Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/2E5j346q6yGxwlphzAYFbzmHVXc.roa
File: 2E5j346q6yGxwlphzAYFbzmHVXc.roa (raw, json)
Hash identifier: wDj8ebOTO2YlnHMG1nFc3f4xp+kwm60OXxjg3rLzkIk=
Subject key identifier: D8:4E:63:DF:8E:AA:EB:21:B1:C2:5A:61:CC:06:05:6F:39:87:55:77
Certificate issuer: /CN=624ad4535ac88dd534199f2a726095af71afe44e
Certificate serial: 01931B7989A15D776C691022B85BC47D0DB1
Authority key identifier: 62:4A:D4:53:5A:C8:8D:D5:34:19:9F:2A:72:60:95:AF:71:AF:E4:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/2E5j346q6yGxwlphzAYFbzmHVXc.roa
Signing time: Mon 11 Nov 2024 13:46:10 +0000
ROA not before: Mon 11 Nov 2024 13:46:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197706
IP address blocks: 31.171.152.0/24 maxlen: 24
31.171.153.0/24 maxlen: 24
31.171.154.0/24 maxlen: 24
31.171.155.0/24 maxlen: 24
31.171.156.0/24 maxlen: 24
31.171.157.0/24 maxlen: 24
31.171.158.0/24 maxlen: 24
31.171.159.0/24 maxlen: 24
45.142.24.0/24 maxlen: 24
45.142.25.0/24 maxlen: 24
45.142.26.0/24 maxlen: 24
45.142.27.0/24 maxlen: 24
103.93.40.0/24 maxlen: 24
103.93.41.0/24 maxlen: 24
103.93.42.0/24 maxlen: 24
103.93.43.0/24 maxlen: 24
103.111.0.0/24 maxlen: 24
103.111.1.0/24 maxlen: 24
103.111.2.0/24 maxlen: 24
103.111.3.0/24 maxlen: 24
109.104.132.0/24 maxlen: 24
109.104.135.0/24 maxlen: 24
109.104.137.0/24 maxlen: 24
109.104.138.0/24 maxlen: 24
109.104.139.0/24 maxlen: 24
109.104.140.0/22 maxlen: 22
109.104.140.0/24 maxlen: 24
109.104.141.0/24 maxlen: 24
109.104.142.0/24 maxlen: 24
109.104.143.0/24 maxlen: 24
109.104.156.0/24 maxlen: 24
109.104.157.0/24 maxlen: 24
109.104.158.0/24 maxlen: 24
109.104.159.0/24 maxlen: 24
144.48.52.0/24 maxlen: 24
144.48.53.0/24 maxlen: 24
144.48.54.0/24 maxlen: 24
144.48.55.0/24 maxlen: 24
185.53.100.0/22 maxlen: 24
185.153.124.0/22 maxlen: 24
185.153.124.0/24 maxlen: 24
185.153.125.0/24 maxlen: 24
185.153.126.0/24 maxlen: 24
185.153.127.0/24 maxlen: 24
185.233.124.0/24 maxlen: 24
185.233.125.0/24 maxlen: 24
185.233.126.0/24 maxlen: 24
185.233.127.0/24 maxlen: 24
194.113.94.0/24 maxlen: 24
194.113.95.0/24 maxlen: 24
2a04:27c0::/29 maxlen: 48
2a04:27c0:fffd::/48 maxlen: 48
2a04:27c0:fffe::/48 maxlen: 48
2a09:6e40::/29 maxlen: 48
2a09:6e47::/48 maxlen: 48
2a09:6ec0::/29 maxlen: 48
2a0d:27c0::/29 maxlen: 48
2a0d:27c4::/32 maxlen: 32
2a0d:42c0::/29 maxlen: 48
2a0d:4a40::/29 maxlen: 48
2a0d:4a46::/32 maxlen: 32
2a0e:3f00::/29 maxlen: 48
2a0e:3f01::/48 maxlen: 48
