Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/ac5a56-163a-497a-9547-e3799ade9dfe/1/Wm3WC8XVH-taWPRFX6HpgE_bpaA.roa
File: Wm3WC8XVH-taWPRFX6HpgE_bpaA.roa (raw, json)
Hash identifier: GLdfy3EbRALt3TlsS4bcK17SkGedsS7NTLve4gy8hGY=
Subject key identifier: 5A:6D:D6:0B:C5:D5:1F:EB:5A:58:F4:45:5F:A1:E9:80:4F:DB:A5:A0
Certificate issuer: /CN=0c90c356e2864f43894857443555d8b5c0352819
Certificate serial: 018A642C60B70775CCFEA9CECD7FD076DA82
Authority key identifier: 0C:90:C3:56:E2:86:4F:43:89:48:57:44:35:55:D8:B5:C0:35:28:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DJDDVuKGT0OJSFdENVXYtcA1KBk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/ac5a56-163a-497a-9547-e3799ade9dfe/1/Wm3WC8XVH-taWPRFX6HpgE_bpaA.roa
Signing time: Tue 05 Sep 2023 07:09:04 +0000
ROA not before: Tue 05 Sep 2023 07:09:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44395
IP address blocks: 109.75.40.0/21 maxlen: 24
46.162.192.0/18 maxlen: 24
46.36.112.0/20 maxlen: 24
178.78.160.0/20 maxlen: 24
212.34.224.0/19 maxlen: 24
37.157.212.0/22 maxlen: 24
37.157.209.0/24 maxlen: 24
37.157.210.0/24 maxlen: 24
37.157.208.0/22 maxlen: 24
37.157.208.0/20 maxlen: 24
212.34.232.0/21 maxlen: 24
178.78.176.0/21 maxlen: 24
37.157.216.0/22 maxlen: 24
37.157.216.0/21 maxlen: 24
188.115.192.0/18 maxlen: 24
37.157.220.0/22 maxlen: 24
81.16.0.0/20 maxlen: 24
185.86.195.0/24 maxlen: 24
82.199.192.0/20 maxlen: 24
109.75.36.0/22 maxlen: 24
178.78.128.0/19 maxlen: 24
109.75.34.0/23 maxlen: 24
178.78.128.0/18 maxlen: 24
141.136.64.0/19 maxlen: 24
212.34.240.0/21 maxlen: 24
212.34.240.0/20 maxlen: 24
46.162.240.0/20 maxlen: 24
37.252.64.0/19 maxlen: 24
92.43.136.0/22 maxlen: 24
92.43.136.0/21 maxlen: 24
92.43.140.0/22 maxlen: 24
185.59.68.0/22 maxlen: 24
5.77.128.0/17 maxlen: 24
46.241.128.0/17 maxlen: 24
2a00:cc40::/29 maxlen: 48
2a01:4a00::/32 maxlen: 32
2a03:1080::/32 maxlen: 32
2a00:cc40::/32 maxlen: 32
2a00:cc40::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:64:2c:60:b7:07:75:cc:fe:a9:ce:cd:7f:d0:76:da:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c90c356e2864f43894857443555d8b5c0352819
Validity
Not Before: Sep 5 07:09:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5a6dd60bc5d51feb5a58f4455fa1e9804fdba5a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:a5:ae:16:c3:76:3e:c7:f8:06:f3:e9:4d:7f:
cc:b1:ed:d7:69:f8:1f:3f:8f:c5:a8:f3:08:ed:0e:
90:1f:5e:a0:dc:55:72:e0:5d:f6:e0:01:1f:94:5b:
37:ec:a0:e6:fa:bd:d0:79:8a:5c:c2:f2:45:dd:7f:
62:3f:84:17:63:22:c8:b2:34:15:4f:1a:71:ec:ee:
93:93:59:49:47:b9:10:b5:7c:3d:6d:9b:03:7f:58:
11:aa:44:7e:e4:06:05:7c:59:8a:d7:1a:fc:9f:5f:
93:0c:a3:49:fb:7d:4f:b8:28:77:e7:29:5f:df:6a:
e8:90:80:a9:f2:f1:3e:86:fa:1a:fd:8c:3e:8d:7a:
87:a8:7f:3a:0b:0b:b0:d0:c6:9d:0b:15:df:fb:72:
fe:db:33:8c:88:b1:14:ef:b6:d8:b8:a6:20:26:97:
9b:5d:de:06:07:f7:0b:66:11:36:bc:7a:6b:fc:20:
ba:97:60:45:12:f7:f1:70:d4:f9:4f:af:50:47:63:
e9:15:49:0d:a0:aa:7e:29:63:da:65:f4:7b:33:ca:
24:73:4d:e1:58:7a:e6:b6:f5:6c:49:77:49:ae:4d:
5c:d6:c9:0f:48:2b:57:73:85:49:ba:d6:f6:62:21:
23:1c:2d:d7:01:18:ac:57:62:4b:d9:f9:a6:4e:47:
ca:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:6D:D6:0B:C5:D5:1F:EB:5A:58:F4:45:5F:A1:E9:80:4F:DB:A5:A0
X509v3 Authority Key Identifier:
keyid:0C:90:C3:56:E2:86:4F:43:89:48:57:44:35:55:D8:B5:C0:35:28:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DJDDVuKGT0OJSFdENVXYtcA1KBk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/ac5a56-163a-497a-9547-e3799ade9dfe/1/Wm3WC8XVH-taWPRFX6HpgE_bpaA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/ac5a56-163a-497a-9547-e3799ade9dfe/1/DJDDVuKGT0OJSFdENVXYtcA1KBk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.77.128.0/17
37.157.208.0/20
37.252.64.0/19
46.36.112.0/20
46.162.192.0/18
46.241.128.0/17
81.16.0.0/20
82.199.192.0/20
92.43.136.0/21
109.75.34.0-109.75.47.255
141.136.64.0/19
178.78.128.0/18
185.59.68.0/22
185.86.195.0/24
188.115.192.0/18
212.34.224.0/19
IPv6:
2a00:cc40::/29
2a01:4a00::/32
2a03:1080::/32
Signature Algorithm: sha256WithRSAEncryption
8e:e3:22:50:fb:09:93:c9:c4:ef:13:dd:6c:31:b7:d8:df:b6:
1b:0f:6e:fb:39:1e:01:97:c5:25:18:a4:8f:c5:d7:a3:95:d0:
df:f2:4c:24:37:81:49:8e:0a:b0:79:48:8d:9e:e1:f2:4b:45:
c7:a6:ae:52:d3:a8:49:99:50:a0:81:56:c4:03:d5:3a:ad:60:
6e:bc:89:bc:5c:7c:d0:40:05:3d:a0:4d:d3:14:64:4a:0a:da:
93:54:89:e0:3a:73:55:86:88:1c:ea:f3:1e:7e:98:28:28:60:
61:47:39:fa:5e:7d:2a:ba:d5:0e:d8:2c:83:de:a4:64:6c:86:
2e:e2:ca:de:cf:74:36:bc:02:bf:cd:45:c7:54:94:df:3f:bb:
96:c5:39:3e:5f:67:83:39:02:e5:89:f6:99:40:ca:36:29:5a:
a8:9b:1d:08:c9:c4:be:34:6f:d3:79:c3:07:a6:1f:9f:c1:a6:
d4:6f:e9:4b:07:a8:c4:86:0a:37:9c:90:80:1d:05:a4:36:c2:
ac:09:65:7e:e7:e2:61:9e:34:16:87:fd:81:eb:a1:d8:6a:f1:
d4:1d:34:43:9c:34:5e:a2:e5:be:92:1c:f7:47:e0:1f:70:42:
6c:66:31:5c:e0:55:7d:a6:59:ba:ec:91:76:73:9d:ec:cf:c7:
ab:44:58:14
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgISAYpkLGC3B3XM/qnOzX/QdtqCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjOTBjMzU2ZTI4NjRmNDM4OTQ4NTc0NDM1NTVkOGI1YzAz
NTI4MTkwHhcNMjMwOTA1MDcwOTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTZkZDYwYmM1ZDUxZmViNWE1OGY0NDU1ZmExZTk4MDRmZGJhNWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoqWuFsN2Psf4BvPpTX/Mse3Xafgf
P4/FqPMI7Q6QH16g3FVy4F324AEflFs37KDm+r3QeYpcwvJF3X9iP4QXYyLIsjQV
Txpx7O6Tk1lJR7kQtXw9bZsDf1gRqkR+5AYFfFmK1xr8n1+TDKNJ+31PuCh35ylf
32rokICp8vE+hvoa/Yw+jXqHqH86Cwuw0MadCxXf+3L+2zOMiLEU77bYuKYgJpeb
Xd4GB/cLZhE2vHpr/CC6l2BFEvfxcNT5T69QR2PpFUkNoKp+KWPaZfR7M8okc03h
WHrmtvVsSXdJrk1c1skPSCtXc4VJutb2YiEjHC3XARisV2JL2fmmTkfKvQIDAQAB
o4ICizCCAocwHQYDVR0OBBYEFFpt1gvF1R/rWlj0RV+h6YBP26WgMB8GA1UdIwQY
MBaAFAyQw1bihk9DiUhXRDVV2LXANSgZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREpERFZ1S0dUME9KU0ZkRU5WWFl0Y0ExS0JrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hYzVhNTYtMTYzYS00OTdhLTk1NDct
ZTM3OTlhZGU5ZGZlLzEvV20zV0M4WFZILXRhV1BSRlg2SHBnRV9icGFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hYzVhNTYtMTYzYS00OTdhLTk1NDctZTM3OTlhZGU5ZGZl
LzEvREpERFZ1S0dUME9KU0ZkRU5WWFl0Y0ExS0JrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGgBggrBgEFBQcBBwEB/wSBkDCBjTBuBAIAATBoAwQHBU2A
AwQEJZ3QAwQFJfxAAwQELiRwAwQGLqLAAwQHLvGAAwQEURAAAwQEUsfAAwQDXCuI
MAwDBAFtSyIDBARtSyADBAWNiEADBAayToADBAK5O0QDBAC5VsMDBAa8c8ADBAXU
IuAwGwQCAAIwFQMFAyoAzEADBQAqAUoAAwUAKgMQgDANBgkqhkiG9w0BAQsFAAOC
AQEAjuMiUPsJk8nE7xPdbDG32N+2Gw9u+zkeAZfFJRikj8XXo5XQ3/JMJDeBSY4K
sHlIjZ7h8ktFx6auUtOoSZlQoIFWxAPVOq1gbryJvFx80EAFPaBN0xRkSgrak1SJ
4DpzVYaIHOrzHn6YKChgYUc5+l59KrrVDtgsg96kZGyGLuLK3s90NrwCv81Fx1SU
3z+7lsU5Pl9ngzkC5Yn2mUDKNilaqJsdCMnEvjRv03nDB6Yfn8Gm1G/pSweoxIYK
N5yQgB0FpDbCrAllfufiYZ40Fof9geuh2Grx1B00Q5w0XqLlvpIc90fgH3BCbGYx
XOBVfaZZuuyRdnOd7M/Hq0RYFA==
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:33:11 2024 by rpki-client on console-ams.rpki-client.org