Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/767ae5-b9a2-4993-81a8-05f18fc212a7/1/v1bRVcHBqMJQ3kvy6jXJEW0l3A4.roa
File: v1bRVcHBqMJQ3kvy6jXJEW0l3A4.roa (raw, json)
Hash identifier: NDZehkTPowApVnjPl9ceDCXx+P6cUU+nvePBim0jyqY=
Subject key identifier: BF:56:D1:55:C1:C1:A8:C2:50:DE:4B:F2:EA:35:C9:11:6D:25:DC:0E
Certificate issuer: /CN=86cb742a03bc9c85507217a25204dfff82fccdf9
Certificate serial: 019421B23A9BECA86049D3A57F2BF0FB2D0A
Authority key identifier: 86:CB:74:2A:03:BC:9C:85:50:72:17:A2:52:04:DF:FF:82:FC:CD:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hst0KgO8nIVQcheiUgTf_4L8zfk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/767ae5-b9a2-4993-81a8-05f18fc212a7/1/v1bRVcHBqMJQ3kvy6jXJEW0l3A4.roa
Signing time: Wed 01 Jan 2025 11:48:36 +0000
ROA not before: Wed 01 Jan 2025 11:48:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44493
IP address blocks: 31.192.232.0/24 maxlen: 24
31.192.234.0/24 maxlen: 24
31.192.235.0/24 maxlen: 24
31.192.236.0/24 maxlen: 24
31.192.237.0/24 maxlen: 24
31.192.238.0/24 maxlen: 24
31.192.239.0/24 maxlen: 24
80.85.152.0/23 maxlen: 23
80.85.154.0/24 maxlen: 24
80.85.156.0/22 maxlen: 22
185.118.164.0/22 maxlen: 22
185.144.28.0/23 maxlen: 23
185.144.30.0/23 maxlen: 23
2a03:a0e0::/32 maxlen: 32
2a0a:eec0::/48 maxlen: 48
2a0a:eec0:2::/48 maxlen: 48
2a0a:eec0:3::/48 maxlen: 48
2a0a:eec0:4::/48 maxlen: 48
2a0a:eec0:5::/48 maxlen: 48
2a0a:eec0:6::/48 maxlen: 48
2a0a:eec0:7::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 10 Jan 2025 05:02:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:3a:9b:ec:a8:60:49:d3:a5:7f:2b:f0:fb:2d:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cb742a03bc9c85507217a25204dfff82fccdf9
Validity
Not Before: Jan 1 11:48:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bf56d155c1c1a8c250de4bf2ea35c9116d25dc0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:dc:32:a5:70:1b:96:f6:d0:db:1e:0b:a8:72:
67:7e:c4:4d:4f:7d:e6:4f:a3:da:3e:9f:dc:a5:d0:
7a:b1:15:2e:2c:8b:d3:01:d4:2f:ec:42:77:27:c8:
22:24:2e:fb:3e:99:e4:ef:e4:b4:e9:36:a8:8d:1c:
8e:aa:42:71:48:ce:7a:93:2a:3c:54:6e:41:c1:81:
70:69:2e:73:df:25:0d:a6:98:69:63:f3:76:87:f9:
67:d0:8f:ef:e4:c4:f5:37:c2:be:c6:c4:c3:a8:6b:
77:fb:e6:f1:41:1d:9a:4d:11:d1:37:12:f9:77:86:
a2:4a:6e:08:b8:dc:ed:35:33:d0:65:79:36:f7:84:
9f:46:2e:db:a1:69:d2:f0:f3:7f:8a:ef:ce:41:12:
ea:e8:61:7a:6b:30:d7:6b:dc:5f:16:11:4b:ed:e1:
98:4e:88:a8:62:02:59:e7:bd:63:ff:df:05:f5:3a:
9a:9a:ce:f3:eb:4e:43:4d:ef:06:d1:e6:53:d0:d9:
13:a5:b3:77:7e:eb:db:e3:a0:ae:11:61:70:64:bd:
65:f3:5c:60:3b:f4:0e:03:a0:e1:e8:a6:ce:31:12:
88:b2:bb:d1:3b:a5:f6:01:ec:76:7a:27:79:9d:e1:
09:3e:f0:51:61:2e:94:21:53:29:42:15:f6:e2:7d:
eb:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:56:D1:55:C1:C1:A8:C2:50:DE:4B:F2:EA:35:C9:11:6D:25:DC:0E
X509v3 Authority Key Identifier:
