Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/eb22fa-fba4-47a9-ab53-363e2d6643f2/1/wx2g_p5Bh4szXEkFK2m88NgKKMg.roa
File: wx2g_p5Bh4szXEkFK2m88NgKKMg.roa (raw, json)
Hash identifier: tgT6NevUjMUYO+bDCG5EWo35qYs4CBjk2TR6SDUK75c=
Subject key identifier: C3:1D:A0:FE:9E:41:87:8B:33:5C:49:05:2B:69:BC:F0:D8:0A:28:C8
Certificate issuer: /CN=f3ace3cafb9e26c1a60564f70d2aceb457bf5009
Certificate serial: 01856B8A37F945630E928C8D359F2774F20E
Authority key identifier: F3:AC:E3:CA:FB:9E:26:C1:A6:05:64:F7:0D:2A:CE:B4:57:BF:50:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/86zjyvueJsGmBWT3DSrOtFe_UAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/eb22fa-fba4-47a9-ab53-363e2d6643f2/1/wx2g_p5Bh4szXEkFK2m88NgKKMg.roa
Signing time: Sun 01 Jan 2023 04:14:58 +0000
ROA not before: Sun 01 Jan 2023 04:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35567
IP address blocks: 91.191.42.0/24 maxlen: 24
91.191.41.0/24 maxlen: 24
91.191.40.0/24 maxlen: 24
91.191.39.0/24 maxlen: 24
91.191.44.0/24 maxlen: 24
91.191.43.0/24 maxlen: 24
91.191.51.0/24 maxlen: 24
91.191.50.0/24 maxlen: 24
91.191.49.0/24 maxlen: 24
91.191.48.0/24 maxlen: 24
91.191.47.0/24 maxlen: 24
91.191.46.0/24 maxlen: 24
91.191.45.0/24 maxlen: 24
91.191.52.0/24 maxlen: 24
91.191.56.0/24 maxlen: 24
91.191.55.0/24 maxlen: 24
185.16.14.0/24 maxlen: 24
91.191.54.0/24 maxlen: 24
91.191.53.0/24 maxlen: 24
185.16.12.0/22 maxlen: 24
91.191.58.0/24 maxlen: 24
91.191.57.0/24 maxlen: 24
91.191.63.0/24 maxlen: 24
91.191.62.0/24 maxlen: 24
91.191.61.0/24 maxlen: 24
91.191.60.0/24 maxlen: 24
91.191.59.0/24 maxlen: 24
91.191.1.0/24 maxlen: 24
91.191.0.0/24 maxlen: 24
91.191.4.0/24 maxlen: 24
91.191.3.0/24 maxlen: 24
91.191.2.0/24 maxlen: 24
91.191.11.0/24 maxlen: 24
91.191.10.0/24 maxlen: 24
91.191.9.0/24 maxlen: 24
91.191.8.0/24 maxlen: 24
91.191.7.0/24 maxlen: 24
91.191.6.0/24 maxlen: 24
91.191.5.0/24 maxlen: 24
91.191.14.0/24 maxlen: 24
91.191.13.0/24 maxlen: 24
91.191.12.0/24 maxlen: 24
91.191.17.0/24 maxlen: 24
91.191.16.0/24 maxlen: 24
91.191.15.0/24 maxlen: 24
91.191.24.0/21 maxlen: 24
91.191.24.0/24 maxlen: 24
91.191.23.0/24 maxlen: 24
91.191.22.0/24 maxlen: 24
91.191.21.0/24 maxlen: 24
91.191.20.0/24 maxlen: 24
91.191.19.0/24 maxlen: 24
91.191.18.0/24 maxlen: 24
91.191.31.0/24 maxlen: 24
91.191.30.0/24 maxlen: 24
91.191.29.0/24 maxlen: 24
91.191.27.0/24 maxlen: 24
91.191.26.0/24 maxlen: 24
91.191.38.0/24 maxlen: 24
91.191.37.0/24 maxlen: 24
91.191.36.0/24 maxlen: 24
91.191.35.0/24 maxlen: 24
91.191.34.0/24 maxlen: 24
91.191.33.0/24 maxlen: 24
91.191.32.0/24 maxlen: 24
213.196.112.0/24 maxlen: 24
213.196.118.0/24 maxlen: 24
213.196.117.0/24 maxlen: 24
213.196.116.0/24 maxlen: 24
213.196.115.0/24 maxlen: 24
213.196.114.0/23 maxlen: 23
