Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/pwpUOmWk7KwEWKlYzp1nTvkmxSw.roa
File: pwpUOmWk7KwEWKlYzp1nTvkmxSw.roa (raw, json)
Hash identifier: OD/vNR+9I3z3zrNPTSTjeCzemdQqn0rVZwHmeha6hqE=
Subject key identifier: A7:0A:54:3A:65:A4:EC:AC:04:58:A9:58:CE:9D:67:4E:F9:26:C5:2C
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 018C6F3D6FC5EFE6A968C9BA444BA05669B1
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/pwpUOmWk7KwEWKlYzp1nTvkmxSw.roa
Signing time: Fri 15 Dec 2023 20:49:06 +0000
ROA not before: Fri 15 Dec 2023 20:49:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207569
IP address blocks: 139.28.221.0/24 maxlen: 24
139.28.220.0/24 maxlen: 24
5.180.136.0/24 maxlen: 24
5.180.137.0/24 maxlen: 24
185.94.167.0/24 maxlen: 24
45.133.245.0/24 maxlen: 24
185.188.181.0/24 maxlen: 24
95.214.8.0/24 maxlen: 24
185.17.2.0/24 maxlen: 24
194.53.54.0/24 maxlen: 24
85.209.0.0/24 maxlen: 24
185.105.118.0/24 maxlen: 24
195.66.87.0/24 maxlen: 24
5.252.116.0/24 maxlen: 24
193.109.84.0/24 maxlen: 24
45.89.64.0/24 maxlen: 24
194.67.200.0/24 maxlen: 24
185.104.250.0/24 maxlen: 24
46.17.106.0/24 maxlen: 24
185.114.75.0/24 maxlen: 24
2a0a:9300:1::/48 maxlen: 48
2a0a:9300:aaaa::/48 maxlen: 48
2a0a:9300::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:6f:3d:6f:c5:ef:e6:a9:68:c9:ba:44:4b:a0:56:69:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Dec 15 20:49:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a70a543a65a4ecac0458a958ce9d674ef926c52c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:63:ae:9d:79:33:80:0a:91:f9:12:8f:10:67:
97:d8:da:54:1a:cc:60:6b:1e:83:87:d2:95:81:fc:
be:67:23:0a:c1:17:ae:00:92:46:b1:7d:81:0f:cc:
a7:c2:11:f2:1f:ee:0a:11:51:90:e9:3e:be:c1:bd:
b6:17:be:bf:83:07:03:7c:62:a9:68:70:75:ab:76:
51:68:32:1a:fb:cb:ca:5f:d0:3a:cb:44:bf:61:df:
78:20:2b:98:cd:b4:8c:19:05:31:06:5c:a8:58:a4:
ff:af:30:6a:2e:e1:cd:1f:26:e5:32:86:09:39:3a:
b0:41:66:8b:fb:64:49:c6:19:65:88:1e:ac:d6:9b:
00:1f:ee:f6:12:5c:c6:55:7b:11:b3:3b:6e:28:40:
b6:85:52:d8:f8:80:0b:9a:94:1f:58:0b:d2:d8:ad:
59:cb:f8:46:f5:62:00:88:da:ef:28:b0:b2:76:4f:
13:ad:ec:89:1e:83:9c:d5:63:95:9a:f7:91:37:a4:
f0:4b:bc:45:6e:ad:de:6d:52:9b:fc:02:39:2a:47:
73:d0:c3:98:40:14:d3:5a:44:9d:80:37:52:86:0a:
58:52:fa:f5:b7:f8:38:45:b8:95:2f:a8:c5:47:06:
ee:58:6e:de:48:5b:3c:cf:b1:52:99:9e:ed:41:b6:
5f:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:0A:54:3A:65:A4:EC:AC:04:58:A9:58:CE:9D:67:4E:F9:26:C5:2C
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/pwpUOmWk7KwEWKlYzp1nTvkmxSw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.136.0/23
5.252.116.0/24
45.89.64.0/24
