Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/Cxl9dS4gspz4JchFT-vKuN8cNB4.roa
File: Cxl9dS4gspz4JchFT-vKuN8cNB4.roa (raw, json)
Hash identifier: DV+QonbQft80+xQr431m8uVTrDvT7bayMsLFNe5/5iE=
Subject key identifier: 0B:19:7D:75:2E:20:B2:9C:F8:25:C8:45:4F:EB:CA:B8:DF:1C:34:1E
Certificate issuer: /CN=aedaeea9117a1d5ccc320222955a09faa0798fd9
Certificate serial: 0195DF4E0F58708BB46EA33FF8EAE49E45A5
Authority key identifier: AE:DA:EE:A9:11:7A:1D:5C:CC:32:02:22:95:5A:09:FA:A0:79:8F:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rtruqRF6HVzMMgIilVoJ-qB5j9k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/Cxl9dS4gspz4JchFT-vKuN8cNB4.roa
Signing time: Sat 29 Mar 2025 00:29:49 +0000
ROA not before: Sat 29 Mar 2025 00:29:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48910
IP address blocks: 31.186.250.0/23 maxlen: 24
2a02:b50:8000::/34 maxlen: 48
Validation: Failed, certificate revoked on Mon 31 Mar 2025 15:02:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:df:4e:0f:58:70:8b:b4:6e:a3:3f:f8:ea:e4:9e:45:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aedaeea9117a1d5ccc320222955a09faa0798fd9
Validity
Not Before: Mar 29 00:29:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0b197d752e20b29cf825c8454febcab8df1c341e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:49:07:9b:55:4e:2a:15:50:65:ed:3b:5f:ab:
ab:f1:8e:78:20:bc:43:94:b2:69:de:cd:de:f7:6c:
b1:07:e8:16:59:ec:06:6e:c3:0c:a8:c1:44:93:cf:
70:c7:3f:01:49:77:a9:7f:b5:aa:06:28:72:41:ef:
ac:99:6b:da:25:d2:c6:96:a3:df:60:3a:be:7f:f9:
8a:44:7a:fc:fb:77:10:12:a4:8f:72:ac:cc:11:b4:
09:2b:24:64:97:a2:a8:bb:38:1a:78:87:6a:c4:b7:
c3:5e:c3:c3:2f:19:6f:05:82:a4:d1:4b:75:8d:f3:
18:c2:a2:d5:ff:7c:c1:53:f8:e6:49:59:fa:25:72:
12:13:02:2c:0c:a0:91:c1:30:19:1a:b0:35:52:86:
18:71:6e:1d:3b:7e:f7:2a:f6:fd:38:e7:d3:65:6c:
7e:07:a8:c9:34:f2:fc:d8:d7:2a:b1:d5:9b:bc:56:
68:b9:91:8b:48:e0:d8:e7:b4:31:74:19:8c:34:12:
c9:f1:6f:c1:9e:df:c7:50:cc:b9:bd:10:db:f0:70:
96:88:33:b8:74:f6:5b:0d:2b:60:54:49:86:70:23:
0a:f6:19:27:4c:79:d0:87:b2:12:f8:c9:7a:d1:12:
58:5c:c9:8a:a3:4f:fe:84:c4:8d:5c:0b:7f:a3:41:
e9:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:19:7D:75:2E:20:B2:9C:F8:25:C8:45:4F:EB:CA:B8:DF:1C:34:1E
X509v3 Authority Key Identifier:
keyid:AE:DA:EE:A9:11:7A:1D:5C:CC:32:02:22:95:5A:09:FA:A0:79:8F:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rtruqRF6HVzMMgIilVoJ-qB5j9k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/Cxl9dS4gspz4JchFT-vKuN8cNB4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/rtruqRF6HVzMMgIilVoJ-qB5j9k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.186.250.0/23
