Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/8mbgtucUx-Qt9u3kKuDk4arpSQ0.roa
File: 8mbgtucUx-Qt9u3kKuDk4arpSQ0.roa (raw, json)
Hash identifier: SRyDHtXyKHI2eaKBS4hBiBPg2bH4XVhMOAXFjl1Z2rs=
Subject key identifier: F2:66:E0:B6:E7:14:C7:E4:2D:F6:ED:E4:2A:E0:E4:E1:AA:E9:49:0D
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01949270B38CD8B36DDEE70CC6146DE5146C
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/8mbgtucUx-Qt9u3kKuDk4arpSQ0.roa
Signing time: Thu 23 Jan 2025 09:14:07 +0000
ROA not before: Thu 23 Jan 2025 09:14:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215439
IP address blocks: 31.13.208.0/24 maxlen: 24
45.66.228.0/24 maxlen: 24
45.133.251.0/24 maxlen: 24
83.143.112.0/24 maxlen: 24
84.21.173.0/24 maxlen: 24
87.120.165.0/24 maxlen: 24
87.120.166.0/24 maxlen: 24
87.120.186.0/24 maxlen: 24
93.123.84.0/24 maxlen: 24
94.156.102.0/24 maxlen: 24
94.156.112.0/24 maxlen: 24
94.156.115.0/24 maxlen: 24
94.156.179.0/24 maxlen: 24
94.156.237.0/24 maxlen: 24
171.22.31.0/24 maxlen: 24
185.216.71.0/24 maxlen: 24
185.246.223.0/24 maxlen: 24
193.25.216.0/24 maxlen: 24
193.35.17.0/24 maxlen: 24
193.58.121.0/24 maxlen: 24
193.58.122.0/24 maxlen: 24
193.222.99.0/24 maxlen: 24
194.31.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 28 Jan 2025 08:25:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:92:70:b3:8c:d8:b3:6d:de:e7:0c:c6:14:6d:e5:14:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 23 09:14:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f266e0b6e714c7e42df6ede42ae0e4e1aae9490d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:d8:e3:6c:55:aa:f4:24:e0:36:47:7e:93:a1:
14:bd:8d:36:f0:e5:7c:94:f9:43:09:08:a4:f0:8f:
92:05:58:b6:ca:36:b6:97:2a:12:cd:d4:9d:97:92:
50:a9:60:cd:aa:e6:46:f5:85:f3:0c:89:91:97:22:
ed:8e:d7:18:87:cb:4c:9b:fc:dd:96:31:5d:25:4a:
db:10:7e:74:f1:7b:5d:55:05:91:a1:1d:60:b0:64:
8d:c9:8a:e1:01:cf:10:e4:ba:05:94:8b:12:db:27:
19:00:ae:b8:f8:ff:35:ac:23:a4:5c:ec:a9:b1:11:
b6:4c:ff:4c:cd:db:45:83:9c:73:58:67:40:fd:e0:
97:ee:df:10:8d:79:42:8c:7f:23:45:52:e2:be:0c:
07:a4:8a:1b:9a:97:ba:f4:c0:56:c5:cb:ca:47:1e:
77:f0:51:f7:c7:a9:3e:6d:c5:f8:63:19:28:74:10:
c4:e5:7c:e5:5d:d2:09:12:82:36:d6:7f:f6:d6:23:
30:c0:fa:2b:f3:80:f1:8f:1f:2d:e6:11:18:36:45:
6c:d4:fc:89:60:52:33:07:a6:01:80:c5:b4:ce:16:
de:bf:8a:73:8e:8b:bb:a8:e7:b6:3e:2d:da:56:6e:
d6:a2:38:a8:c1:71:fd:ef:38:e8:8e:29:e0:1f:95:
ac:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:66:E0:B6:E7:14:C7:E4:2D:F6:ED:E4:2A:E0:E4:E1:AA:E9:49:0D
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/8mbgtucUx-Qt9u3kKuDk4arpSQ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.208.0/24
45.66.228.0/24
45.133.251.0/24