45.133.245.0/24
46.17.106.0/24
85.209.0.0/24
95.214.8.0/24
139.28.220.0/23
185.17.2.0/24
185.94.167.0/24
185.104.250.0/24
185.105.118.0/24
185.114.75.0/24
185.188.181.0/24
193.109.84.0/24
194.53.54.0/24
194.67.200.0/24
195.66.87.0/24
IPv6:
2a0a:9300::/32
Signature Algorithm: sha256WithRSAEncryption
2d:ee:88:a2:cc:8e:1e:1a:bd:89:61:d4:ce:9f:83:14:95:5f:
d4:c1:84:92:95:4e:ec:06:e9:cd:98:e3:c5:80:44:dc:e4:d1:
56:7b:60:23:45:12:7b:8d:45:8b:1b:5a:6f:c0:e7:44:6c:91:
51:57:7d:1a:81:40:81:86:b6:be:e7:fb:b2:43:83:aa:97:8f:
7e:41:42:ce:25:6d:61:47:d1:93:56:fd:ca:ed:b2:f3:cd:e5:
e0:ae:e6:8f:52:4a:96:fb:da:0c:f8:c0:4b:2c:53:be:fa:e4:
65:d8:65:da:13:e1:60:64:cb:3b:68:d0:a1:b8:7e:a1:a0:54:
2d:33:14:65:6d:ea:67:06:30:d4:1c:db:e3:b0:81:6d:a4:2e:
30:79:b4:71:11:93:94:c6:5d:50:8d:b1:5b:de:ab:77:92:c4:
b6:20:a0:e3:a1:c9:09:b4:72:84:5c:0b:75:d7:bc:99:c7:32:
84:d6:e9:66:36:2c:4c:09:fb:2a:7f:79:1f:fa:6f:13:09:fe:
be:57:5a:28:52:01:03:69:96:c8:be:6a:e2:77:5a:78:1c:c2:
41:60:ad:50:56:e7:76:6b:e8:db:48:0a:1b:eb:17:df:af:78:
46:dc:c8:af:fa:bb:2a:95:b8:92:71:3a:04:1f:56:09:9f:eb:
77:7e:da:7f
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAYxvPW/F7+apaMm6REugVmmxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjMxMjE1MjA0OTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzBhNTQzYTY1YTRlY2FjMDQ1OGE5NThjZTlkNjc0ZWY5MjZjNTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkGOunXkzgAqR+RKPEGeX2NpUGsxg
ax6Dh9KVgfy+ZyMKwReuAJJGsX2BD8ynwhHyH+4KEVGQ6T6+wb22F76/gwcDfGKp
aHB1q3ZRaDIa+8vKX9A6y0S/Yd94ICuYzbSMGQUxBlyoWKT/rzBqLuHNHyblMoYJ
OTqwQWaL+2RJxhlliB6s1psAH+72ElzGVXsRsztuKEC2hVLY+IALmpQfWAvS2K1Z
y/hG9WIAiNrvKLCydk8TreyJHoOc1WOVmveRN6TwS7xFbq3ebVKb/AI5Kkdz0MOY
QBTTWkSdgDdShgpYUvr1t/g4RbiVL6jFRwbuWG7eSFs8z7FSmZ7tQbZfcwIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFKcKVDplpOysBFipWM6dZ075JsUsMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvcHdwVU9tV2s3S3dFV0tsWXpwMW5UdmtteFN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzByBAIAATBsAwQBBbSI
AwQABfx0AwQALVlAAwQALYX1AwQALhFqAwQAVdEAAwQAX9YIAwQBixzcAwQAuREC
AwQAuV6nAwQAuWj6AwQAuWl2AwQAuXJLAwQAuby1AwQAwW1UAwQAwjU2AwQAwkPI
AwQAw0JXMA0EAgACMAcDBQAqCpMAMA0GCSqGSIb3DQEBCwUAA4IBAQAt7oiizI4e
Gr2JYdTOn4MUlV/UwYSSlU7sBunNmOPFgETc5NFWe2AjRRJ7jUWLG1pvwOdEbJFR
V30agUCBhra+5/uyQ4Oql49+QULOJW1hR9GTVv3K7bLzzeXgruaPUkqW+9oM+MBL
LFO++uRl2GXaE+FgZMs7aNChuH6hoFQtMxRlbepnBjDUHNvjsIFtpC4webRxEZOU
xl1QjbFb3qt3ksS2IKDjockJtHKEXAt117yZxzKE1ulmNixMCfsqf3kf+m8TCf6+
V1ooUgEDaZbIvmrid1p4HMJBYK1QVud2a+jbSAob6xffr3hG3Miv+rsqlbiScToE
H1YJn+t3ftp/
Generated at Sat Dec 16 15:19:24 2023 by rpki-client on console-fra.rpki-client.org