Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/tmp1FtE2SMIXrpmgSLNWj_VT6ZM.roa
File: tmp1FtE2SMIXrpmgSLNWj_VT6ZM.roa (raw, json)
Hash identifier: JgO27LLhjKdIqH3nU2n/egOQzHYqPWkzzCVRfmSObow=
Subject key identifier: B6:6A:75:16:D1:36:48:C2:17:AE:99:A0:48:B3:56:8F:F5:53:E9:93
Certificate issuer: /CN=624ad4535ac88dd534199f2a726095af71afe44e
Certificate serial: 0192DCC1204F5874F308917CCB173C290E02
Authority key identifier: 62:4A:D4:53:5A:C8:8D:D5:34:19:9F:2A:72:60:95:AF:71:AF:E4:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/tmp1FtE2SMIXrpmgSLNWj_VT6ZM.roa
Signing time: Wed 30 Oct 2024 09:28:17 +0000
ROA not before: Wed 30 Oct 2024 09:28:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197706
IP address blocks: 31.171.152.0/24 maxlen: 24
31.171.153.0/24 maxlen: 24
31.171.154.0/24 maxlen: 24
31.171.155.0/24 maxlen: 24
31.171.156.0/24 maxlen: 24
31.171.157.0/24 maxlen: 24
31.171.158.0/24 maxlen: 24
31.171.159.0/24 maxlen: 24
45.142.24.0/24 maxlen: 24
45.142.25.0/24 maxlen: 24
45.142.26.0/24 maxlen: 24
45.142.27.0/24 maxlen: 24
103.93.40.0/24 maxlen: 24
103.93.41.0/24 maxlen: 24
103.93.42.0/24 maxlen: 24
103.93.43.0/24 maxlen: 24
103.111.0.0/24 maxlen: 24
103.111.1.0/24 maxlen: 24
103.111.2.0/24 maxlen: 24
103.111.3.0/24 maxlen: 24
109.104.132.0/24 maxlen: 24
109.104.135.0/24 maxlen: 24
109.104.137.0/24 maxlen: 24
109.104.138.0/24 maxlen: 24
109.104.139.0/24 maxlen: 24
109.104.140.0/22 maxlen: 22
109.104.140.0/24 maxlen: 24
109.104.141.0/24 maxlen: 24
109.104.142.0/24 maxlen: 24
109.104.143.0/24 maxlen: 24
109.104.156.0/24 maxlen: 24
109.104.157.0/24 maxlen: 24
109.104.158.0/24 maxlen: 24
109.104.159.0/24 maxlen: 24
144.48.52.0/24 maxlen: 24
144.48.53.0/24 maxlen: 24
144.48.54.0/24 maxlen: 24
144.48.55.0/24 maxlen: 24
185.53.100.0/22 maxlen: 24
185.153.124.0/22 maxlen: 24
185.153.124.0/24 maxlen: 24
185.153.125.0/24 maxlen: 24
185.153.126.0/24 maxlen: 24
185.153.127.0/24 maxlen: 24
185.233.124.0/24 maxlen: 24
185.233.125.0/24 maxlen: 24
185.233.126.0/24 maxlen: 24
194.113.94.0/24 maxlen: 24
194.113.95.0/24 maxlen: 24
2a04:27c0::/29 maxlen: 48
2a04:27c0:fffd::/48 maxlen: 48
2a04:27c0:fffe::/48 maxlen: 48
2a09:6e40::/29 maxlen: 48
2a09:6e47::/48 maxlen: 48
2a09:6ec0::/29 maxlen: 48
2a0d:27c0::/29 maxlen: 48
2a0d:27c4::/32 maxlen: 32
2a0d:42c0::/29 maxlen: 48
2a0d:4a40::/29 maxlen: 48
2a0d:4a46::/32 maxlen: 32
2a0e:3f00::/29 maxlen: 48
2a0e:3f01::/48 maxlen: 48
2a0e:4f00::/29 maxlen: 48
