Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/KbD2MFyv6y6gONsoIYLnCaryPbk.roa
File: KbD2MFyv6y6gONsoIYLnCaryPbk.roa (raw, json)
Hash identifier: 8npRdWoSucKQ0JR+iD5iggfw50pjFkC+mNR0Ocs2+Ro=
Subject key identifier: 29:B0:F6:30:5C:AF:EB:2E:A0:38:DB:28:21:82:E7:09:AA:F2:3D:B9
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 01922273367C7A6CF6142619752A10E391DB
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/KbD2MFyv6y6gONsoIYLnCaryPbk.roa
Signing time: Tue 24 Sep 2024 05:13:48 +0000
ROA not before: Tue 24 Sep 2024 05:13:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 137409
IP address blocks: 14.102.62.0/24 maxlen: 24
103.138.78.0/24 maxlen: 24
167.160.28.0/24 maxlen: 24
192.253.208.0/24 maxlen: 24
192.253.209.0/24 maxlen: 24
192.253.210.0/24 maxlen: 24
192.253.211.0/24 maxlen: 24
198.55.31.0/24 maxlen: 24
203.188.166.0/24 maxlen: 24
203.188.174.0/24 maxlen: 24
203.188.175.0/24 maxlen: 24
203.188.176.0/24 maxlen: 24
203.188.177.0/24 maxlen: 24
203.188.178.0/24 maxlen: 24
203.188.179.0/24 maxlen: 24
203.188.180.0/24 maxlen: 24
203.188.181.0/24 maxlen: 24
203.188.182.0/24 maxlen: 24
203.188.183.0/24 maxlen: 24
203.188.184.0/24 maxlen: 24
203.188.185.0/24 maxlen: 24
203.188.186.0/24 maxlen: 24
203.188.187.0/24 maxlen: 24
203.188.188.0/24 maxlen: 24
203.188.189.0/24 maxlen: 24
203.188.190.0/24 maxlen: 24
203.188.191.0/24 maxlen: 24
212.32.48.0/24 maxlen: 24
212.32.49.0/24 maxlen: 24
212.32.50.0/24 maxlen: 24
212.32.51.0/24 maxlen: 24
212.32.68.0/24 maxlen: 24
212.32.69.0/24 maxlen: 24
212.32.70.0/24 maxlen: 24
212.32.71.0/24 maxlen: 24
212.32.72.0/24 maxlen: 24
212.32.73.0/24 maxlen: 24
212.32.74.0/24 maxlen: 24
212.32.75.0/24 maxlen: 24
212.32.76.0/24 maxlen: 24
212.32.77.0/24 maxlen: 24
212.32.78.0/24 maxlen: 24
212.32.79.0/24 maxlen: 24
212.56.52.0/24 maxlen: 24
212.56.53.0/24 maxlen: 24
212.56.54.0/24 maxlen: 24
212.56.55.0/24 maxlen: 24
213.254.160.0/24 maxlen: 24
213.254.161.0/24 maxlen: 24
213.254.162.0/24 maxlen: 24
213.254.163.0/24 maxlen: 24
213.254.172.0/24 maxlen: 24
213.254.173.0/24 maxlen: 24
213.254.174.0/24 maxlen: 24
213.254.175.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 22 Oct 2024 16:17:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:22:73:36:7c:7a:6c:f6:14:26:19:75:2a:10:e3:91:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Sep 24 05:13:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=29b0f6305cafeb2ea038db282182e709aaf23db9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:a0:c8:6c:73:ec:7e:df:81:2f:f2:f3:8b:15:
27:36:d1:98:25:e2:b2:43:83:6d:0c:eb:cd:9b:65:
5e:9e:41:26:91:26:3e:94:96:c0:2c:f1:dc:ed:d0:
79:c7:7a:5f:e5:c3:b6:75:57:d9:84:89:b1:23:9f:
5c:af:3d:67:48:7a:59:15:25:f9:2e:e6:94:38:d2:
9f:d4:28:98:a6:20:d6:4b:21:27:00:fb:9b:80:d3:
91:c6:8d:34:4b:17:8c:f4:01:dc:ae:1f:8f:59:cc:
13:60:70:aa:09:17:3b:fc:39:e6:39:d2:dd:21:d7:
de:15:a1:8d:97:ed:03:f2:75:1b:8c:bc:13:ba:ec:
06:0f:ea:fc:2e:34:ab:1c:c3:bd:40:e6:dc:61:cc:
16:1f:75:0a:77:84:b9:b4:a8:3e:76:fa:64:45:ae:
b9:dd:91:f2:c6:50:5f:10:0e:5b:c6:b9:80:9c:11:
1a:84:69:24:14:55:58:ae:92:60:d3:0f:44:5d:5d:
85:3a:02:17:da:55:43:1c:53:34:c1:d3:4b:cb:55:
a0:aa:e1:f5:8a:2c:64:71:df:ac:4d:c7:20:7b:a3:
0d:5a:68:f0:c7:3d:35:27:d7:43:23:75:c0:1e:4c:
07:9e:8f:70:fd:66:02:e7:21:3c:bc:67:95:a1:60:
37:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:B0:F6:30:5C:AF:EB:2E:A0:38:DB:28:21:82:E7:09:AA:F2:3D:B9
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/KbD2MFyv6y6gONsoIYLnCaryPbk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.62.0/24
103.138.78.0/24
167.160.28.0/24
192.253.208.0/22
198.55.31.0/24
203.188.166.0/24
203.188.174.0-203.188.191.255
212.32.48.0/22
212.32.68.0-212.32.79.255
212.56.52.0/22
213.254.160.0/22
213.254.172.0/22
Signature Algorithm: sha256WithRSAEncryption
9e:42:5c:d8:21:a0:de:28:58:a7:bc:8a:55:d2:16:4f:5c:c3:
c7:58:8a:7c:20:56:ac:1f:f6:7b:d6:fc:8c:89:0e:4e:ee:77:
b5:2d:c2:bf:c1:1d:ef:84:54:df:10:9e:81:29:4d:a9:ff:dd:
52:68:0b:6d:63:40:f5:3a:db:73:29:9c:74:e5:2c:ae:ea:ad:
4d:95:32:19:d5:f8:61:2d:15:d1:5d:59:be:fd:15:f9:5c:11:
05:f0:db:c9:64:e7:d7:5c:ed:24:1b:48:5f:a4:12:39:ac:3e:
96:0d:47:76:1e:d4:d2:61:5d:3d:a3:91:de:d2:bc:56:9d:7e:
5f:ce:2a:e7:66:24:d1:58:c0:3b:70:d2:24:1a:af:0e:3e:2a:
15:72:86:4e:fe:a2:d2:8b:c8:27:2b:f7:8a:14:37:53:64:b4:
1f:5b:7c:8e:6d:0d:a2:01:16:46:61:2a:fc:1c:8c:c6:24:ff:
a1:8c:3e:08:0b:e7:4b:96:52:e9:4c:01:bb:76:ef:6a:29:19:
41:f0:ac:9f:a2:76:c9:a6:4b:16:ef:30:b8:f6:fe:fe:99:78:
ce:bf:92:2e:b5:d3:70:55:c2:54:6c:69:49:ef:c0:60:98:30:
8c:84:93:a5:ef:e5:d9:ce:90:a3:23:86:94:8d:3a:2d:a8:8c:
3d:bd:12:b0
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAZIiczZ8emz2FCYZdSoQ45HbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjQwOTI0MDUxMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWIwZjYzMDVjYWZlYjJlYTAzOGRiMjgyMTgyZTcwOWFhZjIzZGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp6DIbHPsft+BL/LzixUnNtGYJeKy
Q4NtDOvNm2VenkEmkSY+lJbALPHc7dB5x3pf5cO2dVfZhImxI59crz1nSHpZFSX5
LuaUONKf1CiYpiDWSyEnAPubgNORxo00SxeM9AHcrh+PWcwTYHCqCRc7/DnmOdLd
IdfeFaGNl+0D8nUbjLwTuuwGD+r8LjSrHMO9QObcYcwWH3UKd4S5tKg+dvpkRa65
3ZHyxlBfEA5bxrmAnBEahGkkFFVYrpJg0w9EXV2FOgIX2lVDHFM0wdNLy1WgquH1
iixkcd+sTccge6MNWmjwxz01J9dDI3XAHkwHno9w/WYC5yE8vGeVoWA3twIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFCmw9jBcr+suoDjbKCGC5wmq8j25MB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvS2JEMk1GeXY2eTZnT05zb0lZTG5DYXJ5UGJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBeBAIAATBYAwQADmY+AwQA
Z4pOAwQAp6AcAwQCwP3QAwQAxjcfAwQAy7ymMAwDBAHLvK4DBAbLvIADBALUIDAw
DAMEAtQgRAMEBNQgQAMEAtQ4NAMEAtX+oAMEAtX+rDANBgkqhkiG9w0BAQsFAAOC
AQEAnkJc2CGg3ihYp7yKVdIWT1zDx1iKfCBWrB/2e9b8jIkOTu53tS3Cv8Ed74RU
3xCegSlNqf/dUmgLbWNA9TrbcymcdOUsruqtTZUyGdX4YS0V0V1Zvv0V+VwRBfDb
yWTn11ztJBtIX6QSOaw+lg1Hdh7U0mFdPaOR3tK8Vp1+X84q52Yk0VjAO3DSJBqv
Dj4qFXKGTv6i0ovIJyv3ihQ3U2S0H1t8jm0NogEWRmEq/ByMxiT/oYw+CAvnS5ZS
6UwBu3bvaikZQfCsn6J2yaZLFu8wuPb+/pl4zr+SLrXTcFXCVGxpSe/AYJgwjIST
pe/l2c6QoyOGlI06LaiMPb0SsA==
-----END CERTIFICATE-----
Generated at Tue Oct 22 19:33:53 2024 by rpki-client on console-ams.rpki-client.org