Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/3334f8-dace-497f-a5a3-814e80904be4/1/Ast1t5hbkIqAvev2jLZ2N5FFNfc.roa
File: Ast1t5hbkIqAvev2jLZ2N5FFNfc.roa (raw, json)
Hash identifier: oUMeD4bp/8VF3Xa+6aN0xR+X54DDyf173+9x80uYfjk=
Subject key identifier: 02:CB:75:B7:98:5B:90:8A:80:BD:EB:F6:8C:B6:76:37:91:45:35:F7
Certificate issuer: /CN=5bea2b884c7067f58fff040a1f06e0df1e80ab3e
Certificate serial: 0185710C06461163F7E2AB9AE88106CED7D3
Authority key identifier: 5B:EA:2B:88:4C:70:67:F5:8F:FF:04:0A:1F:06:E0:DF:1E:80:AB:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W-oriExwZ_WP_wQKHwbg3x6Aqz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/3334f8-dace-497f-a5a3-814e80904be4/1/Ast1t5hbkIqAvev2jLZ2N5FFNfc.roa
Signing time: Mon 02 Jan 2023 05:54:51 +0000
ROA not before: Mon 02 Jan 2023 05:54:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9050
IP address blocks: 92.87.0.0/16 maxlen: 16
92.87.11.0/24 maxlen: 24
92.80.0.0/16 maxlen: 16
109.97.0.0/16 maxlen: 16
92.84.0.0/16 maxlen: 16
92.87.118.0/24 maxlen: 24
92.87.128.0/23 maxlen: 23
92.87.133.0/24 maxlen: 24
109.101.0.0/16 maxlen: 16
92.87.54.0/24 maxlen: 24
89.121.0.0/18 maxlen: 18
89.121.0.0/16 maxlen: 16
92.86.38.0/24 maxlen: 24
92.86.36.0/24 maxlen: 24
92.86.48.0/24 maxlen: 24
109.103.0.0/16 maxlen: 16
92.86.50.0/24 maxlen: 24
109.99.184.0/24 maxlen: 24
109.99.185.0/24 maxlen: 24
109.99.189.0/24 maxlen: 24
109.99.192.0/24 maxlen: 24
109.96.0.0/16 maxlen: 16
89.123.0.0/17 maxlen: 17
89.123.0.0/16 maxlen: 16
92.86.0.0/16 maxlen: 16
86.35.128.0/17 maxlen: 17
185.133.64.0/22 maxlen: 22
109.100.0.0/16 maxlen: 16
92.86.90.0/24 maxlen: 24
89.120.0.0/16 maxlen: 16
109.99.214.0/24 maxlen: 24
92.83.0.0/19 maxlen: 19
109.99.216.0/24 maxlen: 24
92.83.0.0/16 maxlen: 16
89.123.128.0/17 maxlen: 17
109.98.192.0/24 maxlen: 24
109.98.192.0/23 maxlen: 23
109.98.193.0/24 maxlen: 24
92.82.0.0/18 maxlen: 18
92.82.0.0/16 maxlen: 16
109.102.0.0/16 maxlen: 16
86.35.64.0/18 maxlen: 18
109.102.163.0/24 maxlen: 24
109.102.161.0/24 maxlen: 24
217.115.208.0/20 maxlen: 20
86.35.0.0/21 maxlen: 21
86.35.10.0/24 maxlen: 24
86.35.9.0/24 maxlen: 24
109.99.0.0/16 maxlen: 16
86.35.0.0/16 maxlen: 16
86.35.15.0/24 maxlen: 24
86.35.16.0/20 maxlen: 20
86.35.13.0/24 maxlen: 24
86.35.14.0/24 maxlen: 24
86.35.12.0/24 maxlen: 24
86.35.32.0/19 maxlen: 19
89.121.128.0/17 maxlen: 17
92.87.214.0/23 maxlen: 23
92.87.232.0/24 maxlen: 24
109.98.0.0/16 maxlen: 16
86.34.0.0/16 maxlen: 16
92.87.244.0/24 maxlen: 24
86.34.0.0/15 maxlen: 15
92.87.245.0/24 maxlen: 24
