Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/3334f8-dace-497f-a5a3-814e80904be4/1/3YOwP3Y-ieIcHIa-wlXyjBw92eY.roa
File: 3YOwP3Y-ieIcHIa-wlXyjBw92eY.roa (raw, json)
Hash identifier: LPdq9wtvVvZkpdRBtCl4L2osA9eKwT3VCplcpFC/F8o=
Subject key identifier: DD:83:B0:3F:76:3E:89:E2:1C:1C:86:BE:C2:55:F2:8C:1C:3D:D9:E6
Certificate issuer: /CN=5bea2b884c7067f58fff040a1f06e0df1e80ab3e
Certificate serial: 0185CED6C4A01FA4567934473FFFF10E79AF
Authority key identifier: 5B:EA:2B:88:4C:70:67:F5:8F:FF:04:0A:1F:06:E0:DF:1E:80:AB:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W-oriExwZ_WP_wQKHwbg3x6Aqz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/3334f8-dace-497f-a5a3-814e80904be4/1/3YOwP3Y-ieIcHIa-wlXyjBw92eY.roa
Signing time: Fri 20 Jan 2023 11:00:59 +0000
ROA not before: Fri 20 Jan 2023 11:00:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9050
IP address blocks: 92.87.0.0/16 maxlen: 16
92.87.11.0/24 maxlen: 24
92.80.0.0/16 maxlen: 16
109.97.0.0/16 maxlen: 16
92.84.0.0/16 maxlen: 16
92.87.118.0/24 maxlen: 24
92.87.128.0/23 maxlen: 23
92.87.133.0/24 maxlen: 24
109.101.0.0/16 maxlen: 16
92.87.54.0/24 maxlen: 24
89.121.0.0/18 maxlen: 18
89.121.0.0/16 maxlen: 16
92.86.38.0/24 maxlen: 24
92.86.36.0/24 maxlen: 24
109.99.158.0/24 maxlen: 24
92.86.48.0/24 maxlen: 24
109.103.0.0/16 maxlen: 16
92.86.50.0/24 maxlen: 24
109.99.184.0/24 maxlen: 24
109.99.185.0/24 maxlen: 24
109.99.189.0/24 maxlen: 24
109.99.192.0/24 maxlen: 24
109.96.0.0/16 maxlen: 16
89.123.0.0/17 maxlen: 17
89.123.0.0/16 maxlen: 16
92.86.0.0/16 maxlen: 16
86.35.128.0/17 maxlen: 17
185.133.64.0/22 maxlen: 22
109.100.0.0/16 maxlen: 16
92.86.90.0/24 maxlen: 24
89.120.0.0/16 maxlen: 16
109.99.214.0/24 maxlen: 24
92.83.0.0/19 maxlen: 19
109.99.216.0/24 maxlen: 24
92.83.0.0/16 maxlen: 16
89.123.128.0/17 maxlen: 17
109.98.192.0/24 maxlen: 24
109.98.192.0/23 maxlen: 23
109.98.193.0/24 maxlen: 24
92.82.0.0/18 maxlen: 18
92.82.0.0/16 maxlen: 16
109.102.0.0/16 maxlen: 16
86.35.64.0/18 maxlen: 18
109.102.163.0/24 maxlen: 24
109.102.161.0/24 maxlen: 24
217.115.208.0/20 maxlen: 20
86.35.0.0/21 maxlen: 21
86.35.10.0/24 maxlen: 24
86.35.9.0/24 maxlen: 24
86.35.0.0/16 maxlen: 16
109.99.0.0/16 maxlen: 16
86.35.15.0/24 maxlen: 24
86.35.16.0/20 maxlen: 20
86.35.13.0/24 maxlen: 24
86.35.14.0/24 maxlen: 24
86.35.12.0/24 maxlen: 24
86.35.32.0/19 maxlen: 19
89.121.128.0/17 maxlen: 17
92.87.214.0/23 maxlen: 23
92.87.232.0/24 maxlen: 24
86.34.0.0/16 maxlen: 16
109.98.0.0/16 maxlen: 16
92.87.244.0/24 maxlen: 24
86.34.0.0/15 maxlen: 15
