Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/1-dNC2QF7GzZboe78ZAY2d8KJlSo.roa
File: 1-dNC2QF7GzZboe78ZAY2d8KJlSo.roa (raw, json)
Hash identifier: bQP5SGpMWDkojUxTwfW5VujAk+hj0Tru/GKsId9Ms20=
Subject key identifier: F9:D3:42:D9:01:7B:1B:36:5B:A1:EE:FC:64:06:36:77:C2:89:95:2A
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 0196005B5DC204F979C860B8327E6029F194
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/1-dNC2QF7GzZboe78ZAY2d8KJlSo.roa
Signing time: Fri 04 Apr 2025 10:31:49 +0000
ROA not before: Fri 04 Apr 2025 10:31:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 137409
IP address blocks: 14.102.61.0/24 maxlen: 24
14.102.62.0/24 maxlen: 24
14.102.84.0/24 maxlen: 24
14.102.86.0/24 maxlen: 24
62.169.128.0/24 maxlen: 24
103.61.196.0/24 maxlen: 24
103.138.78.0/24 maxlen: 24
167.160.28.0/24 maxlen: 24
170.62.238.0/24 maxlen: 24
192.253.209.0/24 maxlen: 24
192.253.211.0/24 maxlen: 24
198.55.31.0/24 maxlen: 24
203.188.166.0/24 maxlen: 24
203.188.174.0/24 maxlen: 24
203.188.175.0/24 maxlen: 24
203.188.176.0/24 maxlen: 24
203.188.177.0/24 maxlen: 24
203.188.178.0/24 maxlen: 24
203.188.179.0/24 maxlen: 24
203.188.180.0/24 maxlen: 24
203.188.184.0/24 maxlen: 24
203.188.185.0/24 maxlen: 24
203.188.186.0/24 maxlen: 24
203.188.187.0/24 maxlen: 24
203.188.188.0/24 maxlen: 24
203.188.189.0/24 maxlen: 24
203.188.190.0/24 maxlen: 24
203.188.191.0/24 maxlen: 24
212.32.51.0/24 maxlen: 24
212.32.70.0/24 maxlen: 24
212.32.71.0/24 maxlen: 24
212.32.73.0/24 maxlen: 24
212.32.76.0/24 maxlen: 24
212.32.77.0/24 maxlen: 24
212.32.78.0/24 maxlen: 24
212.32.79.0/24 maxlen: 24
212.56.55.0/24 maxlen: 24
213.254.163.0/24 maxlen: 24
213.254.172.0/24 maxlen: 24
213.254.173.0/24 maxlen: 24
213.254.175.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 09 Apr 2025 16:40:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:00:5b:5d:c2:04:f9:79:c8:60:b8:32:7e:60:29:f1:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Apr 4 10:31:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f9d342d9017b1b365ba1eefc64063677c289952a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:aa:5f:9c:20:87:f2:6b:c4:6d:bd:75:d7:84:
70:15:71:de:b4:ce:54:73:d3:63:6e:61:83:4f:d1:
ba:64:cf:70:28:8c:d0:24:ce:8d:e3:e3:56:c3:31:
d1:51:96:ee:5b:40:b4:a9:34:df:79:05:e3:13:9b:
c6:32:36:ea:23:e0:ff:59:8e:76:70:f7:74:83:d2:
3f:00:5f:04:66:4a:90:8f:b4:d7:93:83:77:05:de:
47:78:5c:84:92:fb:86:91:e8:3f:a4:20:ba:a3:64:
b6:19:b1:57:30:db:f0:3c:5d:62:f9:52:f6:94:41:
30:c4:ab:f0:21:4b:20:c6:57:e8:3d:bf:e5:99:4d:
cc:95:23:ac:3a:5b:ed:20:8f:20:d7:c5:45:a2:cf:
2f:35:26:5a:1e:82:50:7c:60:80:bb:4c:2e:f9:74:
7a:23:da:e3:45:74:b0:8f:5c:00:e1:2a:0a:5d:66:
72:35:f1:83:8e:58:b9:bc:4d:90:59:16:fa:e8:f6:
39:09:6c:49:4c:88:7c:10:ca:0f:70:fe:4f:ae:36:
3f:8e:ab:60:03:a5:53:82:0d:07:5f:f2:58:39:3c:
cd:76:2e:d8:8a:f9:34:4c:10:1b:12:e5:f2:51:f2:
77:86:5d:01:87:3f:23:43:0d:b7:2c:e1:eb:4a:d6:
09:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:D3:42:D9:01:7B:1B:36:5B:A1:EE:FC:64:06:36:77:C2:89:95:2A
