Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/38DKdN5r-jKnh9RSr1OF_9F11UY.roa
File: 38DKdN5r-jKnh9RSr1OF_9F11UY.roa (raw, json)
Hash identifier: mkZI8ETpt9SeV18H7VyaquJE6VCWG4C2KsfHbI9Vvnc=
Subject key identifier: DF:C0:CA:74:DE:6B:FA:32:A7:87:D4:52:AF:53:85:FF:D1:75:D5:46
Certificate issuer: /CN=70e5b30272e43053208978dbe44bfee10a5d007e
Certificate serial: 0197A14A2501C16905DAC704F9F91A1503CF
Authority key identifier: 70:E5:B3:02:72:E4:30:53:20:89:78:DB:E4:4B:FE:E1:0A:5D:00:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/38DKdN5r-jKnh9RSr1OF_9F11UY.roa
Signing time: Tue 24 Jun 2025 09:34:40 +0000
ROA not before: Tue 24 Jun 2025 09:34:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16003
IP address blocks: 31.172.74.0/24 maxlen: 24
31.172.78.0/24 maxlen: 24
79.132.137.0/24 maxlen: 24
79.132.139.0/24 maxlen: 24
103.75.125.0/24 maxlen: 24
103.75.126.0/24 maxlen: 24
162.248.161.0/24 maxlen: 24
185.18.52.0/24 maxlen: 24
217.194.148.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 24 Jun 2025 13:30:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a1:4a:25:01:c1:69:05:da:c7:04:f9:f9:1a:15:03:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70e5b30272e43053208978dbe44bfee10a5d007e
Validity
Not Before: Jun 24 09:34:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dfc0ca74de6bfa32a787d452af5385ffd175d546
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:db:34:42:71:e5:ea:a9:3a:d0:50:40:c8:df:
73:dc:c1:7d:84:ff:48:23:db:d4:2f:4a:ee:ac:1f:
c4:4b:57:0c:f8:55:b9:0d:f0:43:42:10:73:10:6f:
30:78:43:d9:60:f9:e5:c5:79:3c:57:09:e8:44:37:
3c:c5:da:70:45:b7:a9:67:61:49:8d:be:96:28:8c:
47:07:73:67:e5:8d:db:14:bb:e1:1e:fc:0b:df:3a:
ef:59:e5:83:c3:d2:37:03:35:e3:de:82:c5:59:79:
ad:a0:1e:ee:e4:05:30:77:05:ee:27:75:d8:3e:96:
c3:f3:ba:1c:15:17:23:35:d4:03:81:9e:47:6c:63:
26:1f:16:48:10:fa:d3:dc:94:0a:70:db:9a:66:11:
10:ec:31:f7:0c:78:81:02:e4:11:17:7a:47:26:3c:
96:5f:7d:53:2b:e7:9d:07:60:df:d7:3c:da:43:50:
b1:1f:85:82:64:ab:8e:74:cf:78:1a:42:02:21:48:
85:b2:64:75:f3:af:4e:6c:2b:68:e3:a4:51:35:f5:
05:7c:eb:4c:d0:71:49:dd:46:86:aa:95:88:e0:27:
ea:7f:d5:e8:02:5c:b7:b5:94:6e:2d:fc:76:da:5f:
62:ed:77:9b:14:09:a5:19:1d:39:a2:ed:28:7f:ab:
90:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:C0:CA:74:DE:6B:FA:32:A7:87:D4:52:AF:53:85:FF:D1:75:D5:46
X509v3 Authority Key Identifier:
keyid:70:E5:B3:02:72:E4:30:53:20:89:78:DB:E4:4B:FE:E1:0A:5D:00:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/38DKdN5r-jKnh9RSr1OF_9F11UY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.172.74.0/24
31.172.78.0/24
79.132.137.0/24
79.132.139.0/24
103.75.125.0-103.75.126.255
162.248.161.0/24
