Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/kfCE-RAtc5QaxoOk_H05CU8g1z0.roa
File: kfCE-RAtc5QaxoOk_H05CU8g1z0.roa (raw, json)
Hash identifier: dolaBB11JUnelIo4mdAFQw03/G0+WQXRgsxyvcxI/VI=
Subject key identifier: 91:F0:84:F9:10:2D:73:94:1A:C6:83:A4:FC:7D:39:09:4F:20:D7:3D
Certificate issuer: /CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Certificate serial: 01909D2DACD9B771FDB2EC6C14F913E2BF02
Authority key identifier: A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/kfCE-RAtc5QaxoOk_H05CU8g1z0.roa
Signing time: Wed 10 Jul 2024 15:05:34 +0000
ROA not before: Wed 10 Jul 2024 15:05:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15557
IP address blocks: 37.64.0.0/13 maxlen: 24
46.35.0.0/19 maxlen: 24
62.8.0.0/19 maxlen: 19
62.39.0.0/16 maxlen: 24
62.62.128.0/17 maxlen: 24
62.106.128.0/17 maxlen: 24
62.129.160.0/19 maxlen: 24
62.241.64.0/18 maxlen: 24
77.128.0.0/13 maxlen: 24
77.134.204.0/24 maxlen: 24
77.136.0.0/16 maxlen: 24
77.136.172.0/24 maxlen: 24
77.136.173.0/24 maxlen: 24
77.136.174.0/24 maxlen: 24
77.137.196.0/22 maxlen: 24
77.137.200.0/21 maxlen: 24
77.137.208.0/20 maxlen: 24
77.140.0.0/14 maxlen: 24
77.140.0.0/15 maxlen: 24
77.142.0.0/16 maxlen: 24
77.144.0.0/12 maxlen: 24
77.192.0.0/12 maxlen: 24
78.112.0.0/12 maxlen: 24
78.155.128.0/19 maxlen: 24
79.80.0.0/12 maxlen: 24
79.174.192.0/18 maxlen: 24
79.174.232.0/21 maxlen: 21
80.70.32.0/20 maxlen: 24
80.118.0.0/15 maxlen: 24
80.118.4.0/24 maxlen: 24
80.124.0.0/15 maxlen: 24
80.124.0.0/16 maxlen: 24
80.125.0.0/16 maxlen: 24
80.236.0.0/17 maxlen: 24
81.1.0.0/18 maxlen: 24
81.64.0.0/14 maxlen: 24
81.65.0.0/16 maxlen: 16
81.185.0.0/16 maxlen: 24
81.185.160.0/20 maxlen: 20
81.185.160.0/21 maxlen: 21
81.185.168.0/21 maxlen: 21
81.220.0.0/16 maxlen: 24
82.216.0.0/16 maxlen: 24
83.141.128.0/17 maxlen: 24
84.4.0.0/14 maxlen: 24
84.55.128.0/18 maxlen: 24
84.96.0.0/13 maxlen: 24
84.205.128.0/19 maxlen: 24
84.205.144.0/20 maxlen: 20
85.68.0.0/15 maxlen: 24
85.168.0.0/14 maxlen: 24
86.64.0.0/12 maxlen: 24
86.66.127.0/24 maxlen: 24
87.231.0.0/16 maxlen: 24
88.136.0.0/13 maxlen: 24
88.136.0.0/14 maxlen: 24
88.140.0.0/16 maxlen: 24
88.141.0.0/16 maxlen: 24
88.142.0.0/16 maxlen: 24
88.143.252.0/24 maxlen: 24
88.143.253.0/24 maxlen: 24
88.143.254.0/24 maxlen: 24
88.143.255.0/24 maxlen: 24
