Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/mEN57A5aLrtw9KIRvocwVnONXGo.roa
File: mEN57A5aLrtw9KIRvocwVnONXGo.roa (raw, json)
Hash identifier: xUwyaJl2AKuDMZy34PkSeJf9yYiIDQNb83P6slNfzpc=
Subject key identifier: 98:43:79:EC:0E:5A:2E:BB:70:F4:A2:11:BE:87:30:56:73:8D:5C:6A
Certificate issuer: /CN=5b698c4b612afee2cbb1cdd509e4f0246fbb80e1
Certificate serial: 018B8B236B086BEFB96CF4954B8A7CADCFE0
Authority key identifier: 5B:69:8C:4B:61:2A:FE:E2:CB:B1:CD:D5:09:E4:F0:24:6F:BB:80:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/mEN57A5aLrtw9KIRvocwVnONXGo.roa
Signing time: Wed 01 Nov 2023 13:47:16 +0000
ROA not before: Wed 01 Nov 2023 13:47:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206065
IP address blocks: 217.66.211.0/24 maxlen: 24
217.66.208.0/24 maxlen: 24
185.70.60.0/22 maxlen: 24
37.235.16.0/20 maxlen: 24
185.30.76.0/22 maxlen: 24
45.144.124.0/22 maxlen: 24
81.29.243.0/24 maxlen: 24
81.29.248.0/21 maxlen: 24
81.29.250.0/24 maxlen: 24
81.29.250.0/23 maxlen: 24
81.29.251.0/24 maxlen: 24
81.29.254.0/24 maxlen: 24
185.197.68.0/22 maxlen: 24
37.221.0.0/18 maxlen: 24
46.32.9.0/24 maxlen: 24
46.32.5.0/24 maxlen: 24
46.32.14.0/24 maxlen: 24
87.247.180.0/23 maxlen: 24
176.221.65.0/24 maxlen: 24
91.184.64.0/20 maxlen: 24
37.19.80.0/20 maxlen: 24
185.12.62.0/24 maxlen: 24
188.136.220.0/23 maxlen: 24
213.207.192.0/20 maxlen: 24
185.21.76.0/22 maxlen: 24
92.61.184.0/21 maxlen: 24
109.230.64.0/21 maxlen: 24
79.132.217.0/24 maxlen: 24
79.132.219.0/24 maxlen: 24
94.139.160.0/20 maxlen: 24
188.75.92.0/24 maxlen: 24
188.75.94.0/24 maxlen: 24
109.230.80.0/20 maxlen: 24
188.75.102.0/23 maxlen: 24
188.75.107.0/24 maxlen: 24
188.75.110.0/23 maxlen: 24
86.109.32.0/23 maxlen: 24
86.109.41.0/24 maxlen: 24
188.75.122.0/23 maxlen: 24
92.119.68.0/22 maxlen: 24
86.109.56.0/23 maxlen: 24
185.142.233.0/24 maxlen: 24
79.132.213.0/24 maxlen: 24
185.142.234.0/23 maxlen: 24
185.190.20.0/22 maxlen: 24
185.172.0.0/22 maxlen: 24
37.114.192.0/20 maxlen: 24
188.121.128.0/19 maxlen: 24
37.114.192.0/18 maxlen: 24
188.121.146.0/24 maxlen: 24
37.114.216.0/22 maxlen: 24
37.114.220.0/22 maxlen: 24
37.114.224.0/22 maxlen: 24
37.114.228.0/22 maxlen: 24
78.158.182.0/23 maxlen: 24
80.71.113.0/24 maxlen: 24
80.71.122.0/23 maxlen: 24
80.71.124.0/23 maxlen: 24
80.71.127.0/24 maxlen: 24
37.114.244.0/22 maxlen: 24
37.114.252.0/24 maxlen: 24
37.114.248.0/21 maxlen: 24
37.114.253.0/24 maxlen: 24
37.114.254.0/24 maxlen: 24
185.104.228.0/24 maxlen: 24
37.114.255.0/24 maxlen: 24
45.128.140.0/22 maxlen: 24
81.91.144.0/20 maxlen: 24
2a0c:100::/29 maxlen: 48
Validation: Failed, certificate revoked on Sun 24 Dec 2023 12:43:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8b:23:6b:08:6b:ef:b9:6c:f4:95:4b:8a:7c:ad:cf:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b698c4b612afee2cbb1cdd509e4f0246fbb80e1
Validity
Not Before: Nov 1 13:47:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=984379ec0e5a2ebb70f4a211be873056738d5c6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:ce:9e:66:7f:d1:68:ca:31:03:c6:04:d8:7c:
45:f3:a0:e6:9a:e7:34:10:bd:63:31:89:43:90:42:
7d:83:bd:ac:92:3f:91:44:41:cb:d1:d8:85:67:53:
20:bb:64:e9:4d:cd:a4:34:ab:b3:c0:d3:d5:11:bc:
a5:87:79:6a:90:a6:7a:c0:47:2b:2c:06:c7:12:c0:
8b:80:09:f8:39:b7:5a:b5:6d:fd:e2:72:69:07:e9:
15:17:66:fc:25:ce:aa:63:d8:37:16:10:34:56:d8:
3c:48:f2:52:0d:1d:e5:1d:ea:07:1b:9b:94:af:d0:
12:34:14:8f:7c:b4:2c:e3:b6:c3:5c:49:c7:88:15:
43:88:51:1d:0d:68:ed:7f:b7:45:b1:46:9a:d1:39:
28:17:35:71:5f:2a:0a:93:a7:1a:94:a7:5a:c4:93:
56:bc:5a:10:3c:f2:89:8b:57:6a:c4:1b:de:f3:f7:
e8:fc:94:41:7b:c4:66:a1:d5:44:ca:34:1d:77:2f:
2c:fd:c0:e1:ce:f8:22:d3:55:07:2b:ea:06:df:dd:
c5:31:55:cb:0e:7f:bf:58:19:88:d7:b3:59:11:19:
a1:80:84:52:bb:ea:c2:07:62:c9:67:2b:fe:22:85:
0c:89:e9:ce:80:fa:3e:b8:04:35:1d:5c:25:dd:08:
bb:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:43:79:EC:0E:5A:2E:BB:70:F4:A2:11:BE:87:30:56:73:8D:5C:6A
X509v3 Authority Key Identifier:
keyid:5B:69:8C:4B:61:2A:FE:E2:CB:B1:CD:D5:09:E4:F0:24:6F:BB:80:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/mEN57A5aLrtw9KIRvocwVnONXGo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.19.80.0/20
37.114.192.0/18
37.221.0.0/18
37.235.16.0/20
45.128.140.0/22
45.144.124.0/22
46.32.5.0/24
46.32.9.0/24
46.32.14.0/24
78.158.182.0/23
79.132.213.0/24
79.132.217.0/24
79.132.219.0/24
80.71.113.0/24
80.71.122.0-80.71.125.255
80.71.127.0/24
81.29.243.0/24
81.29.248.0/21
81.91.144.0/20
86.109.32.0/23
86.109.41.0/24
86.109.56.0/23
87.247.180.0/23
91.184.64.0/20
92.61.184.0/21
92.119.68.0/22
94.139.160.0/20
109.230.64.0/21
109.230.80.0/20
176.221.65.0/24
185.12.62.0/24
185.21.76.0/22
185.30.76.0/22
185.70.60.0/22
185.104.228.0/24
185.142.233.0-185.142.235.255
185.172.0.0/22
185.190.20.0/22
185.197.68.0/22
188.75.92.0/24
188.75.94.0/24
188.75.102.0/23
188.75.107.0/24
188.75.110.0/23
188.75.122.0/23
188.121.128.0/19
188.136.220.0/23
213.207.192.0/20
217.66.208.0/24
217.66.211.0/24
IPv6:
2a0c:100::/29
Signature Algorithm: sha256WithRSAEncryption
87:3d:98:26:80:86:78:9a:a4:c9:97:7f:27:72:b7:56:7a:5f:
2f:88:47:06:b0:67:41:86:00:14:b1:c0:1c:d7:98:5d:d1:68:
a7:ef:fd:b7:9b:18:42:59:5d:1e:ba:8d:b3:12:40:09:fa:a9:
65:84:a0:d7:d5:3d:74:a5:c1:92:61:21:b5:e6:10:b8:8b:8b:
9c:05:9e:aa:19:86:e0:06:1f:20:c3:94:13:13:e7:23:75:5c:
4d:08:45:64:c0:6b:7a:5a:48:6d:46:a4:a6:a2:19:37:eb:a2:
9a:bf:52:9e:21:47:ef:60:bd:eb:65:a7:0c:51:61:cf:4a:db:
ed:ca:3f:39:7f:fd:42:7e:34:45:8c:c1:41:e0:21:f0:1f:d3:
a1:77:31:d2:ec:f7:a7:65:70:b1:49:61:1c:31:7d:a4:cc:ef:
e6:a2:eb:85:ef:6d:3b:e0:7e:af:57:47:6b:bd:de:7a:88:38:
67:16:e7:ba:de:db:ab:91:53:52:10:30:ae:a2:77:47:43:e4:
f4:44:48:97:1b:66:58:61:bb:08:e6:f0:cd:ad:ea:96:33:57:
13:4a:56:b0:76:e9:be:69:c1:08:12:34:ad:cb:26:fe:d9:25:
d0:09:6e:e3:5e:b7:53:ff:ef:38:b8:6c:02:62:a1:07:96:ad:
16:39:ed:a3
-----BEGIN CERTIFICATE-----
MIIGTDCCBTSgAwIBAgISAYuLI2sIa++5bPSVS4p8rc/gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViNjk4YzRiNjEyYWZlZTJjYmIxY2RkNTA5ZTRmMDI0NmZi
YjgwZTEwHhcNMjMxMTAxMTM0NzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODQzNzllYzBlNWEyZWJiNzBmNGEyMTFiZTg3MzA1NjczOGQ1YzZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgM6eZn/RaMoxA8YE2HxF86Dmmuc0
EL1jMYlDkEJ9g72skj+RREHL0diFZ1Mgu2TpTc2kNKuzwNPVEbylh3lqkKZ6wEcr
LAbHEsCLgAn4ObdatW394nJpB+kVF2b8Jc6qY9g3FhA0Vtg8SPJSDR3lHeoHG5uU
r9ASNBSPfLQs47bDXEnHiBVDiFEdDWjtf7dFsUaa0TkoFzVxXyoKk6calKdaxJNW
vFoQPPKJi1dqxBve8/fo/JRBe8RmodVEyjQddy8s/cDhzvgi01UHK+oG393FMVXL
Dn+/WBmI17NZERmhgIRSu+rCB2LJZyv+IoUMienOgPo+uAQ1HVwl3Qi7PwIDAQAB
o4IDWDCCA1QwHQYDVR0OBBYEFJhDeewOWi67cPSiEb6HMFZzjVxqMB8GA1UdIwQY
MBaAFFtpjEthKv7iy7HN1Qnk8CRvu4DhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzJtTVMyRXFfdUxMc2MzVkNlVHdKRy03Z09FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9jMTZmNTUtYjQ0ZC00MGMzLTlkYWMt
Y2MyZmFmZTNhOGI0LzEvbUVONTdBNWFMcnR3OUtJUnZvY3dWbk9OWEdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9jMTZmNTUtYjQ0ZC00MGMzLTlkYWMtY2MyZmFmZTNhOGI0
LzEvVzJtTVMyRXFfdUxMc2MzVkNlVHdKRy03Z09FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBbAYIKwYBBQUHAQcBAf8EggFbMIIBVzCCAUQEAgABMIIB
PAMEBCUTUAMEBiVywAMEBiXdAAMEBCXrEAMEAi2AjAMEAi2QfAMEAC4gBQMEAC4g
CQMEAC4gDgMEAU6etgMEAE+E1QMEAE+E2QMEAE+E2wMEAFBHcTAMAwQBUEd6AwQB
UEd8AwQAUEd/AwQAUR3zAwQDUR34AwQEUVuQAwQBVm0gAwQAVm0pAwQBVm04AwQB
V/e0AwQEW7hAAwQDXD24AwQCXHdEAwQEXougAwQDbeZAAwQEbeZQAwQAsN1BAwQA
uQw+AwQCuRVMAwQCuR5MAwQCuUY8AwQAuWjkMAwDBAC5jukDBAK5jugDBAK5rAAD
BAK5vhQDBAK5xUQDBAC8S1wDBAC8S14DBAG8S2YDBAC8S2sDBAG8S24DBAG8S3oD
BAW8eYADBAG8iNwDBATVz8ADBADZQtADBADZQtMwDQQCAAIwBwMFAyoMAQAwDQYJ
KoZIhvcNAQELBQADggEBAIc9mCaAhniapMmXfydyt1Z6Xy+IRwawZ0GGABSxwBzX
mF3RaKfv/bebGEJZXR66jbMSQAn6qWWEoNfVPXSlwZJhIbXmELiLi5wFnqoZhuAG
HyDDlBMT5yN1XE0IRWTAa3paSG1GpKaiGTfropq/Up4hR+9gvetlpwxRYc9K2+3K
Pzl//UJ+NEWMwUHgIfAf06F3MdLs96dlcLFJYRwxfaTM7+ai64XvbTvgfq9XR2u9
3nqIOGcW57re26uRU1IQMK6id0dD5PRESJcbZlhhuwjm8M2t6pYzVxNKVrB26b5p
wQgSNK3LJv7ZJdAJbuNet1P/7zi4bAJioQeWrRY57aM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:02 2024 by rpki-client on console-fra.rpki-client.org