Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/767ae5-b9a2-4993-81a8-05f18fc212a7/1/g3KbiBkA0MjrWfVQyGjXavSU6yw.roa
File: g3KbiBkA0MjrWfVQyGjXavSU6yw.roa (raw, json)
Hash identifier: ftvDv2tiS3n3ut8PewpowVy4cKs5T8lWdVKfxyQUdxk=
Subject key identifier: 83:72:9B:88:19:00:D0:C8:EB:59:F5:50:C8:68:D7:6A:F4:94:EB:2C
Certificate issuer: /CN=86cb742a03bc9c85507217a25204dfff82fccdf9
Certificate serial: 0194FACCA3075C1E945C208147116E33D92E
Authority key identifier: 86:CB:74:2A:03:BC:9C:85:50:72:17:A2:52:04:DF:FF:82:FC:CD:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hst0KgO8nIVQcheiUgTf_4L8zfk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/767ae5-b9a2-4993-81a8-05f18fc212a7/1/g3KbiBkA0MjrWfVQyGjXavSU6yw.roa
Signing time: Wed 12 Feb 2025 15:35:02 +0000
ROA not before: Wed 12 Feb 2025 15:35:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44493
IP address blocks: 31.192.232.0/24 maxlen: 24
31.192.234.0/24 maxlen: 24
31.192.235.0/24 maxlen: 24
31.192.236.0/24 maxlen: 24
31.192.237.0/24 maxlen: 24
31.192.238.0/24 maxlen: 24
31.192.239.0/24 maxlen: 24
80.85.152.0/23 maxlen: 23
80.85.154.0/24 maxlen: 24
80.85.156.0/22 maxlen: 22
185.118.164.0/22 maxlen: 22
185.144.28.0/24 maxlen: 24
185.144.30.0/23 maxlen: 23
2a03:a0e0::/32 maxlen: 32
2a0a:eec0::/48 maxlen: 48
2a0a:eec0:2::/48 maxlen: 48
2a0a:eec0:3::/48 maxlen: 48
2a0a:eec0:4::/48 maxlen: 48
2a0a:eec0:5::/48 maxlen: 48
2a0a:eec0:7::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 13 Feb 2025 04:18:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:fa:cc:a3:07:5c:1e:94:5c:20:81:47:11:6e:33:d9:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cb742a03bc9c85507217a25204dfff82fccdf9
Validity
Not Before: Feb 12 15:35:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=83729b881900d0c8eb59f550c868d76af494eb2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:7e:a3:cb:96:f2:95:52:0b:ce:ed:56:26:5b:
a3:31:85:2c:7e:de:ce:6b:5b:85:3b:bd:bb:5d:a2:
bc:01:60:d4:29:cc:21:2d:5f:29:a3:d7:72:1f:19:
43:ff:e6:0c:46:1c:f4:43:d5:60:66:ae:2c:3a:b0:
e3:98:f7:f4:b0:5d:30:fc:e7:54:08:2a:3e:74:6c:
90:5e:02:8f:bd:9d:c3:b7:d9:88:60:be:83:6e:67:
cb:f8:ed:cb:76:1c:e7:ea:20:57:a8:a9:f5:81:c2:
b3:6a:fa:5e:11:09:b8:0f:43:38:56:51:df:01:a2:
c0:6f:4e:3c:36:2a:14:01:f9:a1:8f:67:3e:9c:18:
c0:9a:02:e0:e0:eb:7a:a7:70:05:94:f8:c0:93:05:
6e:b0:ee:3d:be:50:34:16:61:34:eb:21:3b:75:84:
d3:24:26:aa:78:24:57:29:f8:d5:37:d6:9d:fe:bc:
dd:d1:80:ae:f6:47:7f:98:d2:a3:ac:9f:18:bb:84:
d5:65:67:24:44:d7:cf:f6:43:4f:43:35:e2:64:be:
54:99:4d:a8:c3:2c:29:ba:09:45:19:07:3a:49:e5:
65:33:dc:cc:37:9e:9d:7f:8a:5f:dd:8c:71:41:13:
d6:b5:6d:d5:7c:9b:d5:0f:46:e4:a2:7c:13:d5:47:
ba:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:72:9B:88:19:00:D0:C8:EB:59:F5:50:C8:68:D7:6A:F4:94:EB:2C
X509v3 Authority Key Identifier:
keyid:86:CB:74:2A:03:BC:9C:85:50:72:17:A2:52:04:DF:FF:82:FC:CD:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hst0KgO8nIVQcheiUgTf_4L8zfk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/767ae5-b9a2-4993-81a8-05f18fc212a7/1/g3KbiBkA0MjrWfVQyGjXavSU6yw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/767ae5-b9a2-4993-81a8-05f18fc212a7/1/hst0KgO8nIVQcheiUgTf_4L8zfk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.192.232.0/24
