Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/fc90a0-804c-40fa-b27a-c383a9010005/1/1-hQkYrRTq-ZqY9spaMm7Jm8G8ZI.roa
File: 1-hQkYrRTq-ZqY9spaMm7Jm8G8ZI.roa (raw, json)
Hash identifier: dFmP1yOL3ThCMHIn7jUeXvp4SE01ZIkBXYwaAiuVyYk=
Subject key identifier: FA:14:24:62:B4:53:AB:E6:6A:63:DB:29:68:C9:BB:26:6F:06:F1:92
Certificate issuer: /CN=2665c17fa028b31348f630f6b56df422ce062b3b
Certificate serial: 018E2F5C5A8926B11280F8ED82E7F4BE6E80
Authority key identifier: 26:65:C1:7F:A0:28:B3:13:48:F6:30:F6:B5:6D:F4:22:CE:06:2B:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JmXBf6AosxNI9jD2tW30Is4GKzs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/fc90a0-804c-40fa-b27a-c383a9010005/1/1-hQkYrRTq-ZqY9spaMm7Jm8G8ZI.roa
Signing time: Mon 11 Mar 2024 21:12:45 +0000
ROA not before: Mon 11 Mar 2024 21:12:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197637
IP address blocks: 31.25.152.0/21 maxlen: 21
37.99.200.0/21 maxlen: 21
37.123.120.0/21 maxlen: 21
109.75.104.0/24 maxlen: 24
109.75.106.0/24 maxlen: 24
109.75.107.0/24 maxlen: 24
109.75.108.0/22 maxlen: 22
153.92.32.0/21 maxlen: 21
185.8.86.0/23 maxlen: 23
185.62.88.0/22 maxlen: 22
185.65.198.0/23 maxlen: 23
185.68.76.0/22 maxlen: 22
193.57.0.0/22 maxlen: 22
2a04:6ec0::/29 maxlen: 29
2a04:6ec0::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 13 Mar 2024 20:35:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:2f:5c:5a:89:26:b1:12:80:f8:ed:82:e7:f4:be:6e:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2665c17fa028b31348f630f6b56df422ce062b3b
Validity
Not Before: Mar 11 21:12:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fa142462b453abe66a63db2968c9bb266f06f192
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:08:f3:6d:5b:a2:d6:48:30:9a:7a:ee:7d:2e:
d5:37:6e:1a:3c:9a:4a:41:e0:bf:1f:df:af:e5:82:
70:db:2c:7b:ac:2d:4b:d6:ff:e8:16:24:ff:7e:6d:
ab:c9:f4:2c:8b:78:83:da:c5:c1:66:50:97:d6:e9:
39:6b:a1:f1:0b:c1:55:fe:8f:ee:40:ef:01:5b:36:
2a:b3:07:77:53:df:6d:98:e0:22:03:54:1d:24:48:
e4:a6:27:97:7e:50:ae:c9:e7:ce:ad:ca:1b:77:f8:
b6:dc:60:12:28:b3:ac:81:75:b2:e4:b7:bf:89:88:
9f:bd:2b:2c:3b:25:e0:87:e6:c9:f8:87:c0:54:14:
b8:bd:4a:10:ea:ea:50:c4:3b:15:ce:f2:49:54:1d:
f2:71:21:6b:2e:29:07:9d:d8:3a:02:7e:a3:7d:31:
53:7b:d5:34:51:1d:d4:85:65:c1:3a:2a:35:16:f2:
ee:30:91:b1:0c:e4:f1:69:1a:95:0e:60:3f:c0:c5:
2f:75:4c:b2:40:d7:ab:65:6f:5c:9f:ed:50:49:fe:
93:49:a0:b1:83:53:0a:ad:fd:e9:e0:08:7d:e1:05:
ac:91:4b:4f:48:2f:cd:55:87:75:da:19:c8:39:76:
eb:e9:61:dc:dd:b7:06:7f:d7:95:e0:51:73:ae:e2:
a4:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:14:24:62:B4:53:AB:E6:6A:63:DB:29:68:C9:BB:26:6F:06:F1:92
X509v3 Authority Key Identifier:
keyid:26:65:C1:7F:A0:28:B3:13:48:F6:30:F6:B5:6D:F4:22:CE:06:2B:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmXBf6AosxNI9jD2tW30Is4GKzs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/fc90a0-804c-40fa-b27a-c383a9010005/1/1-hQkYrRTq-ZqY9spaMm7Jm8G8ZI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/fc90a0-804c-40fa-b27a-c383a9010005/1/JmXBf6AosxNI9jD2tW30Is4GKzs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.152.0/21
