Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/13e12a-2bac-4752-997d-df86b6dd997c/1/M0ke9tC6F-QS5hfUaIBQGOna3FE.roa
File: M0ke9tC6F-QS5hfUaIBQGOna3FE.roa (raw, json)
Hash identifier: U0irEbflXZoBU6gc8xhakKAWyZDTQza3FS9Qux7fsxA=
Subject key identifier: 33:49:1E:F6:D0:BA:17:E4:12:E6:17:D4:68:80:50:18:E9:DA:DC:51
Certificate issuer: /CN=2f814adc1d5209e098f078adbc856bad83b749c2
Certificate serial: 018FB9F3053BA4F69A7CD497A8E0640761C8
Authority key identifier: 2F:81:4A:DC:1D:52:09:E0:98:F0:78:AD:BC:85:6B:AD:83:B7:49:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L4FK3B1SCeCY8HitvIVrrYO3ScI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/13e12a-2bac-4752-997d-df86b6dd997c/1/M0ke9tC6F-QS5hfUaIBQGOna3FE.roa
Signing time: Mon 27 May 2024 12:07:42 +0000
ROA not before: Mon 27 May 2024 12:07:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16322
IP address blocks: 31.214.132.0/23 maxlen: 23
31.214.146.0/23 maxlen: 23
31.214.146.0/24 maxlen: 24
31.214.147.0/24 maxlen: 24
31.214.154.0/24 maxlen: 24
31.214.168.0/21 maxlen: 21
31.214.168.0/23 maxlen: 23
31.214.170.0/23 maxlen: 23
31.214.172.0/22 maxlen: 22
31.214.200.0/23 maxlen: 23
31.214.228.0/22 maxlen: 22
31.214.248.0/21 maxlen: 21
37.10.64.0/22 maxlen: 22
37.10.109.0/24 maxlen: 24
37.10.117.0/24 maxlen: 24
37.228.131.0/24 maxlen: 24
37.228.133.0/24 maxlen: 24
37.228.135.0/24 maxlen: 24
37.228.136.0/22 maxlen: 22
46.41.192.0/18 maxlen: 18
46.41.192.0/19 maxlen: 19
46.41.192.0/20 maxlen: 20
46.41.224.0/19 maxlen: 19
46.41.224.0/20 maxlen: 20
46.251.224.0/24 maxlen: 24
46.251.226.0/24 maxlen: 24
46.251.237.0/24 maxlen: 24
82.99.192.0/18 maxlen: 18
82.99.192.0/19 maxlen: 22
82.99.192.0/24 maxlen: 24
82.99.193.0/24 maxlen: 24
82.99.195.0/24 maxlen: 24
82.99.196.0/24 maxlen: 24
82.99.198.0/24 maxlen: 24
82.99.199.0/24 maxlen: 24
82.99.200.0/24 maxlen: 24
82.99.201.0/24 maxlen: 24
82.99.204.0/24 maxlen: 24
82.99.205.0/24 maxlen: 24
82.99.206.0/24 maxlen: 24
82.99.209.0/24 maxlen: 24
82.99.210.0/24 maxlen: 24
82.99.212.0/24 maxlen: 24
82.99.214.0/24 maxlen: 24
82.99.216.0/22 maxlen: 22
82.99.224.0/19 maxlen: 19
82.99.225.0/24 maxlen: 24
82.99.228.0/24 maxlen: 24
82.99.230.0/24 maxlen: 24
82.99.231.0/24 maxlen: 24
82.99.232.0/24 maxlen: 24
82.99.233.0/24 maxlen: 24
82.99.235.0/24 maxlen: 24
82.99.240.0/24 maxlen: 24
82.99.249.0/24 maxlen: 24
82.99.250.0/24 maxlen: 24
82.99.251.0/24 maxlen: 24
82.99.252.0/24 maxlen: 24
82.99.254.0/24 maxlen: 24
95.156.222.0/23 maxlen: 23
95.156.233.0/24 maxlen: 24
95.156.234.0/23 maxlen: 23
95.156.236.0/23 maxlen: 23
95.156.248.0/23 maxlen: 23
109.230.192.0/23 maxlen: 23
109.230.200.0/24 maxlen: 24
109.230.204.0/22 maxlen: 22
109.230.221.0/24 maxlen: 24
109.230.223.0/24 maxlen: 24
109.230.242.0/24 maxlen: 24
109.230.246.0/23 maxlen: 23
