Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/f65610-59f6-4ad6-a9d8-1470ac364dd2/1/_CK5y2NiomRpD00Bme-8sg9KNms.roa
File: _CK5y2NiomRpD00Bme-8sg9KNms.roa (raw, json)
Hash identifier: 1JzVbfD+Z/PH8EaF8V7R6Sk4TlWAwJ4LZbqeYiiwUIQ=
Subject key identifier: FC:22:B9:CB:63:62:A2:64:69:0F:4D:01:99:EF:BC:B2:0F:4A:36:6B
Certificate issuer: /CN=979f5ca8c33f134c3c157d48b9c2ae4e91b630bf
Certificate serial: 01913B3797B6504A6F32A0E4BEB6BCC96D3E
Authority key identifier: 97:9F:5C:A8:C3:3F:13:4C:3C:15:7D:48:B9:C2:AE:4E:91:B6:30:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l59cqMM_E0w8FX1IucKuTpG2ML8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/f65610-59f6-4ad6-a9d8-1470ac364dd2/1/_CK5y2NiomRpD00Bme-8sg9KNms.roa
Signing time: Sat 10 Aug 2024 07:36:24 +0000
ROA not before: Sat 10 Aug 2024 07:36:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6424
IP address blocks: 103.243.124.0/22 maxlen: 22
146.19.95.0/24 maxlen: 24
146.19.249.0/24 maxlen: 24
185.112.251.0/24 maxlen: 24
185.166.144.0/24 maxlen: 24
188.93.192.0/21 maxlen: 24
188.93.196.0/24 maxlen: 24
188.93.198.0/24 maxlen: 24
188.93.199.0/24 maxlen: 24
193.107.13.0/24 maxlen: 24
193.109.184.0/21 maxlen: 24
193.109.184.0/24 maxlen: 24
193.163.151.0/24 maxlen: 24
212.52.23.0/24 maxlen: 24
2001:b18::/32 maxlen: 48
2001:b18:a::/48 maxlen: 48
2001:b18:b::/48 maxlen: 48
2001:b18:1000::/48 maxlen: 48
2001:b18:1001::/48 maxlen: 48
2001:b18:1002::/48 maxlen: 48
2001:b18:1008::/48 maxlen: 48
2001:b18:1012::/48 maxlen: 48
2001:b18:1016::/48 maxlen: 48
2001:b18:1018::/48 maxlen: 48
2001:b18:1020::/48 maxlen: 48
2001:b18:1031::/48 maxlen: 48
2a0b:e740::/29 maxlen: 29
2a0d:82c0::/29 maxlen: 48
2a0d:82c0::/32 maxlen: 32
2a0d:82c7:d::/48 maxlen: 48
2a0e:5f00::/29 maxlen: 48
2a0e:5f00::/32 maxlen: 32
2a0f:7700::/29 maxlen: 29
2a0f:8900::/29 maxlen: 29
2a0f:d300::/29 maxlen: 29
2a10:ee40::/29 maxlen: 29
2a11:c00::/29 maxlen: 29
2a12:c1c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Sun 01 Sep 2024 00:52:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:3b:37:97:b6:50:4a:6f:32:a0:e4:be:b6:bc:c9:6d:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=979f5ca8c33f134c3c157d48b9c2ae4e91b630bf
Validity
