Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/oCFo6PvKLf0bvssYtAmAdgcGdAo.roa
File: oCFo6PvKLf0bvssYtAmAdgcGdAo.roa (raw, json)
Hash identifier: NIzSubjt1FuAR8ZC3Ih57oHCkBncwre9xAuAtFFVWWg=
Subject key identifier: A0:21:68:E8:FB:CA:2D:FD:1B:BE:CB:18:B4:09:80:76:07:06:74:0A
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 01945EEBAF0843ED8DDD524FD2DF7A8BD1D7
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/oCFo6PvKLf0bvssYtAmAdgcGdAo.roa
Signing time: Mon 13 Jan 2025 09:08:11 +0000
ROA not before: Mon 13 Jan 2025 09:08:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 14.102.52.0/24 maxlen: 24
14.102.53.0/24 maxlen: 24
14.102.54.0/24 maxlen: 24
14.102.55.0/24 maxlen: 24
14.102.63.0/24 maxlen: 24
14.102.84.0/24 maxlen: 24
14.102.85.0/24 maxlen: 24
14.102.86.0/24 maxlen: 24
14.102.87.0/24 maxlen: 24
62.169.128.0/24 maxlen: 24
62.169.129.0/24 maxlen: 24
62.169.130.0/24 maxlen: 24
62.169.131.0/24 maxlen: 24
62.169.132.0/24 maxlen: 24
62.169.133.0/24 maxlen: 24
62.169.134.0/24 maxlen: 24
62.169.135.0/24 maxlen: 24
84.51.234.0/24 maxlen: 24
84.51.235.0/24 maxlen: 24
92.51.232.0/24 maxlen: 24
92.51.233.0/24 maxlen: 24
92.51.238.0/24 maxlen: 24
92.51.239.0/24 maxlen: 24
92.51.248.0/24 maxlen: 24
92.51.249.0/24 maxlen: 24
92.51.250.0/24 maxlen: 24
92.51.251.0/24 maxlen: 24
92.51.252.0/24 maxlen: 24
92.51.253.0/24 maxlen: 24
92.51.254.0/24 maxlen: 24
103.61.197.0/24 maxlen: 24
103.61.198.0/24 maxlen: 24
103.61.199.0/24 maxlen: 24
103.125.77.0/24 maxlen: 24
103.125.78.0/24 maxlen: 24
103.125.79.0/24 maxlen: 24
103.210.198.0/24 maxlen: 24
103.210.199.0/24 maxlen: 24
103.213.212.0/24 maxlen: 24
103.213.213.0/24 maxlen: 24
103.213.214.0/24 maxlen: 24
103.213.215.0/24 maxlen: 24
103.255.76.0/24 maxlen: 24
103.255.77.0/24 maxlen: 24
167.160.16.0/24 maxlen: 24
167.160.17.0/24 maxlen: 24
167.160.29.0/24 maxlen: 24
170.62.89.0/24 maxlen: 24
170.62.90.0/24 maxlen: 24
170.62.91.0/24 maxlen: 24
170.62.92.0/24 maxlen: 24
170.62.93.0/24 maxlen: 24
170.62.94.0/24 maxlen: 24
170.62.95.0/24 maxlen: 24
170.62.100.0/24 maxlen: 24
170.62.102.0/24 maxlen: 24
170.62.103.0/24 maxlen: 24
170.62.106.0/24 maxlen: 24
170.62.107.0/24 maxlen: 24
170.62.108.0/24 maxlen: 24
170.62.110.0/24 maxlen: 24
170.62.111.0/24 maxlen: 24
170.62.160.0/24 maxlen: 24
170.62.224.0/24 maxlen: 24
170.62.225.0/24 maxlen: 24
170.62.226.0/24 maxlen: 24
170.62.227.0/24 maxlen: 24
170.62.228.0/24 maxlen: 24
170.62.229.0/24 maxlen: 24
170.62.230.0/24 maxlen: 24
170.62.231.0/24 maxlen: 24
170.62.232.0/24 maxlen: 24