83.143.112.0/24
84.21.173.0/24
87.120.165.0-87.120.166.255
87.120.186.0/24
93.123.84.0/24
94.156.102.0/24
94.156.112.0/24
94.156.115.0/24
94.156.179.0/24
94.156.237.0/24
171.22.31.0/24
185.216.71.0/24
185.246.223.0/24
193.25.216.0/24
193.35.17.0/24
193.58.121.0-193.58.122.255
193.222.99.0/24
194.31.223.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:2e:e6:7e:fa:17:cf:2d:f0:3c:eb:16:14:0d:d5:9c:c2:32:
f5:aa:e8:c9:69:fe:3a:a6:d9:d9:46:29:fe:1e:da:35:e1:85:
67:b3:e9:ad:e6:38:e6:30:81:c2:b8:5d:7b:37:21:d1:4c:77:
ff:61:cc:0d:88:ce:3b:37:97:29:0c:c2:d7:13:7f:fb:46:a8:
52:9f:1d:cc:24:c4:77:ec:05:c1:a2:b8:95:d8:80:55:f5:58:
8e:a2:bd:96:54:2a:55:84:e8:64:2c:7b:0c:31:81:07:d3:bd:
1f:c2:78:fd:81:c4:8b:c5:c7:c6:9c:b5:c3:fb:8b:a0:b7:e6:
e3:23:b9:41:47:60:5d:0e:4b:68:85:8a:81:d0:e3:7a:7b:7f:
3a:1a:16:f6:61:01:7e:9f:51:67:96:d5:97:c7:63:7e:40:75:
8f:1d:ba:84:08:fd:1d:5d:ea:69:d5:af:55:65:a7:e8:96:12:
a0:9c:6c:52:38:86:7e:86:83:84:c7:ef:05:4d:14:79:70:44:
54:95:25:1c:da:6a:b5:e6:81:12:e0:3b:51:bf:c0:fb:32:31:
d6:e9:09:b3:59:46:bc:ab:c0:06:03:ab:b6:d9:e2:5d:ae:36:
06:1a:0e:23:e8:bb:8e:d8:ac:ed:5c:47:1f:5c:b5:56:a3:bd:
c4:93:ad:b4
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgISAZSScLOM2LNt3ucMxhRt5RRsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwMTIzMDkxNDA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjY2ZTBiNmU3MTRjN2U0MmRmNmVkZTQyYWUwZTRlMWFhZTk0OTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxtjjbFWq9CTgNkd+k6EUvY028OV8
lPlDCQik8I+SBVi2yja2lyoSzdSdl5JQqWDNquZG9YXzDImRlyLtjtcYh8tMm/zd
ljFdJUrbEH508XtdVQWRoR1gsGSNyYrhAc8Q5LoFlIsS2ycZAK64+P81rCOkXOyp
sRG2TP9MzdtFg5xzWGdA/eCX7t8QjXlCjH8jRVLivgwHpIobmpe69MBWxcvKRx53
8FH3x6k+bcX4YxkodBDE5XzlXdIJEoI21n/21iMwwPor84Dxjx8t5hEYNkVs1PyJ
YFIzB6YBgMW0zhbev4pzjou7qOe2Pi3aVm7WojiowXH97zjojingH5WsBQIDAQAB
o4ICljCCApIwHQYDVR0OBBYEFPJm4LbnFMfkLfbt5Crg5OGq6UkNMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvOG1iZ3R1Y1V4LVF0OXUza0t1RGs0YXJwU1EwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGrBggrBgEFBQcBBwEB/wSBmzCBmDCBlQQCAAEwgY4DBAAf
DdADBAAtQuQDBAAthfsDBABTj3ADBABUFa0wDAMEAFd4pQMEAFd4pgMEAFd4ugME
AF17VAMEAF6cZgMEAF6ccAMEAF6ccwMEAF6cswMEAF6c7QMEAKsWHwMEALnYRwME
ALn23wMEAMEZ2AMEAMEjETAMAwQAwTp5AwQAwTp6AwQAwd5jAwQAwh/fMA0GCSqG
SIb3DQEBCwUAA4IBAQBbLuZ++hfPLfA86xYUDdWcwjL1qujJaf46ptnZRin+Hto1
4YVns+mt5jjmMIHCuF17NyHRTHf/YcwNiM47N5cpDMLXE3/7RqhSnx3MJMR37AXB
oriV2IBV9ViOor2WVCpVhOhkLHsMMYEH070fwnj9gcSLxcfGnLXD+4ugt+bjI7lB
R2BdDktohYqB0ON6e386Ghb2YQF+n1FnltWXx2N+QHWPHbqECP0dXepp1a9VZafo
lhKgnGxSOIZ+hoOEx+8FTRR5cERUlSUc2mq15oES4DtRv8D7MjHW6QmzWUa8q8AG
A6u22eJdrjYGGg4j6LuO2KztXEcfXLVWo73Ek620
-----END CERTIFICATE-----
Generated at Wed Apr 16 19:41:24 2025 by rpki-client