Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/GzQbU7wamZXMlVFSTt_uV81adJ4.roa
File: GzQbU7wamZXMlVFSTt_uV81adJ4.roa (raw, json)
Hash identifier: 3l+CGWG1wlYzgbcTMrpGjAK1g/NdUrQLQD70KX9c5cc=
Subject key identifier: 1B:34:1B:53:BC:1A:99:95:CC:95:51:52:4E:DF:EE:57:CD:5A:74:9E
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 0194453093AC0EB4BD5E4A1CDD237D186D9F
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/GzQbU7wamZXMlVFSTt_uV81adJ4.roa
Signing time: Wed 08 Jan 2025 09:13:18 +0000
ROA not before: Wed 08 Jan 2025 09:13:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 14.102.52.0/24 maxlen: 24
14.102.53.0/24 maxlen: 24
14.102.54.0/24 maxlen: 24
14.102.55.0/24 maxlen: 24
14.102.63.0/24 maxlen: 24
14.102.84.0/24 maxlen: 24
14.102.85.0/24 maxlen: 24
14.102.86.0/24 maxlen: 24
14.102.87.0/24 maxlen: 24
62.169.128.0/24 maxlen: 24
62.169.129.0/24 maxlen: 24
62.169.130.0/24 maxlen: 24
62.169.131.0/24 maxlen: 24
62.169.132.0/24 maxlen: 24
62.169.133.0/24 maxlen: 24
62.169.134.0/24 maxlen: 24
62.169.135.0/24 maxlen: 24
84.51.234.0/24 maxlen: 24
84.51.235.0/24 maxlen: 24
92.51.232.0/24 maxlen: 24
92.51.233.0/24 maxlen: 24
92.51.238.0/24 maxlen: 24
92.51.239.0/24 maxlen: 24
92.51.248.0/24 maxlen: 24
92.51.249.0/24 maxlen: 24
92.51.250.0/24 maxlen: 24
92.51.251.0/24 maxlen: 24
92.51.252.0/24 maxlen: 24
92.51.253.0/24 maxlen: 24
92.51.254.0/24 maxlen: 24
103.61.197.0/24 maxlen: 24
103.61.198.0/24 maxlen: 24
103.61.199.0/24 maxlen: 24
103.125.77.0/24 maxlen: 24
103.125.78.0/24 maxlen: 24
103.125.79.0/24 maxlen: 24
103.210.198.0/24 maxlen: 24
103.210.199.0/24 maxlen: 24
103.213.212.0/24 maxlen: 24
103.213.213.0/24 maxlen: 24
103.213.214.0/24 maxlen: 24
103.213.215.0/24 maxlen: 24
103.255.76.0/24 maxlen: 24
103.255.77.0/24 maxlen: 24
167.160.16.0/24 maxlen: 24
167.160.17.0/24 maxlen: 24
167.160.29.0/24 maxlen: 24
170.62.89.0/24 maxlen: 24
170.62.90.0/24 maxlen: 24
170.62.91.0/24 maxlen: 24
170.62.92.0/24 maxlen: 24
170.62.93.0/24 maxlen: 24
170.62.94.0/24 maxlen: 24
170.62.95.0/24 maxlen: 24
170.62.100.0/24 maxlen: 24
170.62.102.0/24 maxlen: 24
170.62.103.0/24 maxlen: 24
170.62.106.0/24 maxlen: 24
170.62.107.0/24 maxlen: 24
170.62.108.0/24 maxlen: 24
170.62.160.0/24 maxlen: 24
198.55.28.0/24 maxlen: 24
198.55.29.0/24 maxlen: 24
203.188.164.0/24 maxlen: 24
203.188.167.0/24 maxlen: 24
203.188.169.0/24 maxlen: 24