2a0e:4f00::/29 maxlen: 48
2a0e:4f05::/32 maxlen: 32
2a0e:d4c0::/29 maxlen: 48
2a0f:42c0::/29 maxlen: 48
2a0f:a880::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 02 Dec 2024 10:07:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:1b:79:89:a1:5d:77:6c:69:10:22:b8:5b:c4:7d:0d:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=624ad4535ac88dd534199f2a726095af71afe44e
Validity
Not Before: Nov 11 13:46:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d84e63df8eaaeb21b1c25a61cc06056f39875577
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:1b:94:87:50:ad:2a:32:68:fd:f2:74:89:16:
cd:ea:9e:4b:89:77:79:4e:a7:7d:52:04:e1:9a:09:
38:8e:f6:61:0e:82:84:3d:0b:b6:4f:76:52:da:f5:
dc:c9:e3:c3:a1:d7:6e:ac:b4:ae:e8:b4:a9:22:54:
9a:05:c6:2a:6d:85:7d:5a:2a:d1:46:92:a0:aa:79:
0c:75:26:cf:18:fc:56:dc:b4:53:d1:b7:35:77:0f:
da:70:d9:92:bd:ca:c2:00:b7:f4:44:db:26:6d:75:
24:a3:1e:ed:7d:75:71:26:10:c1:ac:5f:f5:93:3b:
11:e6:1f:90:93:d5:6b:27:39:26:c9:8a:6e:7b:6a:
9c:1e:1b:3c:0c:74:d3:b8:b4:90:34:1b:5c:be:95:
a5:05:ff:0d:29:8b:dd:5c:83:33:e7:98:5a:72:79:
39:a5:28:d4:3f:d1:bf:d5:fa:80:94:66:b2:92:25:
9c:fb:87:cb:b0:e4:3d:1e:01:96:6c:25:b4:d2:7c:
d7:83:2d:58:52:4f:76:82:b8:26:e1:38:91:e9:b5:
f3:0b:69:72:1d:28:27:93:39:db:21:75:87:cd:3f:
7b:18:fb:08:51:95:d5:3c:79:c3:07:7c:2f:0e:65:
a8:bb:52:c1:ab:0b:55:f7:5c:11:67:a3:6d:8a:07:
15:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:4E:63:DF:8E:AA:EB:21:B1:C2:5A:61:CC:06:05:6F:39:87:55:77
X509v3 Authority Key Identifier:
keyid:62:4A:D4:53:5A:C8:8D:D5:34:19:9F:2A:72:60:95:AF:71:AF:E4:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/2E5j346q6yGxwlphzAYFbzmHVXc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.171.152.0/21
45.142.24.0/22
103.93.40.0/22
103.111.0.0/22
109.104.132.0/24
109.104.135.0/24
109.104.137.0-109.104.143.255
109.104.156.0/22
144.48.52.0/22
185.53.100.0/22
185.153.124.0/22
185.233.124.0/22
194.113.94.0/23
IPv6:
2a04:27c0::/29
2a09:6e40::/29
2a09:6ec0::/29
2a0d:27c0::/29
2a0d:42c0::/29
2a0d:4a40::/29
2a0e:3f00::/29
2a0e:4f00::/29
2a0e:d4c0::/29
2a0f:42c0::/29
2a0f:a880::/29
Signature Algorithm: sha256WithRSAEncryption
68:ac:61:47:3b:10:fb:4f:9b:90:c7:ad:51:8b:53:46:0b:3f:
12:a0:4d:72:46:ab:85:87:67:08:bc:38:52:bd:51:8f:a1:08:
f5:2a:b2:93:6f:92:77:d6:ed:14:6b:cc:d7:1d:a4:44:48:dc:
9c:53:f5:8c:78:f2:02:c6:db:e5:04:66:d3:9b:41:ea:22:5e:
c2:23:06:90:8b:97:f4:8f:67:ce:a8:17:09:85:2e:1e:35:b2:
65:e5:0a:66:17:69:68:07:c8:03:cc:3d:68:cb:0c:7a:d2:56:
40:92:4d:fa:c2:53:c3:7e:dd:75:43:4e:af:8d:e7:10:a4:c6:
4d:4c:3d:a7:dc:f2:fc:d2:d3:b9:53:14:de:91:c5:23:b7:4c:
cf:3a:d3:1a:a3:80:2b:39:12:7d:08:24:27:14:3f:61:ad:d5:
c2:7b:9a:20:f9:1b:2d:f7:64:a0:00:8d:f8:4c:02:49:3f:94:
13:61:bb:31:13:4e:b5:8c:f3:24:dd:a3:79:89:e3:1b:d3:46:
b9:ec:a7:75:ac:4d:ab:e6:f4:c4:90:0b:41:f5:78:ee:2f:b8:
24:df:b1:3d:39:e3:ab:d2:09:c4:8a:12:a3:ba:a6:4f:29:70:
7c:65:9c:da:12:0f:6d:05:47:bd:3b:d1:f0:12:0d:2d:18:60:
be:c8:fa:8a
-----BEGIN CERTIFICATE-----
MIIFpTCCBI2gAwIBAgISAZMbeYmhXXdsaRAiuFvEfQ2xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyNGFkNDUzNWFjODhkZDUzNDE5OWYyYTcyNjA5NWFmNzFh
ZmU0NGUwHhcNMjQxMTExMTM0NjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODRlNjNkZjhlYWFlYjIxYjFjMjVhNjFjYzA2MDU2ZjM5ODc1NTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvBuUh1CtKjJo/fJ0iRbN6p5LiXd5
Tqd9UgThmgk4jvZhDoKEPQu2T3ZS2vXcyePDoddurLSu6LSpIlSaBcYqbYV9WirR
RpKgqnkMdSbPGPxW3LRT0bc1dw/acNmSvcrCALf0RNsmbXUkox7tfXVxJhDBrF/1
kzsR5h+Qk9VrJzkmyYpue2qcHhs8DHTTuLSQNBtcvpWlBf8NKYvdXIMz55hacnk5
pSjUP9G/1fqAlGaykiWc+4fLsOQ9HgGWbCW00nzXgy1YUk92grgm4TiR6bXzC2ly
HSgnkznbIXWHzT97GPsIUZXVPHnDB3wvDmWou1LBqwtV91wRZ6NtigcVSwIDAQAB
o4ICsTCCAq0wHQYDVR0OBBYEFNhOY9+OqushscJaYcwGBW85h1V3MB8GA1UdIwQY
MBaAFGJK1FNayI3VNBmfKnJgla9xr+ROMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWtyVVUxcklqZFUwR1o4cWNtQ1ZyM0d2NUU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9hYTEwMTktNTY0Zi00YzQ2LWEyMTct
ZmI1OTQ5ODA4ZGRjLzEvMkU1ajM0NnE2eUd4d2xwaHpBWUZiem1IVlhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9hYTEwMTktNTY0Zi00YzQ2LWEyMTctZmI1OTQ5ODA4ZGRj
LzEvWWtyVVUxcklqZFUwR1o4cWNtQ1ZyM0d2NUU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHGBggrBgEFBQcBBwEB/wSBtjCBszBcBAIAATBWAwQDH6uY
AwQCLY4YAwQCZ10oAwQCZ28AAwQAbWiEAwQAbWiHMAwDBABtaIkDBARtaIADBAJt
aJwDBAKQMDQDBAK5NWQDBAK5mXwDBAK56XwDBAHCcV4wUwQCAAIwTQMFAyoEJ8AD
BQMqCW5AAwUDKgluwAMFAyoNJ8ADBQMqDULAAwUDKg1KQAMFAyoOPwADBQMqDk8A
AwUDKg7UwAMFAyoPQsADBQMqD6iAMA0GCSqGSIb3DQEBCwUAA4IBAQBorGFHOxD7
T5uQx61Ri1NGCz8SoE1yRquFh2cIvDhSvVGPoQj1KrKTb5J31u0Ua8zXHaRESNyc
U/WMePICxtvlBGbTm0HqIl7CIwaQi5f0j2fOqBcJhS4eNbJl5QpmF2loB8gDzD1o
ywx60lZAkk36wlPDft11Q06vjecQpMZNTD2n3PL80tO5UxTekcUjt0zPOtMao4Ar
ORJ9CCQnFD9hrdXCe5og+Rst92SgAI34TAJJP5QTYbsxE061jPMk3aN5ieMb00a5
7Kd1rE2r5vTEkAtB9XjuL7gk37E9OeOr0gnEihKjuqZPKXB8ZZzaEg9tBUe9O9Hw
Eg0tGGC+yPqK
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:11:39 2025 by rpki-client