Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/KCIDbO4ghIJwOcmytIxDLqcahnQ.roa
File: KCIDbO4ghIJwOcmytIxDLqcahnQ.roa (raw, json)
Hash identifier: RyiIrTW+GUmi/XCINBi71zZigkLKjmwDIclNYqI8IIs=
Subject key identifier: 28:22:03:6C:EE:20:84:82:70:39:C9:B2:B4:8C:43:2E:A7:1A:86:74
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 0195910097AE69C10FC9B9A239122BEDBCF1
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/KCIDbO4ghIJwOcmytIxDLqcahnQ.roa
Signing time: Thu 13 Mar 2025 19:34:49 +0000
ROA not before: Thu 13 Mar 2025 19:34:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 14.102.52.0/24 maxlen: 24
14.102.54.0/24 maxlen: 24
14.102.55.0/24 maxlen: 24
14.102.63.0/24 maxlen: 24
14.102.85.0/24 maxlen: 24
14.102.87.0/24 maxlen: 24
31.222.216.0/24 maxlen: 24
31.222.217.0/24 maxlen: 24
31.222.218.0/24 maxlen: 24
31.222.219.0/24 maxlen: 24
62.169.129.0/24 maxlen: 24
62.169.131.0/24 maxlen: 24
62.169.132.0/24 maxlen: 24
62.169.133.0/24 maxlen: 24
62.169.134.0/24 maxlen: 24
62.169.135.0/24 maxlen: 24
84.51.234.0/24 maxlen: 24
84.51.235.0/24 maxlen: 24
92.51.232.0/24 maxlen: 24
92.51.233.0/24 maxlen: 24
92.51.238.0/24 maxlen: 24
92.51.239.0/24 maxlen: 24
92.51.248.0/24 maxlen: 24
92.51.249.0/24 maxlen: 24
92.51.250.0/24 maxlen: 24
92.51.251.0/24 maxlen: 24
92.51.252.0/24 maxlen: 24
92.51.253.0/24 maxlen: 24
92.51.254.0/24 maxlen: 24
103.61.197.0/24 maxlen: 24
103.61.198.0/24 maxlen: 24
103.61.199.0/24 maxlen: 24
103.125.77.0/24 maxlen: 24
103.125.78.0/24 maxlen: 24
103.125.79.0/24 maxlen: 24
103.210.198.0/24 maxlen: 24
103.210.199.0/24 maxlen: 24
103.213.212.0/24 maxlen: 24
103.213.213.0/24 maxlen: 24
103.213.214.0/24 maxlen: 24
103.213.215.0/24 maxlen: 24
103.255.76.0/24 maxlen: 24
103.255.77.0/24 maxlen: 24
155.2.176.0/24 maxlen: 24
155.2.177.0/24 maxlen: 24
155.2.178.0/24 maxlen: 24
155.2.179.0/24 maxlen: 24
155.2.182.0/24 maxlen: 24
155.2.183.0/24 maxlen: 24
155.2.184.0/24 maxlen: 24
155.2.185.0/24 maxlen: 24
155.2.186.0/24 maxlen: 24
155.2.187.0/24 maxlen: 24
155.2.188.0/24 maxlen: 24
155.2.212.0/24 maxlen: 24
155.2.215.0/24 maxlen: 24
155.2.217.0/24 maxlen: 24
155.2.221.0/24 maxlen: 24
155.2.222.0/24 maxlen: 24
167.160.16.0/24 maxlen: 24
167.160.17.0/24 maxlen: 24
167.160.29.0/24 maxlen: 24
170.62.89.0/24 maxlen: 24
170.62.90.0/24 maxlen: 24
170.62.91.0/24 maxlen: 24
170.62.92.0/24 maxlen: 24
170.62.93.0/24 maxlen: 24
170.62.94.0/24 maxlen: 24
170.62.95.0/24 maxlen: 24
170.62.100.0/24 maxlen: 24
170.62.102.0/24 maxlen: 24
170.62.103.0/24 maxlen: 24
170.62.106.0/24 maxlen: 24
170.62.107.0/24 maxlen: 24
170.62.108.0/24 maxlen: 24
170.62.110.0/24 maxlen: 24
170.62.111.0/24 maxlen: 24
170.62.160.0/24 maxlen: 24
170.62.224.0/24 maxlen: 24
170.62.225.0/24 maxlen: 24
170.62.226.0/24 maxlen: 24
170.62.227.0/24 maxlen: 24
170.62.228.0/24 maxlen: 24
170.62.229.0/24 maxlen: 24
170.62.230.0/24 maxlen: 24