213.196.114.0/24 maxlen: 24
213.196.113.0/24 maxlen: 24
213.196.121.0/24 maxlen: 24
87.250.96.0/19 maxlen: 24
87.250.98.0/24 maxlen: 24
213.196.125.0/24 maxlen: 24
213.196.124.0/24 maxlen: 24
87.250.97.0/24 maxlen: 24
87.250.96.0/24 maxlen: 24
213.196.123.0/24 maxlen: 24
213.196.122.0/24 maxlen: 24
213.196.120.0/24 maxlen: 24
213.196.119.0/24 maxlen: 24
87.250.105.0/24 maxlen: 24
87.250.104.0/24 maxlen: 24
87.250.103.0/24 maxlen: 24
87.250.102.0/24 maxlen: 24
87.250.101.0/24 maxlen: 24
213.196.127.0/24 maxlen: 24
213.196.126.0/24 maxlen: 24
87.250.99.0/24 maxlen: 24
87.250.112.0/24 maxlen: 24
87.250.109.0/24 maxlen: 24
87.250.108.0/24 maxlen: 24
87.250.107.0/24 maxlen: 24
87.250.106.0/24 maxlen: 24
87.250.118.0/24 maxlen: 24
87.250.117.0/24 maxlen: 24
87.250.115.0/24 maxlen: 24
87.250.114.0/24 maxlen: 24
87.250.113.0/24 maxlen: 24
87.250.125.0/24 maxlen: 24
87.250.124.0/24 maxlen: 24
87.250.123.0/24 maxlen: 24
87.250.122.0/24 maxlen: 24
87.250.121.0/24 maxlen: 24
87.250.120.0/24 maxlen: 24
87.250.119.0/24 maxlen: 24
87.250.127.0/24 maxlen: 24
2a02:17a8::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:8a:37:f9:45:63:0e:92:8c:8d:35:9f:27:74:f2:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f3ace3cafb9e26c1a60564f70d2aceb457bf5009
Validity
Not Before: Jan 1 04:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c31da0fe9e41878b335c49052b69bcf0d80a28c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:b5:e3:87:6b:96:7f:86:b9:5c:e1:50:6a:5b:
05:d5:04:9e:58:62:e3:40:37:75:5c:02:34:f3:25:
68:ce:22:90:69:30:88:97:ff:62:a5:15:3e:9d:c2:
86:a5:fe:5c:e3:31:89:94:38:18:f4:be:e7:8d:1c:
50:d4:d9:33:22:2f:aa:d9:c3:48:77:db:b6:1a:7e:
b5:10:2e:54:15:ae:61:c2:16:91:1b:33:c6:c4:83:
92:46:58:65:ad:77:0d:28:75:0f:b2:23:a5:f6:ac:
ab:1a:5b:9a:c4:11:ac:b3:ec:18:5d:74:39:17:2d:
e4:8c:1a:f4:fe:4d:43:a3:fe:b8:84:e9:f8:3c:2a:
b4:ba:4a:ae:7b:78:0f:48:05:5a:8d:b7:75:35:45:
d5:20:4e:d3:d5:47:b8:b3:82:b4:dd:66:56:c4:46:
34:79:c2:6e:10:7a:48:8a:46:95:54:6d:ce:38:e8:
ac:1b:16:62:bb:d7:cb:2f:da:c4:a3:c3:ea:99:88:
b7:22:ab:2e:ce:a2:96:1f:9b:6e:ef:4e:39:d8:f5:
69:aa:ed:74:5b:19:90:38:6e:d3:b8:cf:7f:1c:48:
a7:20:69:20:ba:1c:96:22:36:a9:7d:8c:d7:20:08:
7b:18:56:5a:5b:cc:9a:a7:1e:e9:2f:f3:5e:ea:9e:
38:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:1D:A0:FE:9E:41:87:8B:33:5C:49:05:2B:69:BC:F0:D8:0A:28:C8
X509v3 Authority Key Identifier:
keyid:F3:AC:E3:CA:FB:9E:26:C1:A6:05:64:F7:0D:2A:CE:B4:57:BF:50:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/86zjyvueJsGmBWT3DSrOtFe_UAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/eb22fa-fba4-47a9-ab53-363e2d6643f2/1/wx2g_p5Bh4szXEkFK2m88NgKKMg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/eb22fa-fba4-47a9-ab53-363e2d6643f2/1/86zjyvueJsGmBWT3DSrOtFe_UAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.250.96.0/19
