Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/s8SbY_IeTVLNPqJLu0YSxFxkjsE.roa
File: s8SbY_IeTVLNPqJLu0YSxFxkjsE.roa (raw, json)
Hash identifier: 9jTvOdiqjgx2VesuhPl+FW8VIcQDdUnOGtHGccxhMBI=
Subject key identifier: B3:C4:9B:63:F2:1E:4D:52:CD:3E:A2:4B:BB:46:12:C4:5C:64:8E:C1
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 01921E3AE37145C0DC36FB4FC3FEB2A1F7BC
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/s8SbY_IeTVLNPqJLu0YSxFxkjsE.roa
Signing time: Mon 23 Sep 2024 09:33:48 +0000
ROA not before: Mon 23 Sep 2024 09:33:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 14.102.52.0/24 maxlen: 24
14.102.53.0/24 maxlen: 24
14.102.54.0/24 maxlen: 24
14.102.55.0/24 maxlen: 24
14.102.63.0/24 maxlen: 24
14.102.84.0/24 maxlen: 24
14.102.85.0/24 maxlen: 24
14.102.86.0/24 maxlen: 24
14.102.87.0/24 maxlen: 24
62.169.128.0/24 maxlen: 24
62.169.129.0/24 maxlen: 24
62.169.130.0/24 maxlen: 24
62.169.131.0/24 maxlen: 24
62.169.132.0/24 maxlen: 24
62.169.133.0/24 maxlen: 24
62.169.134.0/24 maxlen: 24
62.169.135.0/24 maxlen: 24
103.125.77.0/24 maxlen: 24
103.125.78.0/24 maxlen: 24
103.125.79.0/24 maxlen: 24
167.160.16.0/24 maxlen: 24
167.160.17.0/24 maxlen: 24
167.160.29.0/24 maxlen: 24
198.55.28.0/24 maxlen: 24
198.55.29.0/24 maxlen: 24
203.188.164.0/24 maxlen: 24
203.188.167.0/24 maxlen: 24
203.188.168.0/24 maxlen: 24
203.188.169.0/24 maxlen: 24
203.188.170.0/24 maxlen: 24
203.188.171.0/24 maxlen: 24
203.188.172.0/24 maxlen: 24
203.188.173.0/24 maxlen: 24
212.56.48.0/24 maxlen: 24
212.56.49.0/24 maxlen: 24
212.56.50.0/24 maxlen: 24
212.56.51.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 15 Oct 2024 09:27:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:1e:3a:e3:71:45:c0:dc:36:fb:4f:c3:fe:b2:a1:f7:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Sep 23 09:33:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b3c49b63f21e4d52cd3ea24bbb4612c45c648ec1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:b1:15:30:cf:19:0b:77:ca:13:aa:af:2e:d8:
ed:3c:92:9c:8e:e8:33:c1:31:a4:15:23:89:fd:03:
dc:aa:02:9b:c9:15:c6:9c:4f:7d:e8:c2:d3:7d:e9:
74:58:19:b7:49:50:fe:6f:3e:13:f6:44:bd:52:a3:
aa:e1:0a:46:4b:ae:3d:41:25:44:53:39:ef:78:bd:
de:43:e4:83:ea:f7:ba:e6:e0:de:b1:69:31:09:47:
4d:99:01:fe:18:16:e1:e9:42:8e:b0:b6:f7:45:57:
f4:7f:3b:b0:83:e5:d1:c6:46:70:5c:20:a5:ac:c5:
21:eb:40:72:06:cb:2d:9d:e6:52:4b:64:8f:7e:d6:
ed:60:6e:ad:c4:4e:29:8e:65:14:ff:aa:75:c5:bc:
1b:06:5a:70:24:a6:c2:cc:c1:20:f8:79:e7:b3:09:
30:db:7b:87:09:5b:0f:e0:f2:fb:7d:a5:50:41:2f:
fe:94:81:d0:3d:77:3a:f5:aa:d5:fd:f3:a1:8b:43:
5e:b8:dc:ca:5d:a6:ae:d8:e4:fb:16:a5:0e:fb:8a:
6e:7a:1d:87:99:75:f6:30:fb:3b:64:19:85:b7:98:
22:a3:ba:4c:b6:f7:c0:d6:91:41:91:e0:4e:e7:cc:
f9:a1:b6:92:1f:33:34:b6:28:47:7e:44:0c:b4:59:
fa:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:C4:9B:63:F2:1E:4D:52:CD:3E:A2:4B:BB:46:12:C4:5C:64:8E:C1
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/s8SbY_IeTVLNPqJLu0YSxFxkjsE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.52.0/22
14.102.63.0/24
14.102.84.0/22
62.169.128.0/21
103.125.77.0-103.125.79.255
167.160.16.0/23
167.160.29.0/24
198.55.28.0/23
203.188.164.0/24
203.188.167.0-203.188.173.255
212.56.48.0/22
Signature Algorithm: sha256WithRSAEncryption
87:09:3d:c0:b9:55:78:f7:5a:13:7f:aa:aa:4a:03:f7:26:58:
b7:7c:f9:68:d0:94:f4:de:ce:bf:cd:5c:c7:20:99:3c:46:ae:
93:60:4a:e4:02:02:d4:4e:2d:81:e8:e0:0b:7e:76:ab:a9:b8:
c2:cc:00:7f:0e:37:41:a3:6f:0d:52:aa:91:e4:91:d6:3f:09:
5b:a1:c1:e1:25:30:ab:09:26:ee:2e:aa:8f:f2:94:49:d3:24:
5f:da:41:de:46:2c:7a:29:bd:26:7c:43:70:c9:7d:91:a5:8d:
2a:aa:51:15:cb:a3:19:f3:b8:e1:1f:9e:d5:81:fa:ed:58:ef:
19:47:f8:ca:7a:74:27:41:3e:8a:b4:74:96:f5:d2:6d:c8:60:
6f:73:89:64:94:0d:3b:3e:b7:d7:fb:43:5b:7a:07:c2:d2:bf:
22:5f:71:35:d5:00:15:fc:e6:a9:6c:eb:c9:2f:47:43:44:18:
2e:f8:fb:69:1a:67:1d:2a:a1:e3:70:e2:02:ad:b0:78:66:33:
31:58:44:f6:52:57:40:83:1b:aa:db:92:4e:b7:f2:86:8d:52:
87:13:a9:b8:3e:a6:c4:07:0b:d7:61:7d:80:43:40:04:c0:4f:
8a:7b:8e:a0:2c:7c:39:50:b3:13:64:13:11:a5:bf:be:16:fd:
40:d5:1d:68
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAZIeOuNxRcDcNvtPw/6yofe8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjQwOTIzMDkzMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2M0OWI2M2YyMWU0ZDUyY2QzZWEyNGJiYjQ2MTJjNDVjNjQ4ZWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2LEVMM8ZC3fKE6qvLtjtPJKcjugz
wTGkFSOJ/QPcqgKbyRXGnE996MLTfel0WBm3SVD+bz4T9kS9UqOq4QpGS649QSVE
UznveL3eQ+SD6ve65uDesWkxCUdNmQH+GBbh6UKOsLb3RVf0fzuwg+XRxkZwXCCl
rMUh60ByBsstneZSS2SPftbtYG6txE4pjmUU/6p1xbwbBlpwJKbCzMEg+Hnnswkw
23uHCVsP4PL7faVQQS/+lIHQPXc69arV/fOhi0NeuNzKXaau2OT7FqUO+4pueh2H
mXX2MPs7ZBmFt5gio7pMtvfA1pFBkeBO58z5obaSHzM0tihHfkQMtFn6FwIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFLPEm2PyHk1SzT6iS7tGEsRcZI7BMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvczhTYllfSWVUVkxOUHFKTHUwWVN4RnhranNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBYBAIAATBSAwQCDmY0AwQA
DmY/AwQCDmZUAwQDPqmAMAwDBABnfU0DBARnfUADBAGnoBADBACnoB0DBAHGNxwD
BADLvKQwDAMEAMu8pwMEAcu8rAMEAtQ4MDANBgkqhkiG9w0BAQsFAAOCAQEAhwk9
wLlVePdaE3+qqkoD9yZYt3z5aNCU9N7Ov81cxyCZPEauk2BK5AIC1E4tgejgC352
q6m4wswAfw43QaNvDVKqkeSR1j8JW6HB4SUwqwkm7i6qj/KUSdMkX9pB3kYseim9
JnxDcMl9kaWNKqpRFcujGfO44R+e1YH67VjvGUf4ynp0J0E+irR0lvXSbchgb3OJ
ZJQNOz631/tDW3oHwtK/Il9xNdUAFfzmqWzryS9HQ0QYLvj7aRpnHSqh43DiAq2w
eGYzMVhE9lJXQIMbqtuSTrfyho1ShxOpuD6mxAcL12F9gENABMBPinuOoCx8OVCz
E2QTEaW/vhb9QNUdaA==
-----END CERTIFICATE-----
Generated at Tue Oct 15 10:34:59 2024 by rpki-client on console-fra.rpki-client.org