Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/IHXFkr2PxB2IK4NAS49C2jLbw2c.roa
File: IHXFkr2PxB2IK4NAS49C2jLbw2c.roa (raw, json)
Hash identifier: QHd9JCpYMyhIha+du2qPAZLcvoEpstAxvx89VMzAIIg=
Subject key identifier: 20:75:C5:92:BD:8F:C4:1D:88:2B:83:40:4B:8F:42:DA:32:DB:C3:67
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 018DEFB6C0698D0F5F6BF3D694A5F70D9488
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/IHXFkr2PxB2IK4NAS49C2jLbw2c.roa
Signing time: Wed 28 Feb 2024 12:35:47 +0000
ROA not before: Wed 28 Feb 2024 12:35:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25159
IP address blocks: 31.173.0.0/21 maxlen: 21
31.173.8.0/21 maxlen: 21
31.173.16.0/21 maxlen: 21
31.173.24.0/21 maxlen: 21
31.173.32.0/19 maxlen: 19
31.173.60.0/24 maxlen: 24
31.173.64.0/21 maxlen: 21
31.173.72.0/21 maxlen: 21
31.173.80.0/21 maxlen: 21
31.173.88.0/21 maxlen: 21
37.28.176.0/21 maxlen: 21
37.29.32.0/21 maxlen: 21
46.229.128.0/22 maxlen: 22
62.64.0.0/20 maxlen: 20
62.64.16.0/20 maxlen: 20
78.25.112.0/22 maxlen: 22
78.25.116.0/23 maxlen: 23
78.25.118.0/24 maxlen: 24
78.25.119.0/24 maxlen: 24
83.222.212.0/22 maxlen: 22
83.222.216.0/21 maxlen: 21
83.229.211.0/24 maxlen: 24
83.229.254.0/24 maxlen: 24
85.26.144.0/20 maxlen: 20
91.205.168.0/23 maxlen: 23
91.205.170.0/23 maxlen: 23
94.25.131.0/24 maxlen: 24
94.25.144.0/20 maxlen: 20
94.25.160.0/24 maxlen: 24
94.25.164.0/24 maxlen: 24
94.25.168.0/22 maxlen: 22
94.25.172.0/22 maxlen: 22
94.25.176.0/21 maxlen: 21
94.25.184.0/21 maxlen: 21
109.188.64.0/19 maxlen: 19
109.188.96.0/21 maxlen: 21
109.188.112.0/23 maxlen: 23
109.188.114.0/24 maxlen: 24
128.204.76.0/22 maxlen: 22
128.204.76.0/23 maxlen: 23
128.204.78.0/23 maxlen: 23
178.176.0.0/19 maxlen: 19
178.176.32.0/21 maxlen: 21
178.176.40.0/21 maxlen: 21
178.176.52.0/22 maxlen: 22
178.176.72.0/21 maxlen: 21
178.176.92.0/22 maxlen: 22
178.177.0.0/18 maxlen: 18
178.177.3.0/24 maxlen: 24
178.178.192.0/22 maxlen: 22
178.178.198.0/23 maxlen: 23
178.178.204.0/24 maxlen: 24
178.178.205.0/24 maxlen: 24
188.170.0.0/19 maxlen: 19
188.170.24.0/24 maxlen: 24
188.170.25.0/24 maxlen: 24
188.170.32.0/21 maxlen: 21
188.170.40.0/21 maxlen: 21
193.201.228.0/22 maxlen: 22
195.16.96.0/19 maxlen: 19
195.16.110.0/23 maxlen: 23
195.16.114.0/23 maxlen: 23
195.230.70.0/23 maxlen: 23
195.230.91.0/24 maxlen: 24
195.230.92.0/24 maxlen: 24
212.69.106.0/24 maxlen: 24
212.69.113.0/24 maxlen: 24
212.69.114.0/24 maxlen: 24
212.69.125.0/24 maxlen: 24
213.243.109.0/24 maxlen: 24
