFUpflUjkbQnzbrR9NGYBY.roa
File: WAtn7iFUpflUjkbQnzbrR9NGYBY.roa (raw, json)
Hash identifier: 0H9FORYFtqW1S+b5b0Ftj3jH3JxReRZGIueQasDybGU=
Subject key identifier: 58:0B:67:EE:21:54:A5:F9:54:8E:46:D0:9F:36:EB:47:D3:46:60:16
Certificate issuer: /CN=50f2d6b21660fad1f60e2df9d0bd7c6ccf95c311
Certificate serial: 0189B0425EE3488CF56E43FB6431EECB3706
Authority key identifier: 50:F2:D6:B2:16:60:FA:D1:F6:0E:2D:F9:D0:BD:7C:6C:CF:95:C3:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UPLWshZg-tH2Di350L18bM-VwxE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/d0edd5-6087-4be1-b36f-ab3dd5dc6709/1/WAtn7iFUpflUjkbQnzbrR9NGYBY.roa
Signing time: Tue 01 Aug 2023 08:41:26 +0000
ROA not before: Tue 01 Aug 2023 08:41:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41722
IP address blocks: 185.174.165.0/24 maxlen: 24
185.174.166.0/24 maxlen: 24
185.174.167.0/24 maxlen: 24
91.142.80.0/24 maxlen: 24
91.142.83.0/24 maxlen: 24
91.142.84.0/24 maxlen: 24
91.142.81.0/24 maxlen: 24
91.142.82.0/24 maxlen: 24
91.142.85.0/24 maxlen: 24
91.142.87.0/24 maxlen: 24
185.53.20.0/24 maxlen: 24
91.142.86.0/24 maxlen: 24
91.142.90.0/24 maxlen: 24
185.53.23.0/24 maxlen: 24
185.53.22.0/24 maxlen: 24
91.142.91.0/24 maxlen: 24
91.142.88.0/24 maxlen: 24
185.53.21.0/24 maxlen: 24
91.142.89.0/24 maxlen: 24
91.142.94.0/24 maxlen: 24
91.142.92.0/24 maxlen: 24
91.142.93.0/24 maxlen: 24
91.142.95.0/24 maxlen: 24
178.250.152.0/24 maxlen: 24
178.250.154.0/24 maxlen: 24
178.250.155.0/24 maxlen: 24
178.250.153.0/24 maxlen: 24
185.73.212.0/24 maxlen: 24
178.249.71.0/24 maxlen: 24
178.249.70.0/24 maxlen: 24
178.249.68.0/24 maxlen: 24
178.249.69.0/24 maxlen: 24
185.162.92.0/24 maxlen: 24
185.162.93.0/24 maxlen: 24
185.162.95.0/24 maxlen: 24
185.162.94.0/24 maxlen: 24
185.162.94.0/23 maxlen: 23
185.147.80.0/24 maxlen: 24
185.147.83.0/24 maxlen: 24
185.147.81.0/24 maxlen: 24
185.147.82.0/24 maxlen: 24
2a03:21c0::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:b0:42:5e:e3:48:8c:f5:6e:43:fb:64:31:ee:cb:37:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50f2d6b21660fad1f60e2df9d0bd7c6ccf95c311
Validity
Not Before: Aug 1 08:41:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=580b67ee2154a5f9548e46d09f36eb47d3466016
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:b3:3b:e5:e8:2f:0e:cd:b6:a9:d0:bb:39:c6:
ae:16:19:b1:f3:9f:0a:f6:87:55:7d:8d:2f:09:51:
3d:8e:09:89:30:7f:d5:47:87:f7:56:d5:c8:4d:7d:
4f:28:3d:02:55:ba:92:1d:e8:0e:67:a3:54:e3:61:
15:8b:ac:f9:78:d5:fe:7e:d1:f6:12:a8:d3:f1:30:
32:fc:5e:20:a8:46:12:b2:fa:a8:29:c0:08:7f:75:
ee:5d:70:dd:0b:71:de:5d:cd:62:38:14:ad:c6:5c:
75:ea:3d:7a:53:00:15:0d:8c:5a:25:a2:9d:78:2a:
65:d3:26:9d:01:56:61:bd:02:fd:0d:b4:12:2b:e3:
50:9a:04:9a:bf:e1:b8:51:ec:24:77:2f:a5:a2:19:
ce:61:52:cd:61:2b:f0:2d:8b:32:a2:2d:83:b7:55:
c4:bf:6d:c9:56:7b:15:2c:77:66:9a:43:a6:a0:1b:
99:09:ac:f6:da:ce:6e:3f:55:1c:99:a6:91:e6:5a:
45:b8:7b:cf:e7:78:fe:63:39:25:7d:2c:63:43:75:
51:ac:e4:91:1b:dc:b9:d8:7d:3a:c6:f9:25:1d:f7:
85:9e:71:0a:da:64:5b:cd:8a:a7:c5:d6:01:19:55:
f1:01:6b:15:c7:2c:34:7e:fc:35:29:9c:d8:89:06:
9b:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:0B:67:EE:21:54:A5:F9:54:8E:46:D0:9F:36:EB:47:D3:46:60:16
X509v3 Authority Key Identifier:
keyid:50:F2:D6:B2:16:60:FA:D1:F6:0E:2D:F9:D0:BD:7C:6C:CF:95:C3:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UPLWshZg-tH2Di350L18bM-VwxE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/d0edd5-6087-4be1-b36f-ab3dd5dc6709/1/WAtn7iFUpflUjkbQnzbrR9NGYBY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/d0edd5-6087-4be1-b36f-ab3dd5dc6709/1/UPLWshZg-tH2Di350L18bM-VwxE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.142.80.0/20
178.249.68.0/22
178.250.152.0/22
185.53.20.0/22
185.73.212.0/24
185.147.80.0/22
185.162.92.0/22
185.174.165.0-185.174.167.255
IPv6:
2a03:21c0::/32
Signature Algorithm: sha256WithRSAEncryption
27:c6:20:9e:be:4e:eb:4b:74:e3:56:4b:29:b1:3c:29:2e:ec:
15:ce:37:e7:02:16:9e:07:44:12:8e:ce:00:23:27:a6:5e:eb:
f2:d2:03:22:43:43:78:c5:56:a1:da:a3:fe:d4:05:3f:f1:60:
d0:fc:a5:50:fd:fd:58:84:4d:b6:fc:96:3f:6e:83:4d:97:36:
58:88:56:54:a9:8f:04:e2:22:93:2a:c5:f6:99:29:65:c6:b0:
28:33:74:d6:c5:f2:5d:04:9f:44:5b:55:f2:e0:8d:a7:5a:10:
0b:0a:0c:67:88:00:0f:25:39:8b:76:ec:f3:54:07:0d:db:39:
dc:b0:35:74:1c:5d:2e:79:01:d3:13:e6:6b:96:ec:1b:5e:64:
a3:0c:e7:88:d2:87:24:c1:41:00:ae:80:8f:7c:85:76:56:2f:
d0:fc:7f:d7:f6:b3:ea:28:7f:25:46:f0:cb:92:10:b8:68:dc:
37:63:0b:9d:c9:03:9d:23:62:c7:22:87:77:6d:95:8f:ab:35:
3c:24:50:f6:82:ee:4b:12:eb:ed:b8:eb:36:df:55:88:54:76:
a6:5d:4c:38:99:5c:87:fa:f6:c0:72:c9:aa:50:52:6b:ee:ba:
75:33:86:06:21:17:7a:3e:84:a6:bd:9a:14:5d:02:3f:1e:4b:
d7:55:35:21
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAYmwQl7jSIz1bkP7ZDHuyzcGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwZjJkNmIyMTY2MGZhZDFmNjBlMmRmOWQwYmQ3YzZjY2Y5
NWMzMTEwHhcNMjMwODAxMDg0MTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODBiNjdlZTIxNTRhNWY5NTQ4ZTQ2ZDA5ZjM2ZWI0N2QzNDY2MDE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwLM75egvDs22qdC7OcauFhmx858K
9odVfY0vCVE9jgmJMH/VR4f3VtXITX1PKD0CVbqSHegOZ6NU42EVi6z5eNX+ftH2
EqjT8TAy/F4gqEYSsvqoKcAIf3XuXXDdC3HeXc1iOBStxlx16j16UwAVDYxaJaKd
eCpl0yadAVZhvQL9DbQSK+NQmgSav+G4Uewkdy+lohnOYVLNYSvwLYsyoi2Dt1XE
v23JVnsVLHdmmkOmoBuZCaz22s5uP1UcmaaR5lpFuHvP53j+YzklfSxjQ3VRrOSR
G9y52H06xvklHfeFnnEK2mRbzYqnxdYBGVXxAWsVxyw0fvw1KZzYiQabqwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFFgLZ+4hVKX5VI5G0J8260fTRmAWMB8GA1UdIwQY
MBaAFFDy1rIWYPrR9g4t+dC9fGzPlcMRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVBMV3NoWmctdEgyRGkzNTBMMThiTS1Wd3hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9kMGVkZDUtNjA4Ny00YmUxLWIzNmYt
YWIzZGQ1ZGM2NzA5LzEvV0F0bjdpRlVwZmxVamtiUW56YnJSOU5HWUJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9kMGVkZDUtNjA4Ny00YmUxLWIzNmYtYWIzZGQ1ZGM2NzA5
LzEvVVBMV3NoWmctdEgyRGkzNTBMMThiTS1Wd3hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzA+BAIAATA4AwQEW45QAwQC
svlEAwQCsvqYAwQCuTUUAwQAuUnUAwQCuZNQAwQCuaJcMAwDBAC5rqUDBAO5rqAw
DQQCAAIwBwMFACoDIcAwDQYJKoZIhvcNAQELBQADggEBACfGIJ6+TutLdONWSymx
PCku7BXON+cCFp4HRBKOzgAjJ6Ze6/LSAyJDQ3jFVqHao/7UBT/xYND8pVD9/ViE
Tbb8lj9ug02XNliIVlSpjwTiIpMqxfaZKWXGsCgzdNbF8l0En0RbVfLgjadaEAsK
DGeIAA8lOYt27PNUBw3bOdywNXQcXS55AdMT5muW7BteZKMM54jShyTBQQCugI98
hXZWL9D8f9f2s+oofyVG8MuSELho3DdjC53JA50jYscih3dtlY+rNTwkUPaC7ksS
6+246zbfVYhUdqZdTDiZXIf69sByyapQUmvuunUzhgYhF3o+hKa9mhRdAj8eS9dV
NSE=
-----END CERTIFICATE-----
Generated at Mon Dec 18 13:19:12 2023 by rpki-client on console-ams.rpki-client.org