Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/Y9JfnyeLiUm3aqsSfgVU8-6eRyI.roa
File: Y9JfnyeLiUm3aqsSfgVU8-6eRyI.roa (raw, json)
Hash identifier: aXngOKNkt26LZsRLfla622HxYl4Q/qaAbb9eBUCiRuw=
Subject key identifier: 63:D2:5F:9F:27:8B:89:49:B7:6A:AB:12:7E:05:54:F3:EE:9E:47:22
Certificate issuer: /CN=5b698c4b612afee2cbb1cdd509e4f0246fbb80e1
Certificate serial: 018EFFAF1896A22DA036F9F792B2A002938B
Authority key identifier: 5B:69:8C:4B:61:2A:FE:E2:CB:B1:CD:D5:09:E4:F0:24:6F:BB:80:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/Y9JfnyeLiUm3aqsSfgVU8-6eRyI.roa
Signing time: Sun 21 Apr 2024 08:04:08 +0000
ROA not before: Sun 21 Apr 2024 08:04:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206065
IP address blocks: 31.217.208.0/21 maxlen: 24
37.19.80.0/20 maxlen: 24
37.114.192.0/18 maxlen: 24
37.114.192.0/20 maxlen: 24
37.114.216.0/22 maxlen: 24
37.114.220.0/22 maxlen: 24
37.114.224.0/22 maxlen: 24
37.114.228.0/22 maxlen: 24
37.114.244.0/22 maxlen: 24
37.114.248.0/21 maxlen: 24
37.114.252.0/24 maxlen: 24
37.114.253.0/24 maxlen: 24
37.114.254.0/24 maxlen: 24
37.114.255.0/24 maxlen: 24
37.221.0.0/18 maxlen: 24
37.235.16.0/20 maxlen: 24
45.128.140.0/22 maxlen: 24
45.144.124.0/22 maxlen: 24
46.32.5.0/24 maxlen: 24
46.32.9.0/24 maxlen: 24
46.32.14.0/24 maxlen: 24
46.34.164.0/22 maxlen: 24
46.34.168.0/21 maxlen: 24
46.34.178.0/23 maxlen: 24
46.34.180.0/22 maxlen: 24
46.34.184.0/22 maxlen: 24
46.34.188.0/22 maxlen: 24
78.158.182.0/23 maxlen: 24
79.132.200.0/22 maxlen: 24
79.132.213.0/24 maxlen: 24
79.132.217.0/24 maxlen: 24
79.132.218.0/24 maxlen: 24
79.132.219.0/24 maxlen: 24
79.132.220.0/23 maxlen: 24
80.71.113.0/24 maxlen: 24
80.71.122.0/23 maxlen: 24
80.71.124.0/23 maxlen: 24
80.71.127.0/24 maxlen: 24
81.29.243.0/24 maxlen: 24
81.29.248.0/21 maxlen: 24
81.29.250.0/23 maxlen: 24
81.29.250.0/24 maxlen: 24
81.29.251.0/24 maxlen: 24
81.29.254.0/24 maxlen: 24
81.91.144.0/20 maxlen: 24
86.109.32.0/23 maxlen: 24
86.109.36.0/22 maxlen: 24
86.109.41.0/24 maxlen: 24
86.109.56.0/23 maxlen: 24
87.247.180.0/23 maxlen: 24
91.184.64.0/20 maxlen: 24
92.61.184.0/21 maxlen: 24
92.119.68.0/22 maxlen: 24
94.139.160.0/20 maxlen: 24
109.230.64.0/21 maxlen: 24
109.230.80.0/20 maxlen: 24
109.230.94.0/24 maxlen: 24
109.230.95.0/24 maxlen: 24
176.221.65.0/24 maxlen: 24
185.12.62.0/24 maxlen: 24
185.21.76.0/22 maxlen: 24
185.30.76.0/22 maxlen: 24
185.40.240.0/22 maxlen: 24
185.45.188.0/22 maxlen: 24
185.70.60.0/22 maxlen: 24
185.82.164.0/23 maxlen: 24
185.104.228.0/24 maxlen: 24
185.133.152.0/22 maxlen: 24
185.142.233.0/24 maxlen: 24
185.142.234.0/23 maxlen: 24
185.172.0.0/22 maxlen: 24
185.190.20.0/22 maxlen: 24
185.197.68.0/22 maxlen: 24
188.75.92.0/24 maxlen: 24
188.75.94.0/24 maxlen: 24
188.75.102.0/23 maxlen: 24
188.75.107.0/24 maxlen: 24
188.75.110.0/23 maxlen: 24
188.75.116.0/23 maxlen: 24
188.75.122.0/23 maxlen: 24
188.121.128.0/19 maxlen: 24
188.121.146.0/24 maxlen: 24
188.136.220.0/23 maxlen: 24