Not Before: Aug 10 07:36:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fc22b9cb6362a264690f4d0199efbcb20f4a366b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:13:18:45:b0:b2:5d:5d:84:e2:61:85:a1:78:
54:46:d4:42:64:61:cd:d0:51:e3:ef:e2:f9:80:c1:
12:2c:c6:f9:6e:87:b0:18:c3:f7:0b:14:7f:9e:27:
f6:65:cc:46:12:4c:4b:8f:39:95:12:80:2e:b7:5f:
2e:62:94:63:98:7e:a0:72:e8:b7:84:e4:ce:ee:14:
eb:e0:56:77:4c:fb:06:2e:68:e3:1e:ba:b8:4e:06:
0a:a3:aa:aa:ef:b3:fe:44:20:97:1c:3e:e8:5b:e4:
25:35:c2:ad:e5:03:3c:f9:ab:1e:12:bd:29:13:9c:
ae:85:be:b2:84:bc:5f:f5:8d:92:d7:e8:1d:72:e8:
5c:0d:4b:a0:9d:25:e6:e3:1e:b4:e1:9b:f3:56:8a:
0d:0b:23:7d:b4:0b:5c:49:e9:be:4d:9d:2d:7b:88:
02:24:06:dc:1d:b7:35:2a:c2:95:b1:da:41:57:91:
1e:76:a1:92:6e:8b:a7:d8:ae:cf:41:da:6d:3c:b4:
92:a8:24:55:69:fe:cd:5d:5e:7a:d3:a1:76:4c:a3:
8f:a4:84:87:07:10:ba:65:a4:3e:36:c9:88:7c:4e:
66:26:c6:77:c6:20:6e:af:26:d4:37:4a:be:cc:76:
c6:8b:3f:c5:4c:fc:7b:81:20:eb:e3:9b:3e:da:7c:
75:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:22:B9:CB:63:62:A2:64:69:0F:4D:01:99:EF:BC:B2:0F:4A:36:6B
X509v3 Authority Key Identifier:
keyid:97:9F:5C:A8:C3:3F:13:4C:3C:15:7D:48:B9:C2:AE:4E:91:B6:30:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l59cqMM_E0w8FX1IucKuTpG2ML8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/f65610-59f6-4ad6-a9d8-1470ac364dd2/1/_CK5y2NiomRpD00Bme-8sg9KNms.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/f65610-59f6-4ad6-a9d8-1470ac364dd2/1/l59cqMM_E0w8FX1IucKuTpG2ML8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.243.124.0/22
146.19.95.0/24
146.19.249.0/24
185.112.251.0/24
185.166.144.0/24
188.93.192.0/21
193.107.13.0/24
193.109.184.0/21
193.163.151.0/24
212.52.23.0/24
IPv6:
2001:b18::/32
2a0b:e740::/29
2a0d:82c0::/29
2a0e:5f00::/29
2a0f:7700::/29
2a0f:8900::/29
2a0f:d300::/29
2a10:ee40::/29
2a11:c00::/29
2a12:c1c0::/29
Signature Algorithm: sha256WithRSAEncryption
a7:0b:54:2e:9d:90:ac:56:e6:ea:04:75:15:85:34:d7:6f:31:
4f:24:1c:e4:38:3a:be:cc:76:96:cc:60:68:8f:f6:df:d4:3f:
74:10:ca:21:ff:0a:e4:b0:11:fa:76:83:ad:5b:c8:11:14:a4:
c0:78:87:a0:ad:18:a4:b9:5c:da:42:42:51:ed:4c:bc:dd:05:
dc:4d:2f:ed:4f:2b:bc:5a:c5:a6:cf:61:ad:4b:60:4d:67:b5:
3f:fc:ed:b9:df:b3:f5:24:fc:ed:f2:5f:25:63:07:c1:fb:97:
02:2b:9f:ec:e8:03:9b:d1:eb:1b:e2:14:e5:e3:23:7d:20:f8:
fe:ea:63:e4:ad:8a:f7:91:a3:00:ef:1e:9e:1e:01:49:48:35:
75:aa:12:cb:db:0f:a5:bc:85:60:17:32:5b:d1:2c:13:64:b6:
88:55:e0:69:0e:e9:f8:13:00:d0:26:12:e4:b2:1e:31:fb:1a:
91:a9:7f:fd:a4:52:ce:41:a6:23:1f:b3:c5:9d:20:60:79:c6:
18:c8:ca:28:5a:e9:96:55:75:98:63:9b:ee:ee:a2:e2:72:31:
28:9e:ba:98:2d:c0:5e:25:16:33:c8:5b:9e:10:17:d9:62:4f:
b0:db:c8:23:35:50:7d:dd:97:2c:1c:e4:1f:8a:79:98:50:0c:
3e:da:4a:70
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgISAZE7N5e2UEpvMqDkvra8yW0+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3OWY1Y2E4YzMzZjEzNGMzYzE1N2Q0OGI5YzJhZTRlOTFi
NjMwYmYwHhcNMjQwODEwMDczNjI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzIyYjljYjYzNjJhMjY0NjkwZjRkMDE5OWVmYmNiMjBmNGEzNjZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1xMYRbCyXV2E4mGFoXhURtRCZGHN
0FHj7+L5gMESLMb5boewGMP3CxR/nif2ZcxGEkxLjzmVEoAut18uYpRjmH6gcui3
hOTO7hTr4FZ3TPsGLmjjHrq4TgYKo6qq77P+RCCXHD7oW+QlNcKt5QM8+aseEr0p
E5yuhb6yhLxf9Y2S1+gdcuhcDUugnSXm4x604ZvzVooNCyN9tAtcSem+TZ0te4gC
JAbcHbc1KsKVsdpBV5EedqGSboun2K7PQdptPLSSqCRVaf7NXV5606F2TKOPpISH
BxC6ZaQ+NsmIfE5mJsZ3xiBurybUN0q+zHbGiz/FTPx7gSDr45s+2nx1owIDAQAB
o4ICkDCCAowwHQYDVR0OBBYEFPwiuctjYqJkaQ9NAZnvvLIPSjZrMB8GA1UdIwQY
MBaAFJefXKjDPxNMPBV9SLnCrk6RtjC/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDU5Y3FNTV9FMHc4RlgxSXVjS3VUcEcyTUw4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9mNjU2MTAtNTlmNi00YWQ2LWE5ZDgt
MTQ3MGFjMzY0ZGQyLzEvX0NLNXkyTmlvbVJwRDAwQm1lLThzZzlLTm1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9mNjU2MTAtNTlmNi00YWQ2LWE5ZDgtMTQ3MGFjMzY0ZGQy
LzEvbDU5Y3FNTV9FMHc4RlgxSXVjS3VUcEcyTUw4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGlBggrBgEFBQcBBwEB/wSBlTCBkjBCBAIAATA8AwQCZ/N8
AwQAkhNfAwQAkhP5AwQAuXD7AwQAuaaQAwQDvF3AAwQAwWsNAwQDwW24AwQAwaOX
AwQA1DQXMEwEAgACMEYDBQAgAQsYAwUDKgvnQAMFAyoNgsADBQMqDl8AAwUDKg93
AAMFAyoPiQADBQMqD9MAAwUDKhDuQAMFAyoRDAADBQMqEsHAMA0GCSqGSIb3DQEB
CwUAA4IBAQCnC1QunZCsVubqBHUVhTTXbzFPJBzkODq+zHaWzGBoj/bf1D90EMoh
/wrksBH6doOtW8gRFKTAeIegrRikuVzaQkJR7Uy83QXcTS/tTyu8WsWmz2GtS2BN
Z7U//O2537P1JPzt8l8lYwfB+5cCK5/s6AOb0esb4hTl4yN9IPj+6mPkrYr3kaMA
7x6eHgFJSDV1qhLL2w+lvIVgFzJb0SwTZLaIVeBpDun4EwDQJhLksh4x+xqRqX/9
pFLOQaYjH7PFnSBgecYYyMooWumWVXWYY5vu7qLicjEonrqYLcBeJRYzyFueEBfZ
Yk+w28gjNVB93ZcsHOQfinmYUAw+2kpw
-----END CERTIFICATE-----
Generated at Sun Sep 1 03:31:15 2024 by rpki-client on console-ams.rpki-client.org