Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/13e12a-2bac-4752-997d-df86b6dd997c/1/2-DA9Ye9CsM7fPcawVOgsWH--Lc.roa
File: 2-DA9Ye9CsM7fPcawVOgsWH--Lc.roa (raw, json)
Hash identifier: PQPTm6OWZFDWh2B77joWBTq0jApuIk79LQ2n/WgafO4=
Subject key identifier: DB:E0:C0:F5:87:BD:0A:C3:3B:7C:F7:1A:C1:53:A0:B1:61:FE:F8:B7
Certificate issuer: /CN=2f814adc1d5209e098f078adbc856bad83b749c2
Certificate serial: 019087C9A959C2E8FCFA2E71592C741AD6A9
Authority key identifier: 2F:81:4A:DC:1D:52:09:E0:98:F0:78:AD:BC:85:6B:AD:83:B7:49:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L4FK3B1SCeCY8HitvIVrrYO3ScI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/13e12a-2bac-4752-997d-df86b6dd997c/1/2-DA9Ye9CsM7fPcawVOgsWH--Lc.roa
Signing time: Sat 06 Jul 2024 11:24:18 +0000
ROA not before: Sat 06 Jul 2024 11:24:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16322
IP address blocks: 31.214.132.0/23 maxlen: 23
31.214.146.0/23 maxlen: 23
31.214.146.0/24 maxlen: 24
31.214.147.0/24 maxlen: 24
31.214.154.0/24 maxlen: 24
31.214.168.0/21 maxlen: 21
31.214.168.0/23 maxlen: 23
31.214.170.0/23 maxlen: 23
31.214.172.0/22 maxlen: 22
31.214.200.0/23 maxlen: 23
31.214.228.0/22 maxlen: 22
31.214.248.0/21 maxlen: 21
37.10.64.0/22 maxlen: 22
37.10.109.0/24 maxlen: 24
37.10.117.0/24 maxlen: 24
37.228.131.0/24 maxlen: 24
37.228.133.0/24 maxlen: 24
37.228.135.0/24 maxlen: 24
37.228.136.0/22 maxlen: 22
46.41.192.0/18 maxlen: 18
46.41.192.0/19 maxlen: 19
46.41.192.0/20 maxlen: 20
46.41.224.0/19 maxlen: 19
46.41.224.0/20 maxlen: 20
46.251.224.0/24 maxlen: 24
46.251.226.0/24 maxlen: 24
46.251.237.0/24 maxlen: 24
82.99.192.0/18 maxlen: 18
82.99.192.0/19 maxlen: 22
82.99.192.0/24 maxlen: 24
82.99.193.0/24 maxlen: 24
82.99.195.0/24 maxlen: 24
82.99.196.0/24 maxlen: 24
82.99.198.0/24 maxlen: 24
82.99.199.0/24 maxlen: 24
82.99.200.0/24 maxlen: 24
82.99.201.0/24 maxlen: 24
82.99.204.0/24 maxlen: 24
82.99.205.0/24 maxlen: 24
82.99.206.0/24 maxlen: 24
82.99.209.0/24 maxlen: 24
82.99.210.0/24 maxlen: 24
82.99.212.0/24 maxlen: 24
82.99.214.0/24 maxlen: 24
82.99.216.0/22 maxlen: 22
82.99.224.0/19 maxlen: 19
82.99.224.0/20 maxlen: 20
82.99.225.0/24 maxlen: 24
82.99.228.0/24 maxlen: 24
82.99.230.0/24 maxlen: 24
82.99.231.0/24 maxlen: 24
82.99.232.0/24 maxlen: 24
82.99.233.0/24 maxlen: 24
82.99.235.0/24 maxlen: 24
82.99.240.0/24 maxlen: 24
82.99.249.0/24 maxlen: 24
82.99.250.0/24 maxlen: 24
82.99.251.0/24 maxlen: 24
82.99.252.0/24 maxlen: 24
82.99.254.0/24 maxlen: 24
95.156.222.0/23 maxlen: 23
95.156.233.0/24 maxlen: 24
95.156.234.0/23 maxlen: 23
95.156.236.0/23 maxlen: 23
95.156.248.0/23 maxlen: 23
109.230.192.0/23 maxlen: 23
109.230.200.0/24 maxlen: 24
109.230.204.0/22 maxlen: 22
109.230.221.0/24 maxlen: 24
109.230.223.0/24 maxlen: 24
109.230.242.0/24 maxlen: 24
