Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/694d9b-0e1c-43ad-ac98-02aac8b596dc/1/2SHwIWXh97CgoOB0c8n8CiDagRM.roa
File: 2SHwIWXh97CgoOB0c8n8CiDagRM.roa (raw, json)
Hash identifier: Vagona71ZideQj+GJuWNKNk2ayUes2sfCXXDuD98S+U=
Subject key identifier: D9:21:F0:21:65:E1:F7:B0:A0:A0:E0:74:73:C9:FC:0A:20:DA:81:13
Certificate issuer: /CN=659abae2b0cae86c4196b020765b823a203207fc
Certificate serial: 018CC348CD09DD591BF3C2261D407B165803
Authority key identifier: 65:9A:BA:E2:B0:CA:E8:6C:41:96:B0:20:76:5B:82:3A:20:32:07:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZZq64rDK6GxBlrAgdluCOiAyB_w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/694d9b-0e1c-43ad-ac98-02aac8b596dc/1/2SHwIWXh97CgoOB0c8n8CiDagRM.roa
Signing time: Mon 01 Jan 2024 04:29:37 +0000
ROA not before: Mon 01 Jan 2024 04:29:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 196949
IP address blocks: 37.200.72.0/23 maxlen: 23
37.200.72.0/21 maxlen: 21
37.200.74.0/23 maxlen: 23
37.200.76.0/23 maxlen: 23
37.200.78.0/23 maxlen: 23
217.150.74.0/23 maxlen: 23
217.150.76.0/23 maxlen: 23
217.150.78.0/23 maxlen: 23
217.150.72.0/23 maxlen: 23
217.150.72.0/21 maxlen: 21
109.110.36.0/23 maxlen: 23
109.110.32.0/19 maxlen: 19
109.110.32.0/23 maxlen: 23
109.110.34.0/23 maxlen: 23
109.110.38.0/23 maxlen: 23
109.110.40.0/23 maxlen: 23
109.110.42.0/23 maxlen: 23
109.110.44.0/23 maxlen: 23
109.110.50.0/23 maxlen: 23
109.110.46.0/23 maxlen: 23
109.110.48.0/23 maxlen: 23
109.110.52.0/23 maxlen: 23
109.110.54.0/23 maxlen: 23
109.110.56.0/23 maxlen: 23
109.110.58.0/23 maxlen: 23
109.110.60.0/23 maxlen: 23
109.110.62.0/23 maxlen: 23
31.200.224.0/23 maxlen: 23
31.200.224.0/20 maxlen: 20
31.200.226.0/23 maxlen: 23
31.200.228.0/23 maxlen: 23
31.200.230.0/23 maxlen: 23
31.200.232.0/23 maxlen: 23
31.200.236.0/23 maxlen: 23
31.200.238.0/23 maxlen: 23
31.200.234.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 27 Jun 2024 03:45:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:cd:09:dd:59:1b:f3:c2:26:1d:40:7b:16:58:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=659abae2b0cae86c4196b020765b823a203207fc
Validity
Not Before: Jan 1 04:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d921f02165e1f7b0a0a0e07473c9fc0a20da8113
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:97:2b:bc:a8:f9:2f:25:70:9c:a5:60:95:44:
bf:c9:c2:dd:6f:a9:a6:5a:31:24:f2:39:a8:b9:c5:
d7:3b:02:f5:3e:1c:a7:d3:eb:bf:b1:0d:63:1e:f6:
de:f3:23:06:87:f4:b7:c5:a6:21:aa:fb:1d:5d:ee:
8a:99:90:2c:99:a8:9e:a8:7b:b1:4c:97:b1:29:74:
24:dd:c0:db:f7:37:43:fe:64:e9:8f:6e:dd:cc:7d:
e9:ce:fc:6f:d5:ac:d9:a8:a2:44:26:21:55:12:4b:
7b:8a:a6:08:4b:40:66:d9:ff:9c:74:cf:f5:99:70:
70:89:d9:ce:90:8d:ef:cf:32:d1:70:61:f4:76:c3:
e3:fc:6c:c1:f7:53:6d:20:f0:e3:b0:72:01:5b:bd:
0b:2f:65:cc:a0:96:47:ef:2a:52:36:63:b3:81:d2:
d2:88:d8:51:18:39:d8:c0:7b:e3:72:c6:1b:99:7c:
b9:2c:49:d1:38:8e:c5:15:37:ed:ad:ca:fd:1f:d4:
2a:9a:f1:73:88:56:2c:bf:de:cf:24:62:8e:29:1a:
76:69:67:a6:cf:a2:14:4f:0d:72:f7:47:be:45:2e:
ca:a7:cf:70:e8:a0:d0:08:71:a4:c5:b6:cb:c3:50:
5b:35:18:f0:58:45:93:a4:7c:39:9a:b8:4e:53:b9:
d7:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:21:F0:21:65:E1:F7:B0:A0:A0:E0:74:73:C9:FC:0A:20:DA:81:13