IPv6:
2a02:b50:8000::/34
Signature Algorithm: sha256WithRSAEncryption
b5:8a:da:4b:c8:09:76:8d:f3:b2:b1:51:a1:2a:25:64:ff:b3:
dc:4d:d5:bf:49:51:6b:66:4a:4b:04:ec:cc:1c:72:89:d4:e9:
2c:05:db:00:4d:46:32:c7:b1:ca:f9:02:69:48:b4:8c:c1:ef:
24:24:f6:cb:9a:b2:5b:91:ce:92:01:0a:5e:38:6f:75:66:7b:
54:d4:9b:67:58:90:a3:41:2b:1f:7a:47:57:d3:d5:1a:45:cd:
f6:a5:61:67:9f:62:24:a7:c5:89:02:18:39:26:e6:fd:f2:3c:
35:0e:ba:d8:0f:6b:d8:bb:b8:ba:e6:92:7c:c7:9e:e0:d4:ba:
4d:33:89:5f:93:90:87:61:e2:ae:52:a6:ec:76:66:fd:80:57:
6f:77:e4:66:74:df:d3:3c:e3:e8:9e:87:3f:3b:6f:46:98:10:
16:80:1d:b7:0b:e7:7f:ea:37:9b:6f:94:04:4f:04:b8:7d:b2:
b0:e3:dd:54:59:55:be:22:75:97:9f:d4:df:93:4b:fb:7b:3f:
e1:33:2c:39:79:a6:29:2b:ad:22:04:a3:fe:29:f9:95:50:eb:
ad:f1:eb:83:47:11:16:38:79:15:ba:87:d0:25:d7:db:a0:0a:
2e:87:7f:f3:e5:dd:e2:d3:38:d1:a0:81:8a:f5:01:8e:b3:9e:
bf:63:1c:79
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZXfTg9YcIu0bqM/+OrknkWlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZGFlZWE5MTE3YTFkNWNjYzMyMDIyMjk1NWEwOWZhYTA3
OThmZDkwHhcNMjUwMzI5MDAyOTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjE5N2Q3NTJlMjBiMjljZjgyNWM4NDU0ZmViY2FiOGRmMWMzNDFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv0kHm1VOKhVQZe07X6ur8Y54ILxD
lLJp3s3e92yxB+gWWewGbsMMqMFEk89wxz8BSXepf7WqBihyQe+smWvaJdLGlqPf
YDq+f/mKRHr8+3cQEqSPcqzMEbQJKyRkl6KouzgaeIdqxLfDXsPDLxlvBYKk0Ut1
jfMYwqLV/3zBU/jmSVn6JXISEwIsDKCRwTAZGrA1UoYYcW4dO373Kvb9OOfTZWx+
B6jJNPL82NcqsdWbvFZouZGLSODY57QxdBmMNBLJ8W/Bnt/HUMy5vRDb8HCWiDO4
dPZbDStgVEmGcCMK9hknTHnQh7IS+Ml60RJYXMmKo0/+hMSNXAt/o0HpLQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFAsZfXUuILKc+CXIRU/ryrjfHDQeMB8GA1UdIwQY
MBaAFK7a7qkReh1czDICIpVaCfqgeY/ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnRydXFSRjZIVnpNTWdJaWxWb0otcUI1ajlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9hMTNiMDEtNDE1My00ZWE1LWJmMjEt
OTk4NjhjNTEzMjlhLzEvQ3hsOWRTNGdzcHo0SmNoRlQtdkt1TjhjTkI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi9hMTNiMDEtNDE1My00ZWE1LWJmMjEtOTk4NjhjNTEzMjlh
LzEvcnRydXFSRjZIVnpNTWdJaWxWb0otcUI1ajlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQBH7r6MA4E
AgACMAgDBgYqAgtQgDANBgkqhkiG9w0BAQsFAAOCAQEAtYraS8gJdo3zsrFRoSol
ZP+z3E3Vv0lRa2ZKSwTszBxyidTpLAXbAE1GMsexyvkCaUi0jMHvJCT2y5qyW5HO
kgEKXjhvdWZ7VNSbZ1iQo0ErH3pHV9PVGkXN9qVhZ59iJKfFiQIYOSbm/fI8NQ66
2A9r2Lu4uuaSfMee4NS6TTOJX5OQh2HirlKm7HZm/YBXb3fkZnTf0zzj6J6HPztv
RpgQFoAdtwvnf+o3m2+UBE8EuH2ysOPdVFlVviJ1l5/U35NL+3s/4TMsOXmmKSut
IgSj/in5lVDrrfHrg0cRFjh5FbqH0CXX26AKLod/8+Xd4tM40aCBivUBjrOev2Mc
eQ==
-----END CERTIFICATE-----
Generated at Mon Apr 7 10:53:15 2025 by rpki-client