Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/dc5a62-064b-45b0-b89d-c01f80a1c805/1/heqkAU6rGZsOz1fLg1PzGAnXAto.roa
File: heqkAU6rGZsOz1fLg1PzGAnXAto.roa (raw, json)
Hash identifier: JQWuu5rpMngl/O3FbvINThUAYBe+hMucyOxgdOCVr9o=
Subject key identifier: 85:EA:A4:01:4E:AB:19:9B:0E:CF:57:CB:83:53:F3:18:09:D7:02:DA
Certificate issuer: /CN=0e0f4872ad1c1f4fcb213b6b2edb388a2d9c9a23
Certificate serial: 018CC3B704DE61B7EFC750DBE7A83B69DECA
Authority key identifier: 0E:0F:48:72:AD:1C:1F:4F:CB:21:3B:6B:2E:DB:38:8A:2D:9C:9A:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Dg9Icq0cH0_LITtrLts4ii2cmiM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/dc5a62-064b-45b0-b89d-c01f80a1c805/1/heqkAU6rGZsOz1fLg1PzGAnXAto.roa
Signing time: Mon 01 Jan 2024 06:30:00 +0000
ROA not before: Mon 01 Jan 2024 06:30:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5391
IP address blocks: 31.216.192.0/19 maxlen: 19
194.152.198.0/24 maxlen: 24
194.152.192.0/18 maxlen: 18
93.141.0.0/16 maxlen: 16
93.139.0.0/16 maxlen: 16
93.159.64.0/19 maxlen: 19
78.1.0.0/16 maxlen: 16
46.188.128.0/17 maxlen: 17
46.188.128.0/19 maxlen: 19
87.252.128.0/19 maxlen: 24
31.217.32.0/19 maxlen: 19
93.143.0.0/16 maxlen: 16
93.138.0.0/16 maxlen: 16
31.217.64.0/19 maxlen: 19
93.136.0.0/16 maxlen: 16
78.3.0.0/16 maxlen: 16
83.131.0.0/16 maxlen: 16
83.131.8.0/24 maxlen: 24
31.217.0.0/17 maxlen: 17
31.217.0.0/19 maxlen: 19
46.188.224.0/19 maxlen: 19
93.140.0.0/16 maxlen: 16
89.172.0.0/16 maxlen: 16
78.2.0.0/16 maxlen: 16
188.125.0.0/20 maxlen: 20
195.29.0.0/16 maxlen: 18
46.188.160.0/19 maxlen: 19
178.160.0.0/17 maxlen: 17
78.0.0.0/16 maxlen: 16
46.188.192.0/19 maxlen: 19
31.217.96.0/19 maxlen: 19
93.142.0.0/16 maxlen: 16
93.137.0.0/16 maxlen: 18
2a00:c30::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 07 Mar 2024 21:14:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:04:de:61:b7:ef:c7:50:db:e7:a8:3b:69:de:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e0f4872ad1c1f4fcb213b6b2edb388a2d9c9a23
Validity
Not Before: Jan 1 06:30:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=85eaa4014eab199b0ecf57cb8353f31809d702da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:3b:b0:ba:97:2c:65:76:9a:90:51:ee:df:81:
64:c1:17:06:d0:0e:64:e3:c7:58:9c:97:81:21:65:
9e:0b:5b:fd:82:a8:85:ed:23:92:49:84:89:1d:a1:
63:c9:36:13:c9:af:3f:35:54:3c:b0:bb:98:9d:f3:
92:eb:19:be:b5:7c:bc:6a:4f:9c:81:49:dd:97:f6:
32:f4:0f:ae:04:6b:51:8a:08:80:5f:1f:04:4a:ee:
24:5b:86:94:6c:c7:86:27:ef:a4:30:64:52:3b:0e:
df:dd:a2:f3:33:25:d7:4c:eb:fa:a6:55:b4:e8:8c:
91:93:d6:47:88:06:8d:66:0e:ba:3a:d1:5b:db:40:
b6:22:de:64:6f:a8:35:15:e0:a0:c9:f9:b9:1f:32:
96:72:19:16:37:10:87:16:66:d7:b1:5e:11:02:bf:
aa:76:83:4b:86:d4:40:68:39:4d:e7:fe:25:c0:50:
81:3f:f5:f9:ae:dd:97:60:de:46:48:b1:93:85:11:
6f:c3:ae:24:79:97:6e:06:bf:5e:a3:b5:3c:25:e1:
30:b8:31:ac:b4:41:f4:4f:b2:1c:cd:95:65:ba:b3:
af:9f:f0:3a:13:5b:65:30:88:4b:47:40:48:5b:6e:
32:9a:df:26:0f:07:cf:43:d1:e1:6c:cb:f6:c5:84:
69:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:EA:A4:01:4E:AB:19:9B:0E:CF:57:CB:83:53:F3:18:09:D7:02:DA
X509v3 Authority Key Identifier:
keyid:0E:0F:48:72:AD:1C:1F:4F:CB:21:3B:6B:2E:DB:38:8A:2D:9C:9A:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dg9Icq0cH0_LITtrLts4ii2cmiM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/dc5a62-064b-45b0-b89d-c01f80a1c805/1/heqkAU6rGZsOz1fLg1PzGAnXAto.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/dc5a62-064b-45b0-b89d-c01f80a1c805/1/Dg9Icq0cH0_LITtrLts4ii2cmiM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.216.192.0/19
31.217.0.0/17
46.188.128.0/17
78.0.0.0/14
83.131.0.0/16
87.252.128.0/19
89.172.0.0/16
93.136.0.0/13
93.159.64.0/19
178.160.0.0/17
188.125.0.0/20
194.152.192.0/18
195.29.0.0/16
IPv6:
2a00:c30::/32
Signature Algorithm: sha256WithRSAEncryption
0a:05:48:b9:3f:06:77:4a:7b:01:d0:ce:79:af:1e:79:bb:ce:
36:c7:61:80:57:bf:76:2a:0d:cb:aa:5b:fc:ab:d0:07:29:af:
fd:71:a7:42:5d:3c:64:e8:07:db:54:7a:b8:3e:cc:e6:97:94:
47:9c:41:9d:5b:18:f7:cf:d8:b3:f9:c7:5d:8e:d6:10:ee:92:
c5:49:17:4d:8d:7d:bf:78:48:0d:10:0e:11:e2:f3:6b:be:0b:
4e:28:6d:71:b7:f2:75:af:97:db:82:e8:e5:09:22:ab:62:c4:
f5:c4:98:c5:57:79:f3:96:71:4a:8a:45:8c:e3:a0:56:59:b8:
47:32:83:b4:3e:dd:72:f5:f8:59:dc:04:25:20:d1:3d:09:6d:
73:17:51:d1:5c:32:b5:40:76:8a:11:86:76:69:a2:4a:0a:51:
38:c9:b6:01:5a:8a:95:05:4f:32:68:5a:3b:e8:47:99:96:c7:
60:a6:5a:f6:7e:16:db:b8:82:69:7d:5c:92:20:59:6c:a1:13:
8f:27:57:86:4d:5c:30:b5:dd:d7:13:38:cb:b5:ce:7e:41:78:
fd:57:bd:8a:0e:b3:fa:3d:a8:36:ce:8c:ab:88:21:e8:92:7c:
40:41:d1:8a:74:7c:1f:29:7c:09:d0:d0:e3:ad:04:de:d5:b3:
c0:77:86:cf
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAYzDtwTeYbfvx1Db56g7ad7KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlMGY0ODcyYWQxYzFmNGZjYjIxM2I2YjJlZGIzODhhMmQ5
YzlhMjMwHhcNMjQwMTAxMDYzMDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWVhYTQwMTRlYWIxOTliMGVjZjU3Y2I4MzUzZjMxODA5ZDcwMmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjDuwupcsZXaakFHu34FkwRcG0A5k
48dYnJeBIWWeC1v9gqiF7SOSSYSJHaFjyTYTya8/NVQ8sLuYnfOS6xm+tXy8ak+c
gUndl/Yy9A+uBGtRigiAXx8ESu4kW4aUbMeGJ++kMGRSOw7f3aLzMyXXTOv6plW0
6IyRk9ZHiAaNZg66OtFb20C2It5kb6g1FeCgyfm5HzKWchkWNxCHFmbXsV4RAr+q
doNLhtRAaDlN5/4lwFCBP/X5rt2XYN5GSLGThRFvw64keZduBr9eo7U8JeEwuDGs
tEH0T7IczZVlurOvn/A6E1tlMIhLR0BIW24ymt8mDwfPQ9HhbMv2xYRp3QIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFIXqpAFOqxmbDs9Xy4NT8xgJ1wLaMB8GA1UdIwQY
MBaAFA4PSHKtHB9PyyE7ay7bOIotnJojMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGc5SWNxMGNIMF9MSVR0ckx0czRpaTJjbWlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9kYzVhNjItMDY0Yi00NWIwLWI4OWQt
YzAxZjgwYTFjODA1LzEvaGVxa0FVNnJHWnNPejFmTGcxUHpHQW5YQXRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9kYzVhNjItMDY0Yi00NWIwLWI4OWQtYzAxZjgwYTFjODA1
LzEvRGc5SWNxMGNIMF9MSVR0ckx0czRpaTJjbWlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBPBAIAATBJAwQFH9jAAwQH
H9kAAwQHLryAAwMCTgADAwBTgwMEBVf8gAMDAFmsAwMDXYgDBAVdn0ADBAeyoAAD
BAS8fQADBAbCmMADAwDDHTANBAIAAjAHAwUAKgAMMDANBgkqhkiG9w0BAQsFAAOC
AQEACgVIuT8Gd0p7AdDOea8eebvONsdhgFe/dioNy6pb/KvQBymv/XGnQl08ZOgH
21R6uD7M5peUR5xBnVsY98/Ys/nHXY7WEO6SxUkXTY19v3hIDRAOEeLza74LTiht
cbfyda+X24Lo5Qkiq2LE9cSYxVd585ZxSopFjOOgVlm4RzKDtD7dcvX4WdwEJSDR
PQltcxdR0VwytUB2ihGGdmmiSgpROMm2AVqKlQVPMmhaO+hHmZbHYKZa9n4W27iC
aX1ckiBZbKETjydXhk1cMLXd1xM4y7XOfkF4/Ve9ig6z+j2oNs6Mq4gh6JJ8QEHR
inR8Hyl8CdDQ460E3tWzwHeGzw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:35:31 2025 by rpki-client