203.188.170.0/24 maxlen: 24
203.188.171.0/24 maxlen: 24
203.188.172.0/24 maxlen: 24
203.188.173.0/24 maxlen: 24
212.56.48.0/24 maxlen: 24
212.56.49.0/24 maxlen: 24
212.56.50.0/24 maxlen: 24
212.56.51.0/24 maxlen: 24
212.78.245.0/24 maxlen: 24
212.78.246.0/24 maxlen: 24
212.78.247.0/24 maxlen: 24
212.78.248.0/24 maxlen: 24
212.78.249.0/24 maxlen: 24
212.78.250.0/24 maxlen: 24
212.78.251.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 09 Jan 2025 08:48:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:45:30:93:ac:0e:b4:bd:5e:4a:1c:dd:23:7d:18:6d:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Jan 8 09:13:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1b341b53bc1a9995cc9551524edfee57cd5a749e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:33:43:dc:72:65:21:3c:a6:c0:74:22:70:d0:
bd:59:3e:56:09:61:25:5a:2b:91:ea:13:ce:ca:99:
fa:ae:2c:06:95:dc:2e:00:40:72:e6:9c:ee:81:80:
d4:93:27:f1:b0:5f:c5:47:ec:2c:2e:bc:ea:3a:a6:
19:20:54:e2:c4:12:0c:eb:2a:97:18:ed:a2:69:82:
d2:fa:57:46:a8:6b:78:eb:7c:84:9b:ce:62:ae:c2:
50:a9:1a:87:1e:63:54:a8:06:3c:1d:a1:60:7c:2a:
d7:67:a0:64:2d:fa:1f:cd:34:bd:03:37:a3:08:0a:
80:8d:9f:91:7c:d1:bf:28:c3:20:af:bb:7f:44:70:
13:bc:f4:1d:23:82:59:05:a0:ac:82:56:d4:82:e5:
be:a9:83:90:33:cd:28:72:20:6b:ed:38:78:c0:9b:
59:72:ba:6f:d7:f7:94:c9:b4:f8:39:e5:7f:8e:90:
6c:18:72:85:05:22:59:12:d1:82:d8:e8:0b:3f:ab:
fa:d7:55:97:06:57:51:34:d9:18:bc:3a:d7:c8:7f:
6e:2f:df:96:56:73:8c:68:bc:a3:73:b4:be:31:d0:
74:58:85:79:d1:ee:33:4a:0c:ac:1d:7e:d1:a2:07:
8b:40:1c:6a:8b:f2:16:a2:37:95:6e:5a:e5:49:33:
75:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:34:1B:53:BC:1A:99:95:CC:95:51:52:4E:DF:EE:57:CD:5A:74:9E
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/GzQbU7wamZXMlVFSTt_uV81adJ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.52.0/22
14.102.63.0/24
14.102.84.0/22
62.169.128.0/21
84.51.234.0/23
92.51.232.0/23
92.51.238.0/23
92.51.248.0-92.51.254.255
103.61.197.0-103.61.199.255
103.125.77.0-103.125.79.255
103.210.198.0/23
103.213.212.0/22
103.255.76.0/23
167.160.16.0/23
167.160.29.0/24
170.62.89.0-170.62.95.255
170.62.100.0/24
170.62.102.0/23
170.62.106.0-170.62.108.255
170.62.160.0/24
198.55.28.0/23
203.188.164.0/24
203.188.167.0/24
203.188.169.0-203.188.173.255
212.56.48.0/22
212.78.245.0-212.78.251.255
Signature Algorithm: sha256WithRSAEncryption
6f:19:35:55:b7:64:59:6e:de:dd:97:b0:84:2f:bf:de:62:e3:
e3:28:9c:cd:2f:5a:a5:3a:ba:cb:de:71:5e:67:4a:33:6e:7b:
49:88:ed:16:ab:ea:d6:60:cb:cf:77:a8:e5:59:ad:f5:46:2e:
cc:f3:45:7e:3c:98:89:3b:7d:68:b7:03:73:85:6f:a3:fc:29:
67:74:2f:03:a2:38:6b:fd:e0:13:ad:aa:cc:e3:89:f0:5f:7f:
e9:89:a1:06:dc:bb:3d:bc:f6:4c:e1:7a:56:8e:dd:7d:60:b4:
48:8d:bb:54:94:3b:62:46:3e:94:0b:10:38:4b:4a:b1:12:38:
64:1b:df:36:e4:0f:68:82:2c:53:0c:12:e8:d3:f1:96:7f:6a:
09:1c:14:c2:79:a6:82:27:65:f8:d4:1d:95:b4:57:e9:88:26:
a7:df:dc:53:fb:55:57:70:df:b0:ee:fd:31:a4:37:39:db:56:
3f:22:c3:b5:aa:62:41:e6:6c:e6:79:e9:cd:19:c6:09:02:cb:
c9:59:48:f6:5d:2f:36:ab:e3:9e:63:f6:34:c8:e7:55:fc:55:
79:83:12:4d:c2:b8:8d:9d:d9:9a:a2:ff:27:65:17:be:ad:e0:
93:9b:21:6c:ef:f1:1c:5e:c5:65:86:48:6c:fa:05:7e:b0:c2:
ab:08:83:28
-----BEGIN CERTIFICATE-----
MIIF0DCCBLigAwIBAgISAZRFMJOsDrS9Xkoc3SN9GG2fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjUwMTA4MDkxMzE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjM0MWI1M2JjMWE5OTk1Y2M5NTUxNTI0ZWRmZWU1N2NkNWE3NDllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsTND3HJlITymwHQicNC9WT5WCWEl
WiuR6hPOypn6riwGldwuAEBy5pzugYDUkyfxsF/FR+wsLrzqOqYZIFTixBIM6yqX
GO2iaYLS+ldGqGt463yEm85irsJQqRqHHmNUqAY8HaFgfCrXZ6BkLfofzTS9Azej
CAqAjZ+RfNG/KMMgr7t/RHATvPQdI4JZBaCsglbUguW+qYOQM80ociBr7Th4wJtZ
crpv1/eUybT4OeV/jpBsGHKFBSJZEtGC2OgLP6v611WXBldRNNkYvDrXyH9uL9+W
VnOMaLyjc7S+MdB0WIV50e4zSgysHX7RogeLQBxqi/IWojeVblrlSTN1ZwIDAQAB
o4IC3DCCAtgwHQYDVR0OBBYEFBs0G1O8GpmVzJVRUk7f7lfNWnSeMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvR3pRYlU3d2FtWlhNbFZGU1R0X3VWODFhZEo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHxBggrBgEFBQcBBwEB/wSB4TCB3jCB2wQCAAEwgdQDBAIO
ZjQDBAAOZj8DBAIOZlQDBAM+qYADBAFUM+oDBAFcM+gDBAFcM+4wDAMEA1wz+AME
AFwz/jAMAwQAZz3FAwQDZz3AMAwDBABnfU0DBARnfUADBAFn0sYDBAJn1dQDBAFn
/0wDBAGnoBADBACnoB0wDAMEAKo+WQMEBao+QAMEAKo+ZAMEAao+ZjAMAwQBqj5q
AwQAqj5sAwQAqj6gAwQBxjccAwQAy7ykAwQAy7ynMAwDBADLvKkDBAHLvKwDBALU
ODAwDAMEANRO9QMEAtRO+DANBgkqhkiG9w0BAQsFAAOCAQEAbxk1VbdkWW7e3Zew
hC+/3mLj4yiczS9apTq6y95xXmdKM257SYjtFqvq1mDLz3eo5Vmt9UYuzPNFfjyY
iTt9aLcDc4Vvo/wpZ3QvA6I4a/3gE62qzOOJ8F9/6YmhBty7Pbz2TOF6Vo7dfWC0
SI27VJQ7YkY+lAsQOEtKsRI4ZBvfNuQPaIIsUwwS6NPxln9qCRwUwnmmgidl+NQd
lbRX6Ygmp9/cU/tVV3DfsO79MaQ3OdtWPyLDtapiQeZs5nnpzRnGCQLLyVlI9l0v
NqvjnmP2NMjnVfxVeYMSTcK4jZ3ZmqL/J2UXvq3gk5shbO/xHF7FZYZIbPoFfrDC
qwiDKA==
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:31:45 2025 by rpki-client