Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/IJf5SCgZmpkJsUhUrbGfi54L_cM.roa
File: IJf5SCgZmpkJsUhUrbGfi54L_cM.roa (raw, json)
Hash identifier: vZxlnnX9ZyqS+NkBrFwhaQ4kMK0e/ME/siOJLHVsF5w=
Subject key identifier: 20:97:F9:48:28:19:9A:99:09:B1:48:54:AD:B1:9F:8B:9E:0B:FD:C3
Certificate issuer: /CN=624ad4535ac88dd534199f2a726095af71afe44e
Certificate serial: 01924D05A6AE3BE163CDD9B641521875AB74
Authority key identifier: 62:4A:D4:53:5A:C8:8D:D5:34:19:9F:2A:72:60:95:AF:71:AF:E4:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/IJf5SCgZmpkJsUhUrbGfi54L_cM.roa
Signing time: Wed 02 Oct 2024 11:37:48 +0000
ROA not before: Wed 02 Oct 2024 11:37:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197706
IP address blocks: 31.171.152.0/24 maxlen: 24
31.171.153.0/24 maxlen: 24
31.171.154.0/24 maxlen: 24
31.171.155.0/24 maxlen: 24
31.171.156.0/24 maxlen: 24
31.171.157.0/24 maxlen: 24
31.171.158.0/24 maxlen: 24
31.171.159.0/24 maxlen: 24
45.142.24.0/24 maxlen: 24
45.142.25.0/24 maxlen: 24
45.142.26.0/24 maxlen: 24
45.142.27.0/24 maxlen: 24
103.93.40.0/24 maxlen: 24
103.93.41.0/24 maxlen: 24
103.93.42.0/24 maxlen: 24
103.93.43.0/24 maxlen: 24
103.111.0.0/24 maxlen: 24
103.111.1.0/24 maxlen: 24
103.111.2.0/24 maxlen: 24
103.111.3.0/24 maxlen: 24
109.104.132.0/24 maxlen: 24
109.104.133.0/24 maxlen: 24
109.104.134.0/24 maxlen: 24
109.104.135.0/24 maxlen: 24
109.104.136.0/24 maxlen: 24
109.104.137.0/24 maxlen: 24
109.104.138.0/24 maxlen: 24
109.104.139.0/24 maxlen: 24
109.104.140.0/22 maxlen: 22
109.104.140.0/24 maxlen: 24
109.104.141.0/24 maxlen: 24
109.104.142.0/24 maxlen: 24
109.104.143.0/24 maxlen: 24
109.104.156.0/24 maxlen: 24
109.104.157.0/24 maxlen: 24
109.104.158.0/24 maxlen: 24
109.104.159.0/24 maxlen: 24
144.48.52.0/24 maxlen: 24
144.48.53.0/24 maxlen: 24
144.48.54.0/24 maxlen: 24
144.48.55.0/24 maxlen: 24
185.53.100.0/22 maxlen: 24
185.153.124.0/22 maxlen: 24
185.153.124.0/24 maxlen: 24
185.153.125.0/24 maxlen: 24
185.153.126.0/24 maxlen: 24
185.153.127.0/24 maxlen: 24
185.233.124.0/24 maxlen: 24
185.233.125.0/24 maxlen: 24
185.233.126.0/24 maxlen: 24
185.233.127.0/24 maxlen: 24
194.113.94.0/24 maxlen: 24
194.113.95.0/24 maxlen: 24
2a04:27c0::/29 maxlen: 48
2a09:6e40::/29 maxlen: 48
2a09:6e47::/48 maxlen: 48
2a09:6ec0::/29 maxlen: 48
2a0d:27c0::/29 maxlen: 48
2a0d:42c0::/29 maxlen: 48
2a0d:4a40::/29 maxlen: 48
2a0e:3f00::/29 maxlen: 48
