Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/4d9bad-d2ac-4179-8945-94bb83a20029/1/rfgFfyXwtw_ArgeMrcpJ0fJaWek.roa
File: rfgFfyXwtw_ArgeMrcpJ0fJaWek.roa (raw, json)
Hash identifier: PRSneJehZ7Bi3mwe7lo0Rmczm/dKAlOBoOhCodPCARs=
Subject key identifier: AD:F8:05:7F:25:F0:B7:0F:C0:AE:07:8C:AD:CA:49:D1:F2:5A:59:E9
Certificate issuer: /CN=ab6f6a36ec2960d4d05f3d9dcb187b9b904ea59b
Certificate serial: 018CCA72EC70F6B38E31347448D43196238D
Authority key identifier: AB:6F:6A:36:EC:29:60:D4:D0:5F:3D:9D:CB:18:7B:9B:90:4E:A5:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q29qNuwpYNTQXz2dyxh7m5BOpZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/4d9bad-d2ac-4179-8945-94bb83a20029/1/rfgFfyXwtw_ArgeMrcpJ0fJaWek.roa
Signing time: Tue 02 Jan 2024 13:52:58 +0000
ROA not before: Tue 02 Jan 2024 13:52:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197882
IP address blocks: 130.255.92.0/24 maxlen: 24
130.255.95.0/24 maxlen: 24
130.255.93.0/24 maxlen: 24
130.255.94.0/24 maxlen: 24
31.25.136.0/24 maxlen: 24
31.25.139.0/24 maxlen: 24
31.25.137.0/24 maxlen: 24
31.25.140.0/24 maxlen: 24
31.25.141.0/24 maxlen: 24
185.184.198.0/24 maxlen: 24
185.184.199.0/24 maxlen: 24
185.101.238.0/24 maxlen: 24
185.101.239.0/24 maxlen: 24
185.101.236.0/24 maxlen: 24
185.101.237.0/24 maxlen: 24
185.14.250.0/24 maxlen: 24
185.14.248.0/23 maxlen: 23
159.255.160.0/22 maxlen: 22
159.255.161.0/24 maxlen: 24
159.255.160.0/24 maxlen: 24
159.255.164.0/24 maxlen: 24
159.255.162.0/24 maxlen: 24
159.255.163.0/24 maxlen: 24
2a03:bcc0:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 09 Jan 2024 08:19:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:72:ec:70:f6:b3:8e:31:34:74:48:d4:31:96:23:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab6f6a36ec2960d4d05f3d9dcb187b9b904ea59b
Validity
Not Before: Jan 2 13:52:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=adf8057f25f0b70fc0ae078cadca49d1f25a59e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:8f:ed:88:88:c9:bf:44:1e:45:ab:a5:f1:db:
f8:36:07:d3:fd:4d:ad:4c:44:3f:bb:4c:9b:21:2f:
03:ba:31:f9:b0:45:88:8b:e2:8e:47:2c:7e:49:b6:
30:e2:07:c9:ed:e7:34:b3:f8:23:1c:31:93:d2:7d:
4d:72:be:08:aa:01:1b:07:be:ff:cf:8e:5b:63:06:
76:02:7d:e0:1d:ed:2a:52:33:bf:68:4c:fa:8e:e6:
d4:3d:3d:6c:55:dc:f3:40:24:e9:9a:f0:4c:16:c8:
2b:7e:aa:f9:43:90:99:12:26:0b:05:79:ae:bf:ef:
32:3a:9e:c0:f5:f2:8c:19:4a:87:b5:5f:73:71:ba:
da:ee:6d:14:e1:a0:9e:44:e1:d9:35:c4:13:3e:f3:
b2:10:36:ad:61:d0:d2:99:ae:69:67:a6:b6:89:23:
4d:ad:86:24:6b:a3:ce:9f:5a:c5:7b:d6:80:3d:bb:
46:78:47:51:ad:f7:bc:ef:1b:35:10:f8:cb:15:17:
da:f8:73:54:d7:d9:07:44:14:d8:73:c9:c4:bf:28:
25:f2:81:4e:f9:3f:24:dd:4d:cd:c0:fa:bc:72:17:
f0:53:86:5a:e3:ec:c1:7a:7e:2c:dd:90:67:b1:40:
ca:43:56:aa:04:f0:59:dc:21:f5:4d:2e:be:21:82:
20:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:F8:05:7F:25:F0:B7:0F:C0:AE:07:8C:AD:CA:49:D1:F2:5A:59:E9
X509v3 Authority Key Identifier:
keyid:AB:6F:6A:36:EC:29:60:D4:D0:5F:3D:9D:CB:18:7B:9B:90:4E:A5:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q29qNuwpYNTQXz2dyxh7m5BOpZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/4d9bad-d2ac-4179-8945-94bb83a20029/1/rfgFfyXwtw_ArgeMrcpJ0fJaWek.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/4d9bad-d2ac-4179-8945-94bb83a20029/1/q29qNuwpYNTQXz2dyxh7m5BOpZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.136.0/23
31.25.139.0-31.25.141.255
130.255.92.0/22
159.255.160.0-159.255.164.255
185.14.248.0-185.14.250.255
185.101.236.0/22
185.184.198.0/23
IPv6:
2a03:bcc0:1::/48
Signature Algorithm: sha256WithRSAEncryption
5a:26:6a:83:c9:5d:86:c8:e0:f0:e3:d1:a2:c7:a3:23:9b:46:
76:6e:83:8c:ac:c7:39:32:18:36:46:45:66:ff:00:2f:60:8d:
bb:4c:70:3c:65:06:9d:b1:52:86:ec:43:95:b4:f9:03:26:4b:
3a:9e:c0:08:85:ca:6a:85:d9:5a:05:6d:ad:b7:04:0a:89:bc:
a0:c6:24:8b:22:a0:da:0d:c5:c3:12:d4:ac:e5:3a:81:81:3c:
04:a2:0a:c9:69:a9:b9:68:ad:3a:03:04:a0:d4:b0:6d:7b:bd:
f1:22:e2:06:1c:33:66:7d:a3:bf:32:1a:5b:4a:1f:b0:c2:69:
fa:41:83:c5:67:b5:9f:ca:b4:b3:91:bc:33:a4:1e:4f:b8:52:
37:f1:58:c6:d6:0b:2b:45:1a:f7:e3:46:fd:c9:14:7e:77:10:
5f:64:15:52:a9:59:f2:0c:c5:bd:f5:04:af:d2:cd:27:6f:8e:
c3:01:5f:c0:3f:e6:12:1d:6d:a0:70:3f:1c:d0:30:b6:40:de:
ff:07:f3:0d:a5:20:1d:8b:1f:08:f1:96:92:f2:6b:07:6a:18:
4e:e5:6b:05:b1:33:92:32:f0:35:59:9a:3d:e6:90:7b:ca:9f:
65:e3:99:96:8c:95:12:d1:37:9a:2d:9d:d0:5d:4b:4a:8c:9a:
d7:2c:b8:3e
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgISAYzKcuxw9rOOMTR0SNQxliONMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiNmY2YTM2ZWMyOTYwZDRkMDVmM2Q5ZGNiMTg3YjliOTA0
ZWE1OWIwHhcNMjQwMTAyMTM1MjU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGY4MDU3ZjI1ZjBiNzBmYzBhZTA3OGNhZGNhNDlkMWYyNWE1OWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqY/tiIjJv0QeRaul8dv4NgfT/U2t
TEQ/u0ybIS8DujH5sEWIi+KORyx+SbYw4gfJ7ec0s/gjHDGT0n1Ncr4IqgEbB77/
z45bYwZ2An3gHe0qUjO/aEz6jubUPT1sVdzzQCTpmvBMFsgrfqr5Q5CZEiYLBXmu
v+8yOp7A9fKMGUqHtV9zcbra7m0U4aCeROHZNcQTPvOyEDatYdDSma5pZ6a2iSNN
rYYka6POn1rFe9aAPbtGeEdRrfe87xs1EPjLFRfa+HNU19kHRBTYc8nEvygl8oFO
+T8k3U3NwPq8chfwU4Za4+zBen4s3ZBnsUDKQ1aqBPBZ3CH1TS6+IYIgtwIDAQAB
o4ICVjCCAlIwHQYDVR0OBBYEFK34BX8l8LcPwK4HjK3KSdHyWlnpMB8GA1UdIwQY
MBaAFKtvajbsKWDU0F89ncsYe5uQTqWbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTI5cU51d3BZTlRRWHoyZHl4aDdtNUJPcFpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy80ZDliYWQtZDJhYy00MTc5LTg5NDUt
OTRiYjgzYTIwMDI5LzEvcmZnRmZ5WHd0d19BcmdlTXJjcEowZkphV2VrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy80ZDliYWQtZDJhYy00MTc5LTg5NDUtOTRiYjgzYTIwMDI5
LzEvcTI5cU51d3BZTlRRWHoyZHl4aDdtNUJPcFpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGwGCCsGAQUFBwEHAQH/BF0wWzBIBAIAATBCAwQBHxmIMAwD
BAAfGYsDBAEfGYwDBAKC/1wwDAMEBZ//oAMEAJ//pDAMAwQDuQ74AwQAuQ76AwQC
uWXsAwQBubjGMA8EAgACMAkDBwAqA7zAAAEwDQYJKoZIhvcNAQELBQADggEBAFom
aoPJXYbI4PDj0aLHoyObRnZug4ysxzkyGDZGRWb/AC9gjbtMcDxlBp2xUobsQ5W0
+QMmSzqewAiFymqF2VoFba23BAqJvKDGJIsioNoNxcMS1KzlOoGBPASiCslpqblo
rToDBKDUsG17vfEi4gYcM2Z9o78yGltKH7DCafpBg8VntZ/KtLORvDOkHk+4Ujfx
WMbWCytFGvfjRv3JFH53EF9kFVKpWfIMxb31BK/SzSdvjsMBX8A/5hIdbaBwPxzQ
MLZA3v8H8w2lIB2LHwjxlpLyawdqGE7lawWxM5Iy8DVZmj3mkHvKn2XjmZaMlRLR
N5otndBdS0qMmtcsuD4=
-----END CERTIFICATE-----
Generated at Tue Jan 9 11:02:43 2024 by rpki-client on console-ams.rpki-client.org