Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/WgaNoI2cZw4DziRUik2xHicj52Y.roa
File: WgaNoI2cZw4DziRUik2xHicj52Y.roa (raw, json)
Hash identifier: iPXKLkQG7bJX/4/loAV0cRPuvlY3+YrEpn1ajwxcz2I=
Subject key identifier: 5A:06:8D:A0:8D:9C:67:0E:03:CE:24:54:8A:4D:B1:1E:27:23:E7:66
Certificate issuer: /CN=89056fa9625b6c87404267c6dc219924ac160045
Certificate serial: 0193B2E0947B1D04C196685C8AD0C1B19FF5
Authority key identifier: 89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/WgaNoI2cZw4DziRUik2xHicj52Y.roa
Signing time: Tue 10 Dec 2024 23:21:22 +0000
ROA not before: Tue 10 Dec 2024 23:21:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 136258
IP address blocks: 46.16.128.0/24 maxlen: 24
46.16.129.0/24 maxlen: 24
46.16.130.0/24 maxlen: 24
46.16.131.0/24 maxlen: 24
109.104.152.0/24 maxlen: 24
109.104.153.0/24 maxlen: 24
109.104.155.0/24 maxlen: 24
147.78.0.0/24 maxlen: 24
147.78.1.0/24 maxlen: 24
147.78.2.0/24 maxlen: 24
147.78.3.0/24 maxlen: 24
185.126.237.0/24 maxlen: 24
185.126.238.0/24 maxlen: 24
185.126.239.0/24 maxlen: 24
185.213.20.0/24 maxlen: 24
185.213.21.0/24 maxlen: 24
185.213.23.0/24 maxlen: 24
2a11:840:1::/48 maxlen: 48
2a11:840:3::/48 maxlen: 48
2a11:840:6::/48 maxlen: 48
2a11:840:7::/48 maxlen: 48
2a11:840:8::/48 maxlen: 48
2a11:840:10::/48 maxlen: 48
2a11:840:11::/48 maxlen: 48
2a11:840:12::/48 maxlen: 48
2a11:840:13::/48 maxlen: 48
2a11:840:14::/48 maxlen: 48
2a11:840:17::/48 maxlen: 48
2a11:840:18::/48 maxlen: 48
2a11:840:19::/48 maxlen: 48
2a11:840:20::/48 maxlen: 48
2a11:840:21::/48 maxlen: 48
2a11:840:22::/48 maxlen: 48
2a11:840:23::/48 maxlen: 48
2a11:840:24::/48 maxlen: 48
2a11:840:25::/48 maxlen: 48
2a11:840:26::/48 maxlen: 48
2a11:840:28::/48 maxlen: 48
2a11:840:30::/48 maxlen: 48
2a11:840:33::/48 maxlen: 48
2a11:840:40::/48 maxlen: 48
2a11:840:41::/48 maxlen: 48
2a11:840:47::/48 maxlen: 48
2a11:840:48::/48 maxlen: 48
2a11:840:54::/48 maxlen: 48
2a11:840:57::/48 maxlen: 48
2a11:840:60::/48 maxlen: 48
2a11:840:61::/48 maxlen: 48
2a11:840:62::/48 maxlen: 48
2a11:840:63::/48 maxlen: 48
2a11:840:64::/48 maxlen: 48
2a11:840:65::/48 maxlen: 48
2a11:840:66::/48 maxlen: 48
2a11:840:67::/48 maxlen: 48
2a11:840:68::/48 maxlen: 48
2a11:840:69::/48 maxlen: 48
2a11:840:70::/48 maxlen: 48