89.2.0.0/15 maxlen: 24
89.156.0.0/14 maxlen: 24
91.68.0.0/14 maxlen: 24
91.68.0.0/22 maxlen: 22
91.151.112.0/20 maxlen: 24
92.88.0.0/13 maxlen: 24
93.0.0.0/11 maxlen: 24
109.0.0.0/11 maxlen: 24
141.170.216.0/21 maxlen: 24
185.147.204.0/22 maxlen: 24
194.6.128.0/19 maxlen: 19
194.183.192.0/19 maxlen: 19
194.242.176.0/20 maxlen: 20
195.3.0.0/18 maxlen: 24
195.7.96.0/19 maxlen: 24
195.98.96.0/19 maxlen: 24
195.115.0.0/16 maxlen: 24
195.132.0.0/16 maxlen: 24
195.146.192.0/19 maxlen: 24
212.30.96.0/19 maxlen: 24
212.39.128.0/19 maxlen: 24
212.94.160.0/19 maxlen: 24
212.198.0.0/16 maxlen: 24
213.128.32.0/19 maxlen: 24
213.144.192.0/19 maxlen: 24
213.169.160.0/19 maxlen: 24
213.203.64.0/18 maxlen: 24
213.223.0.0/16 maxlen: 24
213.245.0.0/16 maxlen: 24
217.19.192.0/20 maxlen: 24
217.70.80.0/20 maxlen: 24
217.112.224.0/20 maxlen: 24
2a00:6200::/29 maxlen: 48
2a00:7180::/32 maxlen: 32
2a00:8380::/32 maxlen: 32
2a00:8d80::/32 maxlen: 32
2a00:9380::/32 maxlen: 32
2a00:ec80::/32 maxlen: 32
2a02:8400::/25 maxlen: 48
2a02:8400::/48 maxlen: 48
2a02:8400:11::/48 maxlen: 48
2a02:8400:12::/48 maxlen: 48
2a02:8400:13::/48 maxlen: 48
2a02:8400:14::/48 maxlen: 48
2a02:8440:5000::/36 maxlen: 36
2a04:800::/30 maxlen: 30
2a04:807::/48 maxlen: 48
2a04:807:1::/48 maxlen: 48
2a04:807:2::/48 maxlen: 48
2a04:807:3::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 11 Jul 2024 16:15:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:9d:2d:ac:d9:b7:71:fd:b2:ec:6c:14:f9:13:e2:bf:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Validity
Not Before: Jul 10 15:05:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=91f084f9102d73941ac683a4fc7d39094f20d73d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:c8:65:0d:ab:7a:7b:90:bf:d9:09:69:44:17:
ce:41:a1:71:0f:aa:6c:15:9e:a6:11:cf:90:32:4e:
41:5a:d6:b7:bd:3d:db:44:cb:3c:18:74:47:39:e5:
91:24:cb:33:a8:91:4b:a5:09:43:0a:26:39:33:13:
fa:5e:1a:ab:0f:3f:ba:9c:cd:a3:69:f7:34:df:a7:
58:a7:ff:4f:45:aa:e0:55:95:47:86:25:b0:d8:f0:
3a:0b:a4:65:9c:4e:a0:f0:9a:b1:45:14:4f:1e:6f:
e0:37:5e:68:8c:91:a3:2e:fd:91:09:1c:8f:28:a9:
8e:2e:e5:49:4a:c2:5a:cb:9b:5f:67:bc:10:31:fe:
89:5b:55:6c:b6:26:30:17:08:2b:44:6e:7c:34:bf:
44:fe:92:72:f7:a9:16:84:b3:4b:4b:01:35:c2:ab:
de:f8:b0:0b:ac:4e:91:4e:2e:54:5f:bf:2d:99:ab:
9e:03:86:ac:ff:8b:69:53:0a:81:d0:8b:09:bc:00:
3a:da:78:cd:db:31:1f:0c:a7:e6:9b:cf:e7:c3:90:
3b:1a:b1:dc:84:36:89:9b:6e:6a:02:fa:5a:93:f5:
8e:14:6c:b7:ee:65:af:4a:49:c9:94:33:33:9f:9a:
04:c3:3d:55:c0:c6:70:8b:9f:37:4a:b6:23:3e:06:
1a:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:F0:84:F9:10:2D:73:94:1A:C6:83:A4:FC:7D:39:09:4F:20:D7:3D
X509v3 Authority Key Identifier:
keyid:A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/kfCE-RAtc5QaxoOk_H05CU8g1z0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.64.0.0/13
46.35.0.0/19
62.8.0.0/19
62.39.0.0/16
62.62.128.0/17
62.106.128.0/17
62.129.160.0/19
62.241.64.0/18
77.128.0.0-77.136.255.255
77.137.196.0-77.137.223.255
77.140.0.0-77.159.255.255
77.192.0.0/12
78.112.0.0/12
78.155.128.0/19
79.80.0.0/12
79.174.192.0/18
80.70.32.0/20
80.118.0.0/15
80.124.0.0/15
80.236.0.0/17
81.1.0.0/18
81.64.0.0/14
81.185.0.0/16
81.220.0.0/16
82.216.0.0/16
83.141.128.0/17
84.4.0.0/14
84.55.128.0/18
84.96.0.0/13
84.205.128.0/19
85.68.0.0/15
85.168.0.0/14
86.64.0.0/12
87.231.0.0/16
88.136.0.0/13
89.2.0.0/15
89.156.0.0/14
91.68.0.0/14
91.151.112.0/20
92.88.0.0/13
93.0.0.0/11
109.0.0.0/11
141.170.216.0/21
185.147.204.0/22
194.6.128.0/19
194.183.192.0/19
194.242.176.0/20
195.3.0.0/18
195.7.96.0/19
195.98.96.0/19
195.115.0.0/16
195.132.0.0/16
195.146.192.0/19
212.30.96.0/19
212.39.128.0/19
212.94.160.0/19
212.198.0.0/16
213.128.32.0/19
213.144.192.0/19
213.169.160.0/19
213.203.64.0/18
213.223.0.0/16
213.245.0.0/16
217.19.192.0/20
217.70.80.0/20
217.112.224.0/20
IPv6:
2a00:6200::/29
2a00:7180::/32
2a00:8380::/32
2a00:8d80::/32
2a00:9380::/32
2a00:ec80::/32
2a02:8400::/25
2a04:800::/30
2a04:807::/46
Signature Algorithm: sha256WithRSAEncryption
99:63:df:71:42:d0:63:fa:26:bf:d9:2b:e4:a8:b7:4a:e2:d9:
f8:fa:30:93:48:2f:0d:fe:99:06:6c:1b:a8:95:4a:cc:79:86:
f2:8e:95:d5:73:c8:8e:37:0a:49:a5:10:d1:f4:88:90:9d:f5:
a8:8b:c9:69:02:19:5c:8f:9c:be:ca:4b:24:3e:86:9d:bf:6c:
54:d2:79:cd:16:02:5d:c0:3e:ac:72:c0:8d:6d:b1:20:00:80:
87:cc:79:f1:a4:a4:15:84:17:61:01:c9:5c:1f:d9:41:41:5b:
da:29:7f:c0:01:b2:f2:f4:72:d8:40:24:3f:16:fb:af:d3:71:
1f:78:e6:6f:d0:90:37:0b:31:7c:a7:12:79:5f:27:f8:cf:77:
ee:59:c2:91:f0:6d:e6:84:fd:d3:cc:0f:10:16:6c:e0:5b:e1:
fa:f0:37:b3:96:ec:cf:b7:89:8f:68:bc:08:fe:da:98:76:51:
8e:a2:7e:19:e2:66:7a:6e:00:5e:9a:91:37:b1:90:d0:2d:f3:
10:3f:d0:b7:cb:da:4e:aa:c4:d0:07:90:ca:0d:ed:52:1c:57:
1b:79:d8:85:30:4a:c4:8d:44:88:98:3a:fc:76:91:e3:02:c8:
b7:48:75:70:f5:16:c9:a2:d9:b2:e0:93:6d:6b:6e:ae:b9:0c:
af:ae:a2:18
-----BEGIN CERTIFICATE-----
MIIGzTCCBbWgAwIBAgISAZCdLazZt3H9suxsFPkT4r8CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZWY1ZmJiZmNhN2E5M2NmZWU5NjVlZWI2YmRlZTZmYjQz
YzQwM2UwHhcNMjQwNzEwMTUwNTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWYwODRmOTEwMmQ3Mzk0MWFjNjgzYTRmYzdkMzkwOTRmMjBkNzNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6MhlDat6e5C/2QlpRBfOQaFxD6ps
FZ6mEc+QMk5BWta3vT3bRMs8GHRHOeWRJMszqJFLpQlDCiY5MxP6XhqrDz+6nM2j
afc036dYp/9PRargVZVHhiWw2PA6C6RlnE6g8JqxRRRPHm/gN15ojJGjLv2RCRyP
KKmOLuVJSsJay5tfZ7wQMf6JW1VstiYwFwgrRG58NL9E/pJy96kWhLNLSwE1wqve
+LALrE6RTi5UX78tmaueA4as/4tpUwqB0IsJvAA62njN2zEfDKfmm8/nw5A7GrHc
hDaJm25qAvpak/WOFGy37mWvSknJlDMzn5oEwz1VwMZwi583SrYjPgYaUQIDAQAB
o4ID2TCCA9UwHQYDVR0OBBYEFJHwhPkQLXOUGsaDpPx9OQlPINc9MB8GA1UdIwQY
MBaAFKDvX7v8p6k8/ull7ra97m+0PEA+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2Mt
MDI5MmIwMjAxNTBhLzEva2ZDRS1SQXRjNVFheG9Pa19IMDVDVThnMXowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2MtMDI5MmIwMjAxNTBh
LzEvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIB7QYIKwYBBQUHAQcBAf8EggHcMIIB2DCCAYsEAgABMIIB
gwMDAyVAAwQFLiMAAwQFPggAAwMAPicDBAc+PoADBAc+aoADBAU+gaADBAY+8UAw
CgMDB02AAwMATYgwDAMEAk2JxAMEBU2JwDAKAwMCTYwDAwVNgAMDBE3AAwMETnAD
BAVOm4ADAwRPUAMEBk+uwAMEBFBGIAMDAVB2AwMBUHwDBAdQ7AADBAZRAQADAwJR
QAMDAFG5AwMAUdwDAwBS2AMEB1ONgAMDAlQEAwQGVDeAAwMDVGADBAVUzYADAwFV
RAMDAlWoAwMEVkADAwBX5wMDA1iIAwMBWQIDAwJZnAMDAltEAwQEW5dwAwMDXFgD
AwVdAAMDBW0AAwQDjarYAwQCuZPMAwQFwgaAAwQFwrfAAwQEwvKwAwQGwwMAAwQF
wwdgAwQFw2JgAwMAw3MDAwDDhAMEBcOSwAMEBdQeYAMEBdQngAMEBdReoAMDANTG
AwQF1YAgAwQF1ZDAAwQF1amgAwQG1ctAAwMA1d8DAwDV9QMEBNkTwAMEBNlGUAME
BNlw4DBHBAIAAjBBAwUDKgBiAAMFACoAcYADBQAqAIOAAwUAKgCNgAMFACoAk4AD
BQAqAOyAAwUHKgKEAAMFAioECAADBwIqBAgHAAAwDQYJKoZIhvcNAQELBQADggEB
AJlj33FC0GP6Jr/ZK+Sot0ri2fj6MJNILw3+mQZsG6iVSsx5hvKOldVzyI43Ckml
ENH0iJCd9aiLyWkCGVyPnL7KSyQ+hp2/bFTSec0WAl3APqxywI1tsSAAgIfMefGk
pBWEF2EByVwf2UFBW9opf8ABsvL0cthAJD8W+6/TcR945m/QkDcLMXynEnlfJ/jP
d+5ZwpHwbeaE/dPMDxAWbOBb4frwN7OW7M+3iY9ovAj+2ph2UY6ifhniZnpuAF6a
kTexkNAt8xA/0LfL2k6qxNAHkMoN7VIcVxt52IUwSsSNRIiYOvx2keMCyLdIdXD1
Fsmi2bLgk21rbq65DK+uohg=
-----END CERTIFICATE-----
Generated at Wed Apr 9 03:13:36 2025 by rpki-client