Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/Wl1GGlBe6WVSE1UElMJdBKEMRcY.roa
File: Wl1GGlBe6WVSE1UElMJdBKEMRcY.roa (raw, json)
Hash identifier: /Nx1+Ls17Jbojk+QtZXZWXJpiXuCBgnV+2il3dw81Dk=
Subject key identifier: 5A:5D:46:1A:50:5E:E9:65:52:13:55:04:94:C2:5D:04:A1:0C:45:C6
Certificate issuer: /CN=89056fa9625b6c87404267c6dc219924ac160045
Certificate serial: 018E389669AB9792085C54A940750BF19F56
Authority key identifier: 89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/Wl1GGlBe6WVSE1UElMJdBKEMRcY.roa
Signing time: Wed 13 Mar 2024 16:12:45 +0000
ROA not before: Wed 13 Mar 2024 16:12:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 136258
IP address blocks: 109.104.152.0/24 maxlen: 24
109.104.153.0/24 maxlen: 24
109.104.155.0/24 maxlen: 24
147.78.0.0/24 maxlen: 24
147.78.1.0/24 maxlen: 24
147.78.2.0/24 maxlen: 24
147.78.3.0/24 maxlen: 24
185.126.238.0/24 maxlen: 24
185.126.239.0/24 maxlen: 24
185.213.23.0/24 maxlen: 24
2a11:840:6::/48 maxlen: 48
2a11:840:7::/48 maxlen: 48
2a11:840:8::/48 maxlen: 48
2a11:840:10::/48 maxlen: 48
2a11:840:11::/48 maxlen: 48
2a11:840:12::/48 maxlen: 48
2a11:840:13::/48 maxlen: 48
2a11:840:14::/48 maxlen: 48
2a11:840:17::/48 maxlen: 48
2a11:840:18::/48 maxlen: 48
2a11:840:19::/48 maxlen: 48
2a11:840:20::/48 maxlen: 48
2a11:840:21::/48 maxlen: 48
2a11:840:24::/48 maxlen: 48
2a11:840:25::/48 maxlen: 48
2a11:840:26::/48 maxlen: 48
2a11:840:30::/48 maxlen: 48
2a11:840:33::/48 maxlen: 48
2a11:840:40::/48 maxlen: 48
2a11:840:41::/48 maxlen: 48
2a11:840:47::/48 maxlen: 48
2a11:840:48::/48 maxlen: 48
2a11:840:54::/48 maxlen: 48
2a11:840:60::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 23 Apr 2024 15:03:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:38:96:69:ab:97:92:08:5c:54:a9:40:75:0b:f1:9f:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89056fa9625b6c87404267c6dc219924ac160045
Validity
Not Before: Mar 13 16:12:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5a5d461a505ee9655213550494c25d04a10c45c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:ff:58:a4:55:11:ac:8c:2d:b7:d3:e4:3c:fa:
a0:13:87:02:90:b5:22:15:5a:5e:1c:68:2b:ce:ce:
73:6a:b8:43:0a:21:42:52:3c:be:00:05:a5:43:8f:
99:95:25:db:8c:50:cc:24:15:11:5e:f1:07:a0:f7:
6b:3a:c8:95:70:78:02:65:81:94:f1:d9:af:4b:8e:
79:aa:55:86:bd:d4:00:42:ed:11:02:d5:be:de:62:
db:44:52:4b:03:bb:d7:b3:8a:07:2c:5a:ee:35:69:
7f:09:87:43:b3:02:59:56:81:3b:e4:44:83:05:67:
c1:92:8c:5a:8e:fd:bd:05:81:15:0b:f6:93:d6:4a:
0f:83:81:23:68:d4:c8:4d:85:a9:65:6c:5c:81:66:
82:fc:6a:64:11:2e:72:93:1a:ff:97:d3:f3:c1:ed:
1a:cd:61:cd:b6:d9:ce:e1:f7:7f:26:e9:7b:58:80:
ac:54:6e:6b:d7:c3:ae:67:94:59:58:18:10:12:01:
0f:4d:b6:ee:53:aa:21:32:31:4b:b8:3a:26:d5:fb:
e6:19:85:ec:01:3b:59:85:b4:78:fe:e2:ec:51:9a:
97:4b:50:7f:b4:57:fb:e6:51:cf:ef:9e:48:f4:02:
e5:80:3a:24:f9:a1:96:ab:af:27:54:0f:6d:68:15:
72:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:5D:46:1A:50:5E:E9:65:52:13:55:04:94:C2:5D:04:A1:0C:45:C6
X509v3 Authority Key Identifier:
keyid:89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/Wl1GGlBe6WVSE1UElMJdBKEMRcY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/iQVvqWJbbIdAQmfG3CGZJKwWAEU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.104.152.0/23
