Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/13e12a-2bac-4752-997d-df86b6dd997c/1/HrF_LiDxfqA_HmlUu3vDoYc-1k8.roa
File: HrF_LiDxfqA_HmlUu3vDoYc-1k8.roa (raw, json)
Hash identifier: 0n0gNB3qSydUm4F25BxjITbh4vPr7kc21FZlOfyXCaA=
Subject key identifier: 1E:B1:7F:2E:20:F1:7E:A0:3F:1E:69:54:BB:7B:C3:A1:87:3E:D6:4F
Certificate issuer: /CN=2f814adc1d5209e098f078adbc856bad83b749c2
Certificate serial: 0191FFC382D230E135806BA73FB599C2C5F2
Authority key identifier: 2F:81:4A:DC:1D:52:09:E0:98:F0:78:AD:BC:85:6B:AD:83:B7:49:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L4FK3B1SCeCY8HitvIVrrYO3ScI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/13e12a-2bac-4752-997d-df86b6dd997c/1/HrF_LiDxfqA_HmlUu3vDoYc-1k8.roa
Signing time: Tue 17 Sep 2024 11:34:48 +0000
ROA not before: Tue 17 Sep 2024 11:34:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16322
IP address blocks: 31.214.132.0/23 maxlen: 23
31.214.146.0/23 maxlen: 23
31.214.146.0/24 maxlen: 24
31.214.147.0/24 maxlen: 24
31.214.154.0/24 maxlen: 24
31.214.168.0/21 maxlen: 21
31.214.168.0/23 maxlen: 23
31.214.170.0/23 maxlen: 23
31.214.172.0/22 maxlen: 22
31.214.200.0/23 maxlen: 23
31.214.228.0/22 maxlen: 22
31.214.248.0/21 maxlen: 21
37.10.64.0/22 maxlen: 22
37.10.109.0/24 maxlen: 24
37.10.117.0/24 maxlen: 24
37.228.131.0/24 maxlen: 24
37.228.133.0/24 maxlen: 24
37.228.135.0/24 maxlen: 24
37.228.136.0/22 maxlen: 22
46.41.192.0/18 maxlen: 18
46.41.192.0/19 maxlen: 19
46.41.192.0/20 maxlen: 20
46.41.224.0/19 maxlen: 19
46.41.224.0/20 maxlen: 20
46.251.224.0/24 maxlen: 24
46.251.226.0/24 maxlen: 24
46.251.237.0/24 maxlen: 24
82.99.192.0/18 maxlen: 18
82.99.192.0/19 maxlen: 22
82.99.192.0/24 maxlen: 24
82.99.193.0/24 maxlen: 24
82.99.195.0/24 maxlen: 24
82.99.196.0/24 maxlen: 24
82.99.198.0/24 maxlen: 24
82.99.199.0/24 maxlen: 24
82.99.200.0/24 maxlen: 24
82.99.201.0/24 maxlen: 24
82.99.204.0/24 maxlen: 24
82.99.205.0/24 maxlen: 24
82.99.206.0/24 maxlen: 24
82.99.209.0/24 maxlen: 24
82.99.210.0/24 maxlen: 24
82.99.212.0/24 maxlen: 24
82.99.214.0/24 maxlen: 24
82.99.216.0/22 maxlen: 22
82.99.224.0/19 maxlen: 19
82.99.224.0/20 maxlen: 20
82.99.225.0/24 maxlen: 24
82.99.228.0/24 maxlen: 24
82.99.229.0/24 maxlen: 24
82.99.230.0/24 maxlen: 24
82.99.231.0/24 maxlen: 24
82.99.232.0/24 maxlen: 24
82.99.233.0/24 maxlen: 24
82.99.234.0/24 maxlen: 24
82.99.235.0/24 maxlen: 24
82.99.240.0/24 maxlen: 24
82.99.249.0/24 maxlen: 24
82.99.250.0/24 maxlen: 24
82.99.251.0/24 maxlen: 24
82.99.252.0/24 maxlen: 24
82.99.254.0/24 maxlen: 24
95.156.222.0/23 maxlen: 23
95.156.233.0/24 maxlen: 24
95.156.234.0/23 maxlen: 23
95.156.236.0/23 maxlen: 23
95.156.248.0/23 maxlen: 23
109.230.192.0/23 maxlen: 23
109.230.200.0/24 maxlen: 24
109.230.204.0/22 maxlen: 22
109.230.221.0/24 maxlen: 24
109.230.223.0/24 maxlen: 24
109.230.242.0/24 maxlen: 24
109.230.246.0/23 maxlen: 23
109.230.246.0/24 maxlen: 24
109.230.247.0/24 maxlen: 24
109.230.251.0/24 maxlen: 24
134.255.196.0/23 maxlen: 23
134.255.200.0/21 maxlen: 21
134.255.245.0/24 maxlen: 24
134.255.246.0/24 maxlen: 24
134.255.249.0/24 maxlen: 24
185.10.71.0/24 maxlen: 24
185.13.228.0/22 maxlen: 22
2a00:1a88::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 02 Oct 2024 09:55:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:ff:c3:82:d2:30:e1:35:80:6b:a7:3f:b5:99:c2:c5:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f814adc1d5209e098f078adbc856bad83b749c2
Validity
Not Before: Sep 17 11:34:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1eb17f2e20f17ea03f1e6954bb7bc3a1873ed64f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:97:85:40:00:74:0b:df:49:4c:a9:3a:ab:e3:
9b:cd:9a:e5:ea:cb:70:1c:80:17:b1:31:03:7f:fe:
ff:37:41:54:1b:4f:7c:8f:ec:0e:26:39:12:40:fe:
51:7d:b0:b9:ef:c4:82:b6:bb:74:cc:8a:47:78:12:
f3:70:ab:e0:0a:0e:ca:33:2c:18:6e:bb:11:7e:6d:
51:01:68:48:54:82:55:bc:38:17:88:11:51:a1:c5:
90:18:40:9d:56:e2:04:a3:a1:cc:56:5d:2f:23:c4:
70:5b:a2:30:fc:13:c0:de:7e:8d:bd:be:91:5a:13:
4e:48:dc:c3:b6:b9:22:d7:7f:63:47:bd:ca:33:9e:
aa:32:d8:87:d2:46:8d:74:ce:5a:73:97:f7:a1:d0:
09:e9:e3:89:bb:7a:fa:90:fb:ab:cb:57:60:3e:bf:
c1:9d:be:4a:56:e2:02:97:b7:99:1e:92:b8:ea:95:
c1:e3:1d:aa:fb:6c:aa:05:31:a4:03:50:ad:94:1c:
3e:91:21:be:b8:7c:1f:55:36:eb:ac:7a:ec:f7:57:
ff:93:c4:7d:ab:fd:22:5d:05:e0:d1:f4:94:9b:7d:
eb:c3:1a:22:d1:44:fb:4f:0f:c1:3a:03:9b:3d:41:
0c:a9:8d:20:16:20:76:36:2e:e4:1f:e0:fb:bb:e1:
ad:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:B1:7F:2E:20:F1:7E:A0:3F:1E:69:54:BB:7B:C3:A1:87:3E:D6:4F
X509v3 Authority Key Identifier:
keyid:2F:81:4A:DC:1D:52:09:E0:98:F0:78:AD:BC:85:6B:AD:83:B7:49:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L4FK3B1SCeCY8HitvIVrrYO3ScI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/13e12a-2bac-4752-997d-df86b6dd997c/1/HrF_LiDxfqA_HmlUu3vDoYc-1k8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/13e12a-2bac-4752-997d-df86b6dd997c/1/L4FK3B1SCeCY8HitvIVrrYO3ScI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.214.132.0/23
31.214.146.0/23
31.214.154.0/24
31.214.168.0/21
31.214.200.0/23
31.214.228.0/22
31.214.248.0/21
37.10.64.0/22
37.10.109.0/24
37.10.117.0/24
37.228.131.0/24
37.228.133.0/24
37.228.135.0-37.228.139.255
46.41.192.0/18
46.251.224.0/24
46.251.226.0/24
46.251.237.0/24
82.99.192.0/18
95.156.222.0/23
95.156.233.0-95.156.237.255
95.156.248.0/23
109.230.192.0/23
109.230.200.0/24
109.230.204.0/22
109.230.221.0/24
109.230.223.0/24
109.230.242.0/24
109.230.246.0/23
109.230.251.0/24
134.255.196.0/23
134.255.200.0/21
134.255.245.0-134.255.246.255
134.255.249.0/24
185.10.71.0/24
185.13.228.0/22
IPv6:
2a00:1a88::/32
Signature Algorithm: sha256WithRSAEncryption
69:6c:a0:15:eb:1b:dc:24:f0:bd:41:00:c4:0a:b7:f4:7a:12:
a4:ec:11:dc:7d:67:8f:a2:64:44:ec:0a:f8:a4:66:4b:4c:5f:
ed:ad:60:ce:94:2c:56:f1:85:62:02:3d:d5:06:e5:b1:f0:76:
b8:39:91:1b:24:19:57:45:0b:f3:6a:08:ac:1e:95:08:71:a5:
da:59:68:6e:51:5c:35:65:c8:62:23:86:d3:c5:1f:eb:98:f4:
76:d2:68:ef:17:20:4f:af:71:44:ae:5b:25:ce:64:e4:a4:17:
38:a2:8a:58:c7:e8:8c:77:09:88:0e:32:8e:ca:db:84:06:05:
8b:fb:2f:99:f5:37:91:73:8c:2f:d5:0f:6b:9a:0a:17:a0:dd:
76:80:db:50:af:e7:cb:f5:0d:d0:3c:e2:93:e5:00:7f:19:d4:
0d:d4:38:ab:91:e6:79:74:56:77:de:35:f2:5c:46:41:76:04:
b7:55:b2:a9:c2:83:0c:a1:4d:61:48:4b:1c:b7:7d:af:b8:c9:
ca:4d:99:86:e6:0d:43:77:53:3c:df:4d:86:70:74:60:17:d4:
95:e1:90:48:8f:23:a6:b2:de:9a:b7:63:56:2e:11:fd:97:ca:
d6:80:44:a3:c8:c5:68:38:0a:12:4d:f4:c9:39:86:ca:49:5e:
eb:fa:dd:f1
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgISAZH/w4LSMOE1gGunP7WZwsXyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmODE0YWRjMWQ1MjA5ZTA5OGYwNzhhZGJjODU2YmFkODNi
NzQ5YzIwHhcNMjQwOTE3MTEzNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWIxN2YyZTIwZjE3ZWEwM2YxZTY5NTRiYjdiYzNhMTg3M2VkNjRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA05eFQAB0C99JTKk6q+ObzZrl6stw
HIAXsTEDf/7/N0FUG098j+wOJjkSQP5RfbC578SCtrt0zIpHeBLzcKvgCg7KMywY
brsRfm1RAWhIVIJVvDgXiBFRocWQGECdVuIEo6HMVl0vI8RwW6Iw/BPA3n6Nvb6R
WhNOSNzDtrki139jR73KM56qMtiH0kaNdM5ac5f3odAJ6eOJu3r6kPury1dgPr/B
nb5KVuICl7eZHpK46pXB4x2q+2yqBTGkA1CtlBw+kSG+uHwfVTbrrHrs91f/k8R9
q/0iXQXg0fSUm33rwxoi0UT7Tw/BOgObPUEMqY0gFiB2Ni7kH+D7u+GtNwIDAQAB
o4IDBDCCAwAwHQYDVR0OBBYEFB6xfy4g8X6gPx5pVLt7w6GHPtZPMB8GA1UdIwQY
MBaAFC+BStwdUgngmPB4rbyFa62Dt0nCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDRGSzNCMVNDZUNZOEhpdHZJVnJyWU8zU2NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi8xM2UxMmEtMmJhYy00NzUyLTk5N2Qt
ZGY4NmI2ZGQ5OTdjLzEvSHJGX0xpRHhmcUFfSG1sVXUzdkRvWWMtMWs4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi8xM2UxMmEtMmJhYy00NzUyLTk5N2QtZGY4NmI2ZGQ5OTdj
LzEvTDRGSzNCMVNDZUNZOEhpdHZJVnJyWU8zU2NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBGAYIKwYBBQUHAQcBAf8EggEHMIIBAzCB8QQCAAEwgeoD
BAEf1oQDBAEf1pIDBAAf1poDBAMf1qgDBAEf1sgDBAIf1uQDBAMf1vgDBAIlCkAD
BAAlCm0DBAAlCnUDBAAl5IMDBAAl5IUwDAMEACXkhwMEAiXkiAMEBi4pwAMEAC77
4AMEAC774gMEAC777QMEBlJjwAMEAV+c3jAMAwQAX5zpAwQBX5zsAwQBX5z4AwQB
bebAAwQAbebIAwQCbebMAwQAbebdAwQAbebfAwQAbebyAwQBbeb2AwQAbeb7AwQB
hv/EAwQDhv/IMAwDBACG//UDBACG//YDBACG//kDBAC5CkcDBAK5DeQwDQQCAAIw
BwMFACoAGogwDQYJKoZIhvcNAQELBQADggEBAGlsoBXrG9wk8L1BAMQKt/R6EqTs
Edx9Z4+iZETsCvikZktMX+2tYM6ULFbxhWICPdUG5bHwdrg5kRskGVdFC/NqCKwe
lQhxpdpZaG5RXDVlyGIjhtPFH+uY9HbSaO8XIE+vcUSuWyXOZOSkFziiiljH6Ix3
CYgOMo7K24QGBYv7L5n1N5FzjC/VD2uaCheg3XaA21Cv58v1DdA84pPlAH8Z1A3U
OKuR5nl0VnfeNfJcRkF2BLdVsqnCgwyhTWFISxy3fa+4ycpNmYbmDUN3UzzfTYZw
dGAX1JXhkEiPI6ay3pq3Y1YuEf2XytaARKPIxWg4ChJN9Mk5hspJXuv63fE=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:14:26 2025 by rpki-client