Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/13e12a-2bac-4752-997d-df86b6dd997c/1/65kHOkAV9i2h9QlOBMx8Hb30AEk.roa
File: 65kHOkAV9i2h9QlOBMx8Hb30AEk.roa (raw, json)
Hash identifier: fVNDgqayS2TWMq+yMOMuttvfYS0Ala4b+mxRr1JX/pY=
Subject key identifier: EB:99:07:3A:40:15:F6:2D:A1:F5:09:4E:04:CC:7C:1D:BD:F4:00:49
Certificate issuer: /CN=2f814adc1d5209e098f078adbc856bad83b749c2
Certificate serial: 0190CAC6DAEE33A552404A7B03F21542DFB1
Authority key identifier: 2F:81:4A:DC:1D:52:09:E0:98:F0:78:AD:BC:85:6B:AD:83:B7:49:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L4FK3B1SCeCY8HitvIVrrYO3ScI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/13e12a-2bac-4752-997d-df86b6dd997c/1/65kHOkAV9i2h9QlOBMx8Hb30AEk.roa
Signing time: Fri 19 Jul 2024 11:35:48 +0000
ROA not before: Fri 19 Jul 2024 11:35:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60976
IP address blocks: 31.214.168.0/21 maxlen: 21
31.214.168.0/24 maxlen: 24
31.214.169.0/24 maxlen: 24
31.214.170.0/24 maxlen: 24
31.214.171.0/24 maxlen: 24
31.214.172.0/24 maxlen: 24
31.214.173.0/24 maxlen: 24
31.214.174.0/24 maxlen: 24
31.214.175.0/24 maxlen: 24
31.214.248.0/21 maxlen: 21
31.214.248.0/24 maxlen: 24
31.214.249.0/24 maxlen: 24
31.214.250.0/24 maxlen: 24
31.214.251.0/24 maxlen: 24
31.214.252.0/24 maxlen: 24
31.214.253.0/24 maxlen: 24
31.214.254.0/24 maxlen: 24
31.214.255.0/24 maxlen: 24
37.10.109.0/24 maxlen: 24
37.228.136.0/22 maxlen: 22
37.228.136.0/24 maxlen: 24
37.228.137.0/24 maxlen: 24
37.228.138.0/24 maxlen: 24
37.228.139.0/24 maxlen: 24
82.99.215.0/24 maxlen: 24
82.99.216.0/22 maxlen: 22
82.99.216.0/24 maxlen: 24
82.99.217.0/24 maxlen: 24
82.99.218.0/24 maxlen: 24
82.99.219.0/24 maxlen: 24
82.99.238.0/24 maxlen: 24
82.99.242.0/24 maxlen: 24
82.99.243.0/24 maxlen: 24
82.99.244.0/24 maxlen: 24
95.156.236.0/24 maxlen: 24
95.156.237.0/24 maxlen: 24
95.156.252.0/22 maxlen: 22
95.156.252.0/24 maxlen: 24
95.156.253.0/24 maxlen: 24
95.156.254.0/24 maxlen: 24
95.156.255.0/24 maxlen: 24
109.230.200.0/24 maxlen: 24
109.230.204.0/22 maxlen: 22
109.230.204.0/24 maxlen: 24
109.230.205.0/24 maxlen: 24
109.230.206.0/24 maxlen: 24
109.230.207.0/24 maxlen: 24
109.230.221.0/24 maxlen: 24
109.230.223.0/24 maxlen: 24
109.230.242.0/24 maxlen: 24
109.230.251.0/24 maxlen: 24
134.255.200.0/21 maxlen: 21
134.255.200.0/24 maxlen: 24
134.255.201.0/24 maxlen: 24
134.255.202.0/24 maxlen: 24
134.255.203.0/24 maxlen: 24
134.255.204.0/24 maxlen: 24
134.255.205.0/24 maxlen: 24
134.255.206.0/24 maxlen: 24
