Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/8ftfWBhfZINxoIOsTGRhszJVYEk.roa
File: 8ftfWBhfZINxoIOsTGRhszJVYEk.roa (raw, json)
Hash identifier: 8XYzwQwk1/Uugnn1k10tG4KCIIeEi4mtbxgiKyU8rTs=
Subject key identifier: F1:FB:5F:58:18:5F:64:83:71:A0:83:AC:4C:64:61:B3:32:55:60:49
Certificate issuer: /CN=624ad4535ac88dd534199f2a726095af71afe44e
Certificate serial: 019386D696D46C69A6A11064A9A3F6490FAE
Authority key identifier: 62:4A:D4:53:5A:C8:8D:D5:34:19:9F:2A:72:60:95:AF:71:AF:E4:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/8ftfWBhfZINxoIOsTGRhszJVYEk.roa
Signing time: Mon 02 Dec 2024 10:07:10 +0000
ROA not before: Mon 02 Dec 2024 10:07:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197706
IP address blocks: 31.171.152.0/24 maxlen: 24
31.171.153.0/24 maxlen: 24
31.171.154.0/24 maxlen: 24
31.171.155.0/24 maxlen: 24
31.171.156.0/24 maxlen: 24
31.171.157.0/24 maxlen: 24
31.171.158.0/24 maxlen: 24
31.171.159.0/24 maxlen: 24
45.142.24.0/24 maxlen: 24
45.142.25.0/24 maxlen: 24
45.142.26.0/24 maxlen: 24
45.142.27.0/24 maxlen: 24
103.93.40.0/24 maxlen: 24
103.93.41.0/24 maxlen: 24
103.93.42.0/24 maxlen: 24
103.93.43.0/24 maxlen: 24
103.111.0.0/24 maxlen: 24
103.111.1.0/24 maxlen: 24
103.111.2.0/24 maxlen: 24
103.111.3.0/24 maxlen: 24
109.104.132.0/24 maxlen: 24
109.104.135.0/24 maxlen: 24
109.104.136.0/24 maxlen: 24
109.104.137.0/24 maxlen: 24
109.104.138.0/24 maxlen: 24
109.104.139.0/24 maxlen: 24
109.104.140.0/22 maxlen: 22
109.104.140.0/24 maxlen: 24
109.104.141.0/24 maxlen: 24
109.104.142.0/24 maxlen: 24
109.104.143.0/24 maxlen: 24
109.104.156.0/24 maxlen: 24
109.104.157.0/24 maxlen: 24
109.104.158.0/24 maxlen: 24
109.104.159.0/24 maxlen: 24
144.48.52.0/24 maxlen: 24
144.48.53.0/24 maxlen: 24
144.48.54.0/24 maxlen: 24
144.48.55.0/24 maxlen: 24
185.53.100.0/22 maxlen: 24
185.153.124.0/22 maxlen: 24
185.153.124.0/24 maxlen: 24
185.153.125.0/24 maxlen: 24
185.153.126.0/24 maxlen: 24
185.153.127.0/24 maxlen: 24
185.233.124.0/24 maxlen: 24
185.233.125.0/24 maxlen: 24
185.233.126.0/24 maxlen: 24
185.233.127.0/24 maxlen: 24
194.113.94.0/24 maxlen: 24
194.113.95.0/24 maxlen: 24
2a04:27c0::/29 maxlen: 48
2a04:27c0:fffd::/48 maxlen: 48
2a04:27c0:fffe::/48 maxlen: 48
2a09:6e40::/29 maxlen: 48
2a09:6e47::/48 maxlen: 48
2a09:6ec0::/29 maxlen: 48
2a0d:27c0::/29 maxlen: 48
2a0d:27c4::/32 maxlen: 32
2a0d:42c0::/29 maxlen: 48
2a0d:4a40::/29 maxlen: 48
2a0d:4a46::/32 maxlen: 32
2a0e:3f00::/29 maxlen: 48