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/1-dNC2QF7GzZboe78ZAY2d8KJlSo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.61.0-14.102.62.255
14.102.84.0/24
14.102.86.0/24
62.169.128.0/24
103.61.196.0/24
103.138.78.0/24
167.160.28.0/24
170.62.238.0/24
192.253.209.0/24
192.253.211.0/24
198.55.31.0/24
203.188.166.0/24
203.188.174.0-203.188.180.255
203.188.184.0/21
212.32.51.0/24
212.32.70.0/23
212.32.73.0/24
212.32.76.0/22
212.56.55.0/24
213.254.163.0/24
213.254.172.0/23
213.254.175.0/24
Signature Algorithm: sha256WithRSAEncryption
34:35:4b:48:8a:ac:02:6a:8a:67:8a:ff:f4:19:40:c5:57:c3:
27:e5:a9:02:fe:30:71:17:3c:2e:ec:3d:02:dd:96:5d:04:33:
61:72:f2:08:57:f1:db:5c:9c:76:1d:ac:9a:e2:e8:72:fd:40:
b1:9d:6d:f2:45:cf:7d:33:64:cc:9d:f0:a1:24:18:48:0f:06:
6f:b6:f9:ac:99:74:ef:ed:5d:e6:b7:ed:46:1e:a6:01:03:7c:
04:84:ec:f9:33:8a:03:a2:4a:59:08:f5:89:f8:cc:38:41:63:
4c:bf:fa:05:7a:6c:3b:d4:02:ff:b5:94:aa:8b:0f:23:99:ae:
1f:49:6e:f7:ce:be:e0:f6:5c:47:3f:4a:b8:46:fd:2c:5c:df:
53:98:ef:90:a2:d2:10:0e:07:49:0c:ce:e3:2d:93:40:de:30:
a2:08:92:02:4c:77:98:fa:f6:ac:1b:89:17:5e:d6:1d:e5:56:
e5:e3:d8:cc:68:12:ad:28:b2:72:f7:56:7e:54:6f:04:4e:72:
8e:c5:b5:90:29:f4:e9:99:cb:01:eb:8f:98:7f:46:d5:23:52:
c7:df:17:f1:09:00:5e:60:6b:89:09:e2:98:d6:eb:57:fb:6e:
06:c2:44:8e:f7:59:dc:db:03:24:14:7b:4d:1e:65:ae:8e:4d:
ed:2c:5d:45
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgISAZYAW13CBPl5yGC4Mn5gKfGUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjUwNDA0MTAzMTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWQzNDJkOTAxN2IxYjM2NWJhMWVlZmM2NDA2MzY3N2MyODk5NTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz6pfnCCH8mvEbb1114RwFXHetM5U
c9NjbmGDT9G6ZM9wKIzQJM6N4+NWwzHRUZbuW0C0qTTfeQXjE5vGMjbqI+D/WY52
cPd0g9I/AF8EZkqQj7TXk4N3Bd5HeFyEkvuGkeg/pCC6o2S2GbFXMNvwPF1i+VL2
lEEwxKvwIUsgxlfoPb/lmU3MlSOsOlvtII8g18VFos8vNSZaHoJQfGCAu0wu+XR6
I9rjRXSwj1wA4SoKXWZyNfGDjli5vE2QWRb66PY5CWxJTIh8EMoPcP5PrjY/jqtg
A6VTgg0HX/JYOTzNdi7Yivk0TBAbEuXyUfJ3hl0Bhz8jQw23LOHrStYJ2wIDAQAB
o4ICnTCCApkwHQYDVR0OBBYEFPnTQtkBexs2W6Hu/GQGNnfCiZUqMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvMS1kTkMyUUY3R3paYm9lNzhaQVkyZDhLSmxTby5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNjYvMmJhOTdlLTU5OGItNDhkZC04ZDU2LWY1ZmI3MWI5YTUx
Zi8xLzhFcFlCSDgzdThCWGxFdV9qSzJIUW9lVmt0by5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBsQYIKwYBBQUHAQcBAf8EgaEwgZ4wgZsEAgABMIGUMAwD
BAAOZj0DBAAOZj4DBAAOZlQDBAAOZlYDBAA+qYADBABnPcQDBABnik4DBACnoBwD
BACqPu4DBADA/dEDBADA/dMDBADGNx8DBADLvKYwDAMEAcu8rgMEAMu8tAMEA8u8
uAMEANQgMwMEAdQgRgMEANQgSQMEAtQgTAMEANQ4NwMEANX+owMEAdX+rAMEANX+
rzANBgkqhkiG9w0BAQsFAAOCAQEANDVLSIqsAmqKZ4r/9BlAxVfDJ+WpAv4wcRc8
Luw9At2WXQQzYXLyCFfx21ycdh2smuLocv1AsZ1t8kXPfTNkzJ3woSQYSA8Gb7b5
rJl07+1d5rftRh6mAQN8BITs+TOKA6JKWQj1ifjMOEFjTL/6BXpsO9QC/7WUqosP
I5muH0lu986+4PZcRz9KuEb9LFzfU5jvkKLSEA4HSQzO4y2TQN4wogiSAkx3mPr2
rBuJF17WHeVW5ePYzGgSrSiycvdWflRvBE5yjsW1kCn06ZnLAeuPmH9G1SNSx98X
8QkAXmBriQnimNbrV/tuBsJEjvdZ3NsDJBR7TR5lro5N7SxdRQ==
-----END CERTIFICATE-----
Generated at Sun Jun 8 18:36:53 2025 by rpki-client