213.243.116.0/24 maxlen: 24
2a03:d000:4000::/36 maxlen: 36
2a03:d000:4100::/40 maxlen: 40
2a03:d000:4200::/40 maxlen: 40
2a03:d000:4300::/40 maxlen: 40
2a03:d000:4400::/40 maxlen: 40
2a03:d004::/40 maxlen: 40
Validation: Failed, certificate revoked on Tue 26 Mar 2024 06:43:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ef:b6:c0:69:8d:0f:5f:6b:f3:d6:94:a5:f7:0d:94:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Feb 28 12:35:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2075c592bd8fc41d882b83404b8f42da32dbc367
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:37:ed:54:4e:43:09:d9:e6:27:f2:56:5e:c6:
1c:53:e0:2e:56:9b:6e:a1:36:75:b8:f8:f0:51:03:
a6:7a:d5:5f:2f:a5:27:12:24:b4:34:a7:e2:05:2e:
e9:71:c8:37:88:6b:c1:fa:af:dc:f3:d3:30:8e:ce:
7d:62:11:fe:70:36:54:b3:5f:b9:23:88:ca:33:7e:
1e:bd:83:5e:9c:16:f0:1c:58:37:bf:3c:2a:fe:2b:
74:10:8b:65:68:8d:56:17:1f:05:60:1d:29:15:02:
03:98:48:c9:03:70:9e:7c:9c:60:dc:6c:bf:0c:de:
f7:42:5e:03:14:3c:53:c5:cd:13:73:cf:83:00:43:
27:7f:a8:de:87:f1:9f:7e:62:32:17:56:5d:96:24:
9b:49:ee:40:7d:03:84:16:60:f2:ce:37:59:2f:d6:
73:86:21:d7:26:b7:4b:f6:75:dc:85:a3:ef:d7:8d:
f7:76:d9:3e:4a:b7:c3:7c:d3:99:21:80:3b:50:39:
89:ed:a1:f5:bc:b4:45:53:aa:82:8e:f6:42:10:82:
f5:24:6a:eb:fc:45:fe:f5:52:d7:91:c7:cd:4d:c3:
37:53:18:bb:67:04:1a:05:64:76:a9:96:6e:98:a4:
19:c2:6b:fe:61:b3:95:ba:9a:21:2d:8c:02:7e:65:
c1:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:75:C5:92:BD:8F:C4:1D:88:2B:83:40:4B:8F:42:DA:32:DB:C3:67
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/IHXFkr2PxB2IK4NAS49C2jLbw2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.173.0.0-31.173.95.255
37.28.176.0/21
37.29.32.0/21
46.229.128.0/22
62.64.0.0/19
78.25.112.0/21
83.222.212.0-83.222.223.255
83.229.211.0/24
83.229.254.0/24
85.26.144.0/20
91.205.168.0/22
94.25.131.0/24
94.25.144.0-94.25.160.255
94.25.164.0/24
94.25.168.0-94.25.191.255
109.188.64.0-109.188.103.255
109.188.112.0-109.188.114.255
128.204.76.0/22
178.176.0.0-178.176.47.255
178.176.52.0/22
178.176.72.0/21
178.176.92.0/22
178.177.0.0/18
178.178.192.0/22
178.178.198.0/23
178.178.204.0/23
188.170.0.0-188.170.47.255
193.201.228.0/22
195.16.96.0/19
195.230.70.0/23
195.230.91.0-195.230.92.255
212.69.106.0/24
212.69.113.0-212.69.114.255
212.69.125.0/24
213.243.109.0/24
213.243.116.0/24
IPv6:
2a03:d000:4000::/36
2a03:d004::/40
Signature Algorithm: sha256WithRSAEncryption
27:59:37:4e:6b:3f:84:20:6a:55:24:90:58:74:5f:86:f8:32:
33:88:08:d4:ef:f8:0c:24:e7:6b:e5:df:aa:24:f0:2a:5d:40:
59:d4:ff:4f:fd:4d:e2:f7:6e:f9:9c:e8:d4:79:f1:2d:87:2d:
6c:5d:3b:0e:2d:0b:50:f7:ab:91:2c:58:17:36:61:1e:a2:76:
4c:f1:e2:94:10:a8:86:d2:61:d3:a7:49:99:dd:b7:66:ae:7c:
3e:1a:2f:50:1c:63:1c:21:7d:ed:31:47:61:0e:80:15:45:3d:
7d:76:b0:bc:75:0e:96:93:bd:87:d6:d6:83:bb:7a:3f:7c:02:
e3:6f:48:98:a3:7f:e8:f3:4f:30:15:68:93:57:94:22:fd:8a:
71:ec:53:eb:62:55:b8:7a:02:95:a3:3b:44:d8:9c:21:41:8d:
47:12:fb:28:cc:11:45:67:ab:cb:c4:7d:81:3e:1f:9f:d5:6d:
07:65:06:24:6a:f2:de:dc:61:15:01:9f:e1:7b:fd:18:8d:d3:
8a:50:56:b1:3b:c8:1b:ac:cc:07:83:11:a9:db:a4:92:59:02:
b3:6c:db:b1:10:ef:d9:67:66:73:ac:6f:30:28:a4:9c:d6:49:
44:7c:2c:8d:02:f1:e9:86:40:ae:98:6d:0f:b9:63:09:81:b9:
e8:2a:c1:c3
-----BEGIN CERTIFICATE-----
MIIGPjCCBSagAwIBAgISAY3vtsBpjQ9fa/PWlKX3DZSIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjQwMjI4MTIzNTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDc1YzU5MmJkOGZjNDFkODgyYjgzNDA0YjhmNDJkYTMyZGJjMzY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAljftVE5DCdnmJ/JWXsYcU+AuVptu
oTZ1uPjwUQOmetVfL6UnEiS0NKfiBS7pccg3iGvB+q/c89Mwjs59YhH+cDZUs1+5
I4jKM34evYNenBbwHFg3vzwq/it0EItlaI1WFx8FYB0pFQIDmEjJA3CefJxg3Gy/
DN73Ql4DFDxTxc0Tc8+DAEMnf6jeh/GffmIyF1ZdliSbSe5AfQOEFmDyzjdZL9Zz
hiHXJrdL9nXchaPv1433dtk+SrfDfNOZIYA7UDmJ7aH1vLRFU6qCjvZCEIL1JGrr
/EX+9VLXkcfNTcM3Uxi7ZwQaBWR2qZZumKQZwmv+YbOVupohLYwCfmXBSQIDAQAB
o4IDSjCCA0YwHQYDVR0OBBYEFCB1xZK9j8QdiCuDQEuPQtoy28NnMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvSUhYRmtyMlB4QjJJSzROQVM0OUMyakxidzJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBXgYIKwYBBQUHAQcBAf8EggFNMIIBSTCCAS0EAgABMIIB
JTALAwMAH60DBAUfrUADBAMlHLADBAMlHSADBAIu5YADBAU+QAADBANOGXAwDAME
AlPe1AMEBVPewAMEAFPl0wMEAFPl/gMEBFUakAMEAlvNqAMEAF4ZgzAMAwQEXhmQ
AwQAXhmgAwQAXhmkMAwDBANeGagDBAZeGYAwDAMEBm28QAMEA228YDAMAwQEbbxw
AwQAbbxyAwQCgMxMMAsDAwSysAMEBLKwIAMEArKwNAMEA7KwSAMEArKwXAMEBrKx
AAMEArKywAMEAbKyxgMEAbKyzDALAwMBvKoDBAS8qiADBALByeQDBAXDEGADBAHD
5kYwDAMEAMPmWwMEAMPmXAMEANRFajAMAwQA1EVxAwQA1EVyAwQA1EV9AwQA1fNt
AwQA1fN0MBYEAgACMBADBgQqA9AAQAMGACoD0AQAMA0GCSqGSIb3DQEBCwUAA4IB
AQAnWTdOaz+EIGpVJJBYdF+G+DIziAjU7/gMJOdr5d+qJPAqXUBZ1P9P/U3i9275
nOjUefEthy1sXTsOLQtQ96uRLFgXNmEeonZM8eKUEKiG0mHTp0mZ3bdmrnw+Gi9Q
HGMcIX3tMUdhDoAVRT19drC8dQ6Wk72H1taDu3o/fALjb0iYo3/o808wFWiTV5Qi
/Ypx7FPrYlW4egKVoztE2JwhQY1HEvsozBFFZ6vLxH2BPh+f1W0HZQYkavLe3GEV
AZ/he/0YjdOKUFaxO8gbrMwHgxGp26SSWQKzbNuxEO/ZZ2ZzrG8wKKSc1klEfCyN
AvHphkCumG0PuWMJgbnoKsHD
-----END CERTIFICATE-----
Generated at Tue Apr 8 04:23:37 2025 by rpki-client