31.192.234.0-31.192.239.255
80.85.152.0-80.85.154.255
80.85.156.0/22
185.118.164.0/22
185.144.28.0/24
185.144.30.0/23
IPv6:
2a03:a0e0::/32
2a0a:eec0::/48
2a0a:eec0:2::-2a0a:eec0:5:ffff:ffff:ffff:ffff:ffff
2a0a:eec0:7::/48
Signature Algorithm: sha256WithRSAEncryption
18:e1:77:b8:af:59:73:fd:95:12:bc:fa:74:58:00:96:df:12:
b8:e0:09:fb:4b:c9:7f:16:b9:ce:52:ef:04:17:84:71:36:fc:
ee:c0:47:d4:3b:d4:95:76:c4:18:e9:de:f3:6a:02:e8:4c:ad:
a1:36:df:03:c3:7d:39:b0:a8:80:78:d0:9b:36:b4:be:7f:f6:
32:b5:48:9d:4f:8c:2d:f7:44:c2:aa:2a:34:87:8d:ff:f3:5c:
59:88:66:57:e0:39:e0:22:53:e4:ea:34:ea:a5:48:49:ab:e6:
14:2d:b1:e7:34:06:cb:af:bd:b2:07:45:1f:65:d4:38:70:fe:
d3:ec:d3:61:1c:ab:ad:fe:98:e5:2f:90:2d:74:03:c7:d8:8f:
02:ef:a4:b9:6f:94:63:19:2f:0c:40:a7:01:5a:2c:17:88:71:
9c:7d:24:e4:6d:54:0e:80:8e:bf:f6:0c:da:e8:63:29:d6:a4:
f8:f6:56:ab:d8:47:82:92:70:45:b3:13:ba:c5:a2:81:a0:5f:
3e:15:fa:59:95:3f:fa:1e:ea:1e:8b:37:5c:6a:74:44:ce:6d:
64:2d:88:b8:2e:58:3a:69:c7:3a:e6:6c:1c:04:7d:16:ac:fd:
41:49:34:ff:79:9d:c9:2b:05:31:d5:9d:99:e4:d1:4a:19:7c:
55:16:ef:44
-----BEGIN CERTIFICATE-----
MIIFZzCCBE+gAwIBAgISAZT6zKMHXB6UXCCBRxFuM9kuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2I3NDJhMDNiYzljODU1MDcyMTdhMjUyMDRkZmZmODJm
Y2NkZjkwHhcNMjUwMjEyMTUzNTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzcyOWI4ODE5MDBkMGM4ZWI1OWY1NTBjODY4ZDc2YWY0OTRlYjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt36jy5bylVILzu1WJlujMYUsft7O
a1uFO727XaK8AWDUKcwhLV8po9dyHxlD/+YMRhz0Q9VgZq4sOrDjmPf0sF0w/OdU
CCo+dGyQXgKPvZ3Dt9mIYL6DbmfL+O3Ldhzn6iBXqKn1gcKzavpeEQm4D0M4VlHf
AaLAb048NioUAfmhj2c+nBjAmgLg4Ot6p3AFlPjAkwVusO49vlA0FmE06yE7dYTT
JCaqeCRXKfjVN9ad/rzd0YCu9kd/mNKjrJ8Yu4TVZWckRNfP9kNPQzXiZL5UmU2o
wywpuglFGQc6SeVlM9zMN56df4pf3YxxQRPWtW3VfJvVD0bkonwT1Ue6pwIDAQAB
o4ICczCCAm8wHQYDVR0OBBYEFINym4gZANDI61n1UMho12r0lOssMB8GA1UdIwQY
MBaAFIbLdCoDvJyFUHIXolIE3/+C/M35MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN0MEtnTzhuSVZRY2hlaVVnVGZfNEw4emZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS83NjdhZTUtYjlhMi00OTkzLTgxYTgt
MDVmMThmYzIxMmE3LzEvZzNLYmlCa0EwTWpyV2ZWUXlHalhhdlNVNnl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS83NjdhZTUtYjlhMi00OTkzLTgxYTgtMDVmMThmYzIxMmE3
LzEvaHN0MEtnTzhuSVZRY2hlaVVnVGZfNEw4emZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGIBggrBgEFBQcBBwEB/wR5MHcwQAQCAAEwOgMEAB/A6DAM
AwQBH8DqAwQEH8DgMAwDBANQVZgDBABQVZoDBAJQVZwDBAK5dqQDBAC5kBwDBAG5
kB4wMwQCAAIwLQMFACoDoOADBwAqCu7AAAAwEgMHASoK7sAAAgMHASoK7sAABAMH
ACoK7sAABzANBgkqhkiG9w0BAQsFAAOCAQEAGOF3uK9Zc/2VErz6dFgAlt8SuOAJ
+0vJfxa5zlLvBBeEcTb87sBH1DvUlXbEGOne82oC6EytoTbfA8N9ObCogHjQmza0
vn/2MrVInU+MLfdEwqoqNIeN//NcWYhmV+A54CJT5Oo06qVISavmFC2x5zQGy6+9
sgdFH2XUOHD+0+zTYRyrrf6Y5S+QLXQDx9iPAu+kuW+UYxkvDECnAVosF4hxnH0k
5G1UDoCOv/YM2uhjKdak+PZWq9hHgpJwRbMTusWigaBfPhX6WZU/+h7qHos3XGp0
RM5tZC2IuC5YOmnHOuZsHAR9Fqz9QUk0/3mdySsFMdWdmeTRShl8VRbvRA==
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:57:34 2025 by rpki-client