Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/b0QvrqYY2iaJzVP9TcjXKln2TVQ.roa
File: b0QvrqYY2iaJzVP9TcjXKln2TVQ.roa (raw, json)
Hash identifier: A16Guyl2lJS5fDPU4KPkcLxtfAmo+sTleoD6belg+lI=
Subject key identifier: 6F:44:2F:AE:A6:18:DA:26:89:CD:53:FD:4D:C8:D7:2A:59:F6:4D:54
Certificate issuer: /CN=01c38a06a39b20b8da40009237d76acdd28e71a5
Certificate serial: 01916CFA35A3DAA66F672F8889A07E7E9A19
Authority key identifier: 01:C3:8A:06:A3:9B:20:B8:DA:40:00:92:37:D7:6A:CD:D2:8E:71:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AcOKBqObILjaQACSN9dqzdKOcaU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/b0QvrqYY2iaJzVP9TcjXKln2TVQ.roa
Signing time: Mon 19 Aug 2024 23:30:22 +0000
ROA not before: Mon 19 Aug 2024 23:30:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16839
IP address blocks: 37.98.232.0/21 maxlen: 21
37.98.232.0/22 maxlen: 22
37.98.232.0/23 maxlen: 23
37.98.232.0/24 maxlen: 24
37.98.233.0/24 maxlen: 24
37.98.234.0/23 maxlen: 23
37.98.234.0/24 maxlen: 24
37.98.235.0/24 maxlen: 24
37.98.236.0/22 maxlen: 22
37.98.236.0/23 maxlen: 23
37.98.236.0/24 maxlen: 24
37.98.237.0/24 maxlen: 24
37.98.238.0/23 maxlen: 23
37.98.238.0/24 maxlen: 24
37.98.239.0/24 maxlen: 24
136.242.128.0/17 maxlen: 17
138.12.128.0/17 maxlen: 17
148.139.0.0/16 maxlen: 16
148.139.0.0/24 maxlen: 24
148.139.1.0/24 maxlen: 24
148.139.2.0/24 maxlen: 24
148.139.3.0/24 maxlen: 24
148.139.4.0/22 maxlen: 22
148.139.8.0/22 maxlen: 22
148.139.12.0/22 maxlen: 22
148.139.16.0/22 maxlen: 22
148.139.28.0/24 maxlen: 24
148.139.29.0/24 maxlen: 24
148.139.30.0/24 maxlen: 24
148.139.32.0/20 maxlen: 20
148.139.48.0/20 maxlen: 20
148.139.64.0/20 maxlen: 20
148.139.80.0/20 maxlen: 20
148.139.96.0/22 maxlen: 22
148.139.100.0/22 maxlen: 22
148.139.104.0/24 maxlen: 24
148.139.105.0/24 maxlen: 24
148.139.108.0/22 maxlen: 22
148.139.112.0/22 maxlen: 22
148.139.116.0/22 maxlen: 22
148.139.120.0/22 maxlen: 22
148.139.124.0/24 maxlen: 24
148.139.125.0/24 maxlen: 24
148.139.136.0/22 maxlen: 22
148.139.140.0/24 maxlen: 24
148.139.142.0/24 maxlen: 24
148.139.143.0/24 maxlen: 24
148.139.144.0/22 maxlen: 22
148.139.144.0/24 maxlen: 24
148.139.148.0/22 maxlen: 22
148.139.152.0/22 maxlen: 22
148.139.156.0/22 maxlen: 22
148.139.160.0/20 maxlen: 20
148.139.176.0/20 maxlen: 20
157.5.128.0/17 maxlen: 17
157.70.0.0/17 maxlen: 17
163.120.128.0/17 maxlen: 17
165.171.0.0/17 maxlen: 17
2a04:37c0::/29 maxlen: 48
2a04:37c0:3110::/48 maxlen: 48
