Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/ba88f2-215f-4f89-a3af-138b787de3e3/1/WtG0D4IvuAbEGjBz2mliS2RTySA.roa
File: WtG0D4IvuAbEGjBz2mliS2RTySA.roa (raw, json)
Hash identifier: hUftdskj7DI8dGbw2ddS+uUdCd5HtglaRH+tTAeEwyU=
Subject key identifier: 5A:D1:B4:0F:82:2F:B8:06:C4:1A:30:73:DA:69:62:4B:64:53:C9:20
Certificate issuer: /CN=999df7dc0ed518f1ec69974cf98cecaada1a8680
Certificate serial: 018BB41D3F76532BDDFFB11C492DD620B7CD
Authority key identifier: 99:9D:F7:DC:0E:D5:18:F1:EC:69:97:4C:F9:8C:EC:AA:DA:1A:86:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mZ333A7VGPHsaZdM-YzsqtoahoA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/ba88f2-215f-4f89-a3af-138b787de3e3/1/WtG0D4IvuAbEGjBz2mliS2RTySA.roa
Signing time: Thu 09 Nov 2023 12:44:57 +0000
ROA not before: Thu 09 Nov 2023 12:44:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6848
IP address blocks: 195.162.192.0/19 maxlen: 19
212.76.224.0/19 maxlen: 19
188.188.0.0/15 maxlen: 15
78.29.192.0/18 maxlen: 18
213.132.128.0/19 maxlen: 19
81.82.0.0/15 maxlen: 15
195.16.0.0/19 maxlen: 19
141.134.0.0/15 maxlen: 15
46.253.160.0/20 maxlen: 20
62.205.64.0/18 maxlen: 18
185.30.52.0/22 maxlen: 22
78.20.0.0/14 maxlen: 14
178.116.0.0/14 maxlen: 14
5.23.128.0/17 maxlen: 17
188.95.146.0/23 maxlen: 23
212.88.224.0/19 maxlen: 19
85.28.64.0/18 maxlen: 18
82.210.64.0/19 maxlen: 19
84.192.0.0/13 maxlen: 13
83.217.128.0/19 maxlen: 19
213.214.32.0/19 maxlen: 19
213.251.64.0/18 maxlen: 18
185.23.244.0/22 maxlen: 22
213.224.0.0/16 maxlen: 16
157.173.128.0/18 maxlen: 18
217.168.120.0/21 maxlen: 21
212.123.0.0/19 maxlen: 19
82.143.64.0/18 maxlen: 18
94.224.0.0/14 maxlen: 14
213.118.0.0/15 maxlen: 15
81.164.0.0/15 maxlen: 15
195.130.128.0/19 maxlen: 19
217.72.224.0/20 maxlen: 20
188.44.64.0/19 maxlen: 19
185.248.41.0/24 maxlen: 24
185.248.40.0/22 maxlen: 22
2a02:1800::/24 maxlen: 24
2a00:1cf8::/32 maxlen: 32
2a02:1800:101::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:29:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b4:1d:3f:76:53:2b:dd:ff:b1:1c:49:2d:d6:20:b7:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=999df7dc0ed518f1ec69974cf98cecaada1a8680
Validity
Not Before: Nov 9 12:44:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5ad1b40f822fb806c41a3073da69624b6453c920
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:09:82:98:29:9d:25:89:f3:4e:bd:50:00:42:
f4:8c:28:ab:01:cb:a0:19:41:ab:8b:d4:48:ba:b6:
dc:d4:a5:a0:e1:d4:17:4d:e1:5b:dd:be:b6:bc:28:
d1:78:00:f4:80:cc:46:07:93:d3:ba:ab:31:88:2a:
c4:ff:74:c8:ff:bc:21:b1:5b:2c:77:67:c2:cb:aa:
37:24:e9:3f:d6:a4:7d:d8:a1:2d:55:ea:f6:2e:30:
78:85:fa:93:cf:5c:32:c0:50:ae:46:fe:0c:96:2b:
c5:cd:6a:92:9f:15:e2:ab:74:ff:c5:5f:50:9d:5d:
84:ec:92:5f:61:9f:5b:30:a1:1f:b3:ea:c1:5d:96:
2c:b2:ca:1b:93:8c:ae:45:8f:72:45:68:a7:6e:f9:
65:1e:ed:8b:b6:39:26:8b:b3:0e:01:36:09:5a:9e:
1b:08:6e:81:65:52:62:8c:63:d6:6f:64:8a:99:bd:
8c:89:15:80:af:27:a5:09:54:ce:5c:c6:5e:d3:88:
08:d4:92:0f:c3:d1:e7:3f:1d:0e:fe:15:e7:2d:10:
d3:91:b3:e3:83:a5:dd:8b:c2:d3:eb:8c:01:86:8b:
e9:fe:96:28:5f:8c:86:10:6c:84:30:17:f1:5e:85:
d5:1b:0c:3e:2e:98:91:cb:00:68:6a:f9:1e:49:55:
23:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:D1:B4:0F:82:2F:B8:06:C4:1A:30:73:DA:69:62:4B:64:53:C9:20
X509v3 Authority Key Identifier:
keyid:99:9D:F7:DC:0E:D5:18:F1:EC:69:97:4C:F9:8C:EC:AA:DA:1A:86:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mZ333A7VGPHsaZdM-YzsqtoahoA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/ba88f2-215f-4f89-a3af-138b787de3e3/1/WtG0D4IvuAbEGjBz2mliS2RTySA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/ba88f2-215f-4f89-a3af-138b787de3e3/1/mZ333A7VGPHsaZdM-YzsqtoahoA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.23.128.0/17
46.253.160.0/20
62.205.64.0/18
78.20.0.0/14
78.29.192.0/18
81.82.0.0/15
81.164.0.0/15
82.143.64.0/18
82.210.64.0/19
83.217.128.0/19
84.192.0.0/13
85.28.64.0/18
94.224.0.0/14
141.134.0.0/15
157.173.128.0/18
178.116.0.0/14
185.23.244.0/22
185.30.52.0/22
185.248.40.0/22
188.44.64.0/19
188.95.146.0/23
188.188.0.0/15
195.16.0.0/19
195.130.128.0/19
195.162.192.0/19
212.76.224.0/19
212.88.224.0/19
212.123.0.0/19
213.118.0.0/15
213.132.128.0/19
213.214.32.0/19
213.224.0.0/16
213.251.64.0/18
217.72.224.0/20
217.168.120.0/21
IPv6:
2a00:1cf8::/32
2a02:1800::/24
Signature Algorithm: sha256WithRSAEncryption
1d:b3:68:bc:80:98:f5:21:2c:5a:f3:f2:1d:a5:f3:16:43:ff:
3a:39:85:ff:e8:94:7e:b9:14:79:1f:7e:8d:64:18:12:9e:da:
3d:01:1e:e5:34:96:04:a3:75:b8:16:c3:19:cf:7e:e1:78:03:
13:cf:d4:f2:8b:b2:ff:dc:73:34:d2:cf:d2:2f:2f:a1:21:8e:
ab:cf:6f:c4:a2:da:60:bb:38:5f:7b:e5:18:66:70:26:d1:fb:
36:09:94:4d:39:17:0c:e5:6f:85:1b:c6:ba:c6:43:0c:ec:58:
0d:5e:fb:66:e7:97:2b:ee:36:c5:fe:e0:1a:ff:15:c1:a2:04:
84:44:2e:f8:e9:40:1b:c0:d8:04:69:8f:fe:c4:cd:a0:96:37:
40:fc:d6:36:67:58:f4:35:cf:13:69:9f:73:41:46:0e:76:c1:
2f:77:90:4c:8d:7a:df:ab:ec:58:5b:cb:24:d6:f0:3c:bb:a0:
a1:d2:87:dd:7a:92:f5:ab:0e:f7:16:ac:f3:cb:27:ce:9c:eb:
72:99:2c:c6:bb:ae:a8:89:be:58:5a:52:65:b9:b3:19:07:f3:
47:84:f5:32:75:1f:d9:d7:3a:c4:6d:71:c1:8a:c5:1a:40:d9:
02:d5:3c:4f:8c:91:d7:c5:b0:ea:52:de:41:98:ea:31:a3:d9:
88:3c:2a:f9
-----BEGIN CERTIFICATE-----
MIIF2TCCBMGgAwIBAgISAYu0HT92Uyvd/7EcSS3WILfNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5OWRmN2RjMGVkNTE4ZjFlYzY5OTc0Y2Y5OGNlY2FhZGEx
YTg2ODAwHhcNMjMxMTA5MTI0NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YWQxYjQwZjgyMmZiODA2YzQxYTMwNzNkYTY5NjI0YjY0NTNjOTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlQmCmCmdJYnzTr1QAEL0jCirAcug
GUGri9RIurbc1KWg4dQXTeFb3b62vCjReAD0gMxGB5PTuqsxiCrE/3TI/7whsVss
d2fCy6o3JOk/1qR92KEtVer2LjB4hfqTz1wywFCuRv4MlivFzWqSnxXiq3T/xV9Q
nV2E7JJfYZ9bMKEfs+rBXZYsssobk4yuRY9yRWinbvllHu2Ltjkmi7MOATYJWp4b
CG6BZVJijGPWb2SKmb2MiRWAryelCVTOXMZe04gI1JIPw9HnPx0O/hXnLRDTkbPj
g6Xdi8LT64wBhovp/pYoX4yGEGyEMBfxXoXVGww+LpiRywBoavkeSVUjUwIDAQAB
o4IC5TCCAuEwHQYDVR0OBBYEFFrRtA+CL7gGxBowc9ppYktkU8kgMB8GA1UdIwQY
MBaAFJmd99wO1Rjx7GmXTPmM7KraGoaAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVozMzNBN1ZHUEhzYVpkTS1ZenNxdG9haG9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9iYTg4ZjItMjE1Zi00Zjg5LWEzYWYt
MTM4Yjc4N2RlM2UzLzEvV3RHMEQ0SXZ1QWJFR2pCejJtbGlTMlJUeVNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9iYTg4ZjItMjE1Zi00Zjg5LWEzYWYtMTM4Yjc4N2RlM2Uz
LzEvbVozMzNBN1ZHUEhzYVpkTS1ZenNxdG9haG9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH6BggrBgEFBQcBBwEB/wSB6jCB5zCBzwQCAAEwgcgDBAcF
F4ADBAQu/aADBAY+zUADAwJOFAMEBk4dwAMDAVFSAwMBUaQDBAZSj0ADBAVS0kAD
BAVT2YADAwNUwAMEBlUcQAMDAl7gAwMBjYYDBAadrYADAwKydAMEArkX9AMEArke
NAMEArn4KAMEBbwsQAMEAbxfkgMDAby8AwQFwxAAAwQFw4KAAwQFw6LAAwQF1Ezg
AwQF1FjgAwQF1HsAAwMB1XYDBAXVhIADBAXV1iADAwDV4AMEBtX7QAMEBNlI4AME
A9moeDATBAIAAjANAwUAKgAc+AMEACoCGDANBgkqhkiG9w0BAQsFAAOCAQEAHbNo
vICY9SEsWvPyHaXzFkP/OjmF/+iUfrkUeR9+jWQYEp7aPQEe5TSWBKN1uBbDGc9+
4XgDE8/U8ouy/9xzNNLP0i8voSGOq89vxKLaYLs4X3vlGGZwJtH7NgmUTTkXDOVv
hRvGusZDDOxYDV77ZueXK+42xf7gGv8VwaIEhEQu+OlAG8DYBGmP/sTNoJY3QPzW
NmdY9DXPE2mfc0FGDnbBL3eQTI1636vsWFvLJNbwPLugodKH3XqS9asO9xas88sn
zpzrcpksxruuqIm+WFpSZbmzGQfzR4T1MnUf2dc6xG1xwYrFGkDZAtU8T4yR18Ww
6lLeQZjqMaPZiDwq+Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:33 2024 by rpki-client on console-fra.rpki-client.org