Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/wL9x7M9oZlsKdD1I5niXnDnknEo.roa
File: wL9x7M9oZlsKdD1I5niXnDnknEo.roa (raw, json)
Hash identifier: 27aJLvWYlr09hVOm2frrVWKC5DhMQtg1sgXGbVCnGxM=
Subject key identifier: C0:BF:71:EC:CF:68:66:5B:0A:74:3D:48:E6:78:97:9C:39:E4:9C:4A
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 01856E8B42B10A72AF70AA388BC98F2BC352
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/wL9x7M9oZlsKdD1I5niXnDnknEo.roa
Signing time: Sun 01 Jan 2023 18:14:58 +0000
ROA not before: Sun 01 Jan 2023 18:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20473
IP address blocks: 45.83.148.0/22 maxlen: 24
2.56.172.0/22 maxlen: 24
2.56.176.0/22 maxlen: 24
194.33.36.0/22 maxlen: 24
45.83.140.0/22 maxlen: 24
185.161.69.0/24 maxlen: 24
185.161.70.0/23 maxlen: 24
45.15.124.0/22 maxlen: 24
45.86.64.0/22 maxlen: 24
45.15.128.0/22 maxlen: 24
45.86.76.0/22 maxlen: 24
45.86.72.0/22 maxlen: 24
45.92.160.0/22 maxlen: 24
45.89.96.0/22 maxlen: 24
45.92.192.0/22 maxlen: 24
45.89.100.0/22 maxlen: 24
45.12.108.0/22 maxlen: 24
45.12.112.0/22 maxlen: 24
45.9.16.0/22 maxlen: 24
45.12.128.0/22 maxlen: 24
45.12.136.0/22 maxlen: 24
194.76.136.0/22 maxlen: 24
45.83.84.0/22 maxlen: 24
45.82.244.0/22 maxlen: 24
185.153.180.0/22 maxlen: 24
45.82.248.0/22 maxlen: 24
45.89.196.0/22 maxlen: 24
213.59.112.0/20 maxlen: 24
45.15.176.0/22 maxlen: 24
171.22.116.0/22 maxlen: 24
45.15.184.0/22 maxlen: 24
31.12.92.0/22 maxlen: 24
171.22.120.0/22 maxlen: 24
45.88.160.0/22 maxlen: 24
45.88.168.0/22 maxlen: 24
185.149.20.0/22 maxlen: 24
185.156.108.0/22 maxlen: 24
45.92.124.0/22 maxlen: 24
185.166.152.0/22 maxlen: 24
185.166.160.0/22 maxlen: 24
92.119.40.0/22 maxlen: 24
45.128.72.0/22 maxlen: 24
2a0d:e000::/29 maxlen: 48
2a09:ae80::/29 maxlen: 48
2a0b:a0c0::/29 maxlen: 48
2a13:4bc0::/29 maxlen: 48
2a09:b440::/48 maxlen: 48
2a09:96c0::/29 maxlen: 48
2a06:e5c0::/29 maxlen: 48
2a0a:d040::/29 maxlen: 48
Validation: Failed, certificate revoked on Sun 16 Apr 2023 16:43:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:8b:42:b1:0a:72:af:70:aa:38:8b:c9:8f:2b:c3:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Jan 1 18:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c0bf71eccf68665b0a743d48e678979c39e49c4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:13:8b:1e:bf:16:54:d8:c3:06:42:48:b2:19:
e3:12:a3:d2:db:83:9e:07:2b:68:4e:d0:6a:62:24:
be:2e:ab:d8:77:21:d1:8e:82:63:54:9b:21:52:fd:
15:0c:b9:a5:c4:c4:6f:45:8d:de:1a:29:84:f8:f5:
1a:66:d6:4b:c2:e7:0f:af:a0:bc:6d:a3:77:da:f0:
d5:6f:3b:00:0c:a9:00:9f:dd:94:8b:29:9e:d5:45:
73:03:dc:0a:d0:17:e6:9c:53:9d:4f:ff:f7:8b:3a:
21:0b:df:5a:8d:7b:d4:97:0b:7d:0c:e0:3f:6a:52:
83:00:03:25:d7:f9:f0:ac:96:5c:5d:00:dd:57:69:
af:9e:f4:2c:b0:97:a5:67:3a:30:76:b4:54:93:c9:
54:32:39:18:8f:92:28:ec:b8:c5:f8:96:a8:76:e8:
fe:be:61:52:05:d8:51:c0:80:31:a1:0d:54:4f:29:
91:53:85:0b:a1:33:fc:f9:42:66:4f:f3:a7:00:f4:
da:72:7b:11:17:ea:dc:e8:13:38:6f:61:b8:01:a0:
08:45:90:85:a1:8c:06:7c:dd:88:f6:af:75:06:7f:
e3:f8:e8:89:c8:38:83:ac:9e:b4:e0:05:84:21:ae:
b3:b5:3a:2e:b2:3a:ef:d9:7c:ae:00:94:37:9d:99:
1a:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:BF:71:EC:CF:68:66:5B:0A:74:3D:48:E6:78:97:9C:39:E4:9C:4A
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/wL9x7M9oZlsKdD1I5niXnDnknEo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.172.0-2.56.179.255
31.12.92.0/22
45.9.16.0/22
45.12.108.0-45.12.115.255
45.12.128.0/22
45.12.136.0/22
45.15.124.0-45.15.131.255
45.15.176.0/22
45.15.184.0/22
45.82.244.0-45.82.251.255
45.83.84.0/22
45.83.140.0/22
45.83.148.0/22
45.86.64.0/22
45.86.72.0/21
45.88.160.0/22
45.88.168.0/22
45.89.96.0/21
45.89.196.0/22
45.92.124.0/22
45.92.160.0/22
45.92.192.0/22
45.128.72.0/22
92.119.40.0/22
171.22.116.0-171.22.123.255
185.149.20.0/22
185.153.180.0/22
185.156.108.0/22
185.161.69.0-185.161.71.255
185.166.152.0/22
185.166.160.0/22
194.33.36.0/22
194.76.136.0/22
213.59.112.0/20
IPv6:
2a06:e5c0::/29
2a09:96c0::/29
2a09:ae80::/29
2a09:b440::/48
2a0a:d040::/29
2a0b:a0c0::/29
2a0d:e000::/29
2a13:4bc0::/29
Signature Algorithm: sha256WithRSAEncryption
ba:bd:67:2d:12:0e:18:a1:5e:86:32:2e:27:54:dc:01:1a:03:
4d:f0:fe:ce:ee:14:47:36:e7:85:4a:f7:83:aa:9a:f6:ba:b5:
1e:86:21:78:f7:bb:85:2d:8b:86:be:dd:39:b8:a9:51:e5:e6:
78:84:84:e7:f4:a7:dd:17:b4:e1:9b:20:78:40:74:fc:5a:37:
ac:1d:92:d6:c6:ef:af:b2:36:15:4b:d3:e1:53:6b:6d:5b:5a:
82:8c:b1:9c:f6:b8:4a:f4:07:91:c5:44:b3:36:bf:7d:dd:17:
aa:0d:6e:72:ef:e2:9e:08:93:50:5b:e2:c5:f2:80:e6:c7:62:
67:d5:77:94:8b:7e:3d:a8:6c:7c:ce:40:78:de:ec:8f:f4:cc:
be:0e:7e:ec:e0:bb:02:76:70:73:88:0c:bf:69:b9:6b:0c:fd:
8f:c6:46:3c:12:e1:b6:3b:7a:8c:d8:e6:5e:5a:f3:e4:3a:d5:
24:e8:63:19:4f:ce:7f:c2:2f:6c:6c:29:b8:9d:d7:bd:05:d4:
5e:49:9e:45:b6:44:95:5a:93:28:ce:eb:86:d8:86:75:9c:84:
76:3f:b5:ef:b7:92:40:22:f0:44:88:c1:c6:cd:1b:37:f0:f4:
08:bb:3b:f7:31:cb:f2:b9:90:e3:6c:25:34:1b:ae:5f:82:7b:
9c:48:62:a5
-----BEGIN CERTIFICATE-----
MIIGPjCCBSagAwIBAgISAYVui0KxCnKvcKo4i8mPK8NSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjMwMTAxMTgxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMGJmNzFlY2NmNjg2NjViMGE3NDNkNDhlNjc4OTc5YzM5ZTQ5YzRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoxOLHr8WVNjDBkJIshnjEqPS24Oe
BytoTtBqYiS+LqvYdyHRjoJjVJshUv0VDLmlxMRvRY3eGimE+PUaZtZLwucPr6C8
baN32vDVbzsADKkAn92Uiyme1UVzA9wK0BfmnFOdT//3izohC99ajXvUlwt9DOA/
alKDAAMl1/nwrJZcXQDdV2mvnvQssJelZzowdrRUk8lUMjkYj5Io7LjF+Jaoduj+
vmFSBdhRwIAxoQ1UTymRU4ULoTP8+UJmT/OnAPTacnsRF+rc6BM4b2G4AaAIRZCF
oYwGfN2I9q91Bn/j+OiJyDiDrJ604AWEIa6ztTousjrv2XyuAJQ3nZka0wIDAQAB
o4IDSjCCA0YwHQYDVR0OBBYEFMC/cezPaGZbCnQ9SOZ4l5w55JxKMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvd0w5eDdNOW9abHNLZEQxSTVuaVhuRG5rbkVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBXgYIKwYBBQUHAQcBAf8EggFNMIIBSTCCAQMEAgABMIH8
MAwDBAICOKwDBAICOLADBAIfDFwDBAItCRAwDAMEAi0MbAMEAi0McAMEAi0MgAME
Ai0MiDAMAwQCLQ98AwQCLQ+AAwQCLQ+wAwQCLQ+4MAwDBAItUvQDBAItUvgDBAIt
U1QDBAItU4wDBAItU5QDBAItVkADBAMtVkgDBAItWKADBAItWKgDBAMtWWADBAIt
WcQDBAItXHwDBAItXKADBAItXMADBAItgEgDBAJcdygwDAMEAqsWdAMEAqsWeAME
ArmVFAMEArmZtAMEArmcbDAMAwQAuaFFAwQDuaFAAwQCuaaYAwQCuaagAwQCwiEk
AwQCwkyIAwQE1TtwMEAEAgACMDoDBQMqBuXAAwUDKgmWwAMFAyoJroADBwAqCbRA
AAADBQMqCtBAAwUDKgugwAMFAyoN4AADBQMqE0vAMA0GCSqGSIb3DQEBCwUAA4IB
AQC6vWctEg4YoV6GMi4nVNwBGgNN8P7O7hRHNueFSveDqpr2urUehiF497uFLYuG
vt05uKlR5eZ4hITn9KfdF7ThmyB4QHT8WjesHZLWxu+vsjYVS9PhU2ttW1qCjLGc
9rhK9AeRxUSzNr993ReqDW5y7+KeCJNQW+LF8oDmx2Jn1XeUi349qGx8zkB43uyP
9My+Dn7s4LsCdnBziAy/ablrDP2PxkY8EuG2O3qM2OZeWvPkOtUk6GMZT85/wi9s
bCm4nde9BdReSZ5FtkSVWpMozuuG2IZ1nIR2P7Xvt5JAIvBEiMHGzRs38PQIuzv3
McvyuZDjbCU0G65fgnucSGKl
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:25 2024 by rpki-client on console-fra.rpki-client.org