Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/ea3614-f090-4a2b-9355-b89a511c3bbd/1/6-jKfbCz1yyh4Rbph45HWIMtmkQ.roa
File: 6-jKfbCz1yyh4Rbph45HWIMtmkQ.roa (raw, json)
Hash identifier: OS+kxSyRGrkHcMYvZqcX76Ajs2m21GHJP00YTrCJAAw=
Subject key identifier: EB:E8:CA:7D:B0:B3:D7:2C:A1:E1:16:E9:87:8E:47:58:83:2D:9A:44
Certificate issuer: /CN=c98b825f36e9cc330315c940de800cbabce3397b
Certificate serial: 0193E2FEB68840993F8F2E9A85E96737E147
Authority key identifier: C9:8B:82:5F:36:E9:CC:33:03:15:C9:40:DE:80:0C:BA:BC:E3:39:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yYuCXzbpzDMDFclA3oAMurzjOXs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/ea3614-f090-4a2b-9355-b89a511c3bbd/1/6-jKfbCz1yyh4Rbph45HWIMtmkQ.roa
Signing time: Fri 20 Dec 2024 07:36:03 +0000
ROA not before: Fri 20 Dec 2024 07:36:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51720
IP address blocks: 31.3.144.0/22 maxlen: 22
37.228.120.0/24 maxlen: 24
37.228.122.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:51:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:e2:fe:b6:88:40:99:3f:8f:2e:9a:85:e9:67:37:e1:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c98b825f36e9cc330315c940de800cbabce3397b
Validity
Not Before: Dec 20 07:36:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ebe8ca7db0b3d72ca1e116e9878e4758832d9a44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:50:12:e6:df:18:64:cb:0d:c3:48:8c:47:fb:
9a:5c:d7:3c:16:c1:0b:40:10:2e:cd:4e:e0:44:69:
c1:83:21:9a:b2:b2:03:72:56:a1:33:b5:16:12:2b:
c6:55:5c:16:98:f5:05:ab:c0:0c:7b:ff:e4:3b:15:
a5:1c:c8:b5:cf:a2:c4:ec:85:de:e9:59:23:c7:68:
44:91:7a:4a:2d:80:4d:06:1f:e9:7f:4d:1b:4b:9d:
2d:a0:18:50:f2:4f:df:df:26:a0:4a:c3:a4:1c:15:
0f:02:dd:1b:59:e9:30:7b:82:fb:3f:85:0a:45:72:
b6:69:a5:ee:13:c2:42:09:dc:77:db:d6:b0:02:fb:
50:f2:7d:84:c2:c1:f7:ef:06:0e:b0:70:74:7c:d0:
71:8d:8a:a0:9e:de:86:fd:b6:80:42:71:f1:fb:52:
09:a5:0b:cd:55:b5:bf:3e:e8:9b:cc:1c:15:0d:9b:
91:63:a0:3f:3c:4d:1d:42:67:20:62:09:5f:a6:fd:
57:32:02:9e:05:07:bb:37:0c:cb:7a:ff:a0:72:6a:
e5:64:f4:2a:06:9b:fa:77:04:7e:fa:0c:4a:94:5e:
df:48:ce:94:58:0b:9c:e6:6b:28:7a:01:78:d5:71:
df:70:a8:20:6a:60:85:53:f4:59:e3:9b:86:67:a7:
5e:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:E8:CA:7D:B0:B3:D7:2C:A1:E1:16:E9:87:8E:47:58:83:2D:9A:44
X509v3 Authority Key Identifier:
keyid:C9:8B:82:5F:36:E9:CC:33:03:15:C9:40:DE:80:0C:BA:BC:E3:39:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yYuCXzbpzDMDFclA3oAMurzjOXs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/ea3614-f090-4a2b-9355-b89a511c3bbd/1/6-jKfbCz1yyh4Rbph45HWIMtmkQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/ea3614-f090-4a2b-9355-b89a511c3bbd/1/yYuCXzbpzDMDFclA3oAMurzjOXs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.3.144.0/22