109.230.246.0/23 maxlen: 23
109.230.246.0/24 maxlen: 24
109.230.247.0/24 maxlen: 24
109.230.251.0/24 maxlen: 24
134.255.196.0/23 maxlen: 23
134.255.200.0/21 maxlen: 21
134.255.245.0/24 maxlen: 24
134.255.246.0/24 maxlen: 24
134.255.249.0/24 maxlen: 24
185.10.71.0/24 maxlen: 24
185.13.228.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 12 Aug 2024 06:22:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:87:c9:a9:59:c2:e8:fc:fa:2e:71:59:2c:74:1a:d6:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f814adc1d5209e098f078adbc856bad83b749c2
Validity
Not Before: Jul 6 11:24:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dbe0c0f587bd0ac33b7cf71ac153a0b161fef8b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:15:a0:ac:0f:91:28:ed:00:03:ec:93:ad:a2:
61:ee:b1:a1:08:77:34:23:2b:c0:a4:65:ea:8b:77:
e9:2d:20:53:c8:da:84:2a:b0:72:35:e6:07:8a:a4:
09:56:87:d2:c0:36:9c:44:ea:6f:f3:83:0a:10:b3:
04:46:82:77:7d:c5:02:53:bd:29:38:4c:94:57:76:
47:dc:cc:23:c6:35:07:d0:18:6d:f0:28:67:e8:d3:
69:1e:1d:a6:e3:b9:ad:d0:17:60:9f:80:b6:de:55:
eb:7d:21:f3:b5:71:70:65:8d:c0:53:65:1b:d8:d9:
96:f1:90:5c:bb:26:76:6a:44:48:57:67:6c:cf:c3:
49:02:22:64:d6:5f:ce:14:91:f6:ff:93:e6:fb:a1:
e2:47:ab:d1:b0:78:09:d8:ce:ee:61:a2:e9:45:90:
9d:eb:f7:7e:b9:de:99:71:68:43:ff:92:15:20:fa:
92:8e:7b:9f:7f:f3:26:3b:ec:d2:a3:fb:1e:16:24:
87:45:7d:b0:dd:35:8e:7f:da:24:6c:ff:f6:6c:1b:
77:96:5c:b3:54:9b:73:3d:d7:17:95:88:7b:e3:57:
c9:66:9a:93:ea:e5:74:22:16:82:98:ab:0b:ec:d8:
6b:29:d3:df:ba:68:35:ed:9c:23:0a:9e:b6:82:83:
23:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:E0:C0:F5:87:BD:0A:C3:3B:7C:F7:1A:C1:53:A0:B1:61:FE:F8:B7
X509v3 Authority Key Identifier:
keyid:2F:81:4A:DC:1D:52:09:E0:98:F0:78:AD:BC:85:6B:AD:83:B7:49:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L4FK3B1SCeCY8HitvIVrrYO3ScI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/13e12a-2bac-4752-997d-df86b6dd997c/1/2-DA9Ye9CsM7fPcawVOgsWH--Lc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/13e12a-2bac-4752-997d-df86b6dd997c/1/L4FK3B1SCeCY8HitvIVrrYO3ScI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.214.132.0/23
31.214.146.0/23
31.214.154.0/24
31.214.168.0/21
31.214.200.0/23
31.214.228.0/22
31.214.248.0/21
37.10.64.0/22
37.10.109.0/24
37.10.117.0/24
37.228.131.0/24
37.228.133.0/24
37.228.135.0-37.228.139.255
46.41.192.0/18
46.251.224.0/24
46.251.226.0/24
46.251.237.0/24
82.99.192.0/18
95.156.222.0/23
95.156.233.0-95.156.237.255
95.156.248.0/23
109.230.192.0/23
109.230.200.0/24
109.230.204.0/22
109.230.221.0/24
109.230.223.0/24
109.230.242.0/24
109.230.246.0/23
109.230.251.0/24
134.255.196.0/23
134.255.200.0/21
134.255.245.0-134.255.246.255
134.255.249.0/24
185.10.71.0/24
185.13.228.0/22
Signature Algorithm: sha256WithRSAEncryption
45:f9:c6:2d:70:77:3c:dc:bf:80:dd:bc:0f:1c:36:15:44:3b:
9f:2a:67:b8:a1:0d:e1:1f:e8:c3:42:26:8d:af:ca:ae:01:64:
20:61:db:5d:61:c0:f1:0e:72:f5:de:61:67:2c:92:77:8d:3b:
be:c9:e8:cf:c0:28:79:d6:e4:51:f9:0b:4b:d3:92:c0:29:d5:
22:e9:5e:32:c3:71:59:7d:6c:15:ff:83:1a:76:dd:2b:05:7a:
e4:61:3a:3e:e5:bb:57:25:a4:77:42:dd:6d:ad:1a:27:74:d5:
29:11:e0:27:a9:b2:69:43:cb:18:5d:50:61:bf:54:3f:5d:d6:
09:46:f1:6b:a3:9e:ea:59:f5:89:04:c7:62:09:95:ac:bb:50:
20:f4:cd:41:f0:b7:9c:5f:74:28:54:b4:2b:ff:64:99:a7:4e:
d9:24:df:b7:df:c9:8c:5b:b7:a5:30:e1:da:c2:6e:6f:22:8b:
20:28:ec:72:97:e7:30:f4:d0:23:f2:8e:8b:d7:58:ca:c1:07:
fe:b4:56:a2:50:f2:78:aa:42:97:1c:c3:08:15:77:8f:90:3b:
d1:45:af:36:c4:36:2d:93:f2:c0:0c:9d:4a:7e:49:80:29:37:
9c:d5:a7:6b:75:23:17:97:0e:66:94:6b:d5:2e:aa:59:78:db:
e8:51:df:55
-----BEGIN CERTIFICATE-----
MIIF5zCCBM+gAwIBAgISAZCHyalZwuj8+i5xWSx0GtapMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmODE0YWRjMWQ1MjA5ZTA5OGYwNzhhZGJjODU2YmFkODNi
NzQ5YzIwHhcNMjQwNzA2MTEyNDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmUwYzBmNTg3YmQwYWMzM2I3Y2Y3MWFjMTUzYTBiMTYxZmVmOGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmxWgrA+RKO0AA+yTraJh7rGhCHc0
IyvApGXqi3fpLSBTyNqEKrByNeYHiqQJVofSwDacROpv84MKELMERoJ3fcUCU70p
OEyUV3ZH3MwjxjUH0Bht8Chn6NNpHh2m47mt0Bdgn4C23lXrfSHztXFwZY3AU2Ub
2NmW8ZBcuyZ2akRIV2dsz8NJAiJk1l/OFJH2/5Pm+6HiR6vRsHgJ2M7uYaLpRZCd
6/d+ud6ZcWhD/5IVIPqSjnuff/MmO+zSo/seFiSHRX2w3TWOf9okbP/2bBt3llyz
VJtzPdcXlYh741fJZpqT6uV0IhaCmKsL7NhrKdPfumg17ZwjCp62goMjMQIDAQAB
o4IC8zCCAu8wHQYDVR0OBBYEFNvgwPWHvQrDO3z3GsFToLFh/vi3MB8GA1UdIwQY
MBaAFC+BStwdUgngmPB4rbyFa62Dt0nCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDRGSzNCMVNDZUNZOEhpdHZJVnJyWU8zU2NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi8xM2UxMmEtMmJhYy00NzUyLTk5N2Qt
ZGY4NmI2ZGQ5OTdjLzEvMi1EQTlZZTlDc003ZlBjYXdWT2dzV0gtLUxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi8xM2UxMmEtMmJhYy00NzUyLTk5N2QtZGY4NmI2ZGQ5OTdj
LzEvTDRGSzNCMVNDZUNZOEhpdHZJVnJyWU8zU2NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBBwYIKwYBBQUHAQcBAf8EgfcwgfQwgfEEAgABMIHqAwQB
H9aEAwQBH9aSAwQAH9aaAwQDH9aoAwQBH9bIAwQCH9bkAwQDH9b4AwQCJQpAAwQA
JQptAwQAJQp1AwQAJeSDAwQAJeSFMAwDBAAl5IcDBAIl5IgDBAYuKcADBAAu++AD
BAAu++IDBAAu++0DBAZSY8ADBAFfnN4wDAMEAF+c6QMEAV+c7AMEAV+c+AMEAW3m
wAMEAG3myAMEAm3mzAMEAG3m3QMEAG3m3wMEAG3m8gMEAW3m9gMEAG3m+wMEAYb/
xAMEA4b/yDAMAwQAhv/1AwQAhv/2AwQAhv/5AwQAuQpHAwQCuQ3kMA0GCSqGSIb3
DQEBCwUAA4IBAQBF+cYtcHc83L+A3bwPHDYVRDufKme4oQ3hH+jDQiaNr8quAWQg
YdtdYcDxDnL13mFnLJJ3jTu+yejPwCh51uRR+QtL05LAKdUi6V4yw3FZfWwV/4Ma
dt0rBXrkYTo+5btXJaR3Qt1trRondNUpEeAnqbJpQ8sYXVBhv1Q/XdYJRvFro57q
WfWJBMdiCZWsu1Ag9M1B8LecX3QoVLQr/2SZp07ZJN+338mMW7elMOHawm5vIosg
KOxyl+cw9NAj8o6L11jKwQf+tFaiUPJ4qkKXHMMIFXePkDvRRa82xDYtk/LADJ1K
fkmAKTec1adrdSMXlw5mlGvVLqpZeNvoUd9V
-----END CERTIFICATE-----
Generated at Mon Aug 12 09:16:32 2024 by rpki-client on console-ams.rpki-client.org