2a0e:3f01::/48 maxlen: 48
2a0e:4f00::/29 maxlen: 48
2a0e:4f05::/32 maxlen: 32
2a0e:d4c0::/29 maxlen: 48
2a0f:42c0::/29 maxlen: 48
2a0f:a880::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 03 Dec 2024 09:25:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:86:d6:96:d4:6c:69:a6:a1:10:64:a9:a3:f6:49:0f:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=624ad4535ac88dd534199f2a726095af71afe44e
Validity
Not Before: Dec 2 10:07:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f1fb5f58185f648371a083ac4c6461b332556049
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:76:c8:e8:cb:01:57:73:a8:58:93:bd:52:a7:
36:03:ef:ba:88:4c:e3:21:67:4e:c3:b9:13:38:10:
d8:6e:64:68:e4:f9:4a:bb:4d:b0:aa:0f:46:17:25:
3c:6e:14:ae:60:b1:7d:88:37:96:07:1e:2c:a4:d2:
86:fd:a7:dc:4c:7e:6f:f9:e1:5c:f7:e5:c7:2a:be:
84:b2:6e:ee:ae:c6:1b:5b:f9:4d:ae:95:7e:59:0f:
33:1c:11:22:28:19:ff:ea:3b:87:41:23:94:61:60:
8e:19:ab:eb:af:f8:90:05:4e:39:35:3c:b9:5f:13:
28:0e:d8:2f:5f:50:87:da:b9:9c:0a:fd:48:82:28:
f0:0e:d4:04:a1:f0:f1:f7:1b:6f:37:63:ed:32:cf:
b9:e8:e9:e7:a9:8d:f7:f9:7f:59:a1:34:f3:30:bc:
63:a0:49:79:5b:55:38:9b:df:ac:83:13:56:ac:96:
fd:9b:23:7b:df:bd:d6:cd:36:ae:19:68:71:2b:8e:
09:c2:d7:90:54:7c:82:6a:b3:cf:9a:f6:52:5c:4f:
73:89:35:8a:ce:39:85:d2:ab:6e:90:c0:39:5d:4c:
15:57:be:59:e6:ab:5e:65:cf:ca:51:54:b9:b5:fc:
ff:52:58:72:10:a4:bf:c2:09:2c:db:eb:45:1c:63:
5f:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:FB:5F:58:18:5F:64:83:71:A0:83:AC:4C:64:61:B3:32:55:60:49
X509v3 Authority Key Identifier:
keyid:62:4A:D4:53:5A:C8:8D:D5:34:19:9F:2A:72:60:95:AF:71:AF:E4:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/8ftfWBhfZINxoIOsTGRhszJVYEk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.171.152.0/21
45.142.24.0/22
103.93.40.0/22
103.111.0.0/22
109.104.132.0/24
109.104.135.0-109.104.143.255
109.104.156.0/22
144.48.52.0/22
185.53.100.0/22
185.153.124.0/22
185.233.124.0/22
194.113.94.0/23
IPv6:
2a04:27c0::/29
2a09:6e40::/29
2a09:6ec0::/29
2a0d:27c0::/29
2a0d:42c0::/29
2a0d:4a40::/29
2a0e:3f00::/29
2a0e:4f00::/29
2a0e:d4c0::/29
2a0f:42c0::/29
2a0f:a880::/29
Signature Algorithm: sha256WithRSAEncryption
2d:4f:fe:74:51:d6:7c:26:d9:95:ab:2a:7a:e5:30:74:d6:a4:
f1:e2:80:da:82:2d:de:27:71:5a:19:ba:05:d2:28:f9:b8:4c:
93:1b:12:64:f0:3b:b2:43:0c:7e:dc:12:0d:bd:3b:b2:6b:2c:
e6:58:a4:ae:95:02:e2:71:5a:b5:64:40:71:7e:f0:35:e7:4c:
63:e3:29:70:86:a1:06:98:07:fd:b9:cd:42:aa:06:ca:88:d5:
9d:88:75:a7:25:72:25:1f:74:8c:66:93:c7:8e:f1:99:82:66:
c7:ae:82:a5:db:57:15:d1:c9:a0:c2:95:53:e1:67:44:1d:e0:
b2:f8:43:b0:37:a2:29:b9:79:55:ce:8b:bf:0c:2b:d8:d3:0a:
60:7d:10:3e:d1:e9:43:71:a6:bf:be:b6:bb:a9:85:a4:b8:9b:
32:00:04:11:3c:a0:26:9d:51:b1:bb:2c:a1:19:c0:73:91:b8:
01:f8:2a:35:07:80:ae:9d:6a:5c:ac:d7:1f:51:c4:5e:1c:c2:
4b:57:cf:96:7c:99:47:6b:a6:45:83:1e:b1:2a:77:4f:b7:44:
ff:da:4e:7d:08:a8:d9:f7:d6:bb:a4:b4:c2:0f:6a:49:82:6d:
a3:6a:7a:bd:46:e3:8f:b1:af:af:40:0c:5d:c1:8c:52:31:fa:
6a:92:ed:1a
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgISAZOG1pbUbGmmoRBkqaP2SQ+uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyNGFkNDUzNWFjODhkZDUzNDE5OWYyYTcyNjA5NWFmNzFh
ZmU0NGUwHhcNMjQxMjAyMTAwNzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWZiNWY1ODE4NWY2NDgzNzFhMDgzYWM0YzY0NjFiMzMyNTU2MDQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxHbI6MsBV3OoWJO9Uqc2A++6iEzj
IWdOw7kTOBDYbmRo5PlKu02wqg9GFyU8bhSuYLF9iDeWBx4spNKG/afcTH5v+eFc
9+XHKr6Esm7ursYbW/lNrpV+WQ8zHBEiKBn/6juHQSOUYWCOGavrr/iQBU45NTy5
XxMoDtgvX1CH2rmcCv1IgijwDtQEofDx9xtvN2PtMs+56OnnqY33+X9ZoTTzMLxj
oEl5W1U4m9+sgxNWrJb9myN7373WzTauGWhxK44JwteQVHyCarPPmvZSXE9ziTWK
zjmF0qtukMA5XUwVV75Z5qteZc/KUVS5tfz/UlhyEKS/wgks2+tFHGNfVQIDAQAB
o4ICqzCCAqcwHQYDVR0OBBYEFPH7X1gYX2SDcaCDrExkYbMyVWBJMB8GA1UdIwQY
MBaAFGJK1FNayI3VNBmfKnJgla9xr+ROMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWtyVVUxcklqZFUwR1o4cWNtQ1ZyM0d2NUU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9hYTEwMTktNTY0Zi00YzQ2LWEyMTct
ZmI1OTQ5ODA4ZGRjLzEvOGZ0ZldCaGZaSU54b0lPc1RHUmhzekpWWUVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9hYTEwMTktNTY0Zi00YzQ2LWEyMTctZmI1OTQ5ODA4ZGRj
LzEvWWtyVVUxcklqZFUwR1o4cWNtQ1ZyM0d2NUU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHABggrBgEFBQcBBwEB/wSBsDCBrTBWBAIAATBQAwQDH6uY
AwQCLY4YAwQCZ10oAwQCZ28AAwQAbWiEMAwDBABtaIcDBARtaIADBAJtaJwDBAKQ
MDQDBAK5NWQDBAK5mXwDBAK56XwDBAHCcV4wUwQCAAIwTQMFAyoEJ8ADBQMqCW5A
AwUDKgluwAMFAyoNJ8ADBQMqDULAAwUDKg1KQAMFAyoOPwADBQMqDk8AAwUDKg7U
wAMFAyoPQsADBQMqD6iAMA0GCSqGSIb3DQEBCwUAA4IBAQAtT/50UdZ8JtmVqyp6
5TB01qTx4oDagi3eJ3FaGboF0ij5uEyTGxJk8DuyQwx+3BINvTuyayzmWKSulQLi
cVq1ZEBxfvA150xj4ylwhqEGmAf9uc1CqgbKiNWdiHWnJXIlH3SMZpPHjvGZgmbH
roKl21cV0cmgwpVT4WdEHeCy+EOwN6IpuXlVzou/DCvY0wpgfRA+0elDcaa/vra7
qYWkuJsyAAQRPKAmnVGxuyyhGcBzkbgB+Co1B4CunWpcrNcfUcReHMJLV8+WfJlH
a6ZFgx6xKndPt0T/2k59CKjZ99a7pLTCD2pJgm2janq9RuOPsa+vQAxdwYxSMfpq
ku0a
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:42:20 2025 by rpki-client