92.87.245.0/24 maxlen: 24
89.121.64.0/18 maxlen: 18
92.87.170.0/24 maxlen: 24
92.87.175.0/24 maxlen: 24
92.87.173.0/24 maxlen: 24
92.87.174.0/24 maxlen: 24
92.81.0.0/16 maxlen: 16
92.81.128.0/17 maxlen: 17
84.243.64.0/18 maxlen: 18
109.98.113.0/24 maxlen: 24
89.122.0.0/16 maxlen: 16
109.98.117.0/24 maxlen: 24
109.98.115.0/24 maxlen: 24
109.98.119.0/24 maxlen: 24
109.98.123.0/24 maxlen: 24
109.98.121.0/24 maxlen: 24
109.98.126.0/24 maxlen: 24
92.85.0.0/16 maxlen: 16
2a02:d10:800:1::/64 maxlen: 64
2a02:d10::/32 maxlen: 64
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:ce:d6:c4:a0:1f:a4:56:79:34:47:3f:ff:f1:0e:79:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5bea2b884c7067f58fff040a1f06e0df1e80ab3e
Validity
Not Before: Jan 20 11:00:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dd83b03f763e89e21c1c86bec255f28c1c3dd9e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:eb:2d:37:5c:63:01:f1:82:c6:0b:d9:53:6a:
a7:53:0a:f0:b2:65:89:3f:c0:48:39:22:44:cf:ef:
cb:62:88:a3:e0:af:6b:b3:19:8f:73:99:d1:ba:a5:
a4:06:16:e5:22:28:67:52:8a:bb:87:f8:71:d7:b3:
be:87:3e:99:41:55:01:dc:40:75:80:09:92:cf:12:
76:70:93:d3:9b:d7:02:a5:81:12:fe:2f:44:f9:56:
91:92:47:e4:c3:f2:ec:45:22:9f:c9:ff:3d:13:11:
70:bc:1b:6f:12:58:58:38:1f:07:a4:27:a6:55:e5:
2b:c5:2b:96:98:36:94:42:5f:bb:29:1f:80:23:56:
b2:ce:65:d2:97:78:c5:73:48:bc:44:3c:2f:03:5e:
be:49:d8:c3:b5:dc:c9:ec:51:ec:af:7e:39:da:2b:
0e:86:97:1f:a0:c8:43:6a:f6:0c:16:3f:2e:83:58:
8e:b6:36:5d:5d:18:b5:56:b3:f8:5a:b5:85:53:1f:
29:92:68:58:11:4b:c3:1c:3b:77:74:62:c7:a5:a2:
e8:67:cc:f9:25:9f:78:4d:2e:0a:b3:47:6e:36:e8:
0b:ef:0f:7b:8c:46:3d:f3:9d:b8:58:63:e0:a0:fd:
03:e5:46:64:cb:64:cf:79:f5:76:8b:c3:f3:8f:dc:
0a:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:83:B0:3F:76:3E:89:E2:1C:1C:86:BE:C2:55:F2:8C:1C:3D:D9:E6
X509v3 Authority Key Identifier:
keyid:5B:EA:2B:88:4C:70:67:F5:8F:FF:04:0A:1F:06:E0:DF:1E:80:AB:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W-oriExwZ_WP_wQKHwbg3x6Aqz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/3334f8-dace-497f-a5a3-814e80904be4/1/3YOwP3Y-ieIcHIa-wlXyjBw92eY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/3334f8-dace-497f-a5a3-814e80904be4/1/W-oriExwZ_WP_wQKHwbg3x6Aqz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.243.64.0/18
86.34.0.0/15
89.120.0.0/14
92.80.0.0/13
109.96.0.0/13
185.133.64.0/22
217.115.208.0/20
IPv6:
2a02:d10::/32
Signature Algorithm: sha256WithRSAEncryption
78:4a:8a:c1:f5:2b:a5:fd:fa:35:b8:5b:cf:7f:f9:81:1e:9c:
1b:b6:ef:10:fd:b8:1a:65:1c:11:c6:f6:02:42:2e:aa:b3:71:
55:47:45:55:3a:76:37:bb:11:12:9f:4b:a3:c9:bb:39:ae:5e:
a8:99:15:91:e3:ce:d4:4a:25:80:d4:7f:80:d1:64:fc:49:25:
24:ff:c3:85:04:1b:6d:8c:a4:82:52:b6:3f:05:6c:02:b5:df:
a8:60:c8:62:7c:05:b2:ba:b9:56:96:48:dd:c5:26:62:6f:ef:
64:9b:0d:74:bc:22:89:10:12:5c:9d:3f:fd:8e:28:23:7e:13:
16:8e:ae:d3:0d:17:d5:4a:ba:f9:39:3b:bd:b1:77:4d:7a:9f:
bf:ce:5a:b2:81:36:07:d6:92:43:ac:90:6f:c2:ba:64:5d:bf:
7b:23:b1:f5:72:98:5e:e8:f5:00:d4:74:79:bf:b4:73:0c:d6:
a4:d5:0b:5b:d4:19:18:f1:5b:61:2e:81:cd:44:96:45:a4:a0:
c7:41:dc:75:2e:02:ac:10:8a:64:a4:d8:9c:9b:a7:78:50:01:
9f:10:b2:bc:d6:ff:51:70:9e:1c:66:52:04:fd:c5:ee:66:3a:
a5:66:00:28:7d:b3:e5:c5:d0:c0:eb:23:09:4e:cd:7e:05:78:
0b:df:88:c4
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYXO1sSgH6RWeTRHP//xDnmvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViZWEyYjg4NGM3MDY3ZjU4ZmZmMDQwYTFmMDZlMGRmMWU4
MGFiM2UwHhcNMjMwMTIwMTEwMDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDgzYjAzZjc2M2U4OWUyMWMxYzg2YmVjMjU1ZjI4YzFjM2RkOWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7+stN1xjAfGCxgvZU2qnUwrwsmWJ
P8BIOSJEz+/LYoij4K9rsxmPc5nRuqWkBhblIihnUoq7h/hx17O+hz6ZQVUB3EB1
gAmSzxJ2cJPTm9cCpYES/i9E+VaRkkfkw/LsRSKfyf89ExFwvBtvElhYOB8HpCem
VeUrxSuWmDaUQl+7KR+AI1ayzmXSl3jFc0i8RDwvA16+SdjDtdzJ7FHsr3452isO
hpcfoMhDavYMFj8ug1iOtjZdXRi1VrP4WrWFUx8pkmhYEUvDHDt3dGLHpaLoZ8z5
JZ94TS4Ks0duNugL7w97jEY98524WGPgoP0D5UZky2TPefV2i8Pzj9wKWwIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFN2DsD92PoniHByGvsJV8owcPdnmMB8GA1UdIwQY
MBaAFFvqK4hMcGf1j/8ECh8G4N8egKs+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVy1vcmlFeHdaX1dQX3dRS0h3YmczeDZBcXo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8zMzM0ZjgtZGFjZS00OTdmLWE1YTMt
ODE0ZTgwOTA0YmU0LzEvM1lPd1AzWS1pZUljSElhLXdsWHlqQnc5MmVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC8zMzM0ZjgtZGFjZS00OTdmLWE1YTMtODE0ZTgwOTA0YmU0
LzEvVy1vcmlFeHdaX1dQX3dRS0h3YmczeDZBcXo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmAwQGVPNAAwMB
ViIDAwJZeAMDA1xQAwMDbWADBAK5hUADBATZc9AwDQQCAAIwBwMFACoCDRAwDQYJ
KoZIhvcNAQELBQADggEBAHhKisH1K6X9+jW4W89/+YEenBu27xD9uBplHBHG9gJC
LqqzcVVHRVU6dje7ERKfS6PJuzmuXqiZFZHjztRKJYDUf4DRZPxJJST/w4UEG22M
pIJStj8FbAK136hgyGJ8BbK6uVaWSN3FJmJv72SbDXS8IokQElydP/2OKCN+ExaO
rtMNF9VKuvk5O72xd016n7/OWrKBNgfWkkOskG/CumRdv3sjsfVymF7o9QDUdHm/
tHMM1qTVC1vUGRjxW2Eugc1ElkWkoMdB3HUuAqwQimSk2Jybp3hQAZ8QsrzW/1Fw
nhxmUgT9xe5mOqVmACh9s+XF0MDrIwlOzX4FeAvfiMQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:38 2024 by rpki-client on console-fra.rpki-client.org