Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/46e223-6d23-4795-9525-bc877ce9061a/1/4QnI0zs9WkrvwQ2W10yryAxGIS8.roa
File: 4QnI0zs9WkrvwQ2W10yryAxGIS8.roa (raw, json)
Hash identifier: PRq9Y+cnrAUwcL1I6Td12kDmwWb/jiU0+ZyiNJuupD4=
Subject key identifier: E1:09:C8:D3:3B:3D:5A:4A:EF:C1:0D:96:D7:4C:AB:C8:0C:46:21:2F
Certificate issuer: /CN=9218cd25ebf74cb1b004b01ee505503fff246d61
Certificate serial: 019754BFAF0A08F0757252568C7B4B9B8E7C
Authority key identifier: 92:18:CD:25:EB:F7:4C:B1:B0:04:B0:1E:E5:05:50:3F:FF:24:6D:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/khjNJev3TLGwBLAe5QVQP_8kbWE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/46e223-6d23-4795-9525-bc877ce9061a/1/4QnI0zs9WkrvwQ2W10yryAxGIS8.roa
Signing time: Mon 09 Jun 2025 12:52:17 +0000
ROA not before: Mon 09 Jun 2025 12:52:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48327
IP address blocks: 31.135.32.0/23 maxlen: 23
31.135.34.0/23 maxlen: 23
31.135.36.0/22 maxlen: 22
31.135.40.0/21 maxlen: 21
31.135.48.0/21 maxlen: 21
31.135.56.0/21 maxlen: 21
91.219.88.0/24 maxlen: 24
94.232.104.0/21 maxlen: 21
94.232.104.0/22 maxlen: 22
94.232.108.0/23 maxlen: 23
94.232.110.0/24 maxlen: 24
94.232.111.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 10 Jun 2025 12:04:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:54:bf:af:0a:08:f0:75:72:52:56:8c:7b:4b:9b:8e:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9218cd25ebf74cb1b004b01ee505503fff246d61
Validity
Not Before: Jun 9 12:52:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e109c8d33b3d5a4aefc10d96d74cabc80c46212f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:dc:d9:b8:5a:38:aa:1c:72:46:06:c1:96:41:
99:4e:63:a3:6a:be:f5:f7:3a:5e:3a:29:09:eb:2d:
64:81:a0:b2:54:b4:40:2c:62:0b:1e:ee:44:8e:3b:
85:d1:1d:47:1d:48:1a:70:7e:88:d8:cb:35:70:97:
cc:cf:61:51:7b:13:6f:32:41:36:6a:b5:f7:80:08:
5e:65:a3:c4:62:41:d1:89:5c:bd:22:e4:ef:0c:35:
90:f6:55:ad:36:52:b4:b9:55:79:a2:1e:56:24:9f:
15:d3:7f:22:41:e8:72:0d:1a:ce:43:ae:a3:65:b7:
b2:99:d1:28:3a:fd:54:ad:93:21:84:64:8b:73:77:
c7:ae:3f:b2:86:7a:07:72:94:fd:1b:2d:aa:73:2b:
ac:84:bf:f1:a0:83:54:f2:39:f4:24:0f:d4:f4:27:
71:f6:92:af:4e:b2:e0:8e:bc:e3:00:6c:ca:c4:e8:
a3:6d:a1:90:65:4c:1a:0c:fb:4e:c8:fd:72:83:bf:
a8:50:e1:e6:d8:a9:a9:ee:f7:83:0e:3d:98:3d:1d:
89:d1:f9:fc:47:a0:0c:81:45:0c:e1:24:71:f5:8c:
9c:9c:23:f2:29:32:66:d9:40:37:a1:73:bb:f8:9a:
a9:2c:7c:f4:7a:f5:ae:2f:30:bd:88:d0:cd:76:38:
af:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:09:C8:D3:3B:3D:5A:4A:EF:C1:0D:96:D7:4C:AB:C8:0C:46:21:2F
X509v3 Authority Key Identifier:
keyid:92:18:CD:25:EB:F7:4C:B1:B0:04:B0:1E:E5:05:50:3F:FF:24:6D:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/khjNJev3TLGwBLAe5QVQP_8kbWE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/46e223-6d23-4795-9525-bc877ce9061a/1/4QnI0zs9WkrvwQ2W10yryAxGIS8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/46e223-6d23-4795-9525-bc877ce9061a/1/khjNJev3TLGwBLAe5QVQP_8kbWE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.135.32.0/19
