Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/2qQkqiiBZnaaYOtZK5jbAgQG4WE.roa
File: 2qQkqiiBZnaaYOtZK5jbAgQG4WE.roa (raw, json)
Hash identifier: BGFshX2qoOYoMKeEzs4gqSlQs3UE0F+VlY3xZAOadLA=
Subject key identifier: DA:A4:24:AA:28:81:66:76:9A:60:EB:59:2B:98:DB:02:04:06:E1:61
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 019424B3A9458DC499CCC79E3D63680A2E0C
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/2qQkqiiBZnaaYOtZK5jbAgQG4WE.roa
Signing time: Thu 02 Jan 2025 01:49:01 +0000
ROA not before: Thu 02 Jan 2025 01:49:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8772
IP address blocks: 62.205.128.0/19 maxlen: 20
62.205.132.0/24 maxlen: 24
62.205.134.0/24 maxlen: 24
62.205.144.0/20 maxlen: 20
62.205.152.0/24 maxlen: 24
62.205.159.0/24 maxlen: 24
94.131.0.0/23 maxlen: 23
94.131.0.0/24 maxlen: 24
94.131.4.0/24 maxlen: 24
94.131.6.0/24 maxlen: 24
94.131.7.0/24 maxlen: 24
94.131.124.0/24 maxlen: 24
94.131.127.0/24 maxlen: 24
95.164.12.0/23 maxlen: 23
95.164.15.0/24 maxlen: 24
95.164.20.0/24 maxlen: 24
95.164.40.0/22 maxlen: 22
95.164.49.0/24 maxlen: 24
95.164.50.0/24 maxlen: 24
95.164.52.0/22 maxlen: 24
95.164.56.0/22 maxlen: 22
95.164.72.0/22 maxlen: 22
95.164.76.0/24 maxlen: 24
95.164.80.0/22 maxlen: 22
95.164.120.0/24 maxlen: 24
95.164.121.0/24 maxlen: 24
95.164.122.0/24 maxlen: 24
95.164.123.0/24 maxlen: 24
95.164.170.0/23 maxlen: 23
95.164.172.0/22 maxlen: 22
95.164.248.0/23 maxlen: 23
95.164.251.0/24 maxlen: 24
195.214.212.0/22 maxlen: 22
2a01:d0::/29 maxlen: 48
2a01:d0::/32 maxlen: 32
2a01:d0:4::/48 maxlen: 48
2a01:d0:a::/48 maxlen: 48
2a01:d0:28::/48 maxlen: 48
2a01:d0:3b::/48 maxlen: 48
2a01:d0:43::/48 maxlen: 48
2a01:d0:105::/48 maxlen: 48
2a01:d0:303::/48 maxlen: 48
2a01:d0:305::/48 maxlen: 48
2a01:d0:308::/48 maxlen: 48
2a01:d0:317::/48 maxlen: 48
2a01:d0:31d::/48 maxlen: 48
2a01:d0:333::/48 maxlen: 48
2a01:d0:962::/48 maxlen: 48
2a01:d0:1657::/48 maxlen: 48
2a01:d0:7fff::/48 maxlen: 48
2a01:d0:8000::/33 maxlen: 33
2a01:d0:ffff::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 21 Jan 2025 22:06:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:a9:45:8d:c4:99:cc:c7:9e:3d:63:68:0a:2e:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Jan 2 01:49:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=daa424aa288166769a60eb592b98db020406e161
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:b1:e8:b4:0a:4b:17:01:cf:d3:74:29:ed:7b:
9a:ed:4e:c3:ff:1e:32:70:48:29:48:26:cd:8d:ed:
3a:1d:5e:c5:f9:68:f6:cb:ba:48:63:11:42:92:a7:
65:16:e5:39:96:68:50:53:eb:63:b8:e1:8a:01:a9:
a1:39:25:d2:d1:ff:f3:4d:5d:56:f7:4f:91:17:b8:
5f:7c:f6:1f:b9:49:0b:93:3f:01:51:b8:5d:ed:c1:
31:76:de:96:f1:20:94:4e:59:85:86:5f:97:98:41:
b8:80:63:fa:58:89:80:c6:78:2d:f5:03:71:a7:94:
7b:15:c5:ce:8e:a3:9d:7f:74:04:98:a5:3a:05:89:
e9:c6:6b:7d:db:be:ed:be:5f:6d:2b:50:bf:21:a5:
33:70:cd:6a:97:81:ed:a2:23:a0:05:a3:a8:ee:d0:
5a:8c:29:1d:ad:d6:54:44:2a:1a:63:71:72:16:8e:
2d:33:15:cc:96:48:32:41:fe:ab:89:80:2c:d9:b5:
0f:d7:6d:63:f8:7e:20:cf:43:89:2e:49:9a:d8:4e:
8f:71:81:08:34:39:b2:22:bb:bf:9f:26:40:5c:33:
04:d6:88:19:31:17:59:d5:2f:5a:2f:91:93:48:79:
b5:cc:a4:cb:5b:62:a3:a8:47:19:6f:49:84:f3:16:
4c:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:A4:24:AA:28:81:66:76:9A:60:EB:59:2B:98:DB:02:04:06:E1:61
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/2qQkqiiBZnaaYOtZK5jbAgQG4WE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.205.128.0/19
94.131.0.0/23
94.131.4.0/24
94.131.6.0/23
94.131.124.0/24
94.131.127.0/24
95.164.12.0/23
95.164.15.0/24
95.164.20.0/24
95.164.40.0/22
95.164.49.0-95.164.50.255
95.164.52.0-95.164.59.255
95.164.72.0-95.164.76.255
95.164.80.0/22
95.164.120.0/22
95.164.170.0-95.164.175.255
95.164.248.0/23
95.164.251.0/24
195.214.212.0/22
IPv6:
2a01:d0::/29
Signature Algorithm: sha256WithRSAEncryption
a9:e3:8c:63:ea:73:cb:39:42:20:fc:ad:2d:5e:73:4a:e8:cf:
92:41:92:5e:07:cc:6c:40:8d:63:96:bc:7e:6f:09:5c:37:89:
cf:13:19:3c:89:2a:e6:f4:ae:97:02:9a:5d:74:02:51:01:f2:
23:8b:02:6d:61:be:82:56:c8:74:e1:54:a6:c1:76:b1:19:a1:
5c:fa:76:88:17:81:78:3c:d1:b1:dd:22:f8:26:50:ee:4d:94:
d8:43:4c:f8:7c:8d:d9:76:f8:82:84:9b:4b:bf:20:d1:22:49:
13:de:d5:d0:62:8a:5f:69:db:96:38:0e:f3:9b:d1:ba:d0:31:
b7:f1:22:73:82:a5:6d:ec:7c:35:66:b1:2b:5c:55:01:7f:16:
3e:f4:fa:73:88:cb:06:60:4a:b7:46:09:fd:c5:03:cf:ae:2a:
cd:9e:32:31:69:7d:c0:00:41:1f:10:dc:b1:b8:cf:cf:cd:99:
1b:c3:3d:13:24:4f:38:0a:f9:6d:f3:30:01:2d:7d:61:a2:4c:
8c:58:9d:72:4c:e6:ff:e5:24:22:a4:c9:32:91:b9:c0:65:c0:
13:12:87:bf:36:cf:57:09:e6:19:03:34:ee:08:63:eb:52:32:
f6:4b:4e:33:ab:cd:7a:40:d6:ed:d0:dd:68:17:dc:bb:59:8b:
23:f8:4c:d8
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgISAZQks6lFjcSZzMeePWNoCi4MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjUwMTAyMDE0OTAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWE0MjRhYTI4ODE2Njc2OWE2MGViNTkyYjk4ZGIwMjA0MDZlMTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqbHotApLFwHP03Qp7Xua7U7D/x4y
cEgpSCbNje06HV7F+Wj2y7pIYxFCkqdlFuU5lmhQU+tjuOGKAamhOSXS0f/zTV1W
90+RF7hffPYfuUkLkz8BUbhd7cExdt6W8SCUTlmFhl+XmEG4gGP6WImAxngt9QNx
p5R7FcXOjqOdf3QEmKU6BYnpxmt9277tvl9tK1C/IaUzcM1ql4HtoiOgBaOo7tBa
jCkdrdZURCoaY3FyFo4tMxXMlkgyQf6riYAs2bUP121j+H4gz0OJLkma2E6PcYEI
NDmyIru/nyZAXDME1ogZMRdZ1S9aL5GTSHm1zKTLW2KjqEcZb0mE8xZM1QIDAQAB
o4ICqTCCAqUwHQYDVR0OBBYEFNqkJKoogWZ2mmDrWSuY2wIEBuFhMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvMnFRa3FpaUJabmFhWU90Wks1amJBZ1FHNFdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG+BggrBgEFBQcBBwEB/wSBrjCBqzCBmQQCAAEwgZIDBAU+
zYADBAFegwADBABegwQDBAFegwYDBABeg3wDBABeg38DBAFfpAwDBABfpA8DBABf
pBQDBAJfpCgwDAMEAF+kMQMEAF+kMjAMAwQCX6Q0AwQCX6Q4MAwDBANfpEgDBABf
pEwDBAJfpFADBAJfpHgwDAMEAV+kqgMEBF+koAMEAV+k+AMEAF+k+wMEAsPW1DAN
BAIAAjAHAwUDKgEA0DANBgkqhkiG9w0BAQsFAAOCAQEAqeOMY+pzyzlCIPytLV5z
SujPkkGSXgfMbECNY5a8fm8JXDeJzxMZPIkq5vSulwKaXXQCUQHyI4sCbWG+glbI
dOFUpsF2sRmhXPp2iBeBeDzRsd0i+CZQ7k2U2ENM+HyN2Xb4goSbS78g0SJJE97V
0GKKX2nbljgO85vRutAxt/Eic4Klbex8NWaxK1xVAX8WPvT6c4jLBmBKt0YJ/cUD
z64qzZ4yMWl9wABBHxDcsbjPz82ZG8M9EyRPOAr5bfMwAS19YaJMjFidckzm/+Uk
IqTJMpG5wGXAExKHvzbPVwnmGQM07ghj61Iy9ktOM6vNekDW7dDdaBfcu1mLI/hM
2A==
-----END CERTIFICATE-----
Generated at Sun Apr 6 07:22:27 2025 by rpki-client