37.99.200.0/21
37.123.120.0/21
109.75.104.0/24
109.75.106.0-109.75.111.255
153.92.32.0/21
185.8.86.0/23
185.62.88.0/22
185.65.198.0/23
185.68.76.0/22
193.57.0.0/22
IPv6:
2a04:6ec0::/29
Signature Algorithm: sha256WithRSAEncryption
65:47:39:58:49:4c:21:43:33:74:cb:72:05:b1:ba:38:84:51:
c4:d9:36:d0:85:ca:74:71:2e:d7:46:f1:ae:ec:9a:6e:de:62:
3b:f7:90:44:f5:28:cb:b8:18:0c:f1:8a:1d:53:b0:59:1e:95:
83:9b:c4:30:a1:0e:00:99:a2:fe:00:c3:95:2b:01:bd:11:cb:
e8:14:e4:1b:cd:65:6e:37:6c:1b:17:47:7f:ac:2b:ce:1a:12:
7b:4e:c9:af:c7:ea:5b:c1:f9:a7:81:1f:6a:2e:bd:bc:e5:6f:
d4:65:12:46:22:77:a1:da:a8:cf:4a:86:fa:0b:db:7a:2e:4f:
8c:59:09:3d:8c:1e:e8:ec:64:14:c1:f5:4d:e7:5e:44:d4:93:
a7:35:27:80:e3:78:05:8c:3b:8a:78:56:5f:46:a9:bf:94:1d:
08:d2:7b:a3:f1:80:c9:0e:af:a9:8f:c0:bb:39:f4:20:8f:17:
b6:24:89:84:c3:c3:aa:19:1d:dc:20:eb:66:82:1c:3c:27:71:
b7:7f:82:57:04:f0:eb:64:ae:e5:24:9a:46:76:f6:bd:98:44:
e8:f4:9e:26:b1:b4:9e:07:82:1f:b1:da:11:fe:e7:1f:64:08:
b5:ee:80:6d:cc:09:e5:d2:78:ec:66:73:ba:ab:c5:2e:22:a8:
a4:7e:f9:23
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAY4vXFqJJrESgPjtguf0vm6AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjVjMTdmYTAyOGIzMTM0OGY2MzBmNmI1NmRmNDIyY2Uw
NjJiM2IwHhcNMjQwMzExMjExMjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTE0MjQ2MmI0NTNhYmU2NmE2M2RiMjk2OGM5YmIyNjZmMDZmMTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhgjzbVui1kgwmnrufS7VN24aPJpK
QeC/H9+v5YJw2yx7rC1L1v/oFiT/fm2ryfQsi3iD2sXBZlCX1uk5a6HxC8FV/o/u
QO8BWzYqswd3U99tmOAiA1QdJEjkpieXflCuyefOrcobd/i23GASKLOsgXWy5Le/
iYifvSssOyXgh+bJ+IfAVBS4vUoQ6upQxDsVzvJJVB3ycSFrLikHndg6An6jfTFT
e9U0UR3UhWXBOio1FvLuMJGxDOTxaRqVDmA/wMUvdUyyQNerZW9cn+1QSf6TSaCx
g1MKrf3p4Ah94QWskUtPSC/NVYd12hnIOXbr6WHc3bcGf9eV4FFzruKkGwIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFPoUJGK0U6vmamPbKWjJuyZvBvGSMB8GA1UdIwQY
MBaAFCZlwX+gKLMTSPYw9rVt9CLOBis7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1YQmY2QW9zeE5JOWpEMnRXMzBJczRHS3pzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9mYzkwYTAtODA0Yy00MGZhLWIyN2Et
YzM4M2E5MDEwMDA1LzEvMS1oUWtZclJUcS1acVk5c3BhTW03Sm04RzhaSS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMTIvZmM5MGEwLTgwNGMtNDBmYS1iMjdhLWMzODNhOTAxMDAw
NS8xL0ptWEJmNkFvc3hOSTlqRDJ0VzMwSXM0R0t6cy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjByBggrBgEFBQcBBwEB/wRjMGEwUAQCAAEwSgMEAx8ZmAME
AyVjyAMEAyV7eAMEAG1LaDAMAwQBbUtqAwQEbUtgAwQDmVwgAwQBuQhWAwQCuT5Y
AwQBuUHGAwQCuURMAwQCwTkAMA0EAgACMAcDBQMqBG7AMA0GCSqGSIb3DQEBCwUA
A4IBAQBlRzlYSUwhQzN0y3IFsbo4hFHE2TbQhcp0cS7XRvGu7Jpu3mI795BE9SjL
uBgM8YodU7BZHpWDm8QwoQ4AmaL+AMOVKwG9EcvoFOQbzWVuN2wbF0d/rCvOGhJ7
Tsmvx+pbwfmngR9qLr285W/UZRJGIneh2qjPSob6C9t6Lk+MWQk9jB7o7GQUwfVN
515E1JOnNSeA43gFjDuKeFZfRqm/lB0I0nuj8YDJDq+pj8C7OfQgjxe2JImEw8Oq
GR3cIOtmghw8J3G3f4JXBPDrZK7lJJpGdva9mETo9J4msbSeB4IfsdoR/ucfZAi1
7oBtzAnl0njsZnO6q8UuIqikfvkj
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:20 2024 by rpki-client on console-ams.rpki-client.org