134.255.207.0/24 maxlen: 24
185.10.71.0/24 maxlen: 24
185.13.228.0/22 maxlen: 22
185.13.228.0/24 maxlen: 24
185.13.229.0/24 maxlen: 24
185.13.230.0/24 maxlen: 24
185.13.231.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 29 Jul 2024 06:10:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:ca:c6:da:ee:33:a5:52:40:4a:7b:03:f2:15:42:df:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f814adc1d5209e098f078adbc856bad83b749c2
Validity
Not Before: Jul 19 11:35:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eb99073a4015f62da1f5094e04cc7c1dbdf40049
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:fc:ec:2c:44:28:b1:73:c5:13:61:95:62:74:
63:4f:a0:e0:85:12:73:93:f5:2e:ac:ad:30:23:c4:
cf:12:e9:45:c0:19:f2:c4:fe:9e:3c:53:c7:c5:9d:
7e:55:6a:77:bf:8d:24:72:1b:5f:ba:d2:5a:f7:ff:
73:62:f9:fc:32:5d:9c:24:22:30:51:7f:c5:04:79:
b4:39:e3:97:89:60:b4:b7:c3:8b:d0:36:a4:57:07:
c3:bf:86:c1:65:15:0d:1b:e3:65:6e:9f:61:07:af:
92:db:7d:6b:43:2a:cf:2c:31:e0:f7:f7:fc:2e:83:
0c:e0:10:50:3b:17:0d:69:29:23:13:59:3e:d1:7d:
37:bf:9d:b9:23:50:a9:a7:be:cd:b0:26:6e:5e:8d:
17:96:fc:d1:9e:0a:61:19:f7:49:d0:90:4a:a2:27:
23:83:61:9e:5c:b9:a1:90:44:87:5f:ab:6a:e4:4a:
ed:2e:f9:8b:c5:35:13:dc:41:e1:47:dd:69:5e:11:
5f:87:90:9f:79:6e:04:12:1f:2b:ee:18:62:0d:5c:
09:88:8a:c5:ed:9a:db:50:ae:98:09:95:51:69:5c:
9a:47:77:de:3e:5a:ca:e3:8b:69:8c:71:05:c5:bb:
11:2c:ae:29:9d:57:e1:3d:8f:0d:cf:4f:0c:db:5e:
37:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:99:07:3A:40:15:F6:2D:A1:F5:09:4E:04:CC:7C:1D:BD:F4:00:49
X509v3 Authority Key Identifier:
keyid:2F:81:4A:DC:1D:52:09:E0:98:F0:78:AD:BC:85:6B:AD:83:B7:49:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L4FK3B1SCeCY8HitvIVrrYO3ScI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/13e12a-2bac-4752-997d-df86b6dd997c/1/65kHOkAV9i2h9QlOBMx8Hb30AEk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/13e12a-2bac-4752-997d-df86b6dd997c/1/L4FK3B1SCeCY8HitvIVrrYO3ScI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.214.168.0/21
31.214.248.0/21
37.10.109.0/24
37.228.136.0/22
82.99.215.0-82.99.219.255
82.99.238.0/24
82.99.242.0-82.99.244.255
95.156.236.0/23
95.156.252.0/22
109.230.200.0/24
109.230.204.0/22
109.230.221.0/24
109.230.223.0/24
109.230.242.0/24
109.230.251.0/24
134.255.200.0/21
185.10.71.0/24
185.13.228.0/22
Signature Algorithm: sha256WithRSAEncryption
16:b6:87:1e:ca:bd:20:09:35:d4:10:95:73:6b:73:9e:73:e5:
74:aa:0b:9d:87:70:a1:a0:d5:1e:cf:31:ca:1f:69:6b:6d:29:
78:99:1f:70:f9:85:f0:88:93:b0:de:bc:a9:00:56:94:3d:8e:
a9:17:e7:19:d9:1b:21:9d:6e:5f:20:a6:f8:83:0b:a0:3c:59:
fa:ac:a7:bf:3d:ed:ec:a6:c6:3f:b4:4c:82:7a:53:71:a4:ad:
60:e4:9e:58:5b:83:32:cf:d8:13:fe:a8:1a:d9:7c:b1:41:08:
ef:fc:a6:0d:c5:a0:79:cb:96:0c:ca:ad:40:d8:1e:49:da:0d:
dc:06:fd:70:0a:d3:c4:71:aa:b5:e9:cf:90:a4:0f:30:99:a2:
4f:16:18:ce:05:1e:9f:f8:25:3d:5b:4e:0e:40:58:c7:34:f2:
01:88:76:75:80:ec:88:c8:31:14:f9:b1:43:47:c2:48:20:2d:
2d:9c:40:96:c3:2f:25:98:f6:53:14:6e:48:5c:f8:09:f1:ee:
41:cc:4e:cd:b7:fd:6c:3e:d7:6e:fa:09:e5:b8:2d:c2:60:c2:
21:58:3f:1f:69:85:c0:c4:2a:70:c4:ad:f7:26:e5:52:05:d2:
b2:00:7b:6b:b0:9f:e9:d0:48:89:0d:aa:84:b2:36:28:d1:15:
83:be:d8:9f
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAZDKxtruM6VSQEp7A/IVQt+xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmODE0YWRjMWQ1MjA5ZTA5OGYwNzhhZGJjODU2YmFkODNi
NzQ5YzIwHhcNMjQwNzE5MTEzNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjk5MDczYTQwMTVmNjJkYTFmNTA5NGUwNGNjN2MxZGJkZjQwMDQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwfzsLEQosXPFE2GVYnRjT6DghRJz
k/UurK0wI8TPEulFwBnyxP6ePFPHxZ1+VWp3v40kchtfutJa9/9zYvn8Ml2cJCIw
UX/FBHm0OeOXiWC0t8OL0DakVwfDv4bBZRUNG+Nlbp9hB6+S231rQyrPLDHg9/f8
LoMM4BBQOxcNaSkjE1k+0X03v525I1Cpp77NsCZuXo0XlvzRngphGfdJ0JBKoicj
g2GeXLmhkESHX6tq5ErtLvmLxTUT3EHhR91pXhFfh5CfeW4EEh8r7hhiDVwJiIrF
7ZrbUK6YCZVRaVyaR3fePlrK44tpjHEFxbsRLK4pnVfhPY8Nz08M2143pwIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFOuZBzpAFfYtofUJTgTMfB299ABJMB8GA1UdIwQY
MBaAFC+BStwdUgngmPB4rbyFa62Dt0nCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDRGSzNCMVNDZUNZOEhpdHZJVnJyWU8zU2NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi8xM2UxMmEtMmJhYy00NzUyLTk5N2Qt
ZGY4NmI2ZGQ5OTdjLzEvNjVrSE9rQVY5aTJoOVFsT0JNeDhIYjMwQUVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi8xM2UxMmEtMmJhYy00NzUyLTk5N2QtZGY4NmI2ZGQ5OTdj
LzEvTDRGSzNCMVNDZUNZOEhpdHZJVnJyWU8zU2NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTCBggQCAAEwfAMEAx/W
qAMEAx/W+AMEACUKbQMEAiXkiDAMAwQAUmPXAwQCUmPYAwQAUmPuMAwDBAFSY/ID
BABSY/QDBAFfnOwDBAJfnPwDBABt5sgDBAJt5swDBABt5t0DBABt5t8DBABt5vID
BABt5vsDBAOG/8gDBAC5CkcDBAK5DeQwDQYJKoZIhvcNAQELBQADggEBABa2hx7K
vSAJNdQQlXNrc55z5XSqC52HcKGg1R7PMcofaWttKXiZH3D5hfCIk7DevKkAVpQ9
jqkX5xnZGyGdbl8gpviDC6A8Wfqsp7897eymxj+0TIJ6U3GkrWDknlhbgzLP2BP+
qBrZfLFBCO/8pg3FoHnLlgzKrUDYHknaDdwG/XAK08RxqrXpz5CkDzCZok8WGM4F
Hp/4JT1bTg5AWMc08gGIdnWA7IjIMRT5sUNHwkggLS2cQJbDLyWY9lMUbkhc+Anx
7kHMTs23/Ww+1276CeW4LcJgwiFYPx9phcDEKnDErfcm5VIF0rIAe2uwn+nQSIkN
qoSyNijRFYO+2J8=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:58:17 2025 by rpki-client