109.230.246.0/24 maxlen: 24
109.230.247.0/24 maxlen: 24
109.230.251.0/24 maxlen: 24
134.255.196.0/23 maxlen: 23
134.255.200.0/21 maxlen: 21
134.255.245.0/24 maxlen: 24
134.255.246.0/24 maxlen: 24
134.255.249.0/24 maxlen: 24
185.10.71.0/24 maxlen: 24
185.13.228.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 28 May 2024 08:14:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:b9:f3:05:3b:a4:f6:9a:7c:d4:97:a8:e0:64:07:61:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f814adc1d5209e098f078adbc856bad83b749c2
Validity
Not Before: May 27 12:07:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=33491ef6d0ba17e412e617d468805018e9dadc51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:20:eb:63:f7:91:3c:fe:27:95:f2:f5:33:45:
25:e0:2f:40:2d:da:52:e2:4d:fb:06:fe:e9:66:10:
84:d1:04:7f:9a:84:83:72:e4:84:9f:20:03:cc:2e:
0f:17:1c:76:97:1f:22:48:ee:13:cc:9b:7c:47:cd:
e2:52:3d:f8:fd:97:91:b0:cf:06:cf:93:33:d9:d7:
6c:0d:a4:4d:6b:97:5b:20:a9:ec:f4:b0:1c:42:3d:
23:90:ff:36:06:59:61:ac:2c:95:08:88:d7:98:d7:
84:30:5e:a4:03:5f:43:92:e3:6a:38:fc:3a:75:05:
87:4d:0a:36:70:1d:f8:40:c0:77:79:98:7d:a2:c8:
c4:62:0c:b5:a0:ca:18:29:e6:cb:0b:3e:11:1b:35:
79:bb:98:f9:96:97:b4:1c:66:2e:a1:52:d3:a0:9b:
9f:6a:66:93:af:3c:43:9a:d6:ce:4e:38:d4:59:b7:
94:57:83:a8:dd:de:84:cf:be:24:80:11:d4:3a:c9:
bd:b1:43:01:db:0d:9b:39:65:3f:c6:96:84:6c:85:
e9:9f:6c:db:ce:cf:4c:20:22:4f:be:0d:aa:89:47:
86:06:af:14:b7:23:19:34:30:6f:88:03:4a:9c:e4:
c7:99:1f:3d:49:2d:af:ce:42:89:16:92:de:c1:24:
6b:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:49:1E:F6:D0:BA:17:E4:12:E6:17:D4:68:80:50:18:E9:DA:DC:51
X509v3 Authority Key Identifier:
keyid:2F:81:4A:DC:1D:52:09:E0:98:F0:78:AD:BC:85:6B:AD:83:B7:49:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L4FK3B1SCeCY8HitvIVrrYO3ScI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/13e12a-2bac-4752-997d-df86b6dd997c/1/M0ke9tC6F-QS5hfUaIBQGOna3FE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/13e12a-2bac-4752-997d-df86b6dd997c/1/L4FK3B1SCeCY8HitvIVrrYO3ScI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.214.132.0/23
31.214.146.0/23
31.214.154.0/24
31.214.168.0/21
31.214.200.0/23
31.214.228.0/22
31.214.248.0/21
37.10.64.0/22
37.10.109.0/24
37.10.117.0/24
37.228.131.0/24
37.228.133.0/24
37.228.135.0-37.228.139.255
46.41.192.0/18
46.251.224.0/24
46.251.226.0/24
46.251.237.0/24
82.99.192.0/18
95.156.222.0/23
95.156.233.0-95.156.237.255
95.156.248.0/23
109.230.192.0/23
109.230.200.0/24
109.230.204.0/22
109.230.221.0/24
109.230.223.0/24
109.230.242.0/24
109.230.246.0/23
109.230.251.0/24
134.255.196.0/23
134.255.200.0/21
134.255.245.0-134.255.246.255
134.255.249.0/24
185.10.71.0/24
185.13.228.0/22
Signature Algorithm: sha256WithRSAEncryption
09:fb:fe:27:be:72:74:42:9f:5a:d4:e8:3d:34:d5:06:f8:e9:
40:07:01:f1:03:1e:01:d6:75:9c:de:49:ab:af:d7:7b:ee:81:
76:0b:06:b3:cb:92:85:c7:c3:78:54:cc:fe:1c:7f:59:4c:d2:
49:c4:ec:33:b6:2c:ff:de:52:39:3b:c8:ca:da:e0:6b:25:2f:
30:73:1d:7f:f4:99:b9:52:6c:dd:73:8d:76:cb:c1:5f:2c:70:
a2:bf:a4:f5:2d:46:2c:93:37:00:45:81:fa:3c:ca:9f:26:d2:
66:b4:0e:5d:d7:d6:47:ff:48:69:b3:79:43:b8:b9:6e:b7:b0:
d3:34:35:fa:18:dc:4c:59:3a:c0:6e:e1:40:56:69:16:ca:32:
13:82:e6:b2:c7:ae:60:d9:df:bd:ab:64:d2:08:05:b0:ba:ce:
c1:d7:b6:c6:22:0c:39:4c:78:ef:8f:c8:c3:7a:fb:e9:b6:24:
6f:ea:b4:6c:94:a1:87:d9:d9:ac:fc:61:87:66:88:07:92:76:
87:2d:fc:53:a5:b1:50:bb:e9:21:21:2f:c1:2b:6b:c7:9b:62:
6b:65:3e:d2:9f:2d:c7:0a:b6:82:f0:10:e8:6e:58:2e:f6:f3:
04:88:72:02:36:66:85:b1:f8:68:e6:f6:ab:e5:a2:95:ee:a1:
cc:44:f2:2b
-----BEGIN CERTIFICATE-----
MIIF5zCCBM+gAwIBAgISAY+58wU7pPaafNSXqOBkB2HIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmODE0YWRjMWQ1MjA5ZTA5OGYwNzhhZGJjODU2YmFkODNi
NzQ5YzIwHhcNMjQwNTI3MTIwNzQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzQ5MWVmNmQwYmExN2U0MTJlNjE3ZDQ2ODgwNTAxOGU5ZGFkYzUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2iDrY/eRPP4nlfL1M0Ul4C9ALdpS
4k37Bv7pZhCE0QR/moSDcuSEnyADzC4PFxx2lx8iSO4TzJt8R83iUj34/ZeRsM8G
z5Mz2ddsDaRNa5dbIKns9LAcQj0jkP82BllhrCyVCIjXmNeEMF6kA19DkuNqOPw6
dQWHTQo2cB34QMB3eZh9osjEYgy1oMoYKebLCz4RGzV5u5j5lpe0HGYuoVLToJuf
amaTrzxDmtbOTjjUWbeUV4Oo3d6Ez74kgBHUOsm9sUMB2w2bOWU/xpaEbIXpn2zb
zs9MICJPvg2qiUeGBq8UtyMZNDBviANKnOTHmR89SS2vzkKJFpLewSRrYQIDAQAB
o4IC8zCCAu8wHQYDVR0OBBYEFDNJHvbQuhfkEuYX1GiAUBjp2txRMB8GA1UdIwQY
MBaAFC+BStwdUgngmPB4rbyFa62Dt0nCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDRGSzNCMVNDZUNZOEhpdHZJVnJyWU8zU2NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi8xM2UxMmEtMmJhYy00NzUyLTk5N2Qt
ZGY4NmI2ZGQ5OTdjLzEvTTBrZTl0QzZGLVFTNWhmVWFJQlFHT25hM0ZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi8xM2UxMmEtMmJhYy00NzUyLTk5N2QtZGY4NmI2ZGQ5OTdj
LzEvTDRGSzNCMVNDZUNZOEhpdHZJVnJyWU8zU2NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBBwYIKwYBBQUHAQcBAf8EgfcwgfQwgfEEAgABMIHqAwQB
H9aEAwQBH9aSAwQAH9aaAwQDH9aoAwQBH9bIAwQCH9bkAwQDH9b4AwQCJQpAAwQA
JQptAwQAJQp1AwQAJeSDAwQAJeSFMAwDBAAl5IcDBAIl5IgDBAYuKcADBAAu++AD
BAAu++IDBAAu++0DBAZSY8ADBAFfnN4wDAMEAF+c6QMEAV+c7AMEAV+c+AMEAW3m
wAMEAG3myAMEAm3mzAMEAG3m3QMEAG3m3wMEAG3m8gMEAW3m9gMEAG3m+wMEAYb/
xAMEA4b/yDAMAwQAhv/1AwQAhv/2AwQAhv/5AwQAuQpHAwQCuQ3kMA0GCSqGSIb3
DQEBCwUAA4IBAQAJ+/4nvnJ0Qp9a1Og9NNUG+OlABwHxAx4B1nWc3kmrr9d77oF2
Cwazy5KFx8N4VMz+HH9ZTNJJxOwztiz/3lI5O8jK2uBrJS8wcx1/9Jm5Umzdc412
y8FfLHCiv6T1LUYskzcARYH6PMqfJtJmtA5d19ZH/0hps3lDuLlut7DTNDX6GNxM
WTrAbuFAVmkWyjITguayx65g2d+9q2TSCAWwus7B17bGIgw5THjvj8jDevvptiRv
6rRslKGH2dms/GGHZogHknaHLfxTpbFQu+khIS/BK2vHm2JrZT7Sny3HCraC8BDo
blgu9vMEiHICNmaFsfho5var5aKV7qHMRPIr
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:06 2024 by rpki-client on console-ams.rpki-client.org