213.195.16.0/22 maxlen: 24
213.207.192.0/20 maxlen: 24
217.66.208.0/24 maxlen: 24
217.66.211.0/24 maxlen: 24
2a0c:100::/29 maxlen: 48
Validation: Failed, certificate revoked on Sat 27 Apr 2024 11:35:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:ff:af:18:96:a2:2d:a0:36:f9:f7:92:b2:a0:02:93:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b698c4b612afee2cbb1cdd509e4f0246fbb80e1
Validity
Not Before: Apr 21 08:04:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=63d25f9f278b8949b76aab127e0554f3ee9e4722
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:e5:48:b6:84:da:98:85:2d:47:35:52:ff:af:
6c:a6:4a:8a:88:6d:26:ed:a1:92:30:a9:94:c9:6e:
b1:06:b0:1d:b1:43:c9:19:61:85:5b:0d:ca:1f:c2:
fc:b1:2d:44:4d:78:84:95:3f:5d:af:4d:53:fb:f0:
d4:85:4f:6d:0e:8d:ff:5e:4b:bc:3a:10:0d:ec:fe:
b4:4a:1a:73:b8:38:fa:d4:ee:ca:9b:8e:35:d1:26:
65:d1:1a:39:6f:84:a1:73:8a:c5:f3:37:1c:36:f1:
70:47:54:d0:9c:c0:ad:5f:41:64:f4:78:bd:82:6c:
6f:d0:19:f1:25:fe:65:6b:7b:d9:94:0a:eb:74:8f:
2f:f6:4d:5b:b7:73:3d:ae:9c:2d:43:0c:ec:61:05:
4e:79:40:f6:7b:0a:7b:e6:43:a1:c8:aa:f2:dc:e6:
bd:f9:11:bf:25:f4:78:49:11:43:f3:af:09:68:01:
8c:34:58:92:0f:fd:30:81:e0:3f:33:98:16:bf:51:
fe:dc:b3:85:73:39:a8:58:4c:ba:e0:a7:77:33:0e:
06:97:05:4d:eb:e2:a1:de:22:58:f4:a5:6f:a2:70:
15:a9:70:f7:17:ea:14:63:d0:1d:58:89:7d:62:92:
4e:c6:0a:61:4c:08:4b:a9:a5:5a:a8:92:ee:0a:9d:
41:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:D2:5F:9F:27:8B:89:49:B7:6A:AB:12:7E:05:54:F3:EE:9E:47:22
X509v3 Authority Key Identifier:
keyid:5B:69:8C:4B:61:2A:FE:E2:CB:B1:CD:D5:09:E4:F0:24:6F:BB:80:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/Y9JfnyeLiUm3aqsSfgVU8-6eRyI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.217.208.0/21
37.19.80.0/20
37.114.192.0/18
37.221.0.0/18
37.235.16.0/20
45.128.140.0/22
45.144.124.0/22
46.32.5.0/24
46.32.9.0/24
46.32.14.0/24
46.34.164.0-46.34.175.255
46.34.178.0-46.34.191.255
78.158.182.0/23
79.132.200.0/22
79.132.213.0/24
79.132.217.0-79.132.221.255
80.71.113.0/24
80.71.122.0-80.71.125.255
80.71.127.0/24
81.29.243.0/24
81.29.248.0/21
81.91.144.0/20
86.109.32.0/23
86.109.36.0/22
86.109.41.0/24
86.109.56.0/23
87.247.180.0/23
91.184.64.0/20
92.61.184.0/21
92.119.68.0/22
94.139.160.0/20
109.230.64.0/21
109.230.80.0/20
176.221.65.0/24
185.12.62.0/24
185.21.76.0/22
185.30.76.0/22
185.40.240.0/22
185.45.188.0/22
185.70.60.0/22
185.82.164.0/23
185.104.228.0/24
185.133.152.0/22
185.142.233.0-185.142.235.255
185.172.0.0/22
185.190.20.0/22
185.197.68.0/22
188.75.92.0/24
188.75.94.0/24
188.75.102.0/23
188.75.107.0/24
188.75.110.0/23
188.75.116.0/23
188.75.122.0/23
188.121.128.0/19
188.136.220.0/23
213.195.16.0/22
213.207.192.0/20
217.66.208.0/24
217.66.211.0/24
IPv6:
2a0c:100::/29
Signature Algorithm: sha256WithRSAEncryption
06:0e:7d:80:da:63:8e:f2:3e:d3:7b:38:9d:2d:89:05:b8:35:
13:7f:69:94:93:c6:60:d7:0b:7f:d8:a0:42:a3:98:a2:6a:c5:
da:f2:a2:a5:95:2f:c5:90:45:94:9c:46:5c:c0:15:26:cf:69:
0c:3b:6f:ec:7c:37:c3:93:1a:58:9c:03:28:27:04:22:d6:dc:
2c:46:b2:21:77:22:b2:eb:be:1c:e5:6b:59:f0:71:d4:42:05:
75:a9:e6:9f:26:1b:9a:cc:d7:11:43:a0:dc:29:39:23:7b:82:
d1:da:2b:90:a2:f3:f6:1c:8d:27:51:ea:1b:1a:41:be:93:ab:
50:5e:ba:bc:ac:7a:84:f7:96:ca:0b:6b:dd:13:60:39:fe:11:
b9:45:0a:78:2a:98:80:23:b7:6b:b1:29:da:7f:27:18:f0:2d:
c9:95:95:96:9b:0c:f0:9b:c6:5d:df:1d:93:4f:be:64:9e:71:
42:8d:d6:7e:76:4d:4b:57:c8:d5:35:53:70:4c:ed:6b:40:29:
15:da:5e:a7:16:7e:2e:57:83:ef:69:1c:90:51:99:dd:c8:75:
dc:bb:9c:1b:7e:2f:26:9f:bc:4e:cd:d6:bb:8d:5c:de:1e:c3:
36:76:a9:88:e6:0b:e8:6f:df:e8:a6:ee:18:e9:f6:66:4d:86:
4c:a2:d8:04
-----BEGIN CERTIFICATE-----
MIIGoDCCBYigAwIBAgISAY7/rxiWoi2gNvn3krKgApOLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViNjk4YzRiNjEyYWZlZTJjYmIxY2RkNTA5ZTRmMDI0NmZi
YjgwZTEwHhcNMjQwNDIxMDgwNDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2QyNWY5ZjI3OGI4OTQ5Yjc2YWFiMTI3ZTA1NTRmM2VlOWU0NzIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh+VItoTamIUtRzVS/69spkqKiG0m
7aGSMKmUyW6xBrAdsUPJGWGFWw3KH8L8sS1ETXiElT9dr01T+/DUhU9tDo3/Xku8
OhAN7P60ShpzuDj61O7Km4410SZl0Ro5b4Shc4rF8zccNvFwR1TQnMCtX0Fk9Hi9
gmxv0BnxJf5la3vZlArrdI8v9k1bt3M9rpwtQwzsYQVOeUD2ewp75kOhyKry3Oa9
+RG/JfR4SRFD868JaAGMNFiSD/0wgeA/M5gWv1H+3LOFczmoWEy64Kd3Mw4GlwVN
6+Kh3iJY9KVvonAVqXD3F+oUY9AdWIl9YpJOxgphTAhLqaVaqJLuCp1BnwIDAQAB
o4IDrDCCA6gwHQYDVR0OBBYEFGPSX58ni4lJt2qrEn4FVPPunkciMB8GA1UdIwQY
MBaAFFtpjEthKv7iy7HN1Qnk8CRvu4DhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzJtTVMyRXFfdUxMc2MzVkNlVHdKRy03Z09FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9jMTZmNTUtYjQ0ZC00MGMzLTlkYWMt
Y2MyZmFmZTNhOGI0LzEvWTlKZm55ZUxpVW0zYXFzU2ZnVlU4LTZlUnlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9jMTZmNTUtYjQ0ZC00MGMzLTlkYWMtY2MyZmFmZTNhOGI0
LzEvVzJtTVMyRXFfdUxMc2MzVkNlVHdKRy03Z09FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBwAYIKwYBBQUHAQcBAf8EggGvMIIBqzCCAZgEAgABMIIB
kAMEAx/Z0AMEBCUTUAMEBiVywAMEBiXdAAMEBCXrEAMEAi2AjAMEAi2QfAMEAC4g
BQMEAC4gCQMEAC4gDjAMAwQCLiKkAwQELiKgMAwDBAEuIrIDBAYuIoADBAFOnrYD
BAJPhMgDBABPhNUwDAMEAE+E2QMEAU+E3AMEAFBHcTAMAwQBUEd6AwQBUEd8AwQA
UEd/AwQAUR3zAwQDUR34AwQEUVuQAwQBVm0gAwQCVm0kAwQAVm0pAwQBVm04AwQB
V/e0AwQEW7hAAwQDXD24AwQCXHdEAwQEXougAwQDbeZAAwQEbeZQAwQAsN1BAwQA
uQw+AwQCuRVMAwQCuR5MAwQCuSjwAwQCuS28AwQCuUY8AwQBuVKkAwQAuWjkAwQC
uYWYMAwDBAC5jukDBAK5jugDBAK5rAADBAK5vhQDBAK5xUQDBAC8S1wDBAC8S14D
BAG8S2YDBAC8S2sDBAG8S24DBAG8S3QDBAG8S3oDBAW8eYADBAG8iNwDBALVwxAD
BATVz8ADBADZQtADBADZQtMwDQQCAAIwBwMFAyoMAQAwDQYJKoZIhvcNAQELBQAD
ggEBAAYOfYDaY47yPtN7OJ0tiQW4NRN/aZSTxmDXC3/YoEKjmKJqxdryoqWVL8WQ
RZScRlzAFSbPaQw7b+x8N8OTGlicAygnBCLW3CxGsiF3IrLrvhzla1nwcdRCBXWp
5p8mG5rM1xFDoNwpOSN7gtHaK5Ci8/YcjSdR6hsaQb6Tq1BeuryseoT3lsoLa90T
YDn+EblFCngqmIAjt2uxKdp/JxjwLcmVlZabDPCbxl3fHZNPvmSecUKN1n52TUtX
yNU1U3BM7WtAKRXaXqcWfi5Xg+9pHJBRmd3Iddy7nBt+LyafvE7N1ruNXN4ewzZ2
qYjmC+hv3+im7hjp9mZNhkyi2AQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:02 2024 by rpki-client on console-fra.rpki-client.org