Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/13e12a-2bac-4752-997d-df86b6dd997c/1/81hPD4xy4Dl3_iLMNBVkpg5cbI4.roa
File: 81hPD4xy4Dl3_iLMNBVkpg5cbI4.roa (raw, json)
Hash identifier: eEhNgAHhpe3TET9WLe0etYMfeBHFM9F0MsZKrh87plU=
Subject key identifier: F3:58:4F:0F:8C:72:E0:39:77:FE:22:CC:34:15:64:A6:0E:5C:6C:8E
Certificate issuer: /CN=2f814adc1d5209e098f078adbc856bad83b749c2
Certificate serial: 018935EB7300662A009BD0533D988D78E3C5
Authority key identifier: 2F:81:4A:DC:1D:52:09:E0:98:F0:78:AD:BC:85:6B:AD:83:B7:49:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L4FK3B1SCeCY8HitvIVrrYO3ScI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/13e12a-2bac-4752-997d-df86b6dd997c/1/81hPD4xy4Dl3_iLMNBVkpg5cbI4.roa
Signing time: Sat 08 Jul 2023 14:32:50 +0000
ROA not before: Sat 08 Jul 2023 14:32:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60976
IP address blocks: 31.214.249.0/24 maxlen: 24
31.214.248.0/24 maxlen: 24
31.214.248.0/21 maxlen: 21
31.214.253.0/24 maxlen: 24
31.214.252.0/24 maxlen: 24
31.214.251.0/24 maxlen: 24
31.214.250.0/24 maxlen: 24
31.214.255.0/24 maxlen: 24
31.214.254.0/24 maxlen: 24
37.228.139.0/24 maxlen: 24
37.228.138.0/24 maxlen: 24
37.228.137.0/24 maxlen: 24
37.228.136.0/24 maxlen: 24
37.228.136.0/22 maxlen: 22
134.255.206.0/24 maxlen: 24
134.255.205.0/24 maxlen: 24
134.255.204.0/24 maxlen: 24
134.255.203.0/24 maxlen: 24
134.255.202.0/24 maxlen: 24
134.255.201.0/24 maxlen: 24
134.255.200.0/21 maxlen: 21
134.255.200.0/24 maxlen: 24
134.255.207.0/24 maxlen: 24
109.230.242.0/24 maxlen: 24
95.156.237.0/24 maxlen: 24
95.156.236.0/24 maxlen: 24
95.156.253.0/24 maxlen: 24
95.156.252.0/22 maxlen: 22
95.156.252.0/24 maxlen: 24
95.156.255.0/24 maxlen: 24
95.156.254.0/24 maxlen: 24
109.230.206.0/24 maxlen: 24
109.230.205.0/24 maxlen: 24
109.230.204.0/22 maxlen: 22
109.230.204.0/24 maxlen: 24
109.230.200.0/24 maxlen: 24
109.230.207.0/24 maxlen: 24
109.230.223.0/24 maxlen: 24
109.230.221.0/24 maxlen: 24
31.214.172.0/24 maxlen: 24
31.214.171.0/24 maxlen: 24
31.214.170.0/24 maxlen: 24
31.214.169.0/24 maxlen: 24
31.214.168.0/24 maxlen: 24
31.214.168.0/21 maxlen: 21
31.214.175.0/24 maxlen: 24
31.214.174.0/24 maxlen: 24
31.214.173.0/24 maxlen: 24
82.99.217.0/24 maxlen: 24
82.99.216.0/24 maxlen: 24
82.99.216.0/22 maxlen: 22
82.99.215.0/24 maxlen: 24
82.99.219.0/24 maxlen: 24
82.99.218.0/24 maxlen: 24
82.99.238.0/24 maxlen: 24
82.99.244.0/24 maxlen: 24
82.99.243.0/24 maxlen: 24
82.99.242.0/24 maxlen: 24
37.10.109.0/24 maxlen: 24
91.98.97.0/24 maxlen: 24
91.98.96.0/21 maxlen: 21
91.98.96.0/24 maxlen: 24
91.98.98.0/24 maxlen: 24