170.62.233.0/24 maxlen: 24
170.62.234.0/24 maxlen: 24
170.62.235.0/24 maxlen: 24
198.55.28.0/24 maxlen: 24
198.55.29.0/24 maxlen: 24
203.188.164.0/24 maxlen: 24
203.188.167.0/24 maxlen: 24
203.188.169.0/24 maxlen: 24
203.188.170.0/24 maxlen: 24
203.188.171.0/24 maxlen: 24
203.188.172.0/24 maxlen: 24
203.188.173.0/24 maxlen: 24
212.56.48.0/24 maxlen: 24
212.56.49.0/24 maxlen: 24
212.56.50.0/24 maxlen: 24
212.56.51.0/24 maxlen: 24
212.78.245.0/24 maxlen: 24
212.78.246.0/24 maxlen: 24
212.78.247.0/24 maxlen: 24
212.78.248.0/24 maxlen: 24
212.78.249.0/24 maxlen: 24
212.78.250.0/24 maxlen: 24
212.78.251.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 16 Jan 2025 10:23:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:5e:eb:af:08:43:ed:8d:dd:52:4f:d2:df:7a:8b:d1:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Jan 13 09:08:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a02168e8fbca2dfd1bbecb18b40980760706740a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:d7:bf:52:2b:82:34:d3:f7:86:29:59:e3:c3:
e8:58:b3:09:ec:a1:90:94:14:11:11:cf:cc:cb:f0:
c9:d5:fc:83:23:bd:9b:06:c5:81:85:b0:df:8d:cb:
a3:e5:ea:2b:91:ce:54:1d:ce:b5:e4:b7:a5:41:d5:
92:f0:41:63:a7:d9:85:19:dd:83:af:f3:05:46:28:
60:a5:b6:9c:2d:b0:a4:11:41:12:97:fc:9f:6e:26:
cb:3b:85:62:cd:4f:3e:8f:2e:52:69:f2:6d:18:0b:
51:1f:9e:9c:ef:01:9f:17:78:65:d1:88:48:98:35:
1c:62:a7:1b:90:19:50:9d:62:e0:1e:24:87:75:a4:
20:f4:36:24:f4:65:30:68:27:ef:89:05:ad:f4:20:
52:2b:3c:1d:b7:b7:3b:47:34:16:74:ff:56:2d:1b:
d5:df:28:36:0b:ec:75:f2:10:38:b6:d3:18:18:a2:
dc:28:a4:b0:19:48:1b:71:3c:30:95:53:4d:a4:f6:
73:cb:b0:62:54:5e:65:63:e4:ae:07:af:92:2b:f1:
d2:6d:71:2e:87:c5:4c:de:53:f9:64:a2:10:22:9d:
fd:4e:a9:61:a6:ec:e0:2f:6e:90:05:d9:70:78:e8:
16:89:39:83:f5:7d:f6:df:a3:49:fc:79:93:fc:bf:
c4:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:21:68:E8:FB:CA:2D:FD:1B:BE:CB:18:B4:09:80:76:07:06:74:0A
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/oCFo6PvKLf0bvssYtAmAdgcGdAo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.52.0/22
14.102.63.0/24
14.102.84.0/22
62.169.128.0/21
84.51.234.0/23
92.51.232.0/23
92.51.238.0/23
92.51.248.0-92.51.254.255
103.61.197.0-103.61.199.255
103.125.77.0-103.125.79.255
103.210.198.0/23
103.213.212.0/22
103.255.76.0/23
167.160.16.0/23
167.160.29.0/24
170.62.89.0-170.62.95.255
170.62.100.0/24
170.62.102.0/23
170.62.106.0-170.62.108.255
170.62.110.0/23
170.62.160.0/24
170.62.224.0-170.62.235.255
198.55.28.0/23
203.188.164.0/24
203.188.167.0/24
203.188.169.0-203.188.173.255
212.56.48.0/22
