Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/CwdmiHCvBrZLFefz8w4Zc_DQhwU.roa
File: CwdmiHCvBrZLFefz8w4Zc_DQhwU.roa (raw, json)
Hash identifier: kFfCGxVokRFMZ0eJjFKnbt0voBv7lG2lItL+X3VZp/U=
Subject key identifier: 0B:07:66:88:70:AF:06:B6:4B:15:E7:F3:F3:0E:19:73:F0:D0:87:05
Certificate issuer: /CN=5b698c4b612afee2cbb1cdd509e4f0246fbb80e1
Certificate serial: 018DCC58318987C66015E3B7C4C79F404816
Authority key identifier: 5B:69:8C:4B:61:2A:FE:E2:CB:B1:CD:D5:09:E4:F0:24:6F:BB:80:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/CwdmiHCvBrZLFefz8w4Zc_DQhwU.roa
Signing time: Wed 21 Feb 2024 15:45:48 +0000
ROA not before: Wed 21 Feb 2024 15:45:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206065
IP address blocks: 31.217.208.0/21 maxlen: 24
37.19.80.0/20 maxlen: 24
37.114.192.0/18 maxlen: 24
37.114.192.0/20 maxlen: 24
37.114.216.0/22 maxlen: 24
37.114.220.0/22 maxlen: 24
37.114.224.0/22 maxlen: 24
37.114.228.0/22 maxlen: 24
37.114.244.0/22 maxlen: 24
37.114.248.0/21 maxlen: 24
37.114.252.0/24 maxlen: 24
37.114.253.0/24 maxlen: 24
37.114.254.0/24 maxlen: 24
37.114.255.0/24 maxlen: 24
37.221.0.0/18 maxlen: 24
37.235.16.0/20 maxlen: 24
45.128.140.0/22 maxlen: 24
45.144.124.0/22 maxlen: 24
46.32.5.0/24 maxlen: 24
46.32.9.0/24 maxlen: 24
46.32.14.0/24 maxlen: 24
46.34.164.0/22 maxlen: 24
46.34.168.0/21 maxlen: 24
46.34.180.0/22 maxlen: 24
46.34.184.0/22 maxlen: 24
46.34.188.0/22 maxlen: 24
78.158.182.0/23 maxlen: 24
79.132.213.0/24 maxlen: 24
79.132.217.0/24 maxlen: 24
79.132.219.0/24 maxlen: 24
80.71.113.0/24 maxlen: 24
80.71.122.0/23 maxlen: 24
80.71.124.0/23 maxlen: 24
80.71.127.0/24 maxlen: 24
81.29.243.0/24 maxlen: 24
81.29.248.0/21 maxlen: 24
81.29.250.0/23 maxlen: 24
81.29.250.0/24 maxlen: 24
81.29.251.0/24 maxlen: 24
81.29.254.0/24 maxlen: 24
81.91.144.0/20 maxlen: 24
86.109.32.0/23 maxlen: 24
86.109.41.0/24 maxlen: 24
86.109.56.0/23 maxlen: 24
87.247.180.0/23 maxlen: 24
91.184.64.0/20 maxlen: 24
92.61.184.0/21 maxlen: 24
92.119.68.0/22 maxlen: 24
94.139.160.0/20 maxlen: 24
109.230.64.0/21 maxlen: 24
109.230.80.0/20 maxlen: 24
109.230.94.0/24 maxlen: 24
109.230.95.0/24 maxlen: 24
176.221.65.0/24 maxlen: 24
185.12.62.0/24 maxlen: 24
185.21.76.0/22 maxlen: 24
185.30.76.0/22 maxlen: 24
185.70.60.0/22 maxlen: 24
185.104.228.0/24 maxlen: 24
185.142.233.0/24 maxlen: 24
185.142.234.0/23 maxlen: 24
185.172.0.0/22 maxlen: 24
185.190.20.0/22 maxlen: 24
185.197.68.0/22 maxlen: 24
188.75.92.0/24 maxlen: 24
188.75.94.0/24 maxlen: 24
188.75.102.0/23 maxlen: 24
188.75.107.0/24 maxlen: 24
188.75.110.0/23 maxlen: 24
188.75.122.0/23 maxlen: 24
188.121.128.0/19 maxlen: 24
188.121.146.0/24 maxlen: 24
188.136.220.0/23 maxlen: 24
213.207.192.0/20 maxlen: 24
217.66.208.0/24 maxlen: 24
217.66.211.0/24 maxlen: 24
2a0c:100::/29 maxlen: 48
