Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/WEaKpwMVsnGWagK7XMWdJMj5Mvw.roa
File: WEaKpwMVsnGWagK7XMWdJMj5Mvw.roa (raw, json)
Hash identifier: BWdjTBX2VHW5JSvr+g0d5eg6HK4ZM3905hBAna8OWSk=
Subject key identifier: 58:46:8A:A7:03:15:B2:71:96:6A:02:BB:5C:C5:9D:24:C8:F9:32:FC
Certificate issuer: /CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Certificate serial: 018A3BFECCF0AF66492E2753791C29355A6A
Authority key identifier: 92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/WEaKpwMVsnGWagK7XMWdJMj5Mvw.roa
Signing time: Mon 28 Aug 2023 11:54:28 +0000
ROA not before: Mon 28 Aug 2023 11:54:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203020
IP address blocks: 45.144.88.0/22 maxlen: 24
87.239.254.0/24 maxlen: 32
45.149.28.0/22 maxlen: 24
89.44.205.0/24 maxlen: 32
185.147.140.0/22 maxlen: 32
91.228.216.0/24 maxlen: 24
185.36.254.0/24 maxlen: 32
185.217.64.0/22 maxlen: 22
185.166.84.0/24 maxlen: 32
86.105.183.0/24 maxlen: 32
185.188.61.0/24 maxlen: 24
94.46.206.0/24 maxlen: 32
185.184.228.0/24 maxlen: 32
185.201.188.0/24 maxlen: 24
89.40.24.0/24 maxlen: 32
185.152.248.0/22 maxlen: 32
5.154.174.0/24 maxlen: 24
80.246.30.0/24 maxlen: 32
45.156.224.0/22 maxlen: 32
185.153.151.0/24 maxlen: 32
188.119.154.0/24 maxlen: 32
185.160.44.0/22 maxlen: 32
185.96.162.0/24 maxlen: 32
45.95.24.0/22 maxlen: 32
185.152.36.0/22 maxlen: 32
89.35.249.0/24 maxlen: 32
185.108.104.0/24 maxlen: 32
185.108.105.0/24 maxlen: 32
195.47.194.0/24 maxlen: 32
2a06:4a00::/29 maxlen: 32
2a12:adc0::/29 maxlen: 29
2a0c:ec40::/29 maxlen: 29
2a05:28c0::/29 maxlen: 32
2a06:e480::/29 maxlen: 29
2a0b:3f40::/29 maxlen: 29
2a07:f2c0::/29 maxlen: 29
2a06:5700::/29 maxlen: 32
2a01:4740::/32 maxlen: 32
2a05:6700::/29 maxlen: 29
2a06:46c0::/29 maxlen: 32
2a06:5000::/29 maxlen: 32
2a05:f4c0::/29 maxlen: 29
2a07:4780::/29 maxlen: 29
2a0a:3080::/29 maxlen: 29
2a06:df80::/29 maxlen: 29
2a06:3040::/29 maxlen: 48
2a07:9c80::/29 maxlen: 29
2a0c:d8c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 21 Sep 2023 08:52:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:3b:fe:cc:f0:af:66:49:2e:27:53:79:1c:29:35:5a:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Validity
Not Before: Aug 28 11:54:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=58468aa70315b271966a02bb5cc59d24c8f932fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:b1:89:56:3b:fb:b4:4d:26:78:88:e7:71:53:
1d:ac:c3:47:b3:ee:6c:f8:44:b2:ac:29:7d:fa:35:
bb:7d:8d:ca:06:b0:1f:d4:52:1c:d2:44:61:0d:c9:
ec:bb:ec:c4:f3:d4:45:5c:cf:fd:63:6f:cd:05:a0:
ca:70:ca:28:69:db:6f:01:dd:52:16:f9:b5:dd:9f:
d4:53:90:41:5c:b5:cf:b2:a1:8a:a0:f4:48:d8:3c:
e6:68:54:fa:54:ac:c1:46:c2:b1:97:15:08:df:06:
e8:a7:2b:c4:35:64:d8:e7:d1:29:68:8b:4d:bc:73:
4c:f4:61:ec:7a:7f:de:54:27:6f:b3:26:6c:3c:e8:
3b:78:dd:96:c3:ac:09:07:88:36:e6:5d:dc:b3:4d:
58:4a:ea:ec:65:1b:f7:c2:df:9d:cf:2e:01:7b:41:
df:61:ff:14:8a:05:25:88:3b:d7:69:ca:4a:67:cd:
6c:28:58:af:02:c2:d6:7f:9f:b7:df:21:f4:2e:d8:
fe:a9:ed:ca:84:96:b7:fe:01:fb:61:95:e1:1c:92:
b6:52:a9:72:f9:1b:42:de:67:7c:0d:77:16:6c:28:
a5:ad:75:22:fb:29:99:bb:61:ee:65:b4:c3:63:1d:
a2:a0:31:8e:34:42:fb:c5:e0:43:85:a0:8f:58:97:
34:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:46:8A:A7:03:15:B2:71:96:6A:02:BB:5C:C5:9D:24:C8:F9:32:FC
X509v3 Authority Key Identifier:
keyid:92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/WEaKpwMVsnGWagK7XMWdJMj5Mvw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.174.0/24
45.95.24.0/22
45.144.88.0/22
45.149.28.0/22
45.156.224.0/22
80.246.30.0/24
86.105.183.0/24
87.239.254.0/24
89.35.249.0/24
89.40.24.0/24
89.44.205.0/24
91.228.216.0/24
94.46.206.0/24
185.36.254.0/24
185.96.162.0/24
185.108.104.0/23
185.147.140.0/22
185.152.36.0/22
185.152.248.0/22
185.153.151.0/24
185.160.44.0/22
185.166.84.0/24
185.184.228.0/24
185.188.61.0/24
185.201.188.0/24
185.217.64.0/22
188.119.154.0/24
195.47.194.0/24
IPv6:
2a01:4740::/32
2a05:28c0::/29
2a05:6700::/29
2a05:f4c0::/29
2a06:3040::/29
2a06:46c0::/29
2a06:4a00::/29
2a06:5000::/29
2a06:5700::/29
2a06:df80::/29
2a06:e480::/29
2a07:4780::/29
2a07:9c80::/29
2a07:f2c0::/29
2a0a:3080::/29
2a0b:3f40::/29
2a0c:d8c0::/29
2a0c:ec40::/29
2a12:adc0::/29
Signature Algorithm: sha256WithRSAEncryption
9d:f8:04:11:18:02:00:ec:37:ed:6c:eb:73:f8:7e:fe:04:9e:
18:ad:fe:be:cd:73:e9:dc:04:f8:b9:ef:5b:6e:d3:f3:b9:dc:
b1:e8:ce:da:c0:1d:04:85:8c:5a:c9:12:48:b7:ce:ce:be:ac:
6e:90:14:63:df:40:9c:b0:ac:d6:b7:7e:12:7b:94:af:d9:4f:
de:5c:00:5b:69:a9:6e:1f:ea:9e:20:cd:85:93:df:da:7c:bb:
31:05:73:f0:86:26:37:c3:6e:cb:86:b3:7f:e4:4a:5e:c8:5c:
5a:a0:c9:fa:4a:34:62:e6:9d:ac:05:9b:34:72:9d:cb:10:92:
c3:0b:1b:09:b3:1b:30:b0:49:0d:51:96:74:1b:00:d7:12:fa:
18:74:47:eb:cd:aa:90:ae:ba:1a:a0:58:ee:90:a7:1c:02:9a:
c4:7b:7f:18:60:46:de:f6:46:c4:36:5f:f6:0b:70:e8:51:6a:
20:05:9f:6e:f5:8b:6c:0a:c8:e3:e2:bc:7f:2f:53:cd:bf:49:
6b:d3:0a:98:83:66:d9:0d:ef:6c:d4:20:b7:4b:02:3f:49:0d:
42:12:0b:3c:10:af:61:2b:2e:d7:aa:b8:ac:10:69:dc:f6:d6:
ce:66:05:7c:3a:a2:c3:ed:d2:18:06:ff:43:c3:2d:cb:4e:18:
d0:13:d6:3b
-----BEGIN CERTIFICATE-----
MIIGNjCCBR6gAwIBAgISAYo7/szwr2ZJLidTeRwpNVpqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMjIwOGI0N2I2YTg2NGQ5ZDFmZjMzZTA2YWE4MWQxMzgx
OWE3NGUwHhcNMjMwODI4MTE1NDI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODQ2OGFhNzAzMTViMjcxOTY2YTAyYmI1Y2M1OWQyNGM4ZjkzMmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsLGJVjv7tE0meIjncVMdrMNHs+5s
+ESyrCl9+jW7fY3KBrAf1FIc0kRhDcnsu+zE89RFXM/9Y2/NBaDKcMooadtvAd1S
Fvm13Z/UU5BBXLXPsqGKoPRI2DzmaFT6VKzBRsKxlxUI3wbopyvENWTY59EpaItN
vHNM9GHsen/eVCdvsyZsPOg7eN2Ww6wJB4g25l3cs01YSursZRv3wt+dzy4Be0Hf
Yf8UigUliDvXacpKZ81sKFivAsLWf5+33yH0Ltj+qe3KhJa3/gH7YZXhHJK2Uqly
+RtC3md8DXcWbCilrXUi+ymZu2HuZbTDYx2ioDGONEL7xeBDhaCPWJc07QIDAQAB
o4IDQjCCAz4wHQYDVR0OBBYEFFhGiqcDFbJxlmoCu1zFnSTI+TL8MB8GA1UdIwQY
MBaAFJIiCLR7aoZNnR/zPgaqgdE4GadOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTct
OTViMDhlMzY2MGNmLzEvV0VhS3B3TVZzbkdXYWdLN1hNV2RKTWo1TXZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTctOTViMDhlMzY2MGNm
LzEva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBVgYIKwYBBQUHAQcBAf8EggFFMIIBQTCBrwQCAAEwgagD
BAAFmq4DBAItXxgDBAItkFgDBAItlRwDBAItnOADBABQ9h4DBABWabcDBABX7/4D
BABZI/kDBABZKBgDBABZLM0DBABb5NgDBABeLs4DBAC5JP4DBAC5YKIDBAG5bGgD
BAK5k4wDBAK5mCQDBAK5mPgDBAC5mZcDBAK5oCwDBAC5plQDBAC5uOQDBAC5vD0D
BAC5ybwDBAK52UADBAC8d5oDBADDL8IwgYwEAgACMIGFAwUAKgFHQAMFAyoFKMAD
BQMqBWcAAwUDKgX0wAMFAyoGMEADBQMqBkbAAwUDKgZKAAMFAyoGUAADBQMqBlcA
AwUDKgbfgAMFAyoG5IADBQMqB0eAAwUDKgecgAMFAyoH8sADBQMqCjCAAwUDKgs/
QAMFAyoM2MADBQMqDOxAAwUDKhKtwDANBgkqhkiG9w0BAQsFAAOCAQEAnfgEERgC
AOw37Wzrc/h+/gSeGK3+vs1z6dwE+LnvW27T87ncsejO2sAdBIWMWskSSLfOzr6s
bpAUY99AnLCs1rd+EnuUr9lP3lwAW2mpbh/qniDNhZPf2ny7MQVz8IYmN8Nuy4az
f+RKXshcWqDJ+ko0YuadrAWbNHKdyxCSwwsbCbMbMLBJDVGWdBsA1xL6GHRH682q
kK66GqBY7pCnHAKaxHt/GGBG3vZGxDZf9gtw6FFqIAWfbvWLbArI4+K8fy9Tzb9J
a9MKmINm2Q3vbNQgt0sCP0kNQhILPBCvYSsu16q4rBBp3PbWzmYFfDqiw+3SGAb/
Q8Mty04Y0BPWOw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:47 2024 by rpki-client on console-ams.rpki-client.org