91.98.102.0/24 maxlen: 24
91.98.100.0/24 maxlen: 24
91.98.99.0/24 maxlen: 24
91.98.31.0/24 maxlen: 24
185.13.231.0/24 maxlen: 24
91.98.28.0/24 maxlen: 24
91.98.28.0/22 maxlen: 22
91.98.30.0/24 maxlen: 24
91.98.29.0/24 maxlen: 24
185.13.230.0/24 maxlen: 24
185.13.229.0/24 maxlen: 24
185.13.228.0/22 maxlen: 22
185.13.228.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:32:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:35:eb:73:00:66:2a:00:9b:d0:53:3d:98:8d:78:e3:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f814adc1d5209e098f078adbc856bad83b749c2
Validity
Not Before: Jul 8 14:32:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f3584f0f8c72e03977fe22cc341564a60e5c6c8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:aa:32:1f:41:6f:b5:c9:09:ac:30:21:24:d7:
63:65:cb:fa:a7:00:ff:48:5f:89:d1:7a:fb:bb:e8:
30:0c:75:6b:8d:99:04:f9:f8:91:87:3f:53:09:6c:
b2:10:98:4d:4c:ed:b1:5e:ea:2d:d2:79:1b:ee:f4:
5c:7d:7a:d9:c2:f5:14:e3:70:21:75:a7:5b:f1:d6:
62:04:72:12:de:5f:4c:8e:85:6e:37:11:eb:a9:dc:
4a:cb:f0:18:e4:87:8d:1e:38:6b:31:d5:5e:eb:03:
4b:30:85:cf:2c:1c:04:5f:dd:81:ea:8a:7e:82:07:
f8:7d:78:2d:42:6f:fa:2b:bc:d9:92:b2:b8:61:c4:
13:12:1e:36:b3:66:2d:27:52:93:a0:51:e3:88:23:
aa:f1:a6:c0:61:54:69:8a:9b:8a:44:cd:0b:22:d3:
af:a2:7e:c7:2e:44:5b:c0:d8:c5:8b:7b:b5:15:95:
96:5b:20:ac:dc:e2:71:77:03:80:d8:6d:b3:c9:e9:
ca:44:f4:d1:9f:fa:d6:c4:a5:f7:de:9f:a6:d9:38:
7e:c4:8b:1e:59:19:f8:4b:55:b1:a2:68:47:9d:4d:
c6:d1:1c:2e:82:45:d2:9a:c2:ec:28:e2:87:7e:c0:
69:25:d0:f2:dd:de:e4:98:ce:5d:74:10:b6:85:da:
e3:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:58:4F:0F:8C:72:E0:39:77:FE:22:CC:34:15:64:A6:0E:5C:6C:8E
X509v3 Authority Key Identifier:
keyid:2F:81:4A:DC:1D:52:09:E0:98:F0:78:AD:BC:85:6B:AD:83:B7:49:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L4FK3B1SCeCY8HitvIVrrYO3ScI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/13e12a-2bac-4752-997d-df86b6dd997c/1/81hPD4xy4Dl3_iLMNBVkpg5cbI4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/13e12a-2bac-4752-997d-df86b6dd997c/1/L4FK3B1SCeCY8HitvIVrrYO3ScI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.214.168.0/21
31.214.248.0/21
37.10.109.0/24
37.228.136.0/22
82.99.215.0-82.99.219.255
82.99.238.0/24
82.99.242.0-82.99.244.255
91.98.28.0/22
91.98.96.0/21
95.156.236.0/23
95.156.252.0/22
109.230.200.0/24
109.230.204.0/22
109.230.221.0/24
109.230.223.0/24
109.230.242.0/24
134.255.200.0/21
185.13.228.0/22
Signature Algorithm: sha256WithRSAEncryption
17:80:e5:0f:02:85:d9:89:44:9a:2c:68:7c:f1:90:37:04:80:
39:2c:7f:4c:24:cc:72:9a:e4:2c:a2:68:c8:17:c0:b4:09:49:
a8:f9:2a:f0:4b:cd:97:2f:94:12:ab:be:09:42:80:37:85:3c:
a7:b1:9c:ef:32:a3:e5:7a:de:42:91:86:cb:cf:76:ce:3c:f1:
81:df:50:95:45:76:af:f4:bc:8e:c6:cd:fa:14:12:b5:a2:f0:
54:10:9a:4b:3a:bf:8e:73:19:7a:2e:da:7a:d1:14:cb:0e:72:
2e:0f:f4:6a:d4:a5:6c:40:a0:7d:de:cf:9c:02:d7:f7:28:e5:
9a:55:41:77:6c:71:21:c0:fd:51:14:2d:15:d9:a8:4a:f4:80:
eb:3c:6f:a4:e2:d0:ee:11:22:bf:46:8e:91:a3:e5:b7:12:fd:
5d:65:f9:50:c6:dd:ca:fc:ff:d7:9b:11:93:47:fb:2e:2f:7d:
01:59:c8:40:aa:47:f0:05:b0:11:97:2f:e1:aa:cb:9c:57:68:
19:5a:ac:38:13:bf:f6:e4:5f:cf:50:09:58:25:46:4d:43:82:
30:fa:d8:30:bb:da:77:3a:44:19:c7:06:af:7a:29:d5:09:67:
35:ac:79:6e:d2:8b:bd:76:27:20:e0:af:8b:82:95:36:92:c7:
b3:5b:d1:cc
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAYk163MAZioAm9BTPZiNeOPFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmODE0YWRjMWQ1MjA5ZTA5OGYwNzhhZGJjODU2YmFkODNi
NzQ5YzIwHhcNMjMwNzA4MTQzMjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzU4NGYwZjhjNzJlMDM5NzdmZTIyY2MzNDE1NjRhNjBlNWM2YzhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmaoyH0FvtckJrDAhJNdjZcv6pwD/
SF+J0Xr7u+gwDHVrjZkE+fiRhz9TCWyyEJhNTO2xXuot0nkb7vRcfXrZwvUU43Ah
dadb8dZiBHIS3l9MjoVuNxHrqdxKy/AY5IeNHjhrMdVe6wNLMIXPLBwEX92B6op+
ggf4fXgtQm/6K7zZkrK4YcQTEh42s2YtJ1KToFHjiCOq8abAYVRpipuKRM0LItOv
on7HLkRbwNjFi3u1FZWWWyCs3OJxdwOA2G2zyenKRPTRn/rWxKX33p+m2Th+xIse
WRn4S1WxomhHnU3G0RwugkXSmsLsKOKHfsBpJdDy3d7kmM5ddBC2hdrj7wIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFPNYTw+McuA5d/4izDQVZKYOXGyOMB8GA1UdIwQY
MBaAFC+BStwdUgngmPB4rbyFa62Dt0nCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDRGSzNCMVNDZUNZOEhpdHZJVnJyWU8zU2NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi8xM2UxMmEtMmJhYy00NzUyLTk5N2Qt
ZGY4NmI2ZGQ5OTdjLzEvODFoUEQ0eHk0RGwzX2lMTU5CVmtwZzVjYkk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi8xM2UxMmEtMmJhYy00NzUyLTk5N2QtZGY4NmI2ZGQ5OTdj
LzEvTDRGSzNCMVNDZUNZOEhpdHZJVnJyWU8zU2NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTCBggQCAAEwfAMEAx/W
qAMEAx/W+AMEACUKbQMEAiXkiDAMAwQAUmPXAwQCUmPYAwQAUmPuMAwDBAFSY/ID
BABSY/QDBAJbYhwDBANbYmADBAFfnOwDBAJfnPwDBABt5sgDBAJt5swDBABt5t0D
BABt5t8DBABt5vIDBAOG/8gDBAK5DeQwDQYJKoZIhvcNAQELBQADggEBABeA5Q8C
hdmJRJosaHzxkDcEgDksf0wkzHKa5CyiaMgXwLQJSaj5KvBLzZcvlBKrvglCgDeF
PKexnO8yo+V63kKRhsvPds488YHfUJVFdq/0vI7GzfoUErWi8FQQmks6v45zGXou
2nrRFMsOci4P9GrUpWxAoH3ez5wC1/co5ZpVQXdscSHA/VEULRXZqEr0gOs8b6Ti
0O4RIr9GjpGj5bcS/V1l+VDG3cr8/9ebEZNH+y4vfQFZyECqR/AFsBGXL+Gqy5xX
aBlarDgTv/bkX89QCVglRk1DgjD62DC72nc6RBnHBq96KdUJZzWseW7Si712JyDg
r4uClTaSx7Nb0cw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:06 2024 by rpki-client on console-ams.rpki-client.org