Validation: Failed, certificate revoked on Sat 09 Mar 2024 12:33:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:cc:58:31:89:87:c6:60:15:e3:b7:c4:c7:9f:40:48:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b698c4b612afee2cbb1cdd509e4f0246fbb80e1
Validity
Not Before: Feb 21 15:45:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0b07668870af06b64b15e7f3f30e1973f0d08705
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:e0:ba:90:7a:e9:1c:36:31:38:83:5d:af:fa:
9c:c9:d8:1a:cb:6a:57:47:d4:b9:1b:b3:8d:62:89:
d8:b4:42:a9:b0:cd:ce:6c:94:c5:e2:f9:b9:da:f4:
56:eb:45:0b:67:fb:ef:33:62:5c:4a:b0:c7:0e:b5:
c0:23:f7:b6:b3:fd:9c:52:b1:e0:1b:20:d5:bd:2d:
60:c2:df:fc:00:db:17:f5:1d:df:17:7d:a1:ce:69:
bb:7e:d2:ff:f0:21:29:d4:97:19:ce:b5:c4:b1:0b:
41:8b:0b:01:68:4c:01:98:20:79:08:9b:25:9f:84:
6c:8d:35:03:b7:5d:4f:0e:e8:16:8a:19:ce:93:f4:
a8:91:c6:dd:ae:b6:34:e9:23:6e:2f:15:6d:f6:b8:
de:c4:6b:8a:c1:92:fa:a6:8e:3b:cf:28:89:87:81:
42:89:7b:0e:35:4b:fb:a7:a5:8e:0c:69:5b:b9:d9:
da:48:26:7b:10:99:d0:d2:49:29:e5:e0:15:b7:c6:
bc:fe:0d:46:cf:0e:c1:eb:93:ca:90:c2:1a:9b:a2:
91:67:68:ab:5d:9e:1b:02:b3:5e:32:ef:96:eb:d8:
49:61:f9:65:ab:a0:b2:35:03:2a:e7:3c:a7:f7:c9:
fd:0d:96:7f:37:0a:6e:f0:f3:11:a3:05:a6:ed:02:
a6:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:07:66:88:70:AF:06:B6:4B:15:E7:F3:F3:0E:19:73:F0:D0:87:05
X509v3 Authority Key Identifier:
keyid:5B:69:8C:4B:61:2A:FE:E2:CB:B1:CD:D5:09:E4:F0:24:6F:BB:80:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/CwdmiHCvBrZLFefz8w4Zc_DQhwU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.217.208.0/21
37.19.80.0/20
37.114.192.0/18
37.221.0.0/18
37.235.16.0/20
45.128.140.0/22
45.144.124.0/22
46.32.5.0/24
46.32.9.0/24
46.32.14.0/24
46.34.164.0-46.34.175.255
46.34.180.0-46.34.191.255
78.158.182.0/23
79.132.213.0/24
79.132.217.0/24
79.132.219.0/24
80.71.113.0/24
80.71.122.0-80.71.125.255
80.71.127.0/24
81.29.243.0/24
81.29.248.0/21
81.91.144.0/20
86.109.32.0/23
86.109.41.0/24
86.109.56.0/23
87.247.180.0/23
91.184.64.0/20
92.61.184.0/21
92.119.68.0/22
94.139.160.0/20
109.230.64.0/21
109.230.80.0/20
176.221.65.0/24
185.12.62.0/24
185.21.76.0/22
185.30.76.0/22
185.70.60.0/22
185.104.228.0/24
185.142.233.0-185.142.235.255
185.172.0.0/22
185.190.20.0/22
185.197.68.0/22
188.75.92.0/24
188.75.94.0/24
188.75.102.0/23
188.75.107.0/24
188.75.110.0/23
188.75.122.0/23
188.121.128.0/19
188.136.220.0/23
213.207.192.0/20
217.66.208.0/24
217.66.211.0/24
IPv6:
2a0c:100::/29
Signature Algorithm: sha256WithRSAEncryption
0a:4e:b6:5b:33:a2:64:05:9d:48:4e:8c:2d:f1:12:fc:54:8e:
77:68:47:c5:c5:2d:67:a8:b8:92:03:05:5a:19:96:69:27:07:
0e:ae:59:6f:ae:b0:3c:a3:bf:d3:f6:a6:cc:9e:d0:a0:8d:cb:
6d:f1:56:94:8b:12:51:2c:59:3a:67:9f:7e:1a:3d:f8:f3:8a:
0e:61:6a:71:04:09:55:e6:50:73:3e:30:78:00:e2:c7:1a:77:
ed:7c:d0:bb:35:28:7b:3b:48:00:f7:f4:e2:a1:c6:be:6c:ce:
d7:62:36:ef:2c:00:26:c5:1b:eb:10:d9:01:18:58:7a:21:42:
f8:64:4d:ed:c2:6b:a4:31:da:59:2e:ad:53:a4:79:75:92:46:
10:04:9e:2c:40:71:31:4b:2d:fe:96:02:22:95:21:0a:a9:3f:
7d:2a:ee:f7:a5:82:63:eb:4d:ec:c6:75:9e:e1:b3:a1:0c:40:
ae:4f:50:44:38:79:de:81:54:32:dc:8b:d7:82:e4:ef:19:7c:
d0:2c:02:bf:22:28:62:93:3a:60:cf:7b:63:e1:bf:38:91:67:
65:84:53:fc:59:a5:90:54:93:19:7b:69:c4:e8:65:0e:a5:fc:
ca:74:31:08:bf:a7:4d:54:92:e5:64:40:ea:4e:56:a1:cd:7d:
c5:50:5c:97
-----BEGIN CERTIFICATE-----
MIIGbjCCBVagAwIBAgISAY3MWDGJh8ZgFeO3xMefQEgWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViNjk4YzRiNjEyYWZlZTJjYmIxY2RkNTA5ZTRmMDI0NmZi
YjgwZTEwHhcNMjQwMjIxMTU0NTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjA3NjY4ODcwYWYwNmI2NGIxNWU3ZjNmMzBlMTk3M2YwZDA4NzA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAouC6kHrpHDYxOINdr/qcydgay2pX
R9S5G7ONYonYtEKpsM3ObJTF4vm52vRW60ULZ/vvM2JcSrDHDrXAI/e2s/2cUrHg
GyDVvS1gwt/8ANsX9R3fF32hzmm7ftL/8CEp1JcZzrXEsQtBiwsBaEwBmCB5CJsl
n4RsjTUDt11PDugWihnOk/SokcbdrrY06SNuLxVt9rjexGuKwZL6po47zyiJh4FC
iXsONUv7p6WODGlbudnaSCZ7EJnQ0kkp5eAVt8a8/g1Gzw7B65PKkMIam6KRZ2ir
XZ4bArNeMu+W69hJYfllq6CyNQMq5zyn98n9DZZ/Nwpu8PMRowWm7QKm2wIDAQAB
o4IDejCCA3YwHQYDVR0OBBYEFAsHZohwrwa2SxXn8/MOGXPw0IcFMB8GA1UdIwQY
MBaAFFtpjEthKv7iy7HN1Qnk8CRvu4DhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzJtTVMyRXFfdUxMc2MzVkNlVHdKRy03Z09FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9jMTZmNTUtYjQ0ZC00MGMzLTlkYWMt
Y2MyZmFmZTNhOGI0LzEvQ3dkbWlIQ3ZCclpMRmVmejh3NFpjX0RRaHdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9jMTZmNTUtYjQ0ZC00MGMzLTlkYWMtY2MyZmFmZTNhOGI0
LzEvVzJtTVMyRXFfdUxMc2MzVkNlVHdKRy03Z09FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBjgYIKwYBBQUHAQcBAf8EggF9MIIBeTCCAWYEAgABMIIB
XgMEAx/Z0AMEBCUTUAMEBiVywAMEBiXdAAMEBCXrEAMEAi2AjAMEAi2QfAMEAC4g
BQMEAC4gCQMEAC4gDjAMAwQCLiKkAwQELiKgMAwDBAIuIrQDBAYuIoADBAFOnrYD
BABPhNUDBABPhNkDBABPhNsDBABQR3EwDAMEAVBHegMEAVBHfAMEAFBHfwMEAFEd
8wMEA1Ed+AMEBFFbkAMEAVZtIAMEAFZtKQMEAVZtOAMEAVf3tAMEBFu4QAMEA1w9
uAMEAlx3RAMEBF6LoAMEA23mQAMEBG3mUAMEALDdQQMEALkMPgMEArkVTAMEArke
TAMEArlGPAMEALlo5DAMAwQAuY7pAwQCuY7oAwQCuawAAwQCub4UAwQCucVEAwQA
vEtcAwQAvEteAwQBvEtmAwQAvEtrAwQBvEtuAwQBvEt6AwQFvHmAAwQBvIjcAwQE
1c/AAwQA2ULQAwQA2ULTMA0EAgACMAcDBQMqDAEAMA0GCSqGSIb3DQEBCwUAA4IB
AQAKTrZbM6JkBZ1ITowt8RL8VI53aEfFxS1nqLiSAwVaGZZpJwcOrllvrrA8o7/T
9qbMntCgjctt8VaUixJRLFk6Z59+Gj3484oOYWpxBAlV5lBzPjB4AOLHGnftfNC7
NSh7O0gA9/Tioca+bM7XYjbvLAAmxRvrENkBGFh6IUL4ZE3twmukMdpZLq1TpHl1
kkYQBJ4sQHExSy3+lgIilSEKqT99Ku73pYJj603sxnWe4bOhDECuT1BEOHnegVQy
3IvXguTvGXzQLAK/Iihikzpgz3tj4b84kWdlhFP8WaWQVJMZe2nE6GUOpfzKdDEI
v6dNVJLlZEDqTlahzX3FUFyX
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:06 2024 by rpki-client on console-ams.rpki-client.org