109.104.155.0/24
147.78.0.0/22
185.126.238.0/23
185.213.23.0/24
IPv6:
2a11:840:6::-2a11:840:8:ffff:ffff:ffff:ffff:ffff
2a11:840:10::-2a11:840:14:ffff:ffff:ffff:ffff:ffff
2a11:840:17::-2a11:840:19:ffff:ffff:ffff:ffff:ffff
2a11:840:20::/47
2a11:840:24::-2a11:840:26:ffff:ffff:ffff:ffff:ffff
2a11:840:30::/48
2a11:840:33::/48
2a11:840:40::/47
2a11:840:47::-2a11:840:48:ffff:ffff:ffff:ffff:ffff
2a11:840:54::/48
2a11:840:60::/48
Signature Algorithm: sha256WithRSAEncryption
92:f1:c4:35:b7:73:55:65:ca:28:21:e0:60:8d:b4:a4:9a:0e:
dc:bd:9f:a4:f4:bc:f8:0a:d6:ae:a0:5e:cc:c3:c9:b9:9d:0d:
3f:39:54:52:0a:7c:c2:c3:7e:64:b0:b1:fd:7e:73:aa:4d:44:
d0:db:5c:48:d7:f2:6b:17:b0:b9:9a:0f:b9:e4:7a:1c:b8:4c:
3b:62:7c:c1:44:44:74:2c:09:3c:8c:f2:4a:6e:f0:3b:29:6d:
eb:04:11:29:28:c7:e7:f2:24:8b:c4:e6:cf:ec:02:56:b4:b0:
b4:16:e1:cc:c2:bb:72:a4:51:79:e3:6d:fb:0f:28:40:ba:12:
fa:1a:c1:a3:a1:cf:5d:b6:38:85:67:90:da:5d:f6:2a:19:30:
47:b4:42:91:74:46:2d:e9:32:42:2a:96:ac:50:c3:87:8b:a7:
81:70:2c:90:7e:bf:d2:af:f5:fa:91:df:a2:5d:d9:cb:c9:ae:
de:bd:8f:4c:ab:53:a9:d1:6c:49:03:4a:c0:4e:d2:5b:89:c2:
3e:fd:13:2c:68:dd:9a:3b:67:ab:fe:ac:d2:26:1a:18:70:72:
2e:53:82:f8:36:3b:73:a3:de:68:79:ce:f9:a1:4a:88:56:d9:
a2:bc:b2:7c:27:47:c0:9f:9e:60:ee:9d:f7:95:88:ff:a1:24:
a9:36:95:3e
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgISAY44lmmrl5IIXFSpQHUL8Z9WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5MDU2ZmE5NjI1YjZjODc0MDQyNjdjNmRjMjE5OTI0YWMx
NjAwNDUwHhcNMjQwMzEzMTYxMjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTVkNDYxYTUwNWVlOTY1NTIxMzU1MDQ5NGMyNWQwNGExMGM0NWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp/9YpFURrIwtt9PkPPqgE4cCkLUi
FVpeHGgrzs5zarhDCiFCUjy+AAWlQ4+ZlSXbjFDMJBURXvEHoPdrOsiVcHgCZYGU
8dmvS455qlWGvdQAQu0RAtW+3mLbRFJLA7vXs4oHLFruNWl/CYdDswJZVoE75ESD
BWfBkoxajv29BYEVC/aT1koPg4EjaNTITYWpZWxcgWaC/GpkES5ykxr/l9Pzwe0a
zWHNttnO4fd/Jul7WICsVG5r18OuZ5RZWBgQEgEPTbbuU6ohMjFLuDom1fvmGYXs
ATtZhbR4/uLsUZqXS1B/tFf75lHP755I9ALlgDok+aGWq68nVA9taBVytwIDAQAB
o4ICyDCCAsQwHQYDVR0OBBYEFFpdRhpQXullUhNVBJTCXQShDEXGMB8GA1UdIwQY
MBaAFIkFb6liW2yHQEJnxtwhmSSsFgBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQt
NTE5MjAzNzMzNTNjLzEvV2wxR0dsQmU2V1ZTRTFVRWxNSmRCS0VNUmNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQtNTE5MjAzNzMzNTNj
LzEvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHdBggrBgEFBQcBBwEB/wSBzTCByjAkBAIAATAeAwQBbWiY
AwQAbWibAwQCk04AAwQBuX7uAwQAudUXMIGhBAIAAjCBmjASAwcBKhEIQAAGAwcA
KhEIQAAIMBIDBwQqEQhAABADBwAqEQhAABQwEgMHACoRCEAAFwMHASoRCEAAGAMH
ASoRCEAAIDASAwcCKhEIQAAkAwcAKhEIQAAmAwcAKhEIQAAwAwcAKhEIQAAzAwcB
KhEIQABAMBIDBwAqEQhAAEcDBwAqEQhAAEgDBwAqEQhAAFQDBwAqEQhAAGAwDQYJ
KoZIhvcNAQELBQADggEBAJLxxDW3c1Vlyigh4GCNtKSaDty9n6T0vPgK1q6gXszD
ybmdDT85VFIKfMLDfmSwsf1+c6pNRNDbXEjX8msXsLmaD7nkehy4TDtifMFERHQs
CTyM8kpu8DspbesEESkox+fyJIvE5s/sAla0sLQW4czCu3KkUXnjbfsPKEC6Evoa
waOhz122OIVnkNpd9ioZMEe0QpF0Ri3pMkIqlqxQw4eLp4FwLJB+v9Kv9fqR36Jd
2cvJrt69j0yrU6nRbEkDSsBO0luJwj79Eyxo3Zo7Z6v+rNImGhhwci5Tgvg2O3Oj
3mh5zvmhSohW2aK8snwnR8CfnmDunfeViP+hJKk2lT4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:20 2024 by rpki-client on console-fra.rpki-client.org