2a04:37c0:3120::/48 maxlen: 48
2a04:37c0:3510::/48 maxlen: 48
2a04:37c0:3520::/48 maxlen: 48
2a04:37c0:3910::/48 maxlen: 48
2a04:37c0:3920::/48 maxlen: 48
2a04:37c0:4110::/48 maxlen: 48
2a04:37c0:4120::/48 maxlen: 48
2a04:37c0:4410::/48 maxlen: 48
2a04:37c0:4420::/48 maxlen: 48
2a04:37c0:4430::/48 maxlen: 48
2a04:37c0:4910::/48 maxlen: 48
2a04:37c0:4920::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 21 Aug 2024 22:25:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:6c:fa:35:a3:da:a6:6f:67:2f:88:89:a0:7e:7e:9a:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01c38a06a39b20b8da40009237d76acdd28e71a5
Validity
Not Before: Aug 19 23:30:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6f442faea618da2689cd53fd4dc8d72a59f64d54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:bf:2a:c7:62:7c:e8:05:f1:7d:86:52:40:a7:
3b:59:c8:8f:d9:bf:88:bd:39:83:99:be:f5:77:fd:
92:d1:aa:eb:a7:cc:fa:80:c8:ed:6e:95:77:f4:d1:
e7:2f:dc:81:90:0f:9d:a4:0b:f8:c9:f4:df:84:55:
a0:3f:75:63:c8:a7:8f:22:08:2f:5a:87:a8:ef:7e:
90:af:a8:14:88:f7:c8:f8:91:fa:dc:0d:76:a0:23:
9b:ee:3e:a8:66:1a:bd:a6:cd:50:69:be:2c:28:fa:
69:bb:9d:07:6d:1a:2f:25:5d:ce:3c:e4:aa:1f:74:
ca:09:22:4b:9c:fb:1c:75:79:88:26:e6:2a:fb:07:
93:56:d6:04:ba:c4:0f:72:fa:64:8f:3a:d7:81:a5:
c8:ab:e6:a8:1f:c5:5c:31:90:0c:b7:42:b8:92:5b:
dd:5b:f3:8a:d8:dd:8e:55:d2:48:4e:67:de:fa:e4:
84:2c:b9:bb:64:95:bf:ba:f6:bd:af:b1:4a:37:11:
16:d4:39:21:16:4b:f7:08:d1:9e:bf:99:ce:79:0e:
38:5e:ab:4e:43:7c:ab:8f:ff:ef:3f:43:f0:c8:7a:
cd:2f:13:a4:c1:64:2c:aa:ad:ee:04:ba:bb:36:e4:
b6:43:f3:19:e4:cf:51:df:0c:55:eb:74:60:37:79:
2e:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:44:2F:AE:A6:18:DA:26:89:CD:53:FD:4D:C8:D7:2A:59:F6:4D:54
X509v3 Authority Key Identifier:
keyid:01:C3:8A:06:A3:9B:20:B8:DA:40:00:92:37:D7:6A:CD:D2:8E:71:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AcOKBqObILjaQACSN9dqzdKOcaU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/b0QvrqYY2iaJzVP9TcjXKln2TVQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/AcOKBqObILjaQACSN9dqzdKOcaU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.98.232.0/21
136.242.128.0/17
138.12.128.0/17
148.139.0.0/16
157.5.128.0/17
157.70.0.0/17
163.120.128.0/17
165.171.0.0/17
IPv6:
2a04:37c0::/29
Signature Algorithm: sha256WithRSAEncryption
75:c7:32:38:fa:5b:eb:b8:19:1e:8a:0d:81:ce:57:3d:3d:78:
d1:4d:e0:9a:fb:fc:67:ee:7a:11:92:40:31:5b:07:13:c9:c4:
51:cb:74:e3:d9:72:a6:d3:d0:e1:96:85:32:35:d1:50:9b:06:
5f:db:42:fa:26:b7:f7:26:7c:cf:38:d7:e6:75:a7:35:8b:64:
bb:95:6a:94:83:cf:50:36:d8:40:5a:5f:44:a5:1d:f3:e8:72:
e3:68:92:2f:e0:ff:a1:f4:76:99:43:50:f2:2e:4a:c9:86:f8:
2c:18:65:cf:a0:7c:d7:00:bb:a7:d1:e9:71:6c:14:33:8c:16:
14:ba:e5:2b:52:8c:69:c2:8b:e5:cb:9d:cb:46:7f:5f:e4:75:
a2:3e:ec:04:23:a3:3d:30:11:a5:fa:25:4e:06:57:6f:ae:34:
e2:f2:6b:64:3d:2d:1b:b1:81:af:4b:71:42:b4:7e:a8:ee:1c:
ce:56:f7:d0:23:40:cd:b3:7e:65:42:17:77:28:84:50:9f:b6:
17:43:32:c5:52:54:d3:3d:cd:80:cc:4c:5e:33:47:b2:c5:09:
a7:01:09:b9:e2:7b:96:60:2f:d5:fe:17:76:3f:df:aa:df:cc:
d2:df:e1:bc:ec:55:33:2a:f6:08:2a:be:da:55:7f:04:6c:79:
ff:72:76:2b
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAZFs+jWj2qZvZy+IiaB+fpoZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxYzM4YTA2YTM5YjIwYjhkYTQwMDA5MjM3ZDc2YWNkZDI4
ZTcxYTUwHhcNMjQwODE5MjMzMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjQ0MmZhZWE2MThkYTI2ODljZDUzZmQ0ZGM4ZDcyYTU5ZjY0ZDU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApL8qx2J86AXxfYZSQKc7WciP2b+I
vTmDmb71d/2S0arrp8z6gMjtbpV39NHnL9yBkA+dpAv4yfTfhFWgP3VjyKePIggv
Woeo736Qr6gUiPfI+JH63A12oCOb7j6oZhq9ps1Qab4sKPppu50HbRovJV3OPOSq
H3TKCSJLnPscdXmIJuYq+weTVtYEusQPcvpkjzrXgaXIq+aoH8VcMZAMt0K4klvd
W/OK2N2OVdJITmfe+uSELLm7ZJW/uva9r7FKNxEW1DkhFkv3CNGev5nOeQ44XqtO
Q3yrj//vP0PwyHrNLxOkwWQsqq3uBLq7NuS2Q/MZ5M9R3wxV63RgN3kuGQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFG9EL66mGNomic1T/U3I1ypZ9k1UMB8GA1UdIwQY
MBaAFAHDigajmyC42kAAkjfXas3SjnGlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWNPS0JxT2JJTGphUUFDU045ZHF6ZEtPY2FVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS82YThlNWUtMzliNi00N2UzLWJiYjAt
YjI5ZjEwY2MwMzI4LzEvYjBRdnJxWVkyaWFKelZQOVRjalhLbG4yVFZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS82YThlNWUtMzliNi00N2UzLWJiYjAtYjI5ZjEwY2MwMzI4
LzEvQWNPS0JxT2JJTGphUUFDU045ZHF6ZEtPY2FVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjA1BAIAATAvAwQDJWLoAwQH
iPKAAwQHigyAAwMAlIsDBAedBYADBAedRgADBAejeIADBAelqwAwDQQCAAIwBwMF
AyoEN8AwDQYJKoZIhvcNAQELBQADggEBAHXHMjj6W+u4GR6KDYHOVz09eNFN4Jr7
/GfuehGSQDFbBxPJxFHLdOPZcqbT0OGWhTI10VCbBl/bQvomt/cmfM841+Z1pzWL
ZLuVapSDz1A22EBaX0SlHfPocuNoki/g/6H0dplDUPIuSsmG+CwYZc+gfNcAu6fR
6XFsFDOMFhS65StSjGnCi+XLnctGf1/kdaI+7AQjoz0wEaX6JU4GV2+uNOLya2Q9
LRuxga9LcUK0fqjuHM5W99AjQM2zfmVCF3cohFCfthdDMsVSVNM9zYDMTF4zR7LF
CacBCbnie5ZgL9X+F3Y/36rfzNLf4bzsVTMq9ggqvtpVfwRsef9ydis=
-----END CERTIFICATE-----
Generated at Thu Aug 22 02:29:02 2024 by rpki-client on console-ams.rpki-client.org