37.228.120.0/24
37.228.122.0/23
Signature Algorithm: sha256WithRSAEncryption
9e:53:9d:a9:9a:96:4e:ec:ca:1e:36:08:20:06:33:7e:1b:8b:
d7:68:2a:13:3b:e9:6e:5e:2e:5c:c4:d2:5b:32:c3:b4:de:cd:
09:7f:6b:c4:73:da:b8:bc:f0:2b:be:22:d7:b5:fd:4e:23:5a:
c8:35:f9:98:f3:01:1b:f5:37:e5:c1:c6:94:8b:f4:d8:5a:a9:
02:82:18:92:93:51:e2:ff:f7:f4:36:fe:c6:24:b7:76:1a:82:
87:0e:fa:29:cc:c6:60:4f:6b:b4:24:4f:3f:cf:5c:94:49:78:
3e:8e:dd:12:50:bb:7a:c3:c1:f7:b9:bc:3f:9b:47:08:fd:1e:
af:ca:f2:c4:0e:80:17:f1:01:63:e8:f9:c3:83:46:34:0c:02:
bd:b7:e8:f8:7c:9a:ce:4f:e1:24:e3:be:61:d4:d5:88:23:02:
3b:74:dd:76:31:5e:c9:72:45:5c:7a:9a:17:03:7e:46:fb:22:
80:be:64:e3:6c:ab:8a:fd:72:9f:9f:86:98:23:70:be:ec:fb:
83:a1:fb:1a:29:0f:6b:86:0a:e2:c4:ce:e4:7e:fa:e4:2b:32:
67:bc:3c:3f:26:b3:2d:c2:ee:30:38:12:99:e3:3a:2b:c6:c5:
5b:a4:5c:35:a1:b2:a8:3b:40:da:e0:f4:f7:4a:ca:3f:f7:d2:
83:9d:b1:97
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZPi/raIQJk/jy6ahelnN+FHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5OGI4MjVmMzZlOWNjMzMwMzE1Yzk0MGRlODAwY2JhYmNl
MzM5N2IwHhcNMjQxMjIwMDczNjAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmU4Y2E3ZGIwYjNkNzJjYTFlMTE2ZTk4NzhlNDc1ODgzMmQ5YTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzVAS5t8YZMsNw0iMR/uaXNc8FsEL
QBAuzU7gRGnBgyGasrIDclahM7UWEivGVVwWmPUFq8AMe//kOxWlHMi1z6LE7IXe
6Vkjx2hEkXpKLYBNBh/pf00bS50toBhQ8k/f3yagSsOkHBUPAt0bWekwe4L7P4UK
RXK2aaXuE8JCCdx329awAvtQ8n2EwsH37wYOsHB0fNBxjYqgnt6G/baAQnHx+1IJ
pQvNVbW/PuibzBwVDZuRY6A/PE0dQmcgYglfpv1XMgKeBQe7NwzLev+gcmrlZPQq
Bpv6dwR++gxKlF7fSM6UWAuc5msoegF41XHfcKggamCFU/RZ45uGZ6deTwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOvoyn2ws9csoeEW6YeOR1iDLZpEMB8GA1UdIwQY
MBaAFMmLgl826cwzAxXJQN6ADLq84zl7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVl1Q1h6YnB6RE1ERmNsQTNvQU11cnpqT1hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy9lYTM2MTQtZjA5MC00YTJiLTkzNTUt
Yjg5YTUxMWMzYmJkLzEvNi1qS2ZiQ3oxeXloNFJicGg0NUhXSU10bWtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy9lYTM2MTQtZjA5MC00YTJiLTkzNTUtYjg5YTUxMWMzYmJk
LzEveVl1Q1h6YnB6RE1ERmNsQTNvQU11cnpqT1hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCHwOQAwQA
JeR4AwQBJeR6MA0GCSqGSIb3DQEBCwUAA4IBAQCeU52pmpZO7MoeNgggBjN+G4vX
aCoTO+luXi5cxNJbMsO03s0Jf2vEc9q4vPArviLXtf1OI1rINfmY8wEb9TflwcaU
i/TYWqkCghiSk1Hi//f0Nv7GJLd2GoKHDvopzMZgT2u0JE8/z1yUSXg+jt0SULt6
w8H3ubw/m0cI/R6vyvLEDoAX8QFj6PnDg0Y0DAK9t+j4fJrOT+Ek475h1NWIIwI7
dN12MV7JckVcepoXA35G+yKAvmTjbKuK/XKfn4aYI3C+7PuDofsaKQ9rhgrixM7k
fvrkKzJnvDw/JrMtwu4wOBKZ4zorxsVbpFw1obKoO0Da4PT3Sso/99KDnbGX
-----END CERTIFICATE-----
Generated at Sat Apr 19 06:22:44 2025 by rpki-client