Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/ifZjbo4QoAX7_WXN6oJloHNnzCc.roa
File: ifZjbo4QoAX7_WXN6oJloHNnzCc.roa (raw, json)
Hash identifier: WXD1n1kLdtFuHmMVjbnFwDVH/pgDD6883s7Ah/QgvV4=
Subject key identifier: 89:F6:63:6E:8E:10:A0:05:FB:FD:65:CD:EA:82:65:A0:73:67:CC:27
Certificate issuer: /CN=5b698c4b612afee2cbb1cdd509e4f0246fbb80e1
Certificate serial: 018EFBA1CCAE89BB681187F4383DA0B7E2FB
Authority key identifier: 5B:69:8C:4B:61:2A:FE:E2:CB:B1:CD:D5:09:E4:F0:24:6F:BB:80:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/ifZjbo4QoAX7_WXN6oJloHNnzCc.roa
Signing time: Sat 20 Apr 2024 13:11:08 +0000
ROA not before: Sat 20 Apr 2024 13:11:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206065
IP address blocks: 31.217.208.0/21 maxlen: 24
37.19.80.0/20 maxlen: 24
37.114.192.0/18 maxlen: 24
37.114.192.0/20 maxlen: 24
37.114.216.0/22 maxlen: 24
37.114.220.0/22 maxlen: 24
37.114.224.0/22 maxlen: 24
37.114.228.0/22 maxlen: 24
37.114.244.0/22 maxlen: 24
37.114.248.0/21 maxlen: 24
37.114.252.0/24 maxlen: 24
37.114.253.0/24 maxlen: 24
37.114.254.0/24 maxlen: 24
37.114.255.0/24 maxlen: 24
37.221.0.0/18 maxlen: 24
37.235.16.0/20 maxlen: 24
45.128.140.0/22 maxlen: 24
45.144.124.0/22 maxlen: 24
46.32.5.0/24 maxlen: 24
46.32.9.0/24 maxlen: 24
46.32.14.0/24 maxlen: 24
46.34.164.0/22 maxlen: 24
46.34.168.0/21 maxlen: 24
46.34.178.0/23 maxlen: 24
46.34.180.0/22 maxlen: 24
46.34.184.0/22 maxlen: 24
46.34.188.0/22 maxlen: 24
78.158.182.0/23 maxlen: 24
79.132.200.0/22 maxlen: 24
79.132.213.0/24 maxlen: 24
79.132.217.0/24 maxlen: 24
79.132.218.0/24 maxlen: 24
79.132.219.0/24 maxlen: 24
80.71.113.0/24 maxlen: 24
80.71.122.0/23 maxlen: 24
80.71.124.0/23 maxlen: 24
80.71.127.0/24 maxlen: 24
81.29.243.0/24 maxlen: 24
81.29.248.0/21 maxlen: 24
81.29.250.0/23 maxlen: 24
81.29.250.0/24 maxlen: 24
81.29.251.0/24 maxlen: 24
81.29.254.0/24 maxlen: 24
81.91.144.0/20 maxlen: 24
86.109.32.0/23 maxlen: 24
86.109.41.0/24 maxlen: 24
86.109.56.0/23 maxlen: 24
87.247.180.0/23 maxlen: 24
91.184.64.0/20 maxlen: 24
92.61.184.0/21 maxlen: 24
92.119.68.0/22 maxlen: 24
94.139.160.0/20 maxlen: 24
109.230.64.0/21 maxlen: 24
109.230.80.0/20 maxlen: 24
109.230.94.0/24 maxlen: 24
109.230.95.0/24 maxlen: 24
176.221.65.0/24 maxlen: 24
185.12.62.0/24 maxlen: 24
185.21.76.0/22 maxlen: 24
185.30.76.0/22 maxlen: 24
185.40.240.0/22 maxlen: 24
185.45.188.0/22 maxlen: 24
185.70.60.0/22 maxlen: 24
185.82.164.0/23 maxlen: 24
185.104.228.0/24 maxlen: 24
185.133.152.0/22 maxlen: 24
185.142.233.0/24 maxlen: 24
185.142.234.0/23 maxlen: 24
185.172.0.0/22 maxlen: 24
185.190.20.0/22 maxlen: 24
185.197.68.0/22 maxlen: 24
188.75.92.0/24 maxlen: 24
188.75.94.0/24 maxlen: 24
188.75.102.0/23 maxlen: 24
188.75.107.0/24 maxlen: 24
188.75.110.0/23 maxlen: 24
188.75.122.0/23 maxlen: 24
188.121.128.0/19 maxlen: 24
188.121.146.0/24 maxlen: 24
188.136.220.0/23 maxlen: 24
213.195.16.0/22 maxlen: 24