2a0e:3f01::/48 maxlen: 48
2a0e:4f00::/29 maxlen: 48
2a0e:d4c0::/29 maxlen: 48
2a0f:42c0::/29 maxlen: 48
2a0f:a880::/29 maxlen: 48
Validation: Failed, certificate revoked on Thu 10 Oct 2024 10:10:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:4d:05:a6:ae:3b:e1:63:cd:d9:b6:41:52:18:75:ab:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=624ad4535ac88dd534199f2a726095af71afe44e
Validity
Not Before: Oct 2 11:37:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2097f94828199a9909b14854adb19f8b9e0bfdc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:07:2c:52:1d:2f:6d:4a:5e:84:1f:12:af:d4:
10:2f:5b:ed:2d:71:40:51:4d:38:e0:e6:3e:2a:83:
64:98:70:06:30:13:57:60:73:fb:e7:69:57:7e:81:
df:c9:07:78:be:a7:71:87:37:7a:86:b7:f5:0e:51:
b0:bd:d8:cb:5a:aa:2c:6f:06:48:6f:56:81:0d:15:
fd:bb:63:0b:27:6d:bd:04:0d:ec:df:be:a5:3f:30:
ef:77:4e:2b:a1:49:2a:8d:e1:85:74:9f:d4:a5:35:
d7:6a:68:04:d9:94:45:f2:c3:1b:28:8c:38:e6:de:
47:74:96:5e:8e:a4:85:40:aa:aa:6b:47:00:1a:97:
8f:c8:bb:41:05:3f:57:65:8c:d7:08:f4:bb:dc:68:
f2:57:18:9b:66:d2:03:47:bf:ce:0b:57:99:ee:1c:
5f:a8:04:71:e5:e1:40:95:ab:d5:f8:67:6d:50:93:
df:ef:fa:d8:28:39:11:83:f5:e2:bf:4c:b9:3b:cc:
8e:85:53:ad:e0:1f:cb:74:32:00:f0:a3:17:34:86:
1a:fc:3a:ba:a2:39:18:56:6f:f7:ee:3c:7b:4e:38:
01:0c:f8:a0:4d:95:70:cd:fd:53:22:0a:22:ee:15:
04:57:e4:a7:88:ba:62:4c:51:c8:cd:b6:ed:a3:c7:
bb:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:97:F9:48:28:19:9A:99:09:B1:48:54:AD:B1:9F:8B:9E:0B:FD:C3
X509v3 Authority Key Identifier:
keyid:62:4A:D4:53:5A:C8:8D:D5:34:19:9F:2A:72:60:95:AF:71:AF:E4:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/IJf5SCgZmpkJsUhUrbGfi54L_cM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.171.152.0/21
45.142.24.0/22
103.93.40.0/22
103.111.0.0/22
109.104.132.0-109.104.143.255
109.104.156.0/22
144.48.52.0/22
185.53.100.0/22
185.153.124.0/22
185.233.124.0/22
194.113.94.0/23
IPv6:
2a04:27c0::/29
2a09:6e40::/29
2a09:6ec0::/29
2a0d:27c0::/29
2a0d:42c0::/29
2a0d:4a40::/29
2a0e:3f00::/29
2a0e:4f00::/29
2a0e:d4c0::/29
2a0f:42c0::/29
2a0f:a880::/29
Signature Algorithm: sha256WithRSAEncryption
6e:2e:53:90:94:56:22:20:9a:48:4d:71:4a:3e:64:1e:25:56:
ce:ea:00:39:a7:41:db:a9:b8:ac:cc:9c:0c:b1:7a:f9:4e:83:
51:d4:f1:31:80:ee:00:9c:f1:23:dd:f4:af:5b:7e:b8:52:a0:
3e:48:70:42:36:a4:24:ca:51:e9:36:e2:29:1d:54:19:3e:7a:
4d:b1:bf:3d:e9:d5:82:68:d1:0e:ac:79:1e:73:16:be:ed:b8:
3a:55:5b:35:5b:b7:48:f4:29:20:ba:1b:b8:ba:16:92:76:02:
9d:af:2c:3e:9f:dc:dc:58:81:0f:55:5e:5c:5f:67:9c:9a:1d:
d4:6f:87:9f:c3:27:c3:8b:9e:d3:c5:8a:09:64:9b:cd:92:1b:
57:bb:a6:ad:77:c9:71:30:22:f9:02:99:12:54:21:ac:c4:ae:
62:e3:fc:79:cb:59:df:93:83:46:de:ae:06:c9:ea:2c:0b:3c:
d6:31:a0:43:b2:24:4e:fb:9d:a7:5a:2f:74:9e:30:d4:7d:26:
86:d9:79:b9:89:89:1b:a9:77:25:d7:0c:3c:b4:d5:91:70:f5:
62:51:3b:37:f9:96:f1:fd:ab:23:c5:6c:99:1a:37:e6:fc:7d:
2e:9e:b3:8e:c8:6a:7b:1a:9d:29:60:d1:bc:ec:dd:4d:e1:d8:
b3:c5:54:3d
-----BEGIN CERTIFICATE-----
MIIFmTCCBIGgAwIBAgISAZJNBaauO+Fjzdm2QVIYdat0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyNGFkNDUzNWFjODhkZDUzNDE5OWYyYTcyNjA5NWFmNzFh
ZmU0NGUwHhcNMjQxMDAyMTEzNzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDk3Zjk0ODI4MTk5YTk5MDliMTQ4NTRhZGIxOWY4YjllMGJmZGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoAcsUh0vbUpehB8Sr9QQL1vtLXFA
UU044OY+KoNkmHAGMBNXYHP752lXfoHfyQd4vqdxhzd6hrf1DlGwvdjLWqosbwZI
b1aBDRX9u2MLJ229BA3s376lPzDvd04roUkqjeGFdJ/UpTXXamgE2ZRF8sMbKIw4
5t5HdJZejqSFQKqqa0cAGpePyLtBBT9XZYzXCPS73GjyVxibZtIDR7/OC1eZ7hxf
qARx5eFAlavV+GdtUJPf7/rYKDkRg/Xiv0y5O8yOhVOt4B/LdDIA8KMXNIYa/Dq6
ojkYVm/37jx7TjgBDPigTZVwzf1TIgoi7hUEV+SniLpiTFHIzbbto8e76QIDAQAB
o4ICpTCCAqEwHQYDVR0OBBYEFCCX+UgoGZqZCbFIVK2xn4ueC/3DMB8GA1UdIwQY
MBaAFGJK1FNayI3VNBmfKnJgla9xr+ROMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWtyVVUxcklqZFUwR1o4cWNtQ1ZyM0d2NUU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9hYTEwMTktNTY0Zi00YzQ2LWEyMTct
ZmI1OTQ5ODA4ZGRjLzEvSUpmNVNDZ1ptcGtKc1VoVXJiR2ZpNTRMX2NNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9hYTEwMTktNTY0Zi00YzQ2LWEyMTctZmI1OTQ5ODA4ZGRj
LzEvWWtyVVUxcklqZFUwR1o4cWNtQ1ZyM0d2NUU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG6BggrBgEFBQcBBwEB/wSBqjCBpzBQBAIAATBKAwQDH6uY
AwQCLY4YAwQCZ10oAwQCZ28AMAwDBAJtaIQDBARtaIADBAJtaJwDBAKQMDQDBAK5
NWQDBAK5mXwDBAK56XwDBAHCcV4wUwQCAAIwTQMFAyoEJ8ADBQMqCW5AAwUDKglu
wAMFAyoNJ8ADBQMqDULAAwUDKg1KQAMFAyoOPwADBQMqDk8AAwUDKg7UwAMFAyoP
QsADBQMqD6iAMA0GCSqGSIb3DQEBCwUAA4IBAQBuLlOQlFYiIJpITXFKPmQeJVbO
6gA5p0HbqbiszJwMsXr5ToNR1PExgO4AnPEj3fSvW364UqA+SHBCNqQkylHpNuIp
HVQZPnpNsb896dWCaNEOrHkecxa+7bg6VVs1W7dI9Ckguhu4uhaSdgKdryw+n9zc
WIEPVV5cX2ecmh3Ub4efwyfDi57TxYoJZJvNkhtXu6atd8lxMCL5ApkSVCGsxK5i
4/x5y1nfk4NG3q4GyeosCzzWMaBDsiRO+52nWi90njDUfSaG2Xm5iYkbqXcl1ww8
tNWRcPViUTs3+Zbx/asjxWyZGjfm/H0unrOOyGp7Gp0pYNG87N1N4dizxVQ9
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:30:58 2025 by rpki-client