keyid:86:CB:74:2A:03:BC:9C:85:50:72:17:A2:52:04:DF:FF:82:FC:CD:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hst0KgO8nIVQcheiUgTf_4L8zfk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/767ae5-b9a2-4993-81a8-05f18fc212a7/1/v1bRVcHBqMJQ3kvy6jXJEW0l3A4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/767ae5-b9a2-4993-81a8-05f18fc212a7/1/hst0KgO8nIVQcheiUgTf_4L8zfk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.192.232.0/24
31.192.234.0-31.192.239.255
80.85.152.0-80.85.154.255
80.85.156.0/22
185.118.164.0/22
185.144.28.0/22
IPv6:
2a03:a0e0::/32
2a0a:eec0::/48
2a0a:eec0:2::-2a0a:eec0:7:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
3e:00:aa:6b:05:5b:4c:8f:14:54:bc:9c:08:9e:0b:ce:a5:60:
35:b8:8f:96:11:ab:25:5f:46:3e:8e:3b:7c:1e:e2:31:30:79:
7e:22:1d:01:bf:a3:97:b7:e7:49:37:56:84:2e:8e:24:d8:86:
f2:68:e1:46:98:43:f3:19:6a:9d:0c:b9:4a:c4:f5:57:fa:e5:
0e:56:ee:28:25:34:03:5c:fb:6a:6f:b4:ed:99:f1:0f:92:4a:
68:f1:3a:a8:8e:78:0d:ed:04:ab:1c:5d:74:70:dd:23:a2:ce:
41:e5:ae:8d:4c:53:94:78:0e:54:f3:ed:dc:ed:df:67:6c:39:
a3:0d:51:34:06:af:90:8c:54:1f:b7:92:94:a5:e2:c0:d4:f1:
28:eb:85:a1:b3:c2:9a:31:d8:8f:0b:08:a0:5e:ae:93:ac:63:
37:17:3f:ae:b4:aa:29:e3:1c:49:2d:81:a3:5a:2f:8d:47:72:
81:5c:71:b8:b4:73:d4:a9:c4:38:54:8d:fb:cd:ff:2f:e7:f5:
3e:2a:28:8c:53:fe:25:f1:b1:13:ef:79:2b:8d:47:8b:80:bc:
13:d0:81:e7:a9:e3:93:b7:f5:e8:ad:60:77:48:54:83:e4:57:
9d:d3:dc:f9:d2:d2:7c:22:fc:be:2b:22:97:c2:62:99:ee:a3:
3f:1b:d8:0a
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAZQhsjqb7KhgSdOlfyvw+y0KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2I3NDJhMDNiYzljODU1MDcyMTdhMjUyMDRkZmZmODJm
Y2NkZjkwHhcNMjUwMTAxMTE0ODM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjU2ZDE1NWMxYzFhOGMyNTBkZTRiZjJlYTM1YzkxMTZkMjVkYzBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqNwypXAblvbQ2x4LqHJnfsRNT33m
T6PaPp/cpdB6sRUuLIvTAdQv7EJ3J8giJC77Ppnk7+S06TaojRyOqkJxSM56kyo8
VG5BwYFwaS5z3yUNpphpY/N2h/ln0I/v5MT1N8K+xsTDqGt3++bxQR2aTRHRNxL5
d4aiSm4IuNztNTPQZXk294SfRi7boWnS8PN/iu/OQRLq6GF6azDXa9xfFhFL7eGY
ToioYgJZ571j/98F9Tqams7z605DTe8G0eZT0NkTpbN3fuvb46CuEWFwZL1l81xg
O/QOA6Dh6KbOMRKIsrvRO6X2Aex2eid5neEJPvBRYS6UIVMpQhX24n3r4wIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFL9W0VXBwajCUN5L8uo1yRFtJdwOMB8GA1UdIwQY
MBaAFIbLdCoDvJyFUHIXolIE3/+C/M35MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN0MEtnTzhuSVZRY2hlaVVnVGZfNEw4emZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS83NjdhZTUtYjlhMi00OTkzLTgxYTgt
MDVmMThmYzIxMmE3LzEvdjFiUlZjSEJxTUpRM2t2eTZqWEpFVzBsM0E0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS83NjdhZTUtYjlhMi00OTkzLTgxYTgtMDVmMThmYzIxMmE3
LzEvaHN0MEtnTzhuSVZRY2hlaVVnVGZfNEw4emZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDA6BAIAATA0AwQAH8DoMAwD
BAEfwOoDBAQfwOAwDAMEA1BVmAMEAFBVmgMEAlBVnAMEArl2pAMEArmQHDAqBAIA
AjAkAwUAKgOg4AMHACoK7sAAADASAwcBKgruwAACAwcDKgruwAAAMA0GCSqGSIb3
DQEBCwUAA4IBAQA+AKprBVtMjxRUvJwIngvOpWA1uI+WEaslX0Y+jjt8HuIxMHl+
Ih0Bv6OXt+dJN1aELo4k2IbyaOFGmEPzGWqdDLlKxPVX+uUOVu4oJTQDXPtqb7Tt