213.207.192.0/20 maxlen: 24
217.66.208.0/24 maxlen: 24
217.66.211.0/24 maxlen: 24
2a0c:100::/29 maxlen: 48
Validation: Failed, certificate revoked on Sun 21 Apr 2024 07:48:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:fb:a1:cc:ae:89:bb:68:11:87:f4:38:3d:a0:b7:e2:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b698c4b612afee2cbb1cdd509e4f0246fbb80e1
Validity
Not Before: Apr 20 13:11:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=89f6636e8e10a005fbfd65cdea8265a07367cc27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:e8:1a:27:77:be:6a:6e:cd:e5:cb:f3:74:fa:
da:1a:45:1e:6c:c9:0a:3c:89:7d:2d:dd:b6:e5:32:
c3:d5:65:7b:d8:4f:b8:f7:43:f2:9a:ef:4f:6c:3d:
1e:d4:be:54:8b:05:a1:1b:2e:3d:5b:e4:3a:87:fe:
19:2b:62:5a:4d:d1:3d:e5:15:e9:29:71:bf:ea:d2:
fc:50:7e:db:2c:ba:7b:d3:9e:6c:24:bc:85:64:0c:
64:63:0a:e1:e3:0b:ab:08:14:fb:cd:aa:30:8d:57:
a6:cd:08:1b:eb:d8:82:ce:b0:5a:60:10:b1:0b:6a:
5d:bb:36:36:1f:52:01:7c:94:81:50:c2:12:19:7b:
f6:ea:84:a4:fb:1f:93:d4:f1:e6:3b:f4:bd:fb:d0:
02:ec:86:f1:63:80:7b:f4:24:ed:85:37:e1:a3:25:
db:35:1e:b2:6d:f4:0b:7c:13:36:4a:40:93:67:63:
ed:0a:6b:97:d4:5a:61:cf:e2:68:ff:36:4d:89:d5:
a4:39:ba:4e:ef:a4:f6:81:0f:23:c1:65:fa:65:35:
c5:f6:d1:9d:24:fd:3f:07:ac:58:bb:57:09:eb:5d:
24:a8:f6:f8:fd:5e:ff:b9:2f:fe:78:cb:54:b5:d4:
9a:9a:5a:3d:38:a4:bc:b2:4d:7d:31:d1:35:5d:c7:
88:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:F6:63:6E:8E:10:A0:05:FB:FD:65:CD:EA:82:65:A0:73:67:CC:27
X509v3 Authority Key Identifier:
keyid:5B:69:8C:4B:61:2A:FE:E2:CB:B1:CD:D5:09:E4:F0:24:6F:BB:80:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/ifZjbo4QoAX7_WXN6oJloHNnzCc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.217.208.0/21
37.19.80.0/20
37.114.192.0/18
37.221.0.0/18
37.235.16.0/20
45.128.140.0/22
45.144.124.0/22
46.32.5.0/24
46.32.9.0/24
46.32.14.0/24
46.34.164.0-46.34.175.255
46.34.178.0-46.34.191.255
78.158.182.0/23
79.132.200.0/22
79.132.213.0/24
79.132.217.0-79.132.219.255
80.71.113.0/24
80.71.122.0-80.71.125.255
80.71.127.0/24
81.29.243.0/24
81.29.248.0/21
81.91.144.0/20
86.109.32.0/23
86.109.41.0/24
86.109.56.0/23
87.247.180.0/23
91.184.64.0/20
92.61.184.0/21
92.119.68.0/22
94.139.160.0/20
109.230.64.0/21
109.230.80.0/20
176.221.65.0/24
185.12.62.0/24
185.21.76.0/22
185.30.76.0/22
185.40.240.0/22
185.45.188.0/22
185.70.60.0/22
185.82.164.0/23
185.104.228.0/24
185.133.152.0/22
185.142.233.0-185.142.235.255
185.172.0.0/22
185.190.20.0/22
185.197.68.0/22
188.75.92.0/24
188.75.94.0/24
188.75.102.0/23
188.75.107.0/24
188.75.110.0/23
188.75.122.0/23
188.121.128.0/19
188.136.220.0/23
213.195.16.0/22
213.207.192.0/20
217.66.208.0/24
217.66.211.0/24
IPv6:
2a0c:100::/29
Signature Algorithm: sha256WithRSAEncryption
8d:b6:41:21:68:1d:9b:da:4d:f6:ea:5b:42:14:50:56:b5:4e:
3c:3b:35:38:ae:63:1e:e8:b6:03:35:11:da:d6:79:f2:60:74:
79:81:f0:82:71:1d:8f:42:5c:af:c1:73:52:0a:83:b3:91:6f:
88:5f:b8:12:85:62:4d:8f:d4:4b:c3:bf:95:47:c1:48:96:94:
29:78:b6:a4:f7:31:03:87:63:ba:63:3c:89:25:39:0b:33:7a:
af:cb:d5:27:72:c8:2f:70:a4:fb:d4:db:a1:cf:03:99:bb:07:
29:e5:3a:7d:b7:2f:f1:66:e4:59:80:4b:00:d8:46:93:eb:e7:
b0:7b:84:32:1b:36:fd:14:28:49:9c:9b:c3:be:97:e8:9b:55:
d9:7f:b3:76:fe:34:99:aa:6f:ea:f0:de:1c:55:cc:6b:b5:1b:
1c:29:65:6e:da:85:7c:9f:a5:e7:99:2b:c9:be:f1:e7:24:94:
09:7b:bc:e7:ad:27:69:52:1a:b5:92:1c:5b:52:00:a5:6e:d6:
a8:61:b7:43:19:6b:9f:d2:8e:20:83:04:93:f5:56:31:d2:4c:
e8:8c:4c:be:7c:5b:eb:4e:7d:51:05:de:cc:af:69:1b:81:b9:
b1:8b:dd:b2:30:bb:02:f2:13:60:a2:38:fb:9d:78:9c:d3:53:
ca:59:f0:7d
-----BEGIN CERTIFICATE-----
MIIGlDCCBXygAwIBAgISAY77ocyuibtoEYf0OD2gt+L7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViNjk4YzRiNjEyYWZlZTJjYmIxY2RkNTA5ZTRmMDI0NmZi
YjgwZTEwHhcNMjQwNDIwMTMxMTA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWY2NjM2ZThlMTBhMDA1ZmJmZDY1Y2RlYTgyNjVhMDczNjdjYzI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkugaJ3e+am7N5cvzdPraGkUebMkK
PIl9Ld225TLD1WV72E+490Pymu9PbD0e1L5UiwWhGy49W+Q6h/4ZK2JaTdE95RXp
KXG/6tL8UH7bLLp7055sJLyFZAxkYwrh4wurCBT7zaowjVemzQgb69iCzrBaYBCx
C2pduzY2H1IBfJSBUMISGXv26oSk+x+T1PHmO/S9+9AC7IbxY4B79CTthTfhoyXb
NR6ybfQLfBM2SkCTZ2PtCmuX1Fphz+Jo/zZNidWkObpO76T2gQ8jwWX6ZTXF9tGd
JP0/B6xYu1cJ610kqPb4/V7/uS/+eMtUtdSamlo9OKS8sk19MdE1XceI8QIDAQAB
o4IDoDCCA5wwHQYDVR0OBBYEFIn2Y26OEKAF+/1lzeqCZaBzZ8wnMB8GA1UdIwQY
MBaAFFtpjEthKv7iy7HN1Qnk8CRvu4DhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzJtTVMyRXFfdUxMc2MzVkNlVHdKRy03Z09FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9jMTZmNTUtYjQ0ZC00MGMzLTlkYWMt
Y2MyZmFmZTNhOGI0LzEvaWZaamJvNFFvQVg3X1dYTjZvSmxvSE5uekNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9jMTZmNTUtYjQ0ZC00MGMzLTlkYWMtY2MyZmFmZTNhOGI0
LzEvVzJtTVMyRXFfdUxMc2MzVkNlVHdKRy03Z09FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBtAYIKwYBBQUHAQcBAf8EggGjMIIBnzCCAYwEAgABMIIB
hAMEAx/Z0AMEBCUTUAMEBiVywAMEBiXdAAMEBCXrEAMEAi2AjAMEAi2QfAMEAC4g
BQMEAC4gCQMEAC4gDjAMAwQCLiKkAwQELiKgMAwDBAEuIrIDBAYuIoADBAFOnrYD
BAJPhMgDBABPhNUwDAMEAE+E2QMEAk+E2AMEAFBHcTAMAwQBUEd6AwQBUEd8AwQA
UEd/AwQAUR3zAwQDUR34AwQEUVuQAwQBVm0gAwQAVm0pAwQBVm04AwQBV/e0AwQE
W7hAAwQDXD24AwQCXHdEAwQEXougAwQDbeZAAwQEbeZQAwQAsN1BAwQAuQw+AwQC
uRVMAwQCuR5MAwQCuSjwAwQCuS28AwQCuUY8AwQBuVKkAwQAuWjkAwQCuYWYMAwD
BAC5jukDBAK5jugDBAK5rAADBAK5vhQDBAK5xUQDBAC8S1wDBAC8S14DBAG8S2YD
BAC8S2sDBAG8S24DBAG8S3oDBAW8eYADBAG8iNwDBALVwxADBATVz8ADBADZQtAD
BADZQtMwDQQCAAIwBwMFAyoMAQAwDQYJKoZIhvcNAQELBQADggEBAI22QSFoHZva
TfbqW0IUUFa1Tjw7NTiuYx7otgM1EdrWefJgdHmB8IJxHY9CXK/Bc1IKg7ORb4hf
uBKFYk2P1EvDv5VHwUiWlCl4tqT3MQOHY7pjPIklOQszeq/L1SdyyC9wpPvU26HP
A5m7BynlOn23L/Fm5FmASwDYRpPr57B7hDIbNv0UKEmcm8O+l+ibVdl/s3b+NJmq
b+rw3hxVzGu1GxwpZW7ahXyfpeeZK8m+8ecklAl7vOetJ2lSGrWSHFtSAKVu1qhh
t0MZa5/SjiCDBJP1VjHSTOiMTL58W+tOfVEF3syvaRuBubGL3bIwuwLyE2CiOPud
eJzTU8pZ8H0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:02 2024 by rpki-client on console-fra.rpki-client.org