91.191.0.0/18
185.16.12.0/22
213.196.112.0/20
IPv6:
2a02:17a8::/32
Signature Algorithm: sha256WithRSAEncryption
92:5b:52:44:8c:38:ac:88:4d:25:63:26:45:85:f2:ab:2c:51:
01:06:be:3b:b3:96:c2:a1:6d:c2:25:96:e2:ee:27:f1:01:1c:
c5:c0:0a:71:8a:e3:88:8a:5c:27:13:d9:e8:7d:b8:94:f5:9b:
ee:4b:8f:e8:72:0c:36:aa:b4:9b:45:92:37:58:32:0d:47:a3:
b9:9c:8e:57:f1:07:37:d8:75:f4:29:19:35:a1:f0:43:bd:ad:
17:fe:8e:29:ee:eb:91:0c:5d:75:8d:c4:19:b0:c9:07:9a:58:
d5:c6:00:db:5c:b1:32:cd:b9:7e:d2:f4:e0:f0:10:8a:9b:7f:
cf:a7:1f:78:d0:9e:e6:f8:46:6a:b9:62:2d:a8:25:bc:3d:cd:
77:cb:24:c7:5c:77:66:31:f8:1d:fd:46:91:c4:9f:e6:bf:88:
a5:8e:1b:07:ff:da:83:2f:9e:77:17:ad:60:74:7d:f0:2c:bd:
cd:ed:d5:e0:4e:3a:7d:21:6a:7e:2b:e4:22:bd:d3:7e:05:3a:
c8:81:ae:c6:b0:fd:3b:ee:8b:b0:16:8c:ec:d5:b5:e8:a6:87:
68:8d:ab:f5:2f:42:cd:9b:8f:b9:c7:22:0d:16:9a:c8:1a:6b:
da:22:ab:9a:32:f5:8d:76:6f:37:ba:d9:79:f8:c1:1d:98:a1:
16:46:e5:8c
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVrijf5RWMOkoyNNZ8ndPIOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzYWNlM2NhZmI5ZTI2YzFhNjA1NjRmNzBkMmFjZWI0NTdi
ZjUwMDkwHhcNMjMwMTAxMDQxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzFkYTBmZTllNDE4NzhiMzM1YzQ5MDUyYjY5YmNmMGQ4MGEyOGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo7Xjh2uWf4a5XOFQalsF1QSeWGLj
QDd1XAI08yVoziKQaTCIl/9ipRU+ncKGpf5c4zGJlDgY9L7njRxQ1NkzIi+q2cNI
d9u2Gn61EC5UFa5hwhaRGzPGxIOSRlhlrXcNKHUPsiOl9qyrGluaxBGss+wYXXQ5
Fy3kjBr0/k1Do/64hOn4PCq0ukque3gPSAVajbd1NUXVIE7T1Ue4s4K03WZWxEY0
ecJuEHpIikaVVG3OOOisGxZiu9fLL9rEo8PqmYi3IqsuzqKWH5tu70452PVpqu10
WxmQOG7TuM9/HEinIGkguhyWIjapfYzXIAh7GFZaW8yapx7pL/Ne6p44vQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFMMdoP6eQYeLM1xJBStpvPDYCijIMB8GA1UdIwQY
MBaAFPOs48r7nibBpgVk9w0qzrRXv1AJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODZ6anl2dWVKc0dtQldUM0RTck90RmVfVUFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9lYjIyZmEtZmJhNC00N2E5LWFiNTMt
MzYzZTJkNjY0M2YyLzEvd3gyZ19wNUJoNHN6WEVrRksybTg4TmdLS01nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9lYjIyZmEtZmJhNC00N2E5LWFiNTMtMzYzZTJkNjY0M2Yy
LzEvODZ6anl2dWVKc0dtQldUM0RTck90RmVfVUFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQFV/pgAwQG
W78AAwQCuRAMAwQE1cRwMA0EAgACMAcDBQAqAheoMA0GCSqGSIb3DQEBCwUAA4IB
AQCSW1JEjDisiE0lYyZFhfKrLFEBBr47s5bCoW3CJZbi7ifxARzFwApxiuOIilwn
E9nofbiU9ZvuS4/ocgw2qrSbRZI3WDINR6O5nI5X8Qc32HX0KRk1ofBDva0X/o4p
7uuRDF11jcQZsMkHmljVxgDbXLEyzbl+0vTg8BCKm3/Ppx940J7m+EZquWItqCW8
Pc13yyTHXHdmMfgd/UaRxJ/mv4iljhsH/9qDL553F61gdH3wLL3N7dXgTjp9IWp+
K+QivdN+BTrIga7GsP077ouwFozs1bXopodojav1L0LNm4+5xyINFprIGmvaIqua
MvWNdm83utl5+MEdmKEWRuWM
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:16:29 2024 by rpki-client on console-ams.rpki-client.org