Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/13e12a-2bac-4752-997d-df86b6dd997c/1/hg0E8iyZLP_hLhvcFdjKZjmttC8.roa
File: hg0E8iyZLP_hLhvcFdjKZjmttC8.roa (raw, json)
Hash identifier: BLu+YyNq55HFlEexAjqCsHix11sCysk6aAwSfqIWWUM=
Subject key identifier: 86:0D:04:F2:2C:99:2C:FF:E1:2E:1B:DC:15:D8:CA:66:39:AD:B4:2F
Certificate issuer: /CN=2f814adc1d5209e098f078adbc856bad83b749c2
Certificate serial: 018F9C13F45A7250A876C51B5CE5A874F874
Authority key identifier: 2F:81:4A:DC:1D:52:09:E0:98:F0:78:AD:BC:85:6B:AD:83:B7:49:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L4FK3B1SCeCY8HitvIVrrYO3ScI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/13e12a-2bac-4752-997d-df86b6dd997c/1/hg0E8iyZLP_hLhvcFdjKZjmttC8.roa
Signing time: Tue 21 May 2024 16:55:04 +0000
ROA not before: Tue 21 May 2024 16:55:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16322
IP address blocks: 31.214.132.0/23 maxlen: 23
31.214.146.0/23 maxlen: 23
31.214.146.0/24 maxlen: 24
31.214.147.0/24 maxlen: 24
31.214.154.0/24 maxlen: 24
31.214.168.0/21 maxlen: 21
31.214.168.0/23 maxlen: 23
31.214.170.0/23 maxlen: 23
31.214.172.0/22 maxlen: 22
31.214.200.0/23 maxlen: 23
31.214.228.0/22 maxlen: 22
31.214.248.0/21 maxlen: 21
37.10.64.0/22 maxlen: 22
37.10.109.0/24 maxlen: 24
37.10.117.0/24 maxlen: 24
37.228.131.0/24 maxlen: 24
37.228.133.0/24 maxlen: 24
37.228.135.0/24 maxlen: 24
37.228.136.0/22 maxlen: 22
46.41.192.0/18 maxlen: 18
46.41.192.0/19 maxlen: 19
46.41.192.0/20 maxlen: 20
46.41.224.0/19 maxlen: 19
46.41.224.0/20 maxlen: 20
46.251.224.0/24 maxlen: 24
46.251.226.0/24 maxlen: 24
46.251.237.0/24 maxlen: 24
82.99.192.0/18 maxlen: 18
82.99.192.0/19 maxlen: 22
82.99.192.0/24 maxlen: 24
82.99.193.0/24 maxlen: 24
82.99.195.0/24 maxlen: 24
82.99.196.0/24 maxlen: 24
82.99.198.0/24 maxlen: 24
82.99.201.0/24 maxlen: 24
82.99.204.0/24 maxlen: 24
82.99.205.0/24 maxlen: 24
82.99.206.0/24 maxlen: 24
82.99.209.0/24 maxlen: 24
82.99.210.0/24 maxlen: 24
82.99.212.0/24 maxlen: 24
82.99.216.0/22 maxlen: 22
82.99.224.0/19 maxlen: 19
82.99.225.0/24 maxlen: 24
82.99.228.0/24 maxlen: 24
82.99.230.0/24 maxlen: 24
82.99.231.0/24 maxlen: 24
82.99.232.0/24 maxlen: 24
82.99.233.0/24 maxlen: 24
82.99.235.0/24 maxlen: 24
82.99.240.0/24 maxlen: 24
82.99.249.0/24 maxlen: 24
82.99.250.0/24 maxlen: 24
82.99.251.0/24 maxlen: 24
82.99.254.0/24 maxlen: 24
95.156.222.0/23 maxlen: 23
95.156.233.0/24 maxlen: 24
95.156.234.0/23 maxlen: 23
95.156.236.0/23 maxlen: 23
95.156.248.0/23 maxlen: 23
109.230.192.0/23 maxlen: 23
109.230.200.0/24 maxlen: 24
109.230.204.0/22 maxlen: 22
109.230.221.0/24 maxlen: 24
109.230.223.0/24 maxlen: 24
109.230.242.0/24 maxlen: 24
109.230.246.0/23 maxlen: 23
109.230.246.0/24 maxlen: 24
109.230.247.0/24 maxlen: 24
109.230.251.0/24 maxlen: 24
134.255.196.0/23 maxlen: 23
134.255.200.0/21 maxlen: 21
134.255.245.0/24 maxlen: 24
134.255.246.0/24 maxlen: 24
134.255.249.0/24 maxlen: 24
185.10.71.0/24 maxlen: 24
185.13.228.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 27 May 2024 08:12:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:9c:13:f4:5a:72:50:a8:76:c5:1b:5c:e5:a8:74:f8:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f814adc1d5209e098f078adbc856bad83b749c2
Validity
Not Before: May 21 16:55:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=860d04f22c992cffe12e1bdc15d8ca6639adb42f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:0d:af:35:f9:cb:15:22:f3:b0:72:52:cc:21:
b7:b0:b2:e0:da:50:9e:f1:74:e4:30:a3:d8:64:8a:
6d:d8:04:c5:ee:1e:12:71:6a:e1:45:ba:f2:17:4a:
27:67:cf:da:28:6d:e5:a0:ab:50:fe:93:b3:6d:f1:
d7:07:55:0b:f8:f1:89:4d:e0:48:e7:3e:7f:4f:9d:
a5:94:03:ca:0c:38:73:7e:c4:1a:49:4b:14:72:dc:
9f:f2:25:a6:b5:14:6d:fe:8a:e5:84:0d:6d:39:9d:
7b:b2:2a:e9:ae:71:29:5b:69:4c:fb:93:13:ec:5f:
e8:c0:7f:6b:ec:8a:09:2a:84:60:82:dc:3d:e5:d1:
2e:7e:51:5a:90:37:db:d0:c6:76:f3:22:69:70:63:
b1:6c:29:83:0b:32:5e:d3:e7:b7:11:84:e1:b4:bf:
26:e3:7c:4b:61:50:bd:18:df:bc:31:1c:39:d2:55:
f9:ca:15:a0:42:ee:f4:71:e9:84:cf:de:34:7d:21:
91:a8:7a:a4:60:c4:1b:fc:af:fb:38:b0:46:fa:af:
90:33:e1:fb:1f:ea:c3:39:f8:11:c4:75:73:f8:da:
69:6b:8c:6c:c1:9a:5d:c4:38:d7:05:c5:1b:42:bf:
78:23:cf:63:58:7e:6a:b8:43:24:98:d9:9e:b8:ee:
b8:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:0D:04:F2:2C:99:2C:FF:E1:2E:1B:DC:15:D8:CA:66:39:AD:B4:2F
X509v3 Authority Key Identifier:
keyid:2F:81:4A:DC:1D:52:09:E0:98:F0:78:AD:BC:85:6B:AD:83:B7:49:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L4FK3B1SCeCY8HitvIVrrYO3ScI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/13e12a-2bac-4752-997d-df86b6dd997c/1/hg0E8iyZLP_hLhvcFdjKZjmttC8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/13e12a-2bac-4752-997d-df86b6dd997c/1/L4FK3B1SCeCY8HitvIVrrYO3ScI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.214.132.0/23
31.214.146.0/23
31.214.154.0/24
31.214.168.0/21
31.214.200.0/23
31.214.228.0/22
31.214.248.0/21
37.10.64.0/22
37.10.109.0/24
37.10.117.0/24
37.228.131.0/24
37.228.133.0/24
37.228.135.0-37.228.139.255
46.41.192.0/18
46.251.224.0/24
46.251.226.0/24
46.251.237.0/24
82.99.192.0/18
95.156.222.0/23
95.156.233.0-95.156.237.255
95.156.248.0/23
109.230.192.0/23
109.230.200.0/24
109.230.204.0/22
109.230.221.0/24
109.230.223.0/24
109.230.242.0/24
109.230.246.0/23
109.230.251.0/24
134.255.196.0/23
134.255.200.0/21
134.255.245.0-134.255.246.255
134.255.249.0/24
185.10.71.0/24
185.13.228.0/22
Signature Algorithm: sha256WithRSAEncryption
70:5a:58:56:fd:b4:ca:c6:12:fc:45:dd:45:4b:a7:b6:be:80:
9d:78:b7:a7:fb:39:0d:2f:b1:9b:ad:8d:ab:bf:f3:21:67:52:
06:82:5a:f5:e1:63:bf:2e:d0:49:70:f2:3a:b8:94:72:9e:33:
a1:4a:55:df:72:bf:a7:d9:54:05:08:f6:c5:d7:32:9f:ea:e2:
dc:a3:99:32:9b:89:4c:6e:63:e0:de:06:05:07:91:4b:0a:3c:
02:aa:54:cb:e5:61:1c:6c:98:62:19:8e:a2:e5:b3:c3:12:bf:
e2:8e:47:fe:7d:e3:87:dc:4d:e0:54:13:c7:01:57:90:02:e4:
69:72:e9:9d:c9:f5:7f:16:e9:9f:2d:32:e8:a4:13:44:7d:f7:
dd:39:ea:c8:8c:77:e0:a4:8a:ed:68:96:20:12:80:25:6d:e3:
c9:ef:16:00:10:69:2c:2a:f5:fa:e4:a0:88:20:2f:90:ba:71:
2a:c3:b6:2d:b5:f5:35:20:b6:b4:1b:9d:9a:a6:27:cd:27:0e:
22:2b:1a:0a:7c:68:81:34:f5:53:6d:e3:58:41:2a:84:67:1c:
56:d7:ed:c9:3a:44:c3:a8:c7:40:d2:13:a6:05:11:b4:81:74:
05:c7:a6:08:2a:0e:13:94:dd:f9:40:95:08:d8:f5:4f:3e:59:
66:b1:ab:08
-----BEGIN CERTIFICATE-----
MIIF5zCCBM+gAwIBAgISAY+cE/RaclCodsUbXOWodPh0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmODE0YWRjMWQ1MjA5ZTA5OGYwNzhhZGJjODU2YmFkODNi
NzQ5YzIwHhcNMjQwNTIxMTY1NTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjBkMDRmMjJjOTkyY2ZmZTEyZTFiZGMxNWQ4Y2E2NjM5YWRiNDJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArA2vNfnLFSLzsHJSzCG3sLLg2lCe
8XTkMKPYZIpt2ATF7h4ScWrhRbryF0onZ8/aKG3loKtQ/pOzbfHXB1UL+PGJTeBI
5z5/T52llAPKDDhzfsQaSUsUctyf8iWmtRRt/orlhA1tOZ17sirprnEpW2lM+5MT
7F/owH9r7IoJKoRggtw95dEuflFakDfb0MZ28yJpcGOxbCmDCzJe0+e3EYThtL8m
43xLYVC9GN+8MRw50lX5yhWgQu70cemEz940fSGRqHqkYMQb/K/7OLBG+q+QM+H7
H+rDOfgRxHVz+Nppa4xswZpdxDjXBcUbQr94I89jWH5quEMkmNmeuO649wIDAQAB
o4IC8zCCAu8wHQYDVR0OBBYEFIYNBPIsmSz/4S4b3BXYymY5rbQvMB8GA1UdIwQY
MBaAFC+BStwdUgngmPB4rbyFa62Dt0nCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDRGSzNCMVNDZUNZOEhpdHZJVnJyWU8zU2NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi8xM2UxMmEtMmJhYy00NzUyLTk5N2Qt
ZGY4NmI2ZGQ5OTdjLzEvaGcwRThpeVpMUF9oTGh2Y0Zkaktaam10dEM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi8xM2UxMmEtMmJhYy00NzUyLTk5N2QtZGY4NmI2ZGQ5OTdj
LzEvTDRGSzNCMVNDZUNZOEhpdHZJVnJyWU8zU2NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBBwYIKwYBBQUHAQcBAf8EgfcwgfQwgfEEAgABMIHqAwQB
H9aEAwQBH9aSAwQAH9aaAwQDH9aoAwQBH9bIAwQCH9bkAwQDH9b4AwQCJQpAAwQA
JQptAwQAJQp1AwQAJeSDAwQAJeSFMAwDBAAl5IcDBAIl5IgDBAYuKcADBAAu++AD
BAAu++IDBAAu++0DBAZSY8ADBAFfnN4wDAMEAF+c6QMEAV+c7AMEAV+c+AMEAW3m
wAMEAG3myAMEAm3mzAMEAG3m3QMEAG3m3wMEAG3m8gMEAW3m9gMEAG3m+wMEAYb/
xAMEA4b/yDAMAwQAhv/1AwQAhv/2AwQAhv/5AwQAuQpHAwQCuQ3kMA0GCSqGSIb3
DQEBCwUAA4IBAQBwWlhW/bTKxhL8Rd1FS6e2voCdeLen+zkNL7GbrY2rv/MhZ1IG
glr14WO/LtBJcPI6uJRynjOhSlXfcr+n2VQFCPbF1zKf6uLco5kym4lMbmPg3gYF
B5FLCjwCqlTL5WEcbJhiGY6i5bPDEr/ijkf+feOH3E3gVBPHAVeQAuRpcumdyfV/
FumfLTLopBNEfffdOerIjHfgpIrtaJYgEoAlbePJ7xYAEGksKvX65KCIIC+QunEq
w7YttfU1ILa0G52apifNJw4iKxoKfGiBNPVTbeNYQSqEZxxW1+3JOkTDqMdA0hOm
BRG0gXQFx6YIKg4TlN35QJUI2PVPPllmsasI
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:42 2024 by rpki-client on console-fra.rpki-client.org