Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/13e12a-2bac-4752-997d-df86b6dd997c/1/QNJCuuEAkcxCk-YNI7LbUvRwX4A.roa
File: QNJCuuEAkcxCk-YNI7LbUvRwX4A.roa (raw, json)
Hash identifier: 2mGIS7dUvOT2PSAN6jeno6hnGl5/thAZA7bFWWgEwJE=
Subject key identifier: 40:D2:42:BA:E1:00:91:CC:42:93:E6:0D:23:B2:DB:52:F4:70:5F:80
Certificate issuer: /CN=2f814adc1d5209e098f078adbc856bad83b749c2
Certificate serial: 01875120762B0FEA216BB03408D89330F70D
Authority key identifier: 2F:81:4A:DC:1D:52:09:E0:98:F0:78:AD:BC:85:6B:AD:83:B7:49:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L4FK3B1SCeCY8HitvIVrrYO3ScI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/13e12a-2bac-4752-997d-df86b6dd997c/1/QNJCuuEAkcxCk-YNI7LbUvRwX4A.roa
Signing time: Wed 05 Apr 2023 11:14:54 +0000
ROA not before: Wed 05 Apr 2023 11:14:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60976
IP address blocks: 31.214.248.0/21 maxlen: 21
31.214.249.0/24 maxlen: 24
31.214.248.0/24 maxlen: 24
31.214.253.0/24 maxlen: 24
31.214.252.0/24 maxlen: 24
31.214.251.0/24 maxlen: 24
31.214.250.0/24 maxlen: 24
31.214.255.0/24 maxlen: 24
31.214.254.0/24 maxlen: 24
37.228.139.0/24 maxlen: 24
37.228.138.0/24 maxlen: 24
37.228.137.0/24 maxlen: 24
37.228.136.0/24 maxlen: 24
37.228.136.0/22 maxlen: 22
134.255.200.0/21 maxlen: 21
134.255.206.0/24 maxlen: 24
134.255.205.0/24 maxlen: 24
134.255.204.0/24 maxlen: 24
134.255.203.0/24 maxlen: 24
134.255.202.0/24 maxlen: 24
134.255.201.0/24 maxlen: 24
134.255.200.0/24 maxlen: 24
134.255.207.0/24 maxlen: 24
95.156.237.0/24 maxlen: 24
95.156.236.0/24 maxlen: 24
95.156.253.0/24 maxlen: 24
95.156.252.0/24 maxlen: 24
95.156.252.0/22 maxlen: 22
95.156.255.0/24 maxlen: 24
95.156.254.0/24 maxlen: 24
109.230.206.0/24 maxlen: 24
109.230.205.0/24 maxlen: 24
109.230.204.0/24 maxlen: 24
109.230.200.0/24 maxlen: 24
109.230.204.0/22 maxlen: 22
109.230.207.0/24 maxlen: 24
109.230.223.0/24 maxlen: 24
109.230.221.0/24 maxlen: 24
31.214.172.0/24 maxlen: 24
31.214.171.0/24 maxlen: 24
31.214.170.0/24 maxlen: 24
31.214.169.0/24 maxlen: 24
31.214.168.0/24 maxlen: 24
31.214.168.0/21 maxlen: 21
31.214.175.0/24 maxlen: 24
31.214.174.0/24 maxlen: 24
31.214.173.0/24 maxlen: 24
82.99.216.0/22 maxlen: 22
82.99.219.0/24 maxlen: 24
82.99.218.0/24 maxlen: 24
82.99.217.0/24 maxlen: 24
82.99.216.0/24 maxlen: 24
82.99.215.0/24 maxlen: 24
82.99.238.0/24 maxlen: 24
82.99.244.0/24 maxlen: 24
82.99.243.0/24 maxlen: 24
82.99.242.0/24 maxlen: 24
37.10.109.0/24 maxlen: 24
91.98.96.0/21 maxlen: 21
91.98.97.0/24 maxlen: 24
91.98.96.0/24 maxlen: 24
91.98.98.0/24 maxlen: 24