2a0e:4f05::/32 maxlen: 32
2a0e:d4c0::/29 maxlen: 48
2a0f:42c0::/29 maxlen: 48
2a0f:a880::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 11 Nov 2024 13:46:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:dc:c1:20:4f:58:74:f3:08:91:7c:cb:17:3c:29:0e:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=624ad4535ac88dd534199f2a726095af71afe44e
Validity
Not Before: Oct 30 09:28:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b66a7516d13648c217ae99a048b3568ff553e993
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:02:0a:da:35:cd:04:ea:b7:2d:b1:b3:99:73:
03:1a:ab:66:a7:dd:04:0a:e5:d6:18:ad:cc:31:20:
2b:a8:70:e4:5a:f0:87:a9:ea:0a:93:35:a7:85:21:
d2:da:0d:09:7c:60:ea:53:c5:c0:61:d5:54:eb:f7:
fb:13:07:ce:d1:17:d9:06:53:46:b7:5e:e1:3e:34:
a8:7b:95:ec:77:08:80:f1:7b:b6:2b:48:3e:c4:57:
f7:6d:f7:85:ab:31:7a:e4:df:77:b7:49:d1:48:22:
f0:5f:59:63:ad:74:25:ca:c7:83:c1:35:e8:bf:8f:
2f:e5:03:50:ed:0c:28:54:38:15:ff:3e:0a:43:2e:
32:5c:7e:76:a8:64:03:1a:48:c9:f3:59:fb:60:20:
64:28:69:02:99:67:85:20:3f:60:cd:3c:2f:cd:0e:
bb:bf:22:ec:f8:5b:d7:d0:d5:29:98:af:a9:d6:f9:
94:e7:fb:c3:d5:e2:a3:3e:61:4e:18:86:fe:05:0d:
83:2e:ab:e0:35:f1:64:aa:5b:dc:ac:e7:c1:51:2d:
f7:5b:d1:fb:bd:d7:d5:be:1f:6d:2a:bb:df:5b:91:
a1:f7:15:9f:b1:45:2d:e7:03:6d:8a:33:33:cc:73:
00:aa:fe:5d:b9:8a:c4:62:11:56:58:90:82:56:08:
ae:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:6A:75:16:D1:36:48:C2:17:AE:99:A0:48:B3:56:8F:F5:53:E9:93
X509v3 Authority Key Identifier:
keyid:62:4A:D4:53:5A:C8:8D:D5:34:19:9F:2A:72:60:95:AF:71:AF:E4:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/tmp1FtE2SMIXrpmgSLNWj_VT6ZM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.171.152.0/21
45.142.24.0/22
103.93.40.0/22
103.111.0.0/22
109.104.132.0/24
109.104.135.0/24
109.104.137.0-109.104.143.255
109.104.156.0/22
144.48.52.0/22
185.53.100.0/22
185.153.124.0/22
185.233.124.0-185.233.126.255
194.113.94.0/23
IPv6:
2a04:27c0::/29
2a09:6e40::/29
2a09:6ec0::/29
2a0d:27c0::/29
2a0d:42c0::/29
2a0d:4a40::/29
2a0e:3f00::/29
2a0e:4f00::/29
2a0e:d4c0::/29
2a0f:42c0::/29
2a0f:a880::/29
Signature Algorithm: sha256WithRSAEncryption
31:23:a7:ad:2e:35:d3:3b:73:4c:f5:53:e0:46:76:c5:0f:03:
f3:08:81:b1:50:5f:75:5c:0b:29:e2:a2:82:dd:45:78:57:2d:
f0:79:98:a2:78:00:c5:56:22:3f:ef:7c:d7:cd:b1:63:82:d9:
5d:74:64:90:7e:6c:40:ba:e6:40:ee:16:61:1f:77:80:d4:7e:
ce:5c:88:b0:09:66:b3:f8:77:87:42:a8:da:94:21:8c:75:d9:
04:49:e3:10:ed:bf:ea:d0:82:b8:97:88:b9:96:0e:c9:f0:3b:
78:40:99:16:8b:f5:21:53:d8:5a:fc:41:a4:c4:61:1e:28:c5:
53:ec:c1:fc:52:ed:b7:75:a5:ba:b1:d5:b4:1e:5d:dd:bc:b2:
35:ab:4c:73:c7:f6:43:da:73:9a:e6:22:6d:0c:19:1f:3a:c6:
fa:61:e8:e2:1d:76:b3:43:61:f1:66:ea:55:bc:f9:49:ad:0a:
a8:46:3d:68:f6:69:03:91:f5:05:7c:a8:b5:e3:3e:75:c2:83:
0a:64:f1:c0:d3:21:70:ff:17:d6:cf:10:aa:8b:af:0c:b1:ec:
2d:3d:d7:c7:2b:94:1b:a5:72:2d:9e:ad:ba:e6:dd:90:d8:f3:
0a:d1:61:87:6c:eb:af:81:a1:0b:84:90:d4:7d:52:2c:98:1d:
52:16:07:91
-----BEGIN CERTIFICATE-----
MIIFrTCCBJWgAwIBAgISAZLcwSBPWHTzCJF8yxc8KQ4CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyNGFkNDUzNWFjODhkZDUzNDE5OWYyYTcyNjA5NWFmNzFh
ZmU0NGUwHhcNMjQxMDMwMDkyODE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjZhNzUxNmQxMzY0OGMyMTdhZTk5YTA0OGIzNTY4ZmY1NTNlOTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAygIK2jXNBOq3LbGzmXMDGqtmp90E
CuXWGK3MMSArqHDkWvCHqeoKkzWnhSHS2g0JfGDqU8XAYdVU6/f7EwfO0RfZBlNG
t17hPjSoe5XsdwiA8Xu2K0g+xFf3bfeFqzF65N93t0nRSCLwX1ljrXQlyseDwTXo
v48v5QNQ7QwoVDgV/z4KQy4yXH52qGQDGkjJ81n7YCBkKGkCmWeFID9gzTwvzQ67
vyLs+FvX0NUpmK+p1vmU5/vD1eKjPmFOGIb+BQ2DLqvgNfFkqlvcrOfBUS33W9H7
vdfVvh9tKrvfW5Gh9xWfsUUt5wNtijMzzHMAqv5duYrEYhFWWJCCVgiugQIDAQAB
o4ICuTCCArUwHQYDVR0OBBYEFLZqdRbRNkjCF66ZoEizVo/1U+mTMB8GA1UdIwQY
MBaAFGJK1FNayI3VNBmfKnJgla9xr+ROMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWtyVVUxcklqZFUwR1o4cWNtQ1ZyM0d2NUU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9hYTEwMTktNTY0Zi00YzQ2LWEyMTct
ZmI1OTQ5ODA4ZGRjLzEvdG1wMUZ0RTJTTUlYcnBtZ1NMTldqX1ZUNlpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9hYTEwMTktNTY0Zi00YzQ2LWEyMTctZmI1OTQ5ODA4ZGRj
LzEvWWtyVVUxcklqZFUwR1o4cWNtQ1ZyM0d2NUU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHOBggrBgEFBQcBBwEB/wSBvjCBuzBkBAIAATBeAwQDH6uY
AwQCLY4YAwQCZ10oAwQCZ28AAwQAbWiEAwQAbWiHMAwDBABtaIkDBARtaIADBAJt
aJwDBAKQMDQDBAK5NWQDBAK5mXwwDAMEArnpfAMEALnpfgMEAcJxXjBTBAIAAjBN
AwUDKgQnwAMFAyoJbkADBQMqCW7AAwUDKg0nwAMFAyoNQsADBQMqDUpAAwUDKg4/
AAMFAyoOTwADBQMqDtTAAwUDKg9CwAMFAyoPqIAwDQYJKoZIhvcNAQELBQADggEB
ADEjp60uNdM7c0z1U+BGdsUPA/MIgbFQX3VcCyniooLdRXhXLfB5mKJ4AMVWIj/v
fNfNsWOC2V10ZJB+bEC65kDuFmEfd4DUfs5ciLAJZrP4d4dCqNqUIYx12QRJ4xDt
v+rQgriXiLmWDsnwO3hAmRaL9SFT2Fr8QaTEYR4oxVPswfxS7bd1pbqx1bQeXd28
sjWrTHPH9kPac5rmIm0MGR86xvph6OIddrNDYfFm6lW8+UmtCqhGPWj2aQOR9QV8
qLXjPnXCgwpk8cDTIXD/F9bPEKqLrwyx7C0918crlBulci2erbrm3ZDY8wrRYYds
66+BoQuEkNR9UiyYHVIWB5E=
-----END CERTIFICATE-----
Generated at Mon Apr 28 08:23:52 2025 by rpki-client