91.219.88.0/24
94.232.104.0/21
Signature Algorithm: sha256WithRSAEncryption
90:df:55:e8:62:aa:4e:4d:33:94:83:e8:bb:b1:96:8d:c3:1f:
f1:ea:c8:36:19:f4:40:ce:19:12:a6:fb:ab:c5:5e:48:c0:5b:
cd:a9:52:3e:fa:59:b9:a6:97:cf:08:10:a9:61:6a:4e:4f:b3:
f8:b0:a9:be:5f:2c:ca:7b:fe:3b:9b:35:eb:c6:78:2c:2b:31:
d8:eb:f3:4e:51:10:61:98:f1:69:b3:40:12:61:ed:71:d4:01:
2b:12:46:bb:2d:fd:14:d5:e1:c5:8c:02:fe:4a:88:0c:47:7f:
81:40:65:f7:46:79:9f:cd:d5:14:de:92:d7:68:fb:8c:e5:c7:
02:84:52:7b:5b:67:f6:7b:9f:22:64:fc:50:d2:b2:ca:fe:46:
ec:37:98:30:29:6e:af:fc:21:04:32:98:42:48:11:6d:c0:01:
8a:f2:22:c6:38:bd:b5:30:8b:ab:bb:4c:86:2a:31:32:0b:bc:
eb:c5:bb:d5:63:db:f1:8c:2d:dc:05:1d:b1:64:0a:89:5c:15:
ed:56:ce:7e:ec:9f:35:2f:34:69:11:68:d6:c2:cc:ca:e4:53:
09:f5:62:1e:64:2a:fc:ac:68:04:91:cb:52:0c:0f:3c:99:95:
0b:65:22:72:15:a7:46:d1:dc:17:16:36:ef:2a:2a:4b:8c:85:
86:86:82:57
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZdUv68KCPB1clJWjHtLm458MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMThjZDI1ZWJmNzRjYjFiMDA0YjAxZWU1MDU1MDNmZmYy
NDZkNjEwHhcNMjUwNjA5MTI1MjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTA5YzhkMzNiM2Q1YTRhZWZjMTBkOTZkNzRjYWJjODBjNDYyMTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArNzZuFo4qhxyRgbBlkGZTmOjar71
9zpeOikJ6y1kgaCyVLRALGILHu5EjjuF0R1HHUgacH6I2Ms1cJfMz2FRexNvMkE2
arX3gAheZaPEYkHRiVy9IuTvDDWQ9lWtNlK0uVV5oh5WJJ8V038iQehyDRrOQ66j
ZbeymdEoOv1UrZMhhGSLc3fHrj+yhnoHcpT9Gy2qcyushL/xoINU8jn0JA/U9Cdx
9pKvTrLgjrzjAGzKxOijbaGQZUwaDPtOyP1yg7+oUOHm2Kmp7veDDj2YPR2J0fn8
R6AMgUUM4SRx9YycnCPyKTJm2UA3oXO7+JqpLHz0evWuLzC9iNDNdjivEQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOEJyNM7PVpK78ENltdMq8gMRiEvMB8GA1UdIwQY
MBaAFJIYzSXr90yxsASwHuUFUD//JG1hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2hqTkpldjNUTEd3QkxBZTVRVlFQXzhrYldFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni80NmUyMjMtNmQyMy00Nzk1LTk1MjUt
YmM4NzdjZTkwNjFhLzEvNFFuSTB6czlXa3J2d1EyVzEweXJ5QXhHSVM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni80NmUyMjMtNmQyMy00Nzk1LTk1MjUtYmM4NzdjZTkwNjFh
LzEva2hqTkpldjNUTEd3QkxBZTVRVlFQXzhrYldFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQFH4cgAwQA
W9tYAwQDXuhoMA0GCSqGSIb3DQEBCwUAA4IBAQCQ31XoYqpOTTOUg+i7sZaNwx/x
6sg2GfRAzhkSpvurxV5IwFvNqVI++lm5ppfPCBCpYWpOT7P4sKm+XyzKe/47mzXr
xngsKzHY6/NOURBhmPFps0ASYe1x1AErEka7Lf0U1eHFjAL+SogMR3+BQGX3Rnmf
zdUU3pLXaPuM5ccChFJ7W2f2e58iZPxQ0rLK/kbsN5gwKW6v/CEEMphCSBFtwAGK
8iLGOL21MIuru0yGKjEyC7zrxbvVY9vxjC3cBR2xZAqJXBXtVs5+7J81LzRpEWjW
wszK5FMJ9WIeZCr8rGgEkctSDA88mZULZSJyFadG0dwXFjbvKipLjIWGhoJX
-----END CERTIFICATE-----
Generated at Sun Jul 27 10:20:48 2025 by rpki-client