170.62.231.0/24 maxlen: 24
170.62.232.0/24 maxlen: 24
170.62.233.0/24 maxlen: 24
170.62.234.0/24 maxlen: 24
170.62.235.0/24 maxlen: 24
185.34.108.0/24 maxlen: 24
185.34.109.0/24 maxlen: 24
185.34.110.0/24 maxlen: 24
185.34.111.0/24 maxlen: 24
192.253.208.0/24 maxlen: 24
198.55.28.0/24 maxlen: 24
198.55.29.0/24 maxlen: 24
203.188.164.0/24 maxlen: 24
203.188.167.0/24 maxlen: 24
203.188.169.0/24 maxlen: 24
203.188.170.0/24 maxlen: 24
203.188.171.0/24 maxlen: 24
203.188.172.0/24 maxlen: 24
203.188.173.0/24 maxlen: 24
212.32.74.0/24 maxlen: 24
212.56.48.0/24 maxlen: 24
212.56.49.0/24 maxlen: 24
212.56.50.0/24 maxlen: 24
212.56.51.0/24 maxlen: 24
212.78.245.0/24 maxlen: 24
212.78.246.0/24 maxlen: 24
212.78.247.0/24 maxlen: 24
212.78.248.0/24 maxlen: 24
212.78.249.0/24 maxlen: 24
212.78.250.0/24 maxlen: 24
212.78.251.0/24 maxlen: 24
213.254.174.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 17 Mar 2025 09:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:91:00:97:ae:69:c1:0f:c9:b9:a2:39:12:2b:ed:bc:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Mar 13 19:34:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2822036cee2084827039c9b2b48c432ea71a8674
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:ef:05:c1:58:7b:1c:f2:4b:df:a2:1c:6a:15:
75:b9:53:23:08:56:94:8b:db:9c:e2:28:f6:e6:fb:
0e:0d:b0:c3:1a:1c:02:d0:60:4f:43:11:df:e6:f8:
cd:eb:0a:82:0d:ec:d2:ee:01:a4:61:fb:62:26:8f:
a2:ef:68:3e:1d:a5:58:eb:52:ed:5a:9a:56:5c:9c:
50:01:d9:a6:f9:f7:5c:16:36:c1:e0:8b:58:d2:96:
70:1d:3f:66:70:43:4b:6f:85:9b:74:62:23:a4:6e:
d6:cc:da:38:a5:6a:55:87:95:69:48:40:f9:d8:51:
1d:63:bf:ec:18:bc:53:f8:e8:a0:90:62:f0:83:d0:
5b:8f:cb:75:32:1b:0d:17:d4:fc:47:db:7f:b5:9d:
0d:94:59:ba:96:70:00:5b:f5:31:60:19:4a:2e:b0:
04:dc:73:03:97:94:08:8a:7c:b7:58:76:6a:79:4c:
6f:79:93:c8:ca:16:18:a1:a8:13:c7:13:4b:76:f5:
01:37:23:10:6b:b4:2d:f2:f6:ac:eb:40:ef:4e:98:
69:1b:60:fc:3d:fa:6b:e3:4e:69:69:9e:60:1c:07:
70:79:cf:a4:61:4c:47:58:e0:c6:1c:11:46:70:9f:
cd:d0:9d:4f:5d:bd:69:30:15:c2:8e:af:ca:64:be:
59:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:22:03:6C:EE:20:84:82:70:39:C9:B2:B4:8C:43:2E:A7:1A:86:74
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/KCIDbO4ghIJwOcmytIxDLqcahnQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.52.0/24
14.102.54.0/23
14.102.63.0/24
14.102.85.0/24
14.102.87.0/24
31.222.216.0/22
62.169.129.0/24
62.169.131.0-62.169.135.255
84.51.234.0/23
92.51.232.0/23
92.51.238.0/23
92.51.248.0-92.51.254.255
103.61.197.0-103.61.199.255
103.125.77.0-103.125.79.255
103.210.198.0/23
103.213.212.0/22
103.255.76.0/23
155.2.176.0/22
155.2.182.0-155.2.188.255
155.2.212.0/24
155.2.215.0/24
155.2.217.0/24
155.2.221.0-155.2.222.255
167.160.16.0/23
167.160.29.0/24
170.62.89.0-170.62.95.255
170.62.100.0/24
170.62.102.0/23
170.62.106.0-170.62.108.255
170.62.110.0/23
170.62.160.0/24
