Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/uJUqBeomBf72sf9hgravCOhAcRM.roa
File: uJUqBeomBf72sf9hgravCOhAcRM.roa (raw, json)
Hash identifier: ntQ+cRQ+l9uvDg/I4apVZU6mSH3XyszQYofA2rPJZtU=
Subject key identifier: B8:95:2A:05:EA:26:05:FE:F6:B1:FF:61:82:B6:AF:08:E8:40:71:13
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 01928F7E9A98A1DF1B7A4D22AF25FB17C4F6
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/uJUqBeomBf72sf9hgravCOhAcRM.roa
Signing time: Tue 15 Oct 2024 09:24:51 +0000
ROA not before: Tue 15 Oct 2024 09:24:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62240
IP address blocks: 14.102.60.0/24 maxlen: 24
14.102.61.0/24 maxlen: 24
103.210.196.0/24 maxlen: 24
107.150.166.0/24 maxlen: 24
185.161.111.0/24 maxlen: 24
203.188.165.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 15 Oct 2024 09:36:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:8f:7e:9a:98:a1:df:1b:7a:4d:22:af:25:fb:17:c4:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Oct 15 09:24:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b8952a05ea2605fef6b1ff6182b6af08e8407113
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:d9:b5:1b:ef:e9:7c:a2:ec:00:ae:a2:a5:c3:
4c:b0:78:67:b1:e4:f1:55:00:7c:4f:09:4e:d8:3d:
19:f9:03:37:4b:59:e1:29:17:c2:dd:9e:9e:61:45:
d6:32:b8:f7:b3:bd:5d:1d:d4:f7:b6:44:2a:f6:a2:
ff:6d:a0:3f:eb:3e:cd:77:b2:e2:dd:82:d5:96:4c:
c3:2b:b8:84:8f:b1:74:54:d8:41:a4:1b:1f:ea:53:
cc:20:74:f0:e8:56:64:5b:5b:08:8d:2b:31:4b:e4:
e4:b1:fb:91:bd:ef:90:73:f7:99:74:0d:f1:64:b7:
9d:02:34:27:48:0b:b7:05:31:11:70:96:89:88:cf:
ee:00:a8:ad:ad:e6:eb:80:6e:34:5b:b5:c4:b7:b1:
f7:5c:32:49:52:bf:82:6b:c4:a0:46:f0:db:bd:fd:
2f:dd:9e:4b:11:45:ae:6a:10:85:6f:82:98:0c:75:
ae:5c:c1:58:60:e6:c0:52:90:f4:56:2a:f3:57:e0:
e5:b9:50:e1:f2:88:74:15:f4:78:8c:ef:6c:55:3c:
30:c8:79:7d:88:5e:59:02:4f:8e:b6:d0:1a:5e:bf:
0a:26:95:fd:3a:6d:cb:5d:b3:d3:14:71:dc:8d:91:
7f:4a:1c:de:af:4f:89:56:85:5f:f7:3a:4b:b3:e5:
90:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:95:2A:05:EA:26:05:FE:F6:B1:FF:61:82:B6:AF:08:E8:40:71:13
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/uJUqBeomBf72sf9hgravCOhAcRM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.60.0/23
103.210.196.0/24
107.150.166.0/24
185.161.111.0/24
203.188.165.0/24
Signature Algorithm: sha256WithRSAEncryption
cc:8b:39:87:5f:e4:39:8a:dd:d6:2a:fb:44:8d:c6:d2:5d:9a:
fa:25:c0:e8:b2:87:ac:d4:bd:bf:e8:96:a3:92:4b:49:7f:d5:
92:cb:46:76:aa:e7:1f:a8:a2:ed:4f:5e:20:a7:90:f5:1a:33:
18:4a:cf:7e:87:7c:e8:1b:69:a2:ee:bf:d1:6f:23:b7:51:d6:
ce:34:9c:9c:fb:e9:14:55:3c:f6:c8:69:72:f0:b7:c7:50:9a:
59:e6:8f:d4:13:08:a5:aa:99:29:9c:1e:81:e3:71:c5:ba:68:
c6:cf:63:26:8d:d0:37:bf:ac:10:8e:ee:13:71:51:5b:8c:97:
e1:21:f5:d4:02:94:e9:2f:12:a7:c2:9f:44:2d:30:ef:2c:0b:
47:47:67:20:b4:c6:51:60:53:de:10:c3:c9:d0:d2:b7:68:57:
31:e9:49:57:52:65:be:d3:b5:94:98:7b:f4:bb:48:8c:63:2d:
d2:ce:69:a1:87:41:a4:98:37:49:1d:9b:c5:ee:7c:cf:18:6d:
40:aa:71:55:8f:91:1a:45:39:40:98:06:e4:34:48:3a:b9:6a:
31:22:e9:5e:09:ab:a0:63:31:cb:85:9e:9e:6b:29:9e:ef:ee:
9b:d0:36:97:eb:8e:d5:9c:c7:63:fe:55:63:f3:e5:2f:08:b7:
5c:75:db:11
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZKPfpqYod8bek0iryX7F8T2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjQxMDE1MDkyNDUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODk1MmEwNWVhMjYwNWZlZjZiMWZmNjE4MmI2YWYwOGU4NDA3MTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjtm1G+/pfKLsAK6ipcNMsHhnseTx
VQB8TwlO2D0Z+QM3S1nhKRfC3Z6eYUXWMrj3s71dHdT3tkQq9qL/baA/6z7Nd7Li
3YLVlkzDK7iEj7F0VNhBpBsf6lPMIHTw6FZkW1sIjSsxS+TksfuRve+Qc/eZdA3x
ZLedAjQnSAu3BTERcJaJiM/uAKitrebrgG40W7XEt7H3XDJJUr+Ca8SgRvDbvf0v
3Z5LEUWuahCFb4KYDHWuXMFYYObAUpD0VirzV+DluVDh8oh0FfR4jO9sVTwwyHl9
iF5ZAk+OttAaXr8KJpX9Om3LXbPTFHHcjZF/Shzer0+JVoVf9zpLs+WQfQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFLiVKgXqJgX+9rH/YYK2rwjoQHETMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvdUpVcUJlb21CZjcyc2Y5aGdyYXZDT2hBY1JNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBDmY8AwQA
Z9LEAwQAa5amAwQAuaFvAwQAy7ylMA0GCSqGSIb3DQEBCwUAA4IBAQDMizmHX+Q5
it3WKvtEjcbSXZr6JcDosoes1L2/6JajkktJf9WSy0Z2qucfqKLtT14gp5D1GjMY
Ss9+h3zoG2mi7r/RbyO3UdbONJyc++kUVTz2yGly8LfHUJpZ5o/UEwilqpkpnB6B
43HFumjGz2MmjdA3v6wQju4TcVFbjJfhIfXUApTpLxKnwp9ELTDvLAtHR2cgtMZR
YFPeEMPJ0NK3aFcx6UlXUmW+07WUmHv0u0iMYy3Szmmhh0GkmDdJHZvF7nzPGG1A
qnFVj5EaRTlAmAbkNEg6uWoxIuleCaugYzHLhZ6eayme7+6b0DaX647VnMdj/lVj
8+UvCLdcddsR
-----END CERTIFICATE-----
Generated at Sun Jun 8 16:29:37 2025 by rpki-client