Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/DOUqQWjHIYnEcHIAMjkWW5beUPI.roa
File: DOUqQWjHIYnEcHIAMjkWW5beUPI.roa (raw, json)
Hash identifier: mwrAr1KfyO4MzeYJq1zEqDljkuwv34SdYXgZbmuhEA8=
Subject key identifier: 0C:E5:2A:41:68:C7:21:89:C4:70:72:00:32:39:16:5B:96:DE:50:F2
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 018E97FFC3EDCB2452ABF7EAF498AF5AAA97
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/DOUqQWjHIYnEcHIAMjkWW5beUPI.roa
Signing time: Mon 01 Apr 2024 04:51:45 +0000
ROA not before: Mon 01 Apr 2024 04:51:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31213
IP address blocks: 37.28.160.0/21 maxlen: 21
37.28.168.0/21 maxlen: 21
37.29.48.0/21 maxlen: 21
37.29.56.0/21 maxlen: 21
37.29.64.0/22 maxlen: 22
37.29.68.0/23 maxlen: 23
37.29.70.0/24 maxlen: 24
37.29.71.0/24 maxlen: 24
78.25.96.0/21 maxlen: 21
78.25.104.0/22 maxlen: 22
78.25.108.0/22 maxlen: 22
78.25.120.0/22 maxlen: 22
83.149.0.0/21 maxlen: 21
85.26.128.0/20 maxlen: 20
85.26.208.0/22 maxlen: 22
85.26.212.0/22 maxlen: 22
85.26.216.0/22 maxlen: 22
85.26.220.0/22 maxlen: 22
85.26.248.0/22 maxlen: 22
85.26.252.0/22 maxlen: 22
94.25.208.0/22 maxlen: 22
94.25.216.0/21 maxlen: 21
94.25.224.0/21 maxlen: 21
94.25.228.0/23 maxlen: 23
94.25.232.0/21 maxlen: 21
109.188.128.0/17 maxlen: 17
128.204.74.0/24 maxlen: 24
128.204.75.0/24 maxlen: 24
176.106.130.0/24 maxlen: 24
176.106.131.0/24 maxlen: 24
178.178.224.0/24 maxlen: 24
178.178.225.0/24 maxlen: 24
178.178.226.0/24 maxlen: 24
178.178.227.0/24 maxlen: 24
188.162.64.0/23 maxlen: 23
188.170.65.0/24 maxlen: 24
188.170.66.0/24 maxlen: 24
188.170.67.0/24 maxlen: 24
188.170.68.0/24 maxlen: 24
188.170.72.0/21 maxlen: 21
188.170.80.0/21 maxlen: 21
188.170.92.0/22 maxlen: 22
2a03:d000::/40 maxlen: 40
2a03:d000::/41 maxlen: 41
2a03:d000:70::/45 maxlen: 45
2a03:d000:80::/41 maxlen: 41
2a03:d000:f8::/46 maxlen: 46
2a03:d000:100::/40 maxlen: 40
2a03:d000:100::/41 maxlen: 41
2a03:d000:170::/46 maxlen: 46
2a03:d000:180::/41 maxlen: 41
2a03:d000:1f8::/46 maxlen: 46
2a03:d000:200::/41 maxlen: 41
2a03:d000:270::/45 maxlen: 45
2a03:d000:280::/41 maxlen: 41
2a03:d000:2f8::/46 maxlen: 46
2a03:d000:301::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Apr 2024 10:38:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:97:ff:c3:ed:cb:24:52:ab:f7:ea:f4:98:af:5a:aa:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Apr 1 04:51:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0ce52a4168c72189c47072003239165b96de50f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:3b:e0:d5:98:59:12:74:1c:88:c7:39:a7:2a:
95:bc:99:57:03:85:c1:e6:66:c7:76:6e:11:45:a7:
42:34:83:5a:39:1b:08:c6:1e:3d:c9:88:2d:ef:4a:
22:b9:63:e6:97:95:cf:87:89:41:a6:58:5b:4f:00:
5d:1a:e6:e7:db:89:ff:d8:51:1c:2a:0a:21:3f:61:
3f:f0:c9:45:8e:31:81:5a:01:db:a9:03:5d:2e:6f:
6c:8d:4c:83:a7:85:cb:c7:81:d0:b0:5d:d4:ec:75:
6e:93:2b:ab:3e:e8:34:6c:77:b4:9a:fa:9a:d8:f1:
5c:44:92:77:75:bf:91:43:c3:f4:63:ac:18:0d:c6:
a5:7f:fb:97:36:2c:c8:0c:ea:ba:da:7e:97:d2:4e:
05:1d:70:5b:79:c6:5c:06:fe:c0:f0:02:c4:ca:61:
3d:86:57:41:7b:6e:50:55:db:9c:8d:f0:3b:1b:74:
ed:aa:dc:49:4b:df:be:0b:d3:8b:28:30:08:ff:19:
54:d8:58:e8:24:e7:a6:8f:da:29:21:db:b4:c8:41:
6b:ad:8a:56:a9:dc:9c:1d:5b:6e:92:b4:33:86:a9:
d9:f1:3b:3f:78:d5:24:e7:90:80:02:77:83:42:a4:
bd:c6:d4:bb:d1:b7:0f:1e:f0:fd:77:1b:12:73:40:
fe:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:E5:2A:41:68:C7:21:89:C4:70:72:00:32:39:16:5B:96:DE:50:F2
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/DOUqQWjHIYnEcHIAMjkWW5beUPI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.28.160.0/20
37.29.48.0-37.29.71.255
78.25.96.0/20
78.25.120.0/22
83.149.0.0/21
85.26.128.0/20
85.26.208.0/20
85.26.248.0/21
94.25.208.0/22
94.25.216.0-94.25.239.255
109.188.128.0/17
128.204.74.0/23
176.106.130.0/23
178.178.224.0/22
188.162.64.0/23
188.170.65.0-188.170.68.255
188.170.72.0-188.170.87.255
188.170.92.0/22
IPv6:
2a03:d000::-2a03:d000:2ff:ffff:ffff:ffff:ffff:ffff
2a03:d000:301::/48
Signature Algorithm: sha256WithRSAEncryption
73:20:59:1c:f7:b1:26:c2:ab:57:9f:d2:ae:37:6f:cc:2a:7c:
03:5d:c5:0f:96:a5:0b:3b:00:9e:5a:c9:0d:2f:db:ea:ef:a1:
32:e3:01:80:94:f4:9b:b6:3f:bd:33:25:12:67:69:d7:1d:fc:
c0:ce:d6:59:7e:3d:b0:48:5b:9f:da:83:48:4e:3e:00:55:4b:
cc:61:e1:f4:d3:18:c9:a4:d3:97:24:2c:23:57:0a:59:40:fa:
c7:f0:a6:c3:2a:6f:6b:cc:47:c2:16:a8:47:42:4f:3b:a3:da:
8b:de:78:40:5f:eb:c1:28:53:cd:05:b9:26:47:96:f4:48:50:
03:4f:e6:6d:88:7a:13:bf:45:ae:c5:bb:0d:e9:2b:48:8c:2b:
06:e2:58:8b:f8:ca:74:44:ad:5e:6e:6b:b5:ad:3c:ec:d2:68:
ee:28:54:47:fc:44:89:a7:f9:ad:5b:84:9f:c3:54:31:20:78:
a2:9a:79:1c:15:4d:7a:7a:57:9e:e5:06:d7:e3:7e:80:a9:22:
58:c6:65:59:d0:c8:78:d7:e6:65:ce:a3:e7:42:21:6f:43:6a:
f3:d1:18:f6:40:d3:2c:fc:f3:14:ce:7e:50:1c:8e:ee:7e:63:
bd:12:b1:83:ed:82:6c:0a:02:1d:d3:99:fe:ea:fd:50:b1:d8:
e3:8f:81:6a
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgISAY6X/8PtyyRSq/fq9JivWqqXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjQwNDAxMDQ1MTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2U1MmE0MTY4YzcyMTg5YzQ3MDcyMDAzMjM5MTY1Yjk2ZGU1MGYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzjvg1ZhZEnQciMc5pyqVvJlXA4XB
5mbHdm4RRadCNINaORsIxh49yYgt70oiuWPml5XPh4lBplhbTwBdGubn24n/2FEc
KgohP2E/8MlFjjGBWgHbqQNdLm9sjUyDp4XLx4HQsF3U7HVukyurPug0bHe0mvqa
2PFcRJJ3db+RQ8P0Y6wYDcalf/uXNizIDOq62n6X0k4FHXBbecZcBv7A8ALEymE9
hldBe25QVducjfA7G3TtqtxJS9++C9OLKDAI/xlU2FjoJOemj9opIdu0yEFrrYpW
qdycHVtukrQzhqnZ8Ts/eNUk55CAAneDQqS9xtS70bcPHvD9dxsSc0D+dQIDAQAB
o4ICtTCCArEwHQYDVR0OBBYEFAzlKkFoxyGJxHByADI5FluW3lDyMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvRE9VcVFXakhJWW5FY0hJQU1qa1dXNWJlVVBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHKBggrBgEFBQcBBwEB/wSBujCBtzCBkwQCAAEwgYwDBAQl
HKAwDAMEBCUdMAMEAyUdQAMEBE4ZYAMEAk4ZeAMEA1OVAAMEBFUagAMEBFUa0AME
A1Ua+AMEAl4Z0DAMAwQDXhnYAwQEXhngAwQHbbyAAwQBgMxKAwQBsGqCAwQCsrLg
AwQBvKJAMAwDBAC8qkEDBAC8qkQwDAMEA7yqSAMEA7yqUAMEAryqXDAfBAIAAjAZ
MA4DBAQqA9ADBgAqA9AAAgMHACoD0AADATANBgkqhkiG9w0BAQsFAAOCAQEAcyBZ
HPexJsKrV5/SrjdvzCp8A13FD5alCzsAnlrJDS/b6u+hMuMBgJT0m7Y/vTMlEmdp
1x38wM7WWX49sEhbn9qDSE4+AFVLzGHh9NMYyaTTlyQsI1cKWUD6x/Cmwypva8xH
whaoR0JPO6Pai954QF/rwShTzQW5JkeW9EhQA0/mbYh6E79FrsW7DekrSIwrBuJY
i/jKdEStXm5rta087NJo7ihUR/xEiaf5rVuEn8NUMSB4opp5HBVNenpXnuUG1+N+
gKkiWMZlWdDIeNfmZc6j50Ihb0Nq89EY9kDTLPzzFM5+UByO7n5jvRKxg+2CbAoC
HdOZ/ur9ULHY44+Bag==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:26:06 2025 by rpki-client