2a11:840:71::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:47:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:b2:e0:94:7b:1d:04:c1:96:68:5c:8a:d0:c1:b1:9f:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89056fa9625b6c87404267c6dc219924ac160045
Validity
Not Before: Dec 10 23:21:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5a068da08d9c670e03ce24548a4db11e2723e766
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:9f:03:e1:29:2f:b3:bd:49:b5:96:e3:9f:5b:
b7:a1:a5:00:93:ac:0e:08:7a:f0:9b:20:91:41:1e:
3d:30:36:0f:97:c9:89:55:de:05:86:a9:72:89:d7:
a5:3b:6a:6f:25:ed:c3:39:f8:ca:d2:27:6d:e1:03:
3d:51:83:ca:73:ee:5f:f8:d4:f7:2c:07:d8:54:04:
51:09:4c:cf:a2:73:dd:98:dd:2c:bb:98:68:21:d6:
87:13:15:5a:27:57:ed:77:ea:65:0a:b7:72:e5:1f:
0f:8d:a2:ed:14:4b:b5:2a:be:a0:41:c7:55:48:0c:
71:57:7b:f5:6b:67:6f:32:e9:55:06:5a:57:91:96:
90:89:fa:99:c0:c4:92:3e:68:86:a2:5b:e7:89:96:
35:2e:5d:67:4c:65:d0:f3:c8:ae:f8:a5:55:b6:53:
e1:89:c9:6d:a5:3f:37:c3:c6:29:26:5f:5b:78:a2:
e8:8c:98:a5:01:00:e1:bb:09:2d:84:5b:00:c9:ef:
ac:bb:fb:99:b0:61:13:6d:4f:07:50:f7:55:a0:90:
48:99:a9:d9:30:35:cd:36:ab:25:92:27:8c:4f:81:
33:7f:70:29:fd:15:39:20:ba:cb:9a:93:a3:80:74:
cb:6f:51:38:ef:82:4e:13:20:ce:da:41:d8:45:41:
20:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:06:8D:A0:8D:9C:67:0E:03:CE:24:54:8A:4D:B1:1E:27:23:E7:66
X509v3 Authority Key Identifier:
keyid:89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/WgaNoI2cZw4DziRUik2xHicj52Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/iQVvqWJbbIdAQmfG3CGZJKwWAEU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.16.128.0/22
109.104.152.0/23
109.104.155.0/24
147.78.0.0/22
185.126.237.0-185.126.239.255
185.213.20.0/23
185.213.23.0/24
IPv6:
2a11:840:1::/48
2a11:840:3::/48
2a11:840:6::-2a11:840:8:ffff:ffff:ffff:ffff:ffff
2a11:840:10::-2a11:840:14:ffff:ffff:ffff:ffff:ffff
2a11:840:17::-2a11:840:19:ffff:ffff:ffff:ffff:ffff
2a11:840:20::-2a11:840:26:ffff:ffff:ffff:ffff:ffff
2a11:840:28::/48
2a11:840:30::/48
2a11:840:33::/48
2a11:840:40::/47
2a11:840:47::-2a11:840:48:ffff:ffff:ffff:ffff:ffff
2a11:840:54::/48
2a11:840:57::/48
2a11:840:60::-2a11:840:69:ffff:ffff:ffff:ffff:ffff
2a11:840:70::/47
Signature Algorithm: sha256WithRSAEncryption
67:18:8b:d0:03:39:39:55:03:c3:e2:3e:45:3e:f4:07:f5:db:
69:a8:bb:fe:3c:a1:b6:43:a0:d7:3a:15:61:71:3e:af:f9:a1:
8b:98:47:5b:0d:1a:68:cb:52:77:06:64:ff:51:a8:8f:4f:f7:
9c:4d:cc:7d:cd:d5:fc:57:af:a0:d6:1f:69:01:34:29:9c:9a:
94:0e:49:5f:e1:b8:0a:78:46:24:3d:f7:3d:6f:dd:88:60:ef:
08:d2:76:41:31:3d:fe:3b:72:cb:f3:bb:cd:cd:19:c9:84:f4:
b7:93:4c:ee:ec:bb:8b:4e:ba:48:d9:b3:e9:ba:c3:93:d5:73:
7f:a8:b1:02:8a:8f:ad:cf:6a:99:3a:4e:44:49:6a:ef:c5:76:
1e:92:ac:86:83:a5:0e:03:e1:ff:3b:b5:f5:1e:92:33:9b:41:
b3:64:dd:40:18:db:7b:e9:5d:f1:f1:be:cb:69:1e:fd:75:54:
73:f7:15:58:2b:9b:30:80:a2:ae:4d:78:43:6a:35:e9:5c:93:
a8:fb:44:e1:27:33:89:c0:60:fb:88:85:94:80:9b:74:71:32:
f1:2a:aa:5b:66:c4:96:da:c5:b3:e7:24:61:c6:df:97:c3:30:
c6:b4:b1:b9:1f:c1:0b:a7:d4:00:fc:6a:7c:4d:c2:55:52:37:
64:5a:ff:4e
-----BEGIN CERTIFICATE-----
MIIGAjCCBOqgAwIBAgISAZOy4JR7HQTBlmhcitDBsZ/1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5MDU2ZmE5NjI1YjZjODc0MDQyNjdjNmRjMjE5OTI0YWMx
NjAwNDUwHhcNMjQxMjEwMjMyMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTA2OGRhMDhkOWM2NzBlMDNjZTI0NTQ4YTRkYjExZTI3MjNlNzY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZ8D4Skvs71JtZbjn1u3oaUAk6wO
CHrwmyCRQR49MDYPl8mJVd4FhqlyidelO2pvJe3DOfjK0idt4QM9UYPKc+5f+NT3
LAfYVARRCUzPonPdmN0su5hoIdaHExVaJ1ftd+plCrdy5R8PjaLtFEu1Kr6gQcdV
SAxxV3v1a2dvMulVBlpXkZaQifqZwMSSPmiGolvniZY1Ll1nTGXQ88iu+KVVtlPh
icltpT83w8YpJl9beKLojJilAQDhuwkthFsAye+su/uZsGETbU8HUPdVoJBImanZ
MDXNNqslkieMT4Ezf3Ap/RU5ILrLmpOjgHTLb1E474JOEyDO2kHYRUEgcQIDAQAB
o4IDDjCCAwowHQYDVR0OBBYEFFoGjaCNnGcOA84kVIpNsR4nI+dmMB8GA1UdIwQY
MBaAFIkFb6liW2yHQEJnxtwhmSSsFgBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQt
NTE5MjAzNzMzNTNjLzEvV2dhTm9JMmNadzREemlSVWlrMnhIaWNqNTJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQtNTE5MjAzNzMzNTNj
LzEvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBIgYIKwYBBQUHAQcBAf8EggERMIIBDTA4BAIAATAyAwQC
LhCAAwQBbWiYAwQAbWibAwQCk04AMAwDBAC5fu0DBAS5fuADBAG51RQDBAC51Rcw
gdAEAgACMIHJAwcAKhEIQAABAwcAKhEIQAADMBIDBwEqEQhAAAYDBwAqEQhAAAgw
EgMHBCoRCEAAEAMHACoRCEAAFDASAwcAKhEIQAAXAwcBKhEIQAAYMBIDBwUqEQhA
ACADBwAqEQhAACYDBwAqEQhAACgDBwAqEQhAADADBwAqEQhAADMDBwEqEQhAAEAw
EgMHACoRCEAARwMHACoRCEAASAMHACoRCEAAVAMHACoRCEAAVzASAwcFKhEIQABg
AwcBKhEIQABoAwcBKhEIQABwMA0GCSqGSIb3DQEBCwUAA4IBAQBnGIvQAzk5VQPD
4j5FPvQH9dtpqLv+PKG2Q6DXOhVhcT6v+aGLmEdbDRpoy1J3BmT/UaiPT/ecTcx9
zdX8V6+g1h9pATQpnJqUDklf4bgKeEYkPfc9b92IYO8I0nZBMT3+O3LL87vNzRnJ
hPS3k0zu7LuLTrpI2bPpusOT1XN/qLECio+tz2qZOk5ESWrvxXYekqyGg6UOA+H/
O7X1HpIzm0GzZN1AGNt76V3x8b7LaR79dVRz9xVYK5swgKKuTXhDajXpXJOo+0Th
JzOJwGD7iIWUgJt0cTLxKqpbZsSW2sWz5yRhxt+XwzDGtLG5H8ELp9QA/Gp8TcJV
UjdkWv9O
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:46:24 2025 by rpki-client