Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/KrfjZ4UpOzoSvAVgpJdSTiF150Y.roa
File: KrfjZ4UpOzoSvAVgpJdSTiF150Y.roa (raw, json)
Hash identifier: NrTwYPHA2Mz7+Kb2+4KqqjfiGwrWvtI0NIEPDDOvhm8=
Subject key identifier: 2A:B7:E3:67:85:29:3B:3A:12:BC:05:60:A4:97:52:4E:21:75:E7:46
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 0194CFC5FD8B0AD5687EFD609E4A7C276B3A
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/KrfjZ4UpOzoSvAVgpJdSTiF150Y.roa
Signing time: Tue 04 Feb 2025 07:04:06 +0000
ROA not before: Tue 04 Feb 2025 07:04:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 137409
IP address blocks: 14.102.62.0/24 maxlen: 24
62.169.134.0/24 maxlen: 24
103.61.196.0/24 maxlen: 24
103.138.78.0/24 maxlen: 24
167.160.28.0/24 maxlen: 24
192.253.209.0/24 maxlen: 24
192.253.211.0/24 maxlen: 24
198.55.31.0/24 maxlen: 24
203.188.166.0/24 maxlen: 24
203.188.174.0/24 maxlen: 24
203.188.175.0/24 maxlen: 24
203.188.176.0/24 maxlen: 24
203.188.177.0/24 maxlen: 24
203.188.178.0/24 maxlen: 24
203.188.179.0/24 maxlen: 24
203.188.180.0/24 maxlen: 24
203.188.182.0/24 maxlen: 24
203.188.183.0/24 maxlen: 24
203.188.184.0/24 maxlen: 24
203.188.185.0/24 maxlen: 24
203.188.186.0/24 maxlen: 24
203.188.187.0/24 maxlen: 24
203.188.188.0/24 maxlen: 24
203.188.189.0/24 maxlen: 24
203.188.190.0/24 maxlen: 24
203.188.191.0/24 maxlen: 24
212.32.48.0/24 maxlen: 24
212.32.49.0/24 maxlen: 24
212.32.50.0/24 maxlen: 24
212.32.51.0/24 maxlen: 24
212.32.70.0/24 maxlen: 24
212.32.71.0/24 maxlen: 24
212.32.73.0/24 maxlen: 24
212.32.76.0/24 maxlen: 24
212.32.77.0/24 maxlen: 24
212.32.78.0/24 maxlen: 24
212.32.79.0/24 maxlen: 24
212.56.52.0/24 maxlen: 24
212.56.53.0/24 maxlen: 24
212.56.54.0/24 maxlen: 24
212.56.55.0/24 maxlen: 24
213.254.163.0/24 maxlen: 24
213.254.172.0/24 maxlen: 24
213.254.173.0/24 maxlen: 24
213.254.175.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Feb 2025 10:58:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:cf:c5:fd:8b:0a:d5:68:7e:fd:60:9e:4a:7c:27:6b:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Feb 4 07:04:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2ab7e36785293b3a12bc0560a497524e2175e746
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:8a:7e:8b:1e:b4:27:c5:ac:90:86:39:7e:0c:
45:9d:5c:53:27:ac:5c:64:4d:6e:48:3a:8e:66:e4:
d0:12:fb:f3:39:b6:ae:4a:83:7a:07:23:50:44:6d:
ec:53:76:10:95:fe:6f:e1:e8:02:ed:49:8f:c7:a9:
db:0b:db:3a:1e:0f:28:95:05:ad:d6:65:4b:9c:70:
07:d9:c8:1f:aa:83:05:35:90:f3:32:92:7c:76:ac:
8c:6e:5a:02:fe:0e:5f:f6:76:41:0e:6c:84:d9:6f:
97:9d:5a:ad:e6:50:c7:07:62:95:e1:90:3b:bf:61:
f4:f3:ae:ec:c0:00:15:18:93:f1:34:78:56:d5:da:
5b:f0:a2:ed:6e:83:bb:ea:21:39:5b:fc:a9:fa:5d:
3b:db:93:49:a2:ea:ef:57:67:98:bf:72:96:fc:6c:
11:57:36:20:f4:f1:6c:4a:f1:ea:4c:fb:52:d0:2a:
10:05:62:da:dc:ac:e1:13:fe:97:f9:82:ea:db:b9:
f1:f5:5d:c7:1c:f4:ae:05:cc:dd:25:c8:79:73:3a:
cb:54:bd:a4:03:b4:bf:e9:8c:7e:a9:35:0d:3b:cc:
79:ce:e5:ae:37:7a:4d:b2:29:92:77:2e:c8:b3:70:
01:ab:d7:2d:fd:04:4b:4b:68:8e:ea:d5:bc:92:f4:
cb:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:B7:E3:67:85:29:3B:3A:12:BC:05:60:A4:97:52:4E:21:75:E7:46
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/KrfjZ4UpOzoSvAVgpJdSTiF150Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.62.0/24
62.169.134.0/24
103.61.196.0/24
103.138.78.0/24
167.160.28.0/24
192.253.209.0/24
192.253.211.0/24
198.55.31.0/24
203.188.166.0/24
203.188.174.0-203.188.180.255
203.188.182.0-203.188.191.255
212.32.48.0/22
212.32.70.0/23
212.32.73.0/24
212.32.76.0/22
212.56.52.0/22
213.254.163.0/24
213.254.172.0/23
213.254.175.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:f9:24:cf:9a:13:6b:02:80:81:64:f4:2e:40:ea:00:83:52:
7c:65:ac:24:45:6d:3a:c1:fc:69:bc:06:63:e9:59:24:1d:91:
24:88:e7:e1:88:bb:c3:13:27:de:9c:59:37:b0:ab:26:6c:71:
5e:33:7f:fb:8c:e8:c7:98:60:89:7c:09:9b:46:5a:89:d4:bd:
39:a3:5a:43:c7:11:f3:8b:83:40:13:5a:03:b9:ce:ee:ba:fc:
e4:09:99:ed:15:61:b9:3b:15:3c:93:a0:ac:80:35:ff:18:44:
f7:13:58:1e:19:76:5b:b1:77:9f:9e:60:4d:ec:61:8f:22:21:
99:82:ad:de:ac:a0:7e:81:62:90:d5:9c:54:f4:90:a9:48:94:
81:1f:04:69:da:19:c1:bf:57:99:e0:95:88:da:1c:a3:2a:98:
a3:8a:e0:f7:70:0f:57:5f:60:69:ad:a7:f6:80:14:5d:eb:12:
a2:0c:e1:14:f4:1c:6d:37:6a:be:f0:21:74:7c:10:57:90:30:
4c:12:2a:42:67:df:74:8e:c4:13:43:8b:0d:66:9e:b6:fe:44:
ce:38:e4:c0:38:cd:ca:d6:6f:7e:ae:bd:49:e9:62:cb:f1:3e:
da:ac:86:2b:9b:3e:d4:d2:c4:0d:9f:83:1d:c2:1d:4c:63:d0:
dc:22:a7:7a
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgISAZTPxf2LCtVofv1gnkp8J2s6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjUwMjA0MDcwNDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWI3ZTM2Nzg1MjkzYjNhMTJiYzA1NjBhNDk3NTI0ZTIxNzVlNzQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwYp+ix60J8WskIY5fgxFnVxTJ6xc
ZE1uSDqOZuTQEvvzObauSoN6ByNQRG3sU3YQlf5v4egC7UmPx6nbC9s6Hg8olQWt
1mVLnHAH2cgfqoMFNZDzMpJ8dqyMbloC/g5f9nZBDmyE2W+XnVqt5lDHB2KV4ZA7
v2H0867swAAVGJPxNHhW1dpb8KLtboO76iE5W/yp+l0725NJourvV2eYv3KW/GwR
VzYg9PFsSvHqTPtS0CoQBWLa3KzhE/6X+YLq27nx9V3HHPSuBczdJch5czrLVL2k
A7S/6Yx+qTUNO8x5zuWuN3pNsimSdy7Is3ABq9ct/QRLS2iO6tW8kvTLNQIDAQAB
o4ICijCCAoYwHQYDVR0OBBYEFCq342eFKTs6ErwFYKSXUk4hdedGMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvS3Jmalo0VXBPem9TdkFWZ3BKZFNUaUYxNTBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGfBggrBgEFBQcBBwEB/wSBjzCBjDCBiQQCAAEwgYIDBAAO
Zj4DBAA+qYYDBABnPcQDBABnik4DBACnoBwDBADA/dEDBADA/dMDBADGNx8DBADL
vKYwDAMEAcu8rgMEAMu8tDAMAwQBy7y2AwQGy7yAAwQC1CAwAwQB1CBGAwQA1CBJ
AwQC1CBMAwQC1Dg0AwQA1f6jAwQB1f6sAwQA1f6vMA0GCSqGSIb3DQEBCwUAA4IB
AQCm+STPmhNrAoCBZPQuQOoAg1J8ZawkRW06wfxpvAZj6VkkHZEkiOfhiLvDEyfe
nFk3sKsmbHFeM3/7jOjHmGCJfAmbRlqJ1L05o1pDxxHzi4NAE1oDuc7uuvzkCZnt
FWG5OxU8k6CsgDX/GET3E1geGXZbsXefnmBN7GGPIiGZgq3erKB+gWKQ1ZxU9JCp
SJSBHwRp2hnBv1eZ4JWI2hyjKpijiuD3cA9XX2Bpraf2gBRd6xKiDOEU9BxtN2q+
8CF0fBBXkDBMEipCZ990jsQTQ4sNZp62/kTOOOTAOM3K1m9+rr1J6WLL8T7arIYr
mz7U0sQNn4Mdwh1MY9DcIqd6
-----END CERTIFICATE-----
Generated at Sun Jun 8 18:33:12 2025 by rpki-client