Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/ea3614-f090-4a2b-9355-b89a511c3bbd/1/C8Npppa_sWkHbDzVnY-EeQt5MPE.roa
File: C8Npppa_sWkHbDzVnY-EeQt5MPE.roa (raw, json)
Hash identifier: dmmXkq5irGpEV9fssHuAI/Ymtb/Fdxs/ltnD0W7Nz0E=
Subject key identifier: 0B:C3:69:A6:96:BF:B1:69:07:6C:3C:D5:9D:8F:84:79:0B:79:30:F1
Certificate issuer: /CN=c98b825f36e9cc330315c940de800cbabce3397b
Certificate serial: 019427B69124CD5C5C761941D1D11D767689
Authority key identifier: C9:8B:82:5F:36:E9:CC:33:03:15:C9:40:DE:80:0C:BA:BC:E3:39:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yYuCXzbpzDMDFclA3oAMurzjOXs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/ea3614-f090-4a2b-9355-b89a511c3bbd/1/C8Npppa_sWkHbDzVnY-EeQt5MPE.roa
Signing time: Thu 02 Jan 2025 15:51:03 +0000
ROA not before: Thu 02 Jan 2025 15:51:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51720
IP address blocks: 31.3.144.0/22 maxlen: 22
37.228.120.0/24 maxlen: 24
37.228.122.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 20 Jan 2025 07:19:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:91:24:cd:5c:5c:76:19:41:d1:d1:1d:76:76:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c98b825f36e9cc330315c940de800cbabce3397b
Validity
Not Before: Jan 2 15:51:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0bc369a696bfb169076c3cd59d8f84790b7930f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:b8:9f:9a:b0:0c:a6:21:34:ed:7e:e8:82:b0:
5d:c5:5e:b0:0e:c5:79:00:66:b0:12:e8:2a:a3:d1:
10:fe:f0:40:f6:61:ab:25:57:c7:2d:96:ad:1f:9b:
14:f8:6c:1f:69:f0:d9:97:b0:d8:e3:8f:59:da:bb:
49:51:b9:db:c2:9d:10:f1:1c:11:b0:57:03:fe:5c:
0d:b6:07:f5:30:b1:60:c9:9a:31:a8:c6:6b:65:76:
99:b5:5d:14:bc:ec:38:8c:be:e7:3f:5c:3c:39:6f:
56:aa:b9:29:71:5f:da:b5:0c:09:ee:8f:68:a1:bd:
34:8e:d8:3f:ff:93:68:49:5f:4b:c1:9c:01:77:1c:
2d:28:2e:e9:d9:c1:01:66:45:d7:12:de:8c:2c:5c:
0d:dc:04:3c:74:e7:b9:8b:ff:91:aa:e2:e7:da:00:
1f:12:0d:08:7f:ea:86:be:29:4a:65:cb:52:3f:85:
2e:d1:b8:33:d0:4d:e1:58:33:30:5e:7c:ff:9f:04:
d9:04:a8:31:57:7e:73:26:e7:dc:9f:c0:ff:eb:14:
b7:22:d7:03:4c:b6:b3:11:53:5c:39:f4:a8:c6:42:
b0:9d:0e:87:e6:79:fc:19:b2:f7:39:7c:db:80:56:
fa:9e:f3:c7:8c:c1:12:6b:d2:49:c3:bd:2d:e1:94:
c4:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:C3:69:A6:96:BF:B1:69:07:6C:3C:D5:9D:8F:84:79:0B:79:30:F1
X509v3 Authority Key Identifier:
keyid:C9:8B:82:5F:36:E9:CC:33:03:15:C9:40:DE:80:0C:BA:BC:E3:39:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yYuCXzbpzDMDFclA3oAMurzjOXs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/ea3614-f090-4a2b-9355-b89a511c3bbd/1/C8Npppa_sWkHbDzVnY-EeQt5MPE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/ea3614-f090-4a2b-9355-b89a511c3bbd/1/yYuCXzbpzDMDFclA3oAMurzjOXs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.3.144.0/22
