Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/cqcoaEDvnx-yMLDVTKm7jde-oZA.roa
File: cqcoaEDvnx-yMLDVTKm7jde-oZA.roa (raw, json)
Hash identifier: ShAHqhh0IEP+xXnE9XF94UEPaA6owB6JjctDCpqUup8=
Subject key identifier: 72:A7:28:68:40:EF:9F:1F:B2:30:B0:D5:4C:A9:BB:8D:D7:BE:A1:90
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 0194F9CF099B1C3D945061275A3CBD8E9C50
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/cqcoaEDvnx-yMLDVTKm7jde-oZA.roa
Signing time: Wed 12 Feb 2025 10:58:02 +0000
ROA not before: Wed 12 Feb 2025 10:58:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 137409
IP address blocks: 14.102.62.0/24 maxlen: 24
62.169.134.0/24 maxlen: 24
103.61.196.0/24 maxlen: 24
103.138.78.0/24 maxlen: 24
167.160.28.0/24 maxlen: 24
170.62.238.0/24 maxlen: 24
192.253.209.0/24 maxlen: 24
192.253.211.0/24 maxlen: 24
198.55.31.0/24 maxlen: 24
203.188.166.0/24 maxlen: 24
203.188.174.0/24 maxlen: 24
203.188.175.0/24 maxlen: 24
203.188.176.0/24 maxlen: 24
203.188.177.0/24 maxlen: 24
203.188.178.0/24 maxlen: 24
203.188.179.0/24 maxlen: 24
203.188.180.0/24 maxlen: 24
203.188.182.0/24 maxlen: 24
203.188.183.0/24 maxlen: 24
203.188.184.0/24 maxlen: 24
203.188.185.0/24 maxlen: 24
203.188.186.0/24 maxlen: 24
203.188.187.0/24 maxlen: 24
203.188.188.0/24 maxlen: 24
203.188.189.0/24 maxlen: 24
203.188.190.0/24 maxlen: 24
203.188.191.0/24 maxlen: 24
212.32.48.0/24 maxlen: 24
212.32.49.0/24 maxlen: 24
212.32.50.0/24 maxlen: 24
212.32.51.0/24 maxlen: 24
212.32.70.0/24 maxlen: 24
212.32.71.0/24 maxlen: 24
212.32.73.0/24 maxlen: 24
212.32.76.0/24 maxlen: 24
212.32.77.0/24 maxlen: 24
212.32.78.0/24 maxlen: 24
212.32.79.0/24 maxlen: 24
212.56.52.0/24 maxlen: 24
212.56.53.0/24 maxlen: 24
212.56.54.0/24 maxlen: 24
212.56.55.0/24 maxlen: 24
213.254.163.0/24 maxlen: 24
213.254.172.0/24 maxlen: 24
213.254.173.0/24 maxlen: 24
213.254.175.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 18 Feb 2025 13:29:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:f9:cf:09:9b:1c:3d:94:50:61:27:5a:3c:bd:8e:9c:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Feb 12 10:58:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=72a7286840ef9f1fb230b0d54ca9bb8dd7bea190
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:7e:07:00:10:89:74:1e:45:d5:c6:4c:1a:9a:
ea:cb:93:68:24:0a:0b:73:3b:7c:c8:22:da:82:61:
56:8a:14:94:b2:76:8d:ad:45:b3:70:92:ba:1c:d9:
ab:cb:b1:ab:b3:83:cd:a4:e7:07:37:8b:f3:44:0a:
cc:21:f4:11:cc:0b:10:48:a0:c9:6b:7b:d1:24:ac:
37:44:93:26:e5:3a:1d:71:b2:96:42:13:0e:32:d9:
6b:ea:69:4b:46:97:3f:4b:45:7f:af:98:ef:27:c3:
1b:c7:2f:c2:32:a0:fb:96:f3:11:54:aa:b4:bb:a6:
88:62:35:61:54:f9:13:b2:df:5f:4a:81:0a:e7:44:
a4:90:3a:b0:d7:02:25:86:10:33:a8:fc:eb:ad:26:
3e:0f:70:5f:3e:d5:71:9f:03:45:51:20:4e:90:bc:
a3:fb:90:b3:bc:83:bd:63:dc:fa:14:6d:45:b0:68:
63:30:c1:42:27:43:80:7a:ba:cc:0a:fe:bd:b9:18:
4a:60:f9:29:3a:4c:71:81:98:72:ff:b9:c3:4e:16:
7a:d1:2a:ba:c5:e7:93:93:4e:ea:18:d7:b5:12:2d:
ae:f3:4c:5f:ae:8c:2b:ef:22:e8:14:37:bb:43:c0:
dc:1a:88:25:78:47:b6:fa:ad:99:60:88:ad:34:19:
96:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:A7:28:68:40:EF:9F:1F:B2:30:B0:D5:4C:A9:BB:8D:D7:BE:A1:90
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/cqcoaEDvnx-yMLDVTKm7jde-oZA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.62.0/24
62.169.134.0/24
103.61.196.0/24
103.138.78.0/24
167.160.28.0/24
170.62.238.0/24
192.253.209.0/24
192.253.211.0/24
198.55.31.0/24
203.188.166.0/24
203.188.174.0-203.188.180.255
203.188.182.0-203.188.191.255
212.32.48.0/22
212.32.70.0/23
212.32.73.0/24
212.32.76.0/22
212.56.52.0/22
213.254.163.0/24
213.254.172.0/23
213.254.175.0/24
Signature Algorithm: sha256WithRSAEncryption
69:e2:29:7c:e6:bf:06:34:87:0d:0c:28:86:e4:8b:63:99:83:
af:1c:d2:0d:e7:b4:2e:65:97:96:2d:c1:6b:67:b5:03:e8:88:
c3:e8:11:70:9b:5e:72:3f:61:ed:89:92:c2:09:c2:3f:4a:d6:
3b:0b:b2:2e:1d:e3:e4:51:a7:b3:38:e0:f7:4d:ce:47:81:8b:
e4:49:e4:1d:51:d6:72:7e:d2:b6:45:8f:5c:4f:b9:09:c7:58:
f2:f4:e2:7f:39:79:f6:9e:36:f7:c6:56:11:11:41:a2:7c:33:
43:fe:aa:b8:2a:9a:59:1c:c7:96:0f:47:30:9b:db:96:4e:d3:
26:79:51:8c:96:a7:f4:23:c8:bf:8b:3d:2a:1a:09:2e:5e:7e:
f1:99:eb:a9:4f:df:76:aa:bd:69:95:b0:ab:1d:a4:4a:22:0d:
a7:13:ea:53:95:20:16:c0:2e:70:07:a1:04:c7:83:43:42:10:
12:6a:df:fa:f3:de:96:45:f7:38:cb:ea:c5:8b:e4:8c:ae:c6:
d6:eb:b7:b4:08:65:39:37:ae:5b:d4:01:aa:bc:17:e7:c9:62:
86:41:b1:8d:b6:12:71:c9:5f:81:73:2a:28:b6:bd:82:7c:3c:
eb:ab:01:34:4e:d9:2a:f7:40:da:83:18:30:82:c0:90:8e:68:
29:3f:c9:19
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgISAZT5zwmbHD2UUGEnWjy9jpxQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjUwMjEyMTA1ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmE3Mjg2ODQwZWY5ZjFmYjIzMGIwZDU0Y2E5YmI4ZGQ3YmVhMTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9n4HABCJdB5F1cZMGprqy5NoJAoL
czt8yCLagmFWihSUsnaNrUWzcJK6HNmry7Grs4PNpOcHN4vzRArMIfQRzAsQSKDJ
a3vRJKw3RJMm5TodcbKWQhMOMtlr6mlLRpc/S0V/r5jvJ8Mbxy/CMqD7lvMRVKq0
u6aIYjVhVPkTst9fSoEK50SkkDqw1wIlhhAzqPzrrSY+D3BfPtVxnwNFUSBOkLyj
+5CzvIO9Y9z6FG1FsGhjMMFCJ0OAerrMCv69uRhKYPkpOkxxgZhy/7nDThZ60Sq6
xeeTk07qGNe1Ei2u80xfrowr7yLoFDe7Q8DcGogleEe2+q2ZYIitNBmWIQIDAQAB
o4ICkDCCAowwHQYDVR0OBBYEFHKnKGhA758fsjCw1Uypu43XvqGQMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvY3Fjb2FFRHZueC15TUxEVlRLbTdqZGUtb1pBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGlBggrBgEFBQcBBwEB/wSBlTCBkjCBjwQCAAEwgYgDBAAO
Zj4DBAA+qYYDBABnPcQDBABnik4DBACnoBwDBACqPu4DBADA/dEDBADA/dMDBADG
Nx8DBADLvKYwDAMEAcu8rgMEAMu8tDAMAwQBy7y2AwQGy7yAAwQC1CAwAwQB1CBG
AwQA1CBJAwQC1CBMAwQC1Dg0AwQA1f6jAwQB1f6sAwQA1f6vMA0GCSqGSIb3DQEB
CwUAA4IBAQBp4il85r8GNIcNDCiG5ItjmYOvHNIN57QuZZeWLcFrZ7UD6IjD6BFw
m15yP2HtiZLCCcI/StY7C7IuHePkUaezOOD3Tc5HgYvkSeQdUdZyftK2RY9cT7kJ
x1jy9OJ/OXn2njb3xlYREUGifDND/qq4KppZHMeWD0cwm9uWTtMmeVGMlqf0I8i/
iz0qGgkuXn7xmeupT992qr1plbCrHaRKIg2nE+pTlSAWwC5wB6EEx4NDQhASat/6
896WRfc4y+rFi+SMrsbW67e0CGU5N65b1AGqvBfnyWKGQbGNthJxyV+Bcyootr2C
fDzrqwE0Ttkq90DagxgwgsCQjmgpP8kZ
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:14:39 2025 by rpki-client