91.98.102.0/24 maxlen: 24
91.98.100.0/24 maxlen: 24
91.98.99.0/24 maxlen: 24
91.98.31.0/24 maxlen: 24
185.13.231.0/24 maxlen: 24
91.98.28.0/22 maxlen: 22
91.98.30.0/24 maxlen: 24
91.98.29.0/24 maxlen: 24
185.13.230.0/24 maxlen: 24
185.13.229.0/24 maxlen: 24
185.13.228.0/24 maxlen: 24
185.13.228.0/22 maxlen: 22
91.98.28.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 08 Jul 2023 14:32:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:51:20:76:2b:0f:ea:21:6b:b0:34:08:d8:93:30:f7:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f814adc1d5209e098f078adbc856bad83b749c2
Validity
Not Before: Apr 5 11:14:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=40d242bae10091cc4293e60d23b2db52f4705f80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:3a:41:f6:78:57:42:cf:b2:14:d7:2a:c0:fa:
86:55:c1:d8:50:64:8b:f1:df:63:7a:23:0e:fb:50:
0b:8e:17:4d:03:13:9b:6c:78:64:15:2f:80:90:52:
eb:96:89:cc:ad:be:89:8a:87:89:87:19:e5:c2:2b:
04:30:d1:00:e4:c2:d0:58:30:b4:f8:8f:90:7f:eb:
dd:49:10:df:48:e6:89:d6:59:20:b6:3f:5f:5f:fa:
a2:98:71:22:b2:97:ed:1e:b6:41:0c:8f:2e:e3:cf:
a6:0e:08:21:08:0e:79:d6:c1:2c:2b:3b:09:8e:6d:
ed:13:88:8d:28:b2:11:01:23:23:07:b4:06:df:4e:
9b:b0:14:08:f4:30:4f:84:10:64:a7:6c:1e:43:bd:
f1:ea:0c:29:21:b7:06:86:e7:7b:92:8c:30:07:07:
d9:1d:25:cd:69:81:1d:9f:d3:89:af:f8:5a:9e:6b:
b9:13:59:f7:75:42:fc:7b:93:08:c9:01:84:61:73:
b1:62:49:b1:04:df:bd:e1:98:44:a1:7b:5d:c1:af:
3e:1e:0c:30:05:68:cf:f7:9a:ca:3a:25:8d:fb:ab:
80:36:42:53:a7:74:6b:52:ca:da:30:0c:5d:1d:03:
a1:39:74:c5:b9:15:d9:9e:e6:71:b8:bc:50:50:37:
ec:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:D2:42:BA:E1:00:91:CC:42:93:E6:0D:23:B2:DB:52:F4:70:5F:80
X509v3 Authority Key Identifier:
keyid:2F:81:4A:DC:1D:52:09:E0:98:F0:78:AD:BC:85:6B:AD:83:B7:49:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L4FK3B1SCeCY8HitvIVrrYO3ScI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/13e12a-2bac-4752-997d-df86b6dd997c/1/QNJCuuEAkcxCk-YNI7LbUvRwX4A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/13e12a-2bac-4752-997d-df86b6dd997c/1/L4FK3B1SCeCY8HitvIVrrYO3ScI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.214.168.0/21
31.214.248.0/21
37.10.109.0/24
37.228.136.0/22
82.99.215.0-82.99.219.255
82.99.238.0/24
82.99.242.0-82.99.244.255
91.98.28.0/22
91.98.96.0/21
95.156.236.0/23
95.156.252.0/22
109.230.200.0/24
109.230.204.0/22
109.230.221.0/24
109.230.223.0/24
134.255.200.0/21
185.13.228.0/22
Signature Algorithm: sha256WithRSAEncryption
70:80:27:de:23:df:49:31:49:27:cc:eb:d4:d0:6d:36:15:08:
b5:a3:3e:4b:76:01:01:17:49:25:95:bd:0e:8a:92:b2:87:e1:
03:95:07:ef:17:6f:dc:c4:57:40:78:23:13:38:23:b4:8c:52:
72:7d:ef:84:20:5b:97:71:8f:c9:0e:ba:f7:14:67:da:1a:19:
03:2b:4a:6c:ba:9a:83:99:0e:80:ad:6b:25:0d:97:83:68:fc:
9b:10:30:7a:b7:b4:7b:09:71:5e:cf:01:89:c1:64:cf:e9:17:
5b:90:57:6d:41:96:e9:b1:07:d1:2a:cf:7f:59:22:ad:12:2f:
83:06:0d:46:3a:0f:d5:d1:7a:03:34:2a:c8:74:e2:76:fc:1b:
b0:59:76:01:82:de:73:88:d0:09:1b:24:5c:91:14:8e:cd:1d:
a6:69:64:55:39:61:9e:d0:65:34:e9:40:f9:d0:55:c3:28:aa:
02:d3:eb:de:89:f3:dc:76:a4:22:be:e0:27:0a:61:b8:b3:e3:
74:de:81:af:b9:8a:95:65:85:cc:20:67:c8:46:e8:4c:93:f3:
19:c2:9e:c3:6d:db:26:b5:68:c1:ad:73:f8:c8:8e:6d:bf:21:
7d:01:21:46:24:cb:cd:9a:8e:9b:d6:bb:66:ec:bf:c5:12:53:
58:aa:3b:86
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgISAYdRIHYrD+oha7A0CNiTMPcNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmODE0YWRjMWQ1MjA5ZTA5OGYwNzhhZGJjODU2YmFkODNi
NzQ5YzIwHhcNMjMwNDA1MTExNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGQyNDJiYWUxMDA5MWNjNDI5M2U2MGQyM2IyZGI1MmY0NzA1ZjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoDpB9nhXQs+yFNcqwPqGVcHYUGSL
8d9jeiMO+1ALjhdNAxObbHhkFS+AkFLrlonMrb6JioeJhxnlwisEMNEA5MLQWDC0
+I+Qf+vdSRDfSOaJ1lkgtj9fX/qimHEispftHrZBDI8u48+mDgghCA551sEsKzsJ
jm3tE4iNKLIRASMjB7QG306bsBQI9DBPhBBkp2weQ73x6gwpIbcGhud7kowwBwfZ
HSXNaYEdn9OJr/hanmu5E1n3dUL8e5MIyQGEYXOxYkmxBN+94ZhEoXtdwa8+Hgww
BWjP95rKOiWN+6uANkJTp3RrUsraMAxdHQOhOXTFuRXZnuZxuLxQUDfstQIDAQAB
o4ICezCCAncwHQYDVR0OBBYEFEDSQrrhAJHMQpPmDSOy21L0cF+AMB8GA1UdIwQY
MBaAFC+BStwdUgngmPB4rbyFa62Dt0nCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDRGSzNCMVNDZUNZOEhpdHZJVnJyWU8zU2NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi8xM2UxMmEtMmJhYy00NzUyLTk5N2Qt
ZGY4NmI2ZGQ5OTdjLzEvUU5KQ3V1RUFrY3hDay1ZTkk3TGJVdlJ3WDRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi8xM2UxMmEtMmJhYy00NzUyLTk5N2QtZGY4NmI2ZGQ5OTdj
LzEvTDRGSzNCMVNDZUNZOEhpdHZJVnJyWU8zU2NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGQBggrBgEFBQcBBwEB/wSBgDB+MHwEAgABMHYDBAMf1qgD
BAMf1vgDBAAlCm0DBAIl5IgwDAMEAFJj1wMEAlJj2AMEAFJj7jAMAwQBUmPyAwQA
UmP0AwQCW2IcAwQDW2JgAwQBX5zsAwQCX5z8AwQAbebIAwQCbebMAwQAbebdAwQA
bebfAwQDhv/IAwQCuQ3kMA0GCSqGSIb3DQEBCwUAA4IBAQBwgCfeI99JMUknzOvU
0G02FQi1oz5LdgEBF0kllb0OipKyh+EDlQfvF2/cxFdAeCMTOCO0jFJyfe+EIFuX
cY/JDrr3FGfaGhkDK0psupqDmQ6ArWslDZeDaPybEDB6t7R7CXFezwGJwWTP6Rdb
kFdtQZbpsQfRKs9/WSKtEi+DBg1GOg/V0XoDNCrIdOJ2/BuwWXYBgt5ziNAJGyRc
kRSOzR2maWRVOWGe0GU06UD50FXDKKoC0+veifPcdqQivuAnCmG4s+N03oGvuYqV
ZYXMIGfIRuhMk/MZwp7DbdsmtWjBrXP4yI5tvyF9ASFGJMvNmo6b1rtm7L/FElNY
qjuG
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:06 2024 by rpki-client on console-ams.rpki-client.org