89.121.64.0/18 maxlen: 18
92.87.170.0/24 maxlen: 24
92.87.175.0/24 maxlen: 24
92.87.173.0/24 maxlen: 24
92.87.174.0/24 maxlen: 24
92.81.0.0/16 maxlen: 16
92.81.128.0/17 maxlen: 17
84.243.64.0/18 maxlen: 18
109.98.113.0/24 maxlen: 24
89.122.0.0/16 maxlen: 16
109.98.117.0/24 maxlen: 24
109.98.115.0/24 maxlen: 24
109.98.119.0/24 maxlen: 24
109.98.123.0/24 maxlen: 24
109.98.121.0/24 maxlen: 24
109.98.126.0/24 maxlen: 24
92.85.0.0/16 maxlen: 16
2a02:d10:800:1::/64 maxlen: 64
2a02:d10::/32 maxlen: 64
Validation: Failed, certificate revoked on Fri 20 Jan 2023 11:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:0c:06:46:11:63:f7:e2:ab:9a:e8:81:06:ce:d7:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5bea2b884c7067f58fff040a1f06e0df1e80ab3e
Validity
Not Before: Jan 2 05:54:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=02cb75b7985b908a80bdebf68cb67637914535f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:31:3d:76:52:e6:ac:f3:a4:25:73:ad:67:c9:
85:ec:c5:e5:84:30:ed:c5:42:5c:1c:32:b9:04:aa:
3b:4d:5e:97:04:8b:0f:40:f2:2e:3e:d5:40:0f:da:
55:e2:2e:65:7f:61:ba:12:99:6f:f8:e1:22:2c:1c:
e9:e4:58:59:27:25:dd:3f:c3:f2:7e:8b:6d:da:7a:
34:b9:3e:5b:c3:cd:19:79:d0:26:b1:ad:5f:c9:d5:
26:6a:b9:3f:d7:69:56:29:cc:04:ed:b9:7e:70:6f:
1e:7d:1a:88:55:56:d1:b9:bc:c7:ca:91:27:2d:0c:
d3:57:30:1f:66:a7:c5:15:9c:cf:26:09:7b:0f:4c:
3e:fa:be:de:34:f0:77:18:4d:d3:7a:8c:e1:08:7a:
14:7b:13:43:cd:a5:4f:d4:0c:8d:c2:3a:26:f5:3f:
f8:8b:89:08:a3:98:40:ce:b1:e8:3f:62:db:92:ac:
5e:2d:40:8e:3e:9a:8f:6f:40:d9:9c:ff:be:f9:49:
6a:ab:9d:a8:ed:b0:dd:b3:ee:74:ae:b8:ec:0e:41:
59:13:ca:f0:c4:55:33:b5:23:cc:e2:56:d7:c5:5c:
2d:97:2d:0d:3a:e4:f3:f3:7b:b9:54:a2:47:b8:b4:
78:ce:b6:ab:98:d7:ca:3c:91:d0:72:b4:18:24:0c:
ae:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:CB:75:B7:98:5B:90:8A:80:BD:EB:F6:8C:B6:76:37:91:45:35:F7
X509v3 Authority Key Identifier:
keyid:5B:EA:2B:88:4C:70:67:F5:8F:FF:04:0A:1F:06:E0:DF:1E:80:AB:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W-oriExwZ_WP_wQKHwbg3x6Aqz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/3334f8-dace-497f-a5a3-814e80904be4/1/Ast1t5hbkIqAvev2jLZ2N5FFNfc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/3334f8-dace-497f-a5a3-814e80904be4/1/W-oriExwZ_WP_wQKHwbg3x6Aqz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.243.64.0/18
86.34.0.0/15
89.120.0.0/14
92.80.0.0/13
109.96.0.0/13
185.133.64.0/22
217.115.208.0/20
IPv6:
2a02:d10::/32
Signature Algorithm: sha256WithRSAEncryption
3f:de:de:a6:1e:77:28:a4:15:ab:0d:8e:1d:d7:34:94:23:08:
d0:74:26:27:4d:37:41:fc:8c:ed:9e:9f:81:fd:83:24:17:85:
08:9c:77:df:3c:37:58:b2:ce:ff:b9:2b:a6:7a:fe:8a:98:3c:
af:1a:ea:ef:9a:13:fc:b1:f4:3d:6f:b5:6c:55:63:52:bd:de:
32:4b:bb:55:70:96:76:37:2d:5c:f5:f2:e1:ee:fd:24:a9:b3:
6e:e2:45:9d:1d:8e:fe:fa:cd:5c:d7:d7:4b:5e:f4:e7:9e:db:
f0:0c:11:b0:1c:8c:e5:d3:f2:8a:29:22:5f:93:ab:8c:2f:41:
b1:c4:0c:77:75:c0:e1:f6:1c:2e:37:c5:46:16:57:51:e3:93:
eb:e5:59:44:2c:dd:1b:f7:bc:dc:8a:e7:37:95:82:b9:2c:c5:
ea:a3:2a:24:00:56:f5:fb:58:fd:c1:91:8d:85:95:16:23:80:
4a:73:75:39:4d:3d:42:21:51:9e:e7:e3:b2:75:a1:54:7f:1b:
96:e5:3a:01:db:bf:4a:f9:cb:86:05:89:ff:c3:4a:f3:60:70:
5d:bb:d2:45:21:c0:66:1e:38:8b:ea:4c:7d:02:37:74:45:6c:
0a:1e:a0:16:77:e2:7f:f3:df:74:04:a0:61:89:4f:ce:49:1a:
0f:30:c5:66
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYVxDAZGEWP34qua6IEGztfTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViZWEyYjg4NGM3MDY3ZjU4ZmZmMDQwYTFmMDZlMGRmMWU4
MGFiM2UwHhcNMjMwMTAyMDU1NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmNiNzViNzk4NWI5MDhhODBiZGViZjY4Y2I2NzYzNzkxNDUzNWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArTE9dlLmrPOkJXOtZ8mF7MXlhDDt
xUJcHDK5BKo7TV6XBIsPQPIuPtVAD9pV4i5lf2G6Eplv+OEiLBzp5FhZJyXdP8Py
fott2no0uT5bw80ZedAmsa1fydUmark/12lWKcwE7bl+cG8efRqIVVbRubzHypEn
LQzTVzAfZqfFFZzPJgl7D0w++r7eNPB3GE3TeozhCHoUexNDzaVP1AyNwjom9T/4
i4kIo5hAzrHoP2LbkqxeLUCOPpqPb0DZnP+++Ulqq52o7bDds+50rrjsDkFZE8rw
xFUztSPM4lbXxVwtly0NOuTz83u5VKJHuLR4zrarmNfKPJHQcrQYJAyuBwIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFALLdbeYW5CKgL3r9oy2djeRRTX3MB8GA1UdIwQY
MBaAFFvqK4hMcGf1j/8ECh8G4N8egKs+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVy1vcmlFeHdaX1dQX3dRS0h3YmczeDZBcXo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8zMzM0ZjgtZGFjZS00OTdmLWE1YTMt
ODE0ZTgwOTA0YmU0LzEvQXN0MXQ1aGJrSXFBdmV2MmpMWjJONUZGTmZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC8zMzM0ZjgtZGFjZS00OTdmLWE1YTMtODE0ZTgwOTA0YmU0
LzEvVy1vcmlFeHdaX1dQX3dRS0h3YmczeDZBcXo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmAwQGVPNAAwMB
ViIDAwJZeAMDA1xQAwMDbWADBAK5hUADBATZc9AwDQQCAAIwBwMFACoCDRAwDQYJ
KoZIhvcNAQELBQADggEBAD/e3qYedyikFasNjh3XNJQjCNB0JidNN0H8jO2en4H9
gyQXhQicd988N1iyzv+5K6Z6/oqYPK8a6u+aE/yx9D1vtWxVY1K93jJLu1VwlnY3
LVz18uHu/SSps27iRZ0djv76zVzX10te9Oee2/AMEbAcjOXT8oopIl+Tq4wvQbHE
DHd1wOH2HC43xUYWV1Hjk+vlWUQs3Rv3vNyK5zeVgrksxeqjKiQAVvX7WP3BkY2F
lRYjgEpzdTlNPUIhUZ7n47J1oVR/G5blOgHbv0r5y4YFif/DSvNgcF270kUhwGYe
OIvqTH0CN3RFbAoeoBZ34n/z33QEoGGJT85JGg8wxWY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:38 2024 by rpki-client on console-fra.rpki-client.org