X509v3 Authority Key Identifier:
keyid:65:9A:BA:E2:B0:CA:E8:6C:41:96:B0:20:76:5B:82:3A:20:32:07:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZZq64rDK6GxBlrAgdluCOiAyB_w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/694d9b-0e1c-43ad-ac98-02aac8b596dc/1/2SHwIWXh97CgoOB0c8n8CiDagRM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/694d9b-0e1c-43ad-ac98-02aac8b596dc/1/ZZq64rDK6GxBlrAgdluCOiAyB_w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.200.224.0/20
37.200.72.0/21
109.110.32.0/19
217.150.72.0/21
Signature Algorithm: sha256WithRSAEncryption
39:20:56:31:67:4d:71:49:29:66:43:a0:f1:99:48:89:9d:24:
7c:6a:01:af:6e:23:54:12:e4:23:02:70:f0:80:30:2c:73:55:
19:8b:19:c9:7c:f8:43:e2:19:8e:05:23:07:6a:ca:17:43:42:
56:ef:af:df:ee:d4:1d:50:b2:77:f9:f4:15:74:63:47:c6:f1:
2a:7b:d1:e2:9f:88:f0:fd:af:ac:4d:a0:75:6b:b4:40:4b:54:
cb:84:d1:16:ec:4d:67:64:f5:4b:32:32:aa:3d:fb:89:0e:42:
21:f8:ee:2f:1b:cc:5e:c2:17:70:fb:78:c9:7e:91:65:d7:95:
0e:d5:1a:f5:4b:a3:9e:0d:5b:c1:5e:24:8c:13:86:cd:b2:d6:
fc:b0:c5:6d:01:c6:1a:b2:c7:33:94:ad:39:7f:39:2a:70:72:
d1:4b:84:57:31:75:be:4c:ec:ca:a2:82:e7:f2:fc:26:cc:1b:
1e:be:d3:4f:2d:97:00:59:ad:35:c6:13:e7:ee:b4:8c:bc:f0:
42:e6:4f:b1:56:15:e8:ab:05:b4:9c:5d:c9:85:41:72:22:0c:
93:06:17:40:82:69:69:63:f6:96:73:dd:bf:5f:1f:27:05:b0:
e1:aa:89:37:88:0c:9c:e8:22:5a:31:83:89:97:c9:5c:43:a9:
44:c0:52:69
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzDSM0J3Vkb88ImHUB7FlgDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1OWFiYWUyYjBjYWU4NmM0MTk2YjAyMDc2NWI4MjNhMjAz
MjA3ZmMwHhcNMjQwMTAxMDQyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTIxZjAyMTY1ZTFmN2IwYTBhMGUwNzQ3M2M5ZmMwYTIwZGE4MTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1pcrvKj5LyVwnKVglUS/ycLdb6mm
WjEk8jmoucXXOwL1Phyn0+u/sQ1jHvbe8yMGh/S3xaYhqvsdXe6KmZAsmaieqHux
TJexKXQk3cDb9zdD/mTpj27dzH3pzvxv1azZqKJEJiFVEkt7iqYIS0Bm2f+cdM/1
mXBwidnOkI3vzzLRcGH0dsPj/GzB91NtIPDjsHIBW70LL2XMoJZH7ypSNmOzgdLS
iNhRGDnYwHvjcsYbmXy5LEnROI7FFTftrcr9H9QqmvFziFYsv97PJGKOKRp2aWem
z6IUTw1y90e+RS7Kp89w6KDQCHGkxbbLw1BbNRjwWEWTpHw5mrhOU7nXpwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNkh8CFl4fewoKDgdHPJ/Aog2oETMB8GA1UdIwQY
MBaAFGWauuKwyuhsQZawIHZbgjogMgf8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlpxNjRyREs2R3hCbHJBZ2RsdUNPaUF5Ql93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni82OTRkOWItMGUxYy00M2FkLWFjOTgt
MDJhYWM4YjU5NmRjLzEvMlNId0lXWGg5N0Nnb09CMGM4bjhDaURhZ1JNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni82OTRkOWItMGUxYy00M2FkLWFjOTgtMDJhYWM4YjU5NmRj
LzEvWlpxNjRyREs2R3hCbHJBZ2RsdUNPaUF5Ql93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQEH8jgAwQD
JchIAwQFbW4gAwQD2ZZIMA0GCSqGSIb3DQEBCwUAA4IBAQA5IFYxZ01xSSlmQ6Dx
mUiJnSR8agGvbiNUEuQjAnDwgDAsc1UZixnJfPhD4hmOBSMHasoXQ0JW76/f7tQd
ULJ3+fQVdGNHxvEqe9Hin4jw/a+sTaB1a7RAS1TLhNEW7E1nZPVLMjKqPfuJDkIh
+O4vG8xewhdw+3jJfpFl15UO1Rr1S6OeDVvBXiSME4bNstb8sMVtAcYassczlK05
fzkqcHLRS4RXMXW+TOzKooLn8vwmzBsevtNPLZcAWa01xhPn7rSMvPBC5k+xVhXo
qwW0nF3JhUFyIgyTBhdAgmlpY/aWc92/Xx8nBbDhqok3iAyc6CJaMYOJl8lcQ6lE
wFJp
-----END CERTIFICATE-----
Generated at Thu Jun 27 07:00:52 2024 by rpki-client on console-fra.rpki-client.org