185.18.52.0/24
217.194.148.0/24
Signature Algorithm: sha256WithRSAEncryption
79:52:b1:e0:66:47:c1:e0:78:60:15:53:7a:5f:4a:b6:4e:1f:
af:aa:ac:33:b5:20:d0:ff:54:58:f9:ba:cc:18:4c:17:ba:e3:
d4:19:00:8d:be:16:63:ab:dc:4d:74:04:22:a6:4d:cb:6f:54:
31:98:84:ed:3d:3a:ba:18:aa:a7:7a:45:2a:22:6c:b0:92:1d:
09:da:ac:9b:ef:a7:35:56:c3:37:47:a4:e2:85:5e:a4:eb:e4:
94:45:5d:87:78:25:ab:24:b3:f6:e0:e1:89:78:87:01:c5:ad:
1a:28:c3:90:63:30:3c:fd:c7:91:e8:1b:87:59:de:03:87:84:
7b:c3:b0:8e:2c:db:3f:0a:c1:a0:bf:f0:ba:0b:b1:fd:66:65:
83:4e:de:e7:2c:17:07:4d:40:d0:47:d7:f9:06:4c:e7:d8:08:
50:1c:ac:c9:aa:9b:78:2b:38:42:43:12:97:13:0b:42:9e:05:
18:9d:aa:e3:1b:69:b4:e3:95:64:19:96:83:e8:e1:af:9f:c4:
92:07:7f:fd:88:c5:45:f1:21:f4:63:09:0a:3e:81:ba:29:58:
40:df:4a:b2:94:c6:f1:65:e1:eb:8e:88:ec:25:5e:65:24:0e:
f4:d3:2d:cd:23:0c:22:28:5a:37:4a:70:82:4f:1f:b8:aa:de:
56:c3:90:08
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZehSiUBwWkF2scE+fkaFQPPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwZTViMzAyNzJlNDMwNTMyMDg5NzhkYmU0NGJmZWUxMGE1
ZDAwN2UwHhcNMjUwNjI0MDkzNDQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmMwY2E3NGRlNmJmYTMyYTc4N2Q0NTJhZjUzODVmZmQxNzVkNTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxNs0QnHl6qk60FBAyN9z3MF9hP9I
I9vUL0rurB/ES1cM+FW5DfBDQhBzEG8weEPZYPnlxXk8VwnoRDc8xdpwRbepZ2FJ
jb6WKIxHB3Nn5Y3bFLvhHvwL3zrvWeWDw9I3AzXj3oLFWXmtoB7u5AUwdwXuJ3XY
PpbD87ocFRcjNdQDgZ5HbGMmHxZIEPrT3JQKcNuaZhEQ7DH3DHiBAuQRF3pHJjyW
X31TK+edB2Df1zzaQ1CxH4WCZKuOdM94GkICIUiFsmR1869ObCto46RRNfUFfOtM
0HFJ3UaGqpWI4Cfqf9XoAly3tZRuLfx22l9i7XebFAmlGR05ou0of6uQqQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFN/AynTea/oyp4fUUq9Thf/RddVGMB8GA1UdIwQY
MBaAFHDlswJy5DBTIIl42+RL/uEKXQB+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY09XekFuTGtNRk1naVhqYjVFdi00UXBkQUg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS8yMmYxZDUtZjI2OS00ZjRmLWJmOGEt
MWZiYzY0MWI1MGIxLzEvMzhES2RONXItaktuaDlSU3IxT0ZfOUYxMVVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS8yMmYxZDUtZjI2OS00ZjRmLWJmOGEtMWZiYzY0MWI1MGIx
LzEvY09XekFuTGtNRk1naVhqYjVFdi00UXBkQUg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQAH6xKAwQA
H6xOAwQAT4SJAwQAT4SLMAwDBABnS30DBABnS34DBACi+KEDBAC5EjQDBADZwpQw
DQYJKoZIhvcNAQELBQADggEBAHlSseBmR8HgeGAVU3pfSrZOH6+qrDO1IND/VFj5
uswYTBe649QZAI2+FmOr3E10BCKmTctvVDGYhO09OroYqqd6RSoibLCSHQnarJvv
pzVWwzdHpOKFXqTr5JRFXYd4Jasks/bg4Yl4hwHFrRoow5BjMDz9x5HoG4dZ3gOH
hHvDsI4s2z8KwaC/8LoLsf1mZYNO3ucsFwdNQNBH1/kGTOfYCFAcrMmqm3grOEJD
EpcTC0KeBRidquMbabTjlWQZloPo4a+fxJIHf/2IxUXxIfRjCQo+gbopWEDfSrKU
xvFl4euOiOwlXmUkDvTTLc0jDCIoWjdKcIJPH7iq3lbDkAg=
-----END CERTIFICATE-----
Generated at Sat Jul 26 01:05:53 2025 by rpki-client