Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/w1gV4GtmjgjnzskHRJiyyHgJCzo.roa
File: w1gV4GtmjgjnzskHRJiyyHgJCzo.roa (raw, json)
Hash identifier: l70oZcFH6i0UtQoyuV5BA0n0XC3WQy8oXH4utEg8HKA=
Subject key identifier: C3:58:15:E0:6B:66:8E:08:E7:CE:C9:07:44:98:B2:C8:78:09:0B:3A
Certificate issuer: /CN=5b698c4b612afee2cbb1cdd509e4f0246fbb80e1
Certificate serial: 0189FD6CAAEB9CF804EAFC25FF84F39C77F2
Authority key identifier: 5B:69:8C:4B:61:2A:FE:E2:CB:B1:CD:D5:09:E4:F0:24:6F:BB:80:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/w1gV4GtmjgjnzskHRJiyyHgJCzo.roa
Signing time: Wed 16 Aug 2023 08:18:24 +0000
ROA not before: Wed 16 Aug 2023 08:18:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206065
IP address blocks: 217.66.211.0/24 maxlen: 24
217.66.208.0/24 maxlen: 24
185.70.60.0/22 maxlen: 24
81.29.243.0/24 maxlen: 24
81.29.248.0/21 maxlen: 24
81.29.250.0/24 maxlen: 24
81.29.250.0/23 maxlen: 23
81.29.251.0/24 maxlen: 24
81.29.254.0/24 maxlen: 24
46.32.9.0/24 maxlen: 24
46.32.5.0/24 maxlen: 24
46.32.14.0/24 maxlen: 24
87.247.180.0/23 maxlen: 24
176.221.65.0/24 maxlen: 24
185.12.62.0/24 maxlen: 24
188.136.220.0/23 maxlen: 24
185.21.76.0/22 maxlen: 24
79.132.217.0/24 maxlen: 24
79.132.219.0/24 maxlen: 24
188.75.92.0/24 maxlen: 24
188.75.94.0/24 maxlen: 24
188.75.102.0/23 maxlen: 24
188.75.107.0/24 maxlen: 24
188.75.110.0/23 maxlen: 24
86.109.32.0/23 maxlen: 23
86.109.41.0/24 maxlen: 24
188.75.122.0/23 maxlen: 24
185.142.233.0/24 maxlen: 24
86.109.56.0/23 maxlen: 23
79.132.213.0/24 maxlen: 24
185.142.234.0/23 maxlen: 24
185.190.20.0/22 maxlen: 24
37.114.192.0/20 maxlen: 24
37.114.216.0/22 maxlen: 24
37.114.220.0/22 maxlen: 24
37.114.224.0/22 maxlen: 24
37.114.228.0/22 maxlen: 24
78.158.182.0/23 maxlen: 24
80.71.113.0/24 maxlen: 24
80.71.124.0/23 maxlen: 23
80.71.122.0/23 maxlen: 23
80.71.127.0/24 maxlen: 24
37.114.244.0/22 maxlen: 24
37.114.252.0/24 maxlen: 24
37.114.248.0/21 maxlen: 24
37.114.253.0/24 maxlen: 24
37.114.254.0/24 maxlen: 24
185.104.228.0/24 maxlen: 24
37.114.255.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 02 Sep 2023 13:19:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:fd:6c:aa:eb:9c:f8:04:ea:fc:25:ff:84:f3:9c:77:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b698c4b612afee2cbb1cdd509e4f0246fbb80e1
Validity
