Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/13e12a-2bac-4752-997d-df86b6dd997c/1/YZ5UTkQKarrx7-3J-8WbpFAgPLk.roa
File: YZ5UTkQKarrx7-3J-8WbpFAgPLk.roa (raw, json)
Hash identifier: diZ2m6yFZaDgPEDK8qMlKhZUcFyVSzylO57Ls13bq0Q=
Subject key identifier: 61:9E:54:4E:44:0A:6A:BA:F1:EF:ED:C9:FB:C5:9B:A4:50:20:3C:B9
Certificate issuer: /CN=2f814adc1d5209e098f078adbc856bad83b749c2
Certificate serial: 01914540902C4743F038272925FA0356C6D8
Authority key identifier: 2F:81:4A:DC:1D:52:09:E0:98:F0:78:AD:BC:85:6B:AD:83:B7:49:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L4FK3B1SCeCY8HitvIVrrYO3ScI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/13e12a-2bac-4752-997d-df86b6dd997c/1/YZ5UTkQKarrx7-3J-8WbpFAgPLk.roa
Signing time: Mon 12 Aug 2024 06:22:24 +0000
ROA not before: Mon 12 Aug 2024 06:22:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16322
IP address blocks: 31.214.132.0/23 maxlen: 23
31.214.146.0/23 maxlen: 23
31.214.146.0/24 maxlen: 24
31.214.147.0/24 maxlen: 24
31.214.154.0/24 maxlen: 24
31.214.168.0/21 maxlen: 21
31.214.168.0/23 maxlen: 23
31.214.170.0/23 maxlen: 23
31.214.172.0/22 maxlen: 22
31.214.200.0/23 maxlen: 23
31.214.228.0/22 maxlen: 22
31.214.248.0/21 maxlen: 21
37.10.64.0/22 maxlen: 22
37.10.109.0/24 maxlen: 24
37.10.117.0/24 maxlen: 24
37.228.131.0/24 maxlen: 24
37.228.133.0/24 maxlen: 24
37.228.135.0/24 maxlen: 24
37.228.136.0/22 maxlen: 22
46.41.192.0/18 maxlen: 18
46.41.192.0/19 maxlen: 19
46.41.192.0/20 maxlen: 20
46.41.224.0/19 maxlen: 19
46.41.224.0/20 maxlen: 20
46.251.224.0/24 maxlen: 24
46.251.226.0/24 maxlen: 24
46.251.237.0/24 maxlen: 24
82.99.192.0/18 maxlen: 18
82.99.192.0/19 maxlen: 22
82.99.192.0/24 maxlen: 24
82.99.193.0/24 maxlen: 24
82.99.195.0/24 maxlen: 24
82.99.196.0/24 maxlen: 24
82.99.198.0/24 maxlen: 24
82.99.199.0/24 maxlen: 24
82.99.200.0/24 maxlen: 24
82.99.201.0/24 maxlen: 24
82.99.204.0/24 maxlen: 24
82.99.205.0/24 maxlen: 24
82.99.206.0/24 maxlen: 24
82.99.209.0/24 maxlen: 24
82.99.210.0/24 maxlen: 24
82.99.212.0/24 maxlen: 24
82.99.214.0/24 maxlen: 24
82.99.216.0/22 maxlen: 22
82.99.224.0/19 maxlen: 19
82.99.224.0/20 maxlen: 20
82.99.225.0/24 maxlen: 24
82.99.228.0/24 maxlen: 24
82.99.230.0/24 maxlen: 24
82.99.231.0/24 maxlen: 24
82.99.232.0/24 maxlen: 24
82.99.233.0/24 maxlen: 24
82.99.235.0/24 maxlen: 24
82.99.240.0/24 maxlen: 24
82.99.249.0/24 maxlen: 24
82.99.250.0/24 maxlen: 24
82.99.251.0/24 maxlen: 24
82.99.252.0/24 maxlen: 24
82.99.254.0/24 maxlen: 24
95.156.222.0/23 maxlen: 23
95.156.233.0/24 maxlen: 24
95.156.234.0/23 maxlen: 23
95.156.236.0/23 maxlen: 23
95.156.248.0/23 maxlen: 23
109.230.192.0/23 maxlen: 23
109.230.200.0/24 maxlen: 24
109.230.204.0/22 maxlen: 22
109.230.221.0/24 maxlen: 24
109.230.223.0/24 maxlen: 24
109.230.242.0/24 maxlen: 24
109.230.246.0/23 maxlen: 23
109.230.246.0/24 maxlen: 24
109.230.247.0/24 maxlen: 24
109.230.251.0/24 maxlen: 24
134.255.196.0/23 maxlen: 23
134.255.200.0/21 maxlen: 21
134.255.245.0/24 maxlen: 24
134.255.246.0/24 maxlen: 24
134.255.249.0/24 maxlen: 24
185.10.71.0/24 maxlen: 24
185.13.228.0/22 maxlen: 22
2a00:1a88::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 17 Sep 2024 11:34:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:45:40:90:2c:47:43:f0:38:27:29:25:fa:03:56:c6:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f814adc1d5209e098f078adbc856bad83b749c2
Validity
Not Before: Aug 12 06:22:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=619e544e440a6abaf1efedc9fbc59ba450203cb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:98:ca:ce:0c:f0:f2:55:7d:01:30:33:cf:b6:
8a:67:b0:1d:e3:74:58:07:45:d7:67:38:ff:16:d9:
09:1b:97:d0:09:ba:d1:c2:a6:5b:57:0c:06:e4:fe:
e7:c9:07:41:18:fb:47:f0:5b:8a:7d:51:59:b5:13:
68:53:c7:d8:e5:e3:5d:de:a2:7c:88:ea:b3:c8:da:
1e:ca:2c:59:0a:c4:cc:7e:d7:d1:85:e5:73:2a:9e:
3d:e5:9d:98:5b:b5:98:43:8b:55:38:da:08:06:0a:
6c:ed:30:12:ba:d1:00:1b:2c:73:72:28:56:c3:d6:
46:27:be:d8:d4:df:70:f3:c6:50:10:4e:fc:a3:16:
5f:0a:ce:05:6a:52:f3:14:26:6b:61:56:a9:00:e7:
6d:b2:3b:05:b3:12:60:44:8d:4d:4b:a1:ea:f4:86:
76:98:62:47:a2:70:4c:a9:02:93:e9:c8:5e:6c:3b:
f3:47:cf:45:36:22:7a:6f:7b:6a:da:1a:51:2a:31:
2f:67:88:c6:a0:5e:ab:77:bb:88:09:5d:ef:5f:ed:
09:d8:d7:0d:79:1d:ee:93:87:b4:99:23:c2:bb:79:
ee:96:01:58:17:72:06:ae:c9:de:77:a7:ac:e6:31:
69:4d:84:21:07:2d:21:6d:d5:62:e7:7e:ad:64:bc:
5d:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:9E:54:4E:44:0A:6A:BA:F1:EF:ED:C9:FB:C5:9B:A4:50:20:3C:B9
X509v3 Authority Key Identifier:
keyid:2F:81:4A:DC:1D:52:09:E0:98:F0:78:AD:BC:85:6B:AD:83:B7:49:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L4FK3B1SCeCY8HitvIVrrYO3ScI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/13e12a-2bac-4752-997d-df86b6dd997c/1/YZ5UTkQKarrx7-3J-8WbpFAgPLk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/13e12a-2bac-4752-997d-df86b6dd997c/1/L4FK3B1SCeCY8HitvIVrrYO3ScI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.214.132.0/23
31.214.146.0/23
31.214.154.0/24
31.214.168.0/21
31.214.200.0/23
31.214.228.0/22
31.214.248.0/21
37.10.64.0/22
37.10.109.0/24
37.10.117.0/24
37.228.131.0/24
37.228.133.0/24
37.228.135.0-37.228.139.255
46.41.192.0/18
46.251.224.0/24
46.251.226.0/24
46.251.237.0/24
82.99.192.0/18
95.156.222.0/23
95.156.233.0-95.156.237.255
95.156.248.0/23
109.230.192.0/23
109.230.200.0/24
109.230.204.0/22
109.230.221.0/24
109.230.223.0/24
109.230.242.0/24
109.230.246.0/23
109.230.251.0/24
134.255.196.0/23
134.255.200.0/21
134.255.245.0-134.255.246.255
134.255.249.0/24
185.10.71.0/24
185.13.228.0/22
IPv6:
2a00:1a88::/32
Signature Algorithm: sha256WithRSAEncryption
4b:ad:2e:f6:3d:2a:ed:e4:2f:bc:e6:ae:d8:fd:3d:6d:ef:b2:
a1:7c:6b:86:d0:49:9b:0b:6a:dd:bf:83:d4:65:17:b1:fa:ef:
fd:28:2c:00:45:af:53:85:a7:3b:51:79:3a:23:27:f7:4d:04:
9b:c1:b4:13:33:f9:ab:fa:1b:2b:69:95:e8:0d:ee:63:b1:ff:
c9:4b:91:95:e2:21:a6:84:a1:b0:6d:e1:04:23:7d:c9:fd:5b:
c2:e3:09:0b:ee:e8:65:db:2b:b8:b4:d0:36:c8:1a:66:07:d7:
0b:65:d8:c9:f8:83:78:f5:ed:9a:83:8a:5c:35:c5:8b:e7:e1:
a1:4a:c1:6a:c8:95:12:2b:4e:a4:61:d7:2a:4b:38:23:b5:23:
dc:ba:df:c5:36:dd:b4:6c:2c:a5:22:05:05:96:1f:9e:9f:11:
a1:21:05:df:4a:21:9a:b6:8f:29:00:d0:86:96:8b:d4:fd:16:
dc:73:1f:0c:ac:ae:02:86:32:1a:42:5e:3d:7a:3d:ad:1c:e6:
f5:16:42:fc:5e:44:5c:b4:54:0b:7f:e2:f8:9b:7d:d9:70:2e:
61:f1:66:66:5a:88:42:e1:37:15:00:4f:dd:37:0e:fb:a7:33:
64:ba:69:9c:9e:62:b9:c0:e7:6c:5a:d9:19:1c:aa:62:32:ac:
73:2c:ef:15
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgISAZFFQJAsR0PwOCcpJfoDVsbYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmODE0YWRjMWQ1MjA5ZTA5OGYwNzhhZGJjODU2YmFkODNi
NzQ5YzIwHhcNMjQwODEyMDYyMjI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTllNTQ0ZTQ0MGE2YWJhZjFlZmVkYzlmYmM1OWJhNDUwMjAzY2I5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsJjKzgzw8lV9ATAzz7aKZ7Ad43RY
B0XXZzj/FtkJG5fQCbrRwqZbVwwG5P7nyQdBGPtH8FuKfVFZtRNoU8fY5eNd3qJ8
iOqzyNoeyixZCsTMftfRheVzKp495Z2YW7WYQ4tVONoIBgps7TASutEAGyxzcihW
w9ZGJ77Y1N9w88ZQEE78oxZfCs4FalLzFCZrYVapAOdtsjsFsxJgRI1NS6Hq9IZ2
mGJHonBMqQKT6chebDvzR89FNiJ6b3tq2hpRKjEvZ4jGoF6rd7uICV3vX+0J2NcN
eR3uk4e0mSPCu3nulgFYF3IGrsned6es5jFpTYQhBy0hbdVi536tZLxdjwIDAQAB
o4IDBDCCAwAwHQYDVR0OBBYEFGGeVE5ECmq68e/tyfvFm6RQIDy5MB8GA1UdIwQY
MBaAFC+BStwdUgngmPB4rbyFa62Dt0nCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDRGSzNCMVNDZUNZOEhpdHZJVnJyWU8zU2NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi8xM2UxMmEtMmJhYy00NzUyLTk5N2Qt
ZGY4NmI2ZGQ5OTdjLzEvWVo1VVRrUUthcnJ4Ny0zSi04V2JwRkFnUExrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi8xM2UxMmEtMmJhYy00NzUyLTk5N2QtZGY4NmI2ZGQ5OTdj
LzEvTDRGSzNCMVNDZUNZOEhpdHZJVnJyWU8zU2NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBGAYIKwYBBQUHAQcBAf8EggEHMIIBAzCB8QQCAAEwgeoD
BAEf1oQDBAEf1pIDBAAf1poDBAMf1qgDBAEf1sgDBAIf1uQDBAMf1vgDBAIlCkAD
BAAlCm0DBAAlCnUDBAAl5IMDBAAl5IUwDAMEACXkhwMEAiXkiAMEBi4pwAMEAC77
4AMEAC774gMEAC777QMEBlJjwAMEAV+c3jAMAwQAX5zpAwQBX5zsAwQBX5z4AwQB
bebAAwQAbebIAwQCbebMAwQAbebdAwQAbebfAwQAbebyAwQBbeb2AwQAbeb7AwQB
hv/EAwQDhv/IMAwDBACG//UDBACG//YDBACG//kDBAC5CkcDBAK5DeQwDQQCAAIw
BwMFACoAGogwDQYJKoZIhvcNAQELBQADggEBAEutLvY9Ku3kL7zmrtj9PW3vsqF8
a4bQSZsLat2/g9RlF7H67/0oLABFr1OFpztReTojJ/dNBJvBtBMz+av6GytplegN
7mOx/8lLkZXiIaaEobBt4QQjfcn9W8LjCQvu6GXbK7i00DbIGmYH1wtl2Mn4g3j1
7ZqDilw1xYvn4aFKwWrIlRIrTqRh1ypLOCO1I9y638U23bRsLKUiBQWWH56fEaEh
Bd9KIZq2jykA0IaWi9T9FtxzHwysrgKGMhpCXj16Pa0c5vUWQvxeRFy0VAt/4vib
fdlwLmHxZmZaiELhNxUAT903DvunM2S6aZyeYrnA52xa2RkcqmIyrHMs7xU=
-----END CERTIFICATE-----
Generated at Tue Sep 17 15:54:04 2024 by rpki-client on console-fra.rpki-client.org