170.62.224.0-170.62.235.255
185.34.108.0/22
192.253.208.0/24
198.55.28.0/23
203.188.164.0/24
203.188.167.0/24
203.188.169.0-203.188.173.255
212.32.74.0/24
212.56.48.0/22
212.78.245.0-212.78.251.255
213.254.174.0/24
Signature Algorithm: sha256WithRSAEncryption
da:d0:79:bf:19:a6:00:5f:a7:25:4e:fc:5e:c3:3a:87:dc:c5:
14:f8:73:6f:56:23:2d:92:70:16:b9:6a:f5:e2:68:8a:42:c7:
43:d3:c8:eb:15:f1:5b:96:08:4d:da:18:00:f9:17:2a:02:14:
7b:61:a3:42:e3:ba:76:13:36:7f:7c:e6:38:93:48:25:84:14:
42:29:15:98:74:2b:88:21:70:c6:aa:af:cf:28:e7:13:c5:00:
96:0c:0f:d9:a7:20:77:34:29:50:dc:8e:8e:7c:c3:cf:6e:bb:
0a:6a:1e:dc:8d:cc:c8:98:f1:c6:a2:11:d6:26:7a:cf:ec:97:
bc:3d:5a:15:13:23:62:30:4d:9c:0a:bf:e6:58:43:cb:af:35:
19:7b:62:ae:06:b4:29:71:15:f1:2b:a9:84:dc:0e:6d:46:5a:
65:91:c4:e4:46:cb:2e:31:ed:9e:4b:7e:55:75:34:87:60:30:
74:e0:84:d5:0e:13:0b:9a:50:61:9b:82:4b:8a:a6:bb:31:9f:
df:54:17:fa:fe:d7:5a:14:56:df:ad:12:25:1c:57:08:d8:cd:
be:e9:b2:14:e5:6b:9a:5e:b2:70:cc:13:04:2b:7d:66:c0:8e:
e5:41:db:f5:30:6d:ce:89:ec:f2:67:37:48:00:38:fd:dd:ee:
21:be:b3:17
-----BEGIN CERTIFICATE-----
MIIGVTCCBT2gAwIBAgISAZWRAJeuacEPybmiORIr7bzxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjUwMzEzMTkzNDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODIyMDM2Y2VlMjA4NDgyNzAzOWM5YjJiNDhjNDMyZWE3MWE4Njc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAle8FwVh7HPJL36IcahV1uVMjCFaU
i9uc4ij25vsODbDDGhwC0GBPQxHf5vjN6wqCDezS7gGkYftiJo+i72g+HaVY61Lt
WppWXJxQAdmm+fdcFjbB4ItY0pZwHT9mcENLb4WbdGIjpG7WzNo4pWpVh5VpSED5
2FEdY7/sGLxT+OigkGLwg9Bbj8t1MhsNF9T8R9t/tZ0NlFm6lnAAW/UxYBlKLrAE
3HMDl5QIiny3WHZqeUxveZPIyhYYoagTxxNLdvUBNyMQa7Qt8vas60DvTphpG2D8
Pfpr405paZ5gHAdwec+kYUxHWODGHBFGcJ/N0J1PXb1pMBXCjq/KZL5ZVwIDAQAB
o4IDYTCCA10wHQYDVR0OBBYEFCgiA2zuIISCcDnJsrSMQy6nGoZ0MB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvS0NJRGJPNGdoSUp3T2NteXRJeERMcWNhaG5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBdQYIKwYBBQUHAQcBAf8EggFkMIIBYDCCAVwEAgABMIIB
VAMEAA5mNAMEAQ5mNgMEAA5mPwMEAA5mVQMEAA5mVwMEAh/e2AMEAD6pgTAMAwQA
PqmDAwQDPqmAAwQBVDPqAwQBXDPoAwQBXDPuMAwDBANcM/gDBABcM/4wDAMEAGc9
xQMEA2c9wDAMAwQAZ31NAwQEZ31AAwQBZ9LGAwQCZ9XUAwQBZ/9MAwQCmwKwMAwD
BAGbArYDBACbArwDBACbAtQDBACbAtcDBACbAtkwDAMEAJsC3QMEAJsC3gMEAaeg
EAMEAKegHTAMAwQAqj5ZAwQFqj5AAwQAqj5kAwQBqj5mMAwDBAGqPmoDBACqPmwD
BAGqPm4DBACqPqAwDAMEBao+4AMEAqo+6AMEArkibAMEAMD90AMEAcY3HAMEAMu8
pAMEAMu8pzAMAwQAy7ypAwQBy7ysAwQA1CBKAwQC1DgwMAwDBADUTvUDBALUTvgD
BADV/q4wDQYJKoZIhvcNAQELBQADggEBANrQeb8ZpgBfpyVO/F7DOofcxRT4c29W
Iy2ScBa5avXiaIpCx0PTyOsV8VuWCE3aGAD5FyoCFHtho0LjunYTNn985jiTSCWE
FEIpFZh0K4ghcMaqr88o5xPFAJYMD9mnIHc0KVDcjo58w89uuwpqHtyNzMiY8cai
EdYmes/sl7w9WhUTI2IwTZwKv+ZYQ8uvNRl7Yq4GtClxFfErqYTcDm1GWmWRxORG
yy4x7Z5LflV1NIdgMHTghNUOEwuaUGGbgkuKprsxn99UF/r+11oUVt+tEiUcVwjY
zb7pshTla5pesnDMEwQrfWbAjuVB2/Uwbc6J7PJnN0gAOP3d7iG+sxc=
-----END CERTIFICATE-----
Generated at Sun Jun 8 17:14:10 2025 by rpki-client