212.78.245.0-212.78.251.255
Signature Algorithm: sha256WithRSAEncryption
92:3d:c1:d3:06:6b:49:0d:3c:45:40:d0:aa:51:1e:7d:f7:0a:
4e:d8:45:9a:ff:ae:17:b4:b4:d1:e2:6a:69:30:99:fc:d4:74:
ba:2a:9d:23:68:82:3a:27:7f:5a:7e:ac:ed:5d:34:82:00:1d:
6d:58:bf:09:a8:e3:ba:95:7e:4f:ca:b7:57:4e:cb:d6:de:0b:
8f:48:d3:44:8e:ba:76:5e:4b:a8:c4:f2:64:5e:e0:95:a4:89:
05:a4:03:9f:05:c8:3f:8b:68:0b:3e:80:9c:c0:c0:dc:33:22:
fc:c9:80:df:70:23:16:10:89:46:02:59:22:33:55:08:46:4b:
19:36:c1:42:f0:96:d2:8e:62:23:60:32:f6:f2:50:d1:01:b3:
0b:4e:db:ae:d8:90:1a:0e:e3:9f:db:59:ab:dd:08:a1:62:37:
ab:5b:37:0b:ca:61:72:19:50:82:10:8b:c2:46:19:de:af:38:
61:c0:14:88:75:cd:98:cf:47:9a:9d:e2:01:29:2e:3c:c7:12:
ec:a1:97:4d:33:87:4b:8d:71:8b:75:ed:ee:4b:14:4f:64:2a:
c5:75:c6:c5:d3:b6:17:f4:b8:19:0d:b5:4e:c9:4a:1a:10:eb:
01:ba:27:33:78:ea:c7:3b:e0:ff:3d:9f:25:87:c5:08:1f:e7:
c4:a9:ef:44
-----BEGIN CERTIFICATE-----
MIIF5TCCBM2gAwIBAgISAZRe668IQ+2N3VJP0t96i9HXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjUwMTEzMDkwODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDIxNjhlOGZiY2EyZGZkMWJiZWNiMThiNDA5ODA3NjA3MDY3NDBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq9e/UiuCNNP3hilZ48PoWLMJ7KGQ
lBQREc/My/DJ1fyDI72bBsWBhbDfjcuj5eorkc5UHc615LelQdWS8EFjp9mFGd2D
r/MFRihgpbacLbCkEUESl/yfbibLO4VizU8+jy5SafJtGAtRH56c7wGfF3hl0YhI
mDUcYqcbkBlQnWLgHiSHdaQg9DYk9GUwaCfviQWt9CBSKzwdt7c7RzQWdP9WLRvV
3yg2C+x18hA4ttMYGKLcKKSwGUgbcTwwlVNNpPZzy7BiVF5lY+SuB6+SK/HSbXEu
h8VM3lP5ZKIQIp39TqlhpuzgL26QBdlweOgWiTmD9X3236NJ/HmT/L/EgwIDAQAB
o4IC8TCCAu0wHQYDVR0OBBYEFKAhaOj7yi39G77LGLQJgHYHBnQKMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvb0NGbzZQdktMZjBidnNzWXRBbUFkZ2NHZEFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBBQYIKwYBBQUHAQcBAf8EgfUwgfIwge8EAgABMIHoAwQC
DmY0AwQADmY/AwQCDmZUAwQDPqmAAwQBVDPqAwQBXDPoAwQBXDPuMAwDBANcM/gD
BABcM/4wDAMEAGc9xQMEA2c9wDAMAwQAZ31NAwQEZ31AAwQBZ9LGAwQCZ9XUAwQB
Z/9MAwQBp6AQAwQAp6AdMAwDBACqPlkDBAWqPkADBACqPmQDBAGqPmYwDAMEAao+
agMEAKo+bAMEAao+bgMEAKo+oDAMAwQFqj7gAwQCqj7oAwQBxjccAwQAy7ykAwQA
y7ynMAwDBADLvKkDBAHLvKwDBALUODAwDAMEANRO9QMEAtRO+DANBgkqhkiG9w0B
AQsFAAOCAQEAkj3B0wZrSQ08RUDQqlEeffcKTthFmv+uF7S00eJqaTCZ/NR0uiqd
I2iCOid/Wn6s7V00ggAdbVi/CajjupV+T8q3V07L1t4Lj0jTRI66dl5LqMTyZF7g
laSJBaQDnwXIP4toCz6AnMDA3DMi/MmA33AjFhCJRgJZIjNVCEZLGTbBQvCW0o5i
I2Ay9vJQ0QGzC07brtiQGg7jn9tZq90IoWI3q1s3C8phchlQghCLwkYZ3q84YcAU
iHXNmM9Hmp3iASkuPMcS7KGXTTOHS41xi3Xt7ksUT2QqxXXGxdO2F/S4GQ21TslK
GhDrAbonM3jqxzvg/z2fJYfFCB/nxKnvRA==
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:22:44 2025 by rpki-client