37.228.120.0/24
37.228.122.0/23
Signature Algorithm: sha256WithRSAEncryption
b3:fa:ba:d9:ea:4b:67:b8:9a:f2:8e:db:5b:ca:78:55:bd:60:
2b:9e:53:df:02:12:8b:b9:53:3c:bd:61:5c:a6:e6:7d:6c:2a:
19:1d:cf:58:03:3f:de:31:19:8f:3e:7e:1d:3f:3d:9a:25:77:
7d:16:24:d0:35:b7:90:69:0d:1c:61:da:f4:ac:47:3d:cd:f0:
a2:a9:dd:7d:61:12:9b:55:70:ab:c9:ab:bf:81:4a:40:e4:b9:
44:ae:4c:97:df:43:88:40:51:7c:e8:54:5b:75:ba:df:13:0d:
aa:05:5f:74:ed:6b:ef:fe:78:49:c2:9b:e5:24:c2:9a:c4:c2:
4b:0d:1b:9d:3f:00:54:28:7b:d0:7d:dc:5c:15:02:21:12:aa:
aa:7a:1a:db:fd:6b:a9:9e:10:ca:56:c4:5b:91:25:78:a0:b4:
7d:d4:6a:96:08:a4:8d:a4:f7:0d:37:a2:b1:af:64:cb:9c:32:
12:e7:84:40:e5:7c:96:92:df:f5:4a:bc:f0:a6:4c:7c:12:b0:
9e:1c:31:04:b2:2b:f5:c8:e9:5c:74:27:76:0e:8d:fc:c7:1a:
ee:f3:7b:cb:4b:64:d2:5b:17:ed:e4:1e:0e:86:a3:6d:16:8a:
75:40:a1:2c:10:73:02:fb:f9:5a:4d:aa:b0:14:ae:1b:71:9d:
75:a3:53:27
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQntpEkzVxcdhlB0dEddnaJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5OGI4MjVmMzZlOWNjMzMwMzE1Yzk0MGRlODAwY2JhYmNl
MzM5N2IwHhcNMjUwMTAyMTU1MTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYmMzNjlhNjk2YmZiMTY5MDc2YzNjZDU5ZDhmODQ3OTBiNzkzMGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAorifmrAMpiE07X7ogrBdxV6wDsV5
AGawEugqo9EQ/vBA9mGrJVfHLZatH5sU+GwfafDZl7DY449Z2rtJUbnbwp0Q8RwR
sFcD/lwNtgf1MLFgyZoxqMZrZXaZtV0UvOw4jL7nP1w8OW9WqrkpcV/atQwJ7o9o
ob00jtg//5NoSV9LwZwBdxwtKC7p2cEBZkXXEt6MLFwN3AQ8dOe5i/+RquLn2gAf
Eg0If+qGvilKZctSP4Uu0bgz0E3hWDMwXnz/nwTZBKgxV35zJufcn8D/6xS3ItcD
TLazEVNcOfSoxkKwnQ6H5nn8GbL3OXzbgFb6nvPHjMESa9JJw70t4ZTEQQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAvDaaaWv7FpB2w81Z2PhHkLeTDxMB8GA1UdIwQY
MBaAFMmLgl826cwzAxXJQN6ADLq84zl7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVl1Q1h6YnB6RE1ERmNsQTNvQU11cnpqT1hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy9lYTM2MTQtZjA5MC00YTJiLTkzNTUt
Yjg5YTUxMWMzYmJkLzEvQzhOcHBwYV9zV2tIYkR6Vm5ZLUVlUXQ1TVBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy9lYTM2MTQtZjA5MC00YTJiLTkzNTUtYjg5YTUxMWMzYmJk
LzEveVl1Q1h6YnB6RE1ERmNsQTNvQU11cnpqT1hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCHwOQAwQA
JeR4AwQBJeR6MA0GCSqGSIb3DQEBCwUAA4IBAQCz+rrZ6ktnuJryjttbynhVvWAr
nlPfAhKLuVM8vWFcpuZ9bCoZHc9YAz/eMRmPPn4dPz2aJXd9FiTQNbeQaQ0cYdr0
rEc9zfCiqd19YRKbVXCryau/gUpA5LlErkyX30OIQFF86FRbdbrfEw2qBV907Wvv
/nhJwpvlJMKaxMJLDRudPwBUKHvQfdxcFQIhEqqqehrb/WupnhDKVsRbkSV4oLR9
1GqWCKSNpPcNN6Kxr2TLnDIS54RA5XyWkt/1Srzwpkx8ErCeHDEEsiv1yOlcdCd2
Do38xxru83vLS2TSWxft5B4OhqNtFop1QKEsEHMC+/laTaqwFK4bcZ11o1Mn
-----END CERTIFICATE-----
Generated at Sat Apr 19 14:32:19 2025 by rpki-client