Not Before: Aug 16 08:18:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c35815e06b668e08e7cec9074498b2c878090b3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:d2:ae:4b:18:63:8c:5e:5d:dc:0c:68:15:99:
14:5a:5b:ad:a0:a5:5e:f2:14:9c:c5:4a:d6:ed:9f:
ff:1b:5e:0f:e5:42:5d:de:34:08:d4:13:51:3f:46:
da:d0:3f:b8:51:15:71:ca:f9:85:64:d2:f9:7e:3d:
4b:b7:83:e3:1a:26:58:8a:ad:43:4c:66:b0:9c:c8:
0c:5b:b5:81:87:8a:d3:ec:5e:9b:69:6d:dc:dd:fd:
7a:8a:8a:c5:58:22:d9:2f:31:c0:d5:11:8b:b8:1b:
2b:23:97:40:b1:09:1f:6c:b0:2f:7a:02:7f:f6:fd:
20:a5:08:f3:1b:2f:76:c3:ee:31:7d:f8:25:a1:1c:
99:7b:20:31:d3:9b:4d:0a:fd:2f:25:90:68:5e:95:
0f:43:14:48:86:e4:24:18:b8:f9:9e:45:f5:af:30:
0e:44:3c:a9:72:1d:4a:d7:f7:6f:67:32:1c:ac:95:
ba:c2:7f:0a:07:aa:ba:1c:74:5b:30:4a:5f:46:8c:
c5:fb:d1:0e:a1:38:74:93:c5:65:56:01:5a:33:4b:
1c:05:6c:06:b5:13:48:ed:38:69:82:89:d9:1c:81:
95:24:1b:e1:27:7d:b7:cb:a3:6c:45:32:15:80:57:
6b:1d:7c:e1:ef:16:72:e9:94:97:d0:17:58:24:bb:
8a:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:58:15:E0:6B:66:8E:08:E7:CE:C9:07:44:98:B2:C8:78:09:0B:3A
X509v3 Authority Key Identifier:
keyid:5B:69:8C:4B:61:2A:FE:E2:CB:B1:CD:D5:09:E4:F0:24:6F:BB:80:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/w1gV4GtmjgjnzskHRJiyyHgJCzo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.114.192.0/20
37.114.216.0-37.114.231.255
37.114.244.0-37.114.255.255
46.32.5.0/24
46.32.9.0/24
46.32.14.0/24
78.158.182.0/23
79.132.213.0/24
79.132.217.0/24
79.132.219.0/24
80.71.113.0/24
80.71.122.0-80.71.125.255
80.71.127.0/24
81.29.243.0/24
81.29.248.0/21
86.109.32.0/23
86.109.41.0/24
86.109.56.0/23
87.247.180.0/23
176.221.65.0/24
185.12.62.0/24
185.21.76.0/22
185.70.60.0/22
185.104.228.0/24
185.142.233.0-185.142.235.255
185.190.20.0/22
188.75.92.0/24
188.75.94.0/24
188.75.102.0/23
188.75.107.0/24
188.75.110.0/23
188.75.122.0/23
188.136.220.0/23
217.66.208.0/24
217.66.211.0/24
Signature Algorithm: sha256WithRSAEncryption
99:78:0a:e7:06:a6:aa:58:df:f2:34:47:a3:ad:46:60:eb:4c:
5e:61:9c:ac:e7:22:1f:d8:77:d3:49:ac:8f:63:4b:7c:07:1b:
60:43:93:df:86:e6:42:05:3e:3b:69:fd:9d:48:41:b6:fc:e9:
51:84:1f:cc:3f:f6:0d:fd:dc:33:ba:02:6e:a6:c7:5d:9d:05:
e0:a4:d3:46:ad:dd:3c:b4:d8:91:9c:fd:64:f4:4b:01:24:a9:
3d:cc:14:58:83:27:5a:15:76:52:17:1a:32:38:70:77:45:4c:
1d:ab:31:5b:50:87:95:60:5f:f0:85:c5:ba:b1:80:56:ec:c9:
06:70:a3:28:cf:28:5e:0b:5c:48:7c:ea:57:6c:30:b2:85:c9:
b7:0e:4a:7e:eb:15:40:80:e1:db:48:82:fc:1e:af:3f:a3:02:
89:b5:a2:61:78:30:8f:70:ff:15:b2:af:c4:47:5f:21:53:f4:
43:66:ed:26:a3:d0:55:32:c4:10:8c:71:13:a6:42:1a:58:47:
02:9c:9c:b2:eb:b1:b4:7a:75:cb:60:67:5c:99:5c:88:6c:cf:
2a:10:bb:c0:9d:ea:d1:f5:be:5c:98:0d:67:5f:5e:17:99:ec:
f9:d3:3d:89:94:59:73:db:d4:f2:da:a9:43:54:f3:e4:0c:e8:
8f:e2:58:f2
-----BEGIN CERTIFICATE-----
MIIF7jCCBNagAwIBAgISAYn9bKrrnPgE6vwl/4TznHfyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViNjk4YzRiNjEyYWZlZTJjYmIxY2RkNTA5ZTRmMDI0NmZi
YjgwZTEwHhcNMjMwODE2MDgxODI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzU4MTVlMDZiNjY4ZTA4ZTdjZWM5MDc0NDk4YjJjODc4MDkwYjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArtKuSxhjjF5d3AxoFZkUWlutoKVe
8hScxUrW7Z//G14P5UJd3jQI1BNRP0ba0D+4URVxyvmFZNL5fj1Lt4PjGiZYiq1D
TGawnMgMW7WBh4rT7F6baW3c3f16iorFWCLZLzHA1RGLuBsrI5dAsQkfbLAvegJ/
9v0gpQjzGy92w+4xffgloRyZeyAx05tNCv0vJZBoXpUPQxRIhuQkGLj5nkX1rzAO
RDypch1K1/dvZzIcrJW6wn8KB6q6HHRbMEpfRozF+9EOoTh0k8VlVgFaM0scBWwG
tRNI7ThpgonZHIGVJBvhJ323y6NsRTIVgFdrHXzh7xZy6ZSX0BdYJLuKUQIDAQAB
o4IC+jCCAvYwHQYDVR0OBBYEFMNYFeBrZo4I587JB0SYssh4CQs6MB8GA1UdIwQY
MBaAFFtpjEthKv7iy7HN1Qnk8CRvu4DhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzJtTVMyRXFfdUxMc2MzVkNlVHdKRy03Z09FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9jMTZmNTUtYjQ0ZC00MGMzLTlkYWMt
Y2MyZmFmZTNhOGI0LzEvdzFnVjRHdG1qZ2puenNrSFJKaXl5SGdKQ3pvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9jMTZmNTUtYjQ0ZC00MGMzLTlkYWMtY2MyZmFmZTNhOGI0
LzEvVzJtTVMyRXFfdUxMc2MzVkNlVHdKRy03Z09FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBDgYIKwYBBQUHAQcBAf8Egf4wgfswgfgEAgABMIHxAwQE
JXLAMAwDBAMlctgDBAMlcuAwCwMEAiVy9AMDACVyAwQALiAFAwQALiAJAwQALiAO
AwQBTp62AwQAT4TVAwQAT4TZAwQAT4TbAwQAUEdxMAwDBAFQR3oDBAFQR3wDBABQ
R38DBABRHfMDBANRHfgDBAFWbSADBABWbSkDBAFWbTgDBAFX97QDBACw3UEDBAC5
DD4DBAK5FUwDBAK5RjwDBAC5aOQwDAMEALmO6QMEArmO6AMEArm+FAMEALxLXAME
ALxLXgMEAbxLZgMEALxLawMEAbxLbgMEAbxLegMEAbyI3AMEANlC0AMEANlC0zAN
BgkqhkiG9w0BAQsFAAOCAQEAmXgK5wamqljf8jRHo61GYOtMXmGcrOciH9h300ms
j2NLfAcbYEOT34bmQgU+O2n9nUhBtvzpUYQfzD/2Df3cM7oCbqbHXZ0F4KTTRq3d
PLTYkZz9ZPRLASSpPcwUWIMnWhV2UhcaMjhwd0VMHasxW1CHlWBf8IXFurGAVuzJ
BnCjKM8oXgtcSHzqV2wwsoXJtw5KfusVQIDh20iC/B6vP6MCibWiYXgwj3D/FbKv
xEdfIVP0Q2btJqPQVTLEEIxxE6ZCGlhHApycsuuxtHp1y2BnXJlciGzPKhC7wJ3q
0fW+XJgNZ19eF5ns+dM9iZRZc9vU8tqpQ1Tz5Azoj+JY8g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:02 2024 by rpki-client on console-fra.rpki-client.org