Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/13e12a-2bac-4752-997d-df86b6dd997c/1/vqtZVl4ZQyQLmqw2p0F73zmwfqY.roa
File: vqtZVl4ZQyQLmqw2p0F73zmwfqY.roa (raw, json)
Hash identifier: pQzo70Bn7bmjV7HU7OoNyOp6m1iKNTrYkcIF2x0fYXw=
Subject key identifier: BE:AB:59:56:5E:19:43:24:0B:9A:AC:36:A7:41:7B:DF:39:B0:7E:A6
Certificate issuer: /CN=2f814adc1d5209e098f078adbc856bad83b749c2
Certificate serial: 018FB91BDF2E33906AF82C5D6F5E7C8C3DD2
Authority key identifier: 2F:81:4A:DC:1D:52:09:E0:98:F0:78:AD:BC:85:6B:AD:83:B7:49:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L4FK3B1SCeCY8HitvIVrrYO3ScI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/13e12a-2bac-4752-997d-df86b6dd997c/1/vqtZVl4ZQyQLmqw2p0F73zmwfqY.roa
Signing time: Mon 27 May 2024 08:12:42 +0000
ROA not before: Mon 27 May 2024 08:12:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16322
IP address blocks: 31.214.132.0/23 maxlen: 23
31.214.146.0/23 maxlen: 23
31.214.146.0/24 maxlen: 24
31.214.147.0/24 maxlen: 24
31.214.154.0/24 maxlen: 24
31.214.168.0/21 maxlen: 21
31.214.168.0/23 maxlen: 23
31.214.170.0/23 maxlen: 23
31.214.172.0/22 maxlen: 22
31.214.200.0/23 maxlen: 23
31.214.228.0/22 maxlen: 22
31.214.248.0/21 maxlen: 21
37.10.64.0/22 maxlen: 22
37.10.109.0/24 maxlen: 24
37.10.117.0/24 maxlen: 24
37.228.131.0/24 maxlen: 24
37.228.133.0/24 maxlen: 24
37.228.135.0/24 maxlen: 24
37.228.136.0/22 maxlen: 22
46.41.192.0/18 maxlen: 18
46.41.192.0/19 maxlen: 19
46.41.192.0/20 maxlen: 20
46.41.224.0/19 maxlen: 19
46.41.224.0/20 maxlen: 20
46.251.224.0/24 maxlen: 24
46.251.226.0/24 maxlen: 24
46.251.237.0/24 maxlen: 24
82.99.192.0/18 maxlen: 18
82.99.192.0/19 maxlen: 22
82.99.192.0/24 maxlen: 24
82.99.193.0/24 maxlen: 24
82.99.195.0/24 maxlen: 24
82.99.196.0/24 maxlen: 24
82.99.198.0/24 maxlen: 24
82.99.201.0/24 maxlen: 24
82.99.204.0/24 maxlen: 24
82.99.205.0/24 maxlen: 24
82.99.206.0/24 maxlen: 24
82.99.209.0/24 maxlen: 24
82.99.210.0/24 maxlen: 24
82.99.212.0/24 maxlen: 24
82.99.214.0/24 maxlen: 24
82.99.216.0/22 maxlen: 22
82.99.224.0/19 maxlen: 19
82.99.225.0/24 maxlen: 24
82.99.228.0/24 maxlen: 24
82.99.230.0/24 maxlen: 24
82.99.231.0/24 maxlen: 24
82.99.232.0/24 maxlen: 24
82.99.233.0/24 maxlen: 24
82.99.235.0/24 maxlen: 24
82.99.240.0/24 maxlen: 24
82.99.249.0/24 maxlen: 24
82.99.250.0/24 maxlen: 24
82.99.251.0/24 maxlen: 24
82.99.254.0/24 maxlen: 24
95.156.222.0/23 maxlen: 23
95.156.233.0/24 maxlen: 24
95.156.234.0/23 maxlen: 23
95.156.236.0/23 maxlen: 23
95.156.248.0/23 maxlen: 23
109.230.192.0/23 maxlen: 23
109.230.200.0/24 maxlen: 24
109.230.204.0/22 maxlen: 22
109.230.221.0/24 maxlen: 24
109.230.223.0/24 maxlen: 24
109.230.242.0/24 maxlen: 24
109.230.246.0/23 maxlen: 23
109.230.246.0/24 maxlen: 24
109.230.247.0/24 maxlen: 24
109.230.251.0/24 maxlen: 24
134.255.196.0/23 maxlen: 23
134.255.200.0/21 maxlen: 21
134.255.245.0/24 maxlen: 24
134.255.246.0/24 maxlen: 24
134.255.249.0/24 maxlen: 24
185.10.71.0/24 maxlen: 24
185.13.228.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 27 May 2024 12:07:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:b9:1b:df:2e:33:90:6a:f8:2c:5d:6f:5e:7c:8c:3d:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f814adc1d5209e098f078adbc856bad83b749c2
Validity
Not Before: May 27 08:12:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=beab59565e1943240b9aac36a7417bdf39b07ea6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:35:81:95:44:e2:3d:de:1e:05:6a:8b:8d:ce:
7a:ee:95:22:7d:65:1a:5c:f0:75:db:99:ac:bb:98:
94:de:d8:45:ec:ec:71:18:a2:af:f7:21:97:56:bb:
56:ed:13:ca:b3:b0:ae:d3:a0:cf:8b:69:81:7a:73:
c4:63:ab:30:3a:5c:da:bc:8c:58:00:5e:75:e5:ea:
a8:71:71:dc:bd:40:0f:67:74:85:b1:44:b4:53:c8:
3d:e8:f5:0f:81:62:be:b4:09:3e:c2:56:8d:4a:6f:
12:af:3a:2c:0d:c5:b9:b9:f2:f2:20:c6:4a:bb:84:
09:bb:b9:b5:81:12:f7:17:06:0d:be:4f:40:9f:18:
16:90:10:d7:95:d8:7e:2d:a2:d5:49:97:32:23:1e:
70:1c:41:7b:dd:f2:ca:f5:df:0f:15:7b:73:17:b5:
8f:d5:ed:9d:d3:2e:8e:e2:e1:30:c5:d7:8f:4a:e1:
3c:74:22:a7:b1:ab:4c:dc:04:50:ac:62:ea:c8:d2:
a6:c6:5e:41:49:e4:c2:76:f9:b1:97:a5:18:17:7c:
8f:a7:e0:40:d2:50:f2:c3:f1:99:54:04:71:37:44:
7b:4b:7c:4a:ef:f9:97:46:ad:35:0e:6e:bb:38:e8:
ac:03:e0:3a:98:97:45:fe:ea:99:6f:e3:2d:92:86:
1a:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:AB:59:56:5E:19:43:24:0B:9A:AC:36:A7:41:7B:DF:39:B0:7E:A6
X509v3 Authority Key Identifier:
keyid:2F:81:4A:DC:1D:52:09:E0:98:F0:78:AD:BC:85:6B:AD:83:B7:49:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L4FK3B1SCeCY8HitvIVrrYO3ScI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/13e12a-2bac-4752-997d-df86b6dd997c/1/vqtZVl4ZQyQLmqw2p0F73zmwfqY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/13e12a-2bac-4752-997d-df86b6dd997c/1/L4FK3B1SCeCY8HitvIVrrYO3ScI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.214.132.0/23
31.214.146.0/23
31.214.154.0/24
31.214.168.0/21
31.214.200.0/23
31.214.228.0/22
31.214.248.0/21
37.10.64.0/22
37.10.109.0/24
37.10.117.0/24
37.228.131.0/24
37.228.133.0/24
37.228.135.0-37.228.139.255
46.41.192.0/18
46.251.224.0/24
46.251.226.0/24
46.251.237.0/24
82.99.192.0/18
95.156.222.0/23
95.156.233.0-95.156.237.255
95.156.248.0/23
109.230.192.0/23
109.230.200.0/24
109.230.204.0/22
109.230.221.0/24
109.230.223.0/24
109.230.242.0/24
109.230.246.0/23
109.230.251.0/24
134.255.196.0/23
134.255.200.0/21
134.255.245.0-134.255.246.255
134.255.249.0/24
185.10.71.0/24
185.13.228.0/22
Signature Algorithm: sha256WithRSAEncryption
18:80:2a:16:3e:f0:8a:65:4f:53:77:59:cd:d2:5e:3c:41:fe:
f9:c5:7f:92:b2:ae:e8:68:4d:a9:42:5c:1b:c1:1c:55:fc:af:
25:73:0d:b2:a4:85:99:5d:b7:ec:67:3a:8a:66:8b:bd:b6:2c:
e9:c5:3e:da:58:84:7a:17:f6:3a:63:b7:45:ec:35:79:65:0d:
c7:8f:a0:b8:11:e9:71:15:b5:4d:10:49:6d:a9:51:94:14:85:
3e:75:f3:83:e4:82:b7:08:44:d7:2d:03:92:33:4b:33:21:3f:
e3:91:11:8c:ee:9f:38:60:c9:9f:de:a5:ff:cc:01:4a:a1:27:
93:d5:de:7b:77:28:11:92:13:a3:5d:d4:61:09:1d:64:06:42:
46:48:cd:42:8f:c1:7c:28:dc:d4:02:e1:c7:44:0b:e7:40:f5:
90:20:8c:e1:43:6b:2a:e2:e7:5c:8c:bf:f9:f6:70:e9:17:91:
81:01:af:8c:45:80:7e:47:39:38:52:53:9b:9d:ea:c7:7c:d1:
32:71:33:c1:03:5a:8e:e7:d5:22:68:7e:ca:99:7b:b8:56:48:
ed:d4:8c:73:5c:94:af:f9:94:5f:b6:21:d0:cf:51:dd:5e:e2:
e6:53:64:dc:f6:5d:d8:02:62:cd:82:c3:c0:f1:1f:10:76:5b:
0d:6e:74:91
-----BEGIN CERTIFICATE-----
MIIF5zCCBM+gAwIBAgISAY+5G98uM5Bq+Cxdb158jD3SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmODE0YWRjMWQ1MjA5ZTA5OGYwNzhhZGJjODU2YmFkODNi
NzQ5YzIwHhcNMjQwNTI3MDgxMjQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZWFiNTk1NjVlMTk0MzI0MGI5YWFjMzZhNzQxN2JkZjM5YjA3ZWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAozWBlUTiPd4eBWqLjc567pUifWUa
XPB125msu5iU3thF7OxxGKKv9yGXVrtW7RPKs7Cu06DPi2mBenPEY6swOlzavIxY
AF515eqocXHcvUAPZ3SFsUS0U8g96PUPgWK+tAk+wlaNSm8SrzosDcW5ufLyIMZK
u4QJu7m1gRL3FwYNvk9AnxgWkBDXldh+LaLVSZcyIx5wHEF73fLK9d8PFXtzF7WP
1e2d0y6O4uEwxdePSuE8dCKnsatM3ARQrGLqyNKmxl5BSeTCdvmxl6UYF3yPp+BA
0lDyw/GZVARxN0R7S3xK7/mXRq01Dm67OOisA+A6mJdF/uqZb+MtkoYa8QIDAQAB
o4IC8zCCAu8wHQYDVR0OBBYEFL6rWVZeGUMkC5qsNqdBe985sH6mMB8GA1UdIwQY
MBaAFC+BStwdUgngmPB4rbyFa62Dt0nCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDRGSzNCMVNDZUNZOEhpdHZJVnJyWU8zU2NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi8xM2UxMmEtMmJhYy00NzUyLTk5N2Qt
ZGY4NmI2ZGQ5OTdjLzEvdnF0WlZsNFpReVFMbXF3MnAwRjczem13ZnFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi8xM2UxMmEtMmJhYy00NzUyLTk5N2QtZGY4NmI2ZGQ5OTdj
LzEvTDRGSzNCMVNDZUNZOEhpdHZJVnJyWU8zU2NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBBwYIKwYBBQUHAQcBAf8EgfcwgfQwgfEEAgABMIHqAwQB
H9aEAwQBH9aSAwQAH9aaAwQDH9aoAwQBH9bIAwQCH9bkAwQDH9b4AwQCJQpAAwQA
JQptAwQAJQp1AwQAJeSDAwQAJeSFMAwDBAAl5IcDBAIl5IgDBAYuKcADBAAu++AD
BAAu++IDBAAu++0DBAZSY8ADBAFfnN4wDAMEAF+c6QMEAV+c7AMEAV+c+AMEAW3m
wAMEAG3myAMEAm3mzAMEAG3m3QMEAG3m3wMEAG3m8gMEAW3m9gMEAG3m+wMEAYb/
xAMEA4b/yDAMAwQAhv/1AwQAhv/2AwQAhv/5AwQAuQpHAwQCuQ3kMA0GCSqGSIb3
DQEBCwUAA4IBAQAYgCoWPvCKZU9Td1nN0l48Qf75xX+Ssq7oaE2pQlwbwRxV/K8l
cw2ypIWZXbfsZzqKZou9tizpxT7aWIR6F/Y6Y7dF7DV5ZQ3Hj6C4EelxFbVNEElt
qVGUFIU+dfOD5IK3CETXLQOSM0szIT/jkRGM7p84YMmf3qX/zAFKoSeT1d57dygR
khOjXdRhCR1kBkJGSM1Cj8F8KNzUAuHHRAvnQPWQIIzhQ2sq4udcjL/59nDpF5GB
Aa+MRYB+Rzk4UlObnerHfNEycTPBA1qO59UiaH7KmXu4Vkjt1IxzXJSv+ZRftiHQ
z1HdXuLmU2Tc9l3YAmLNgsPA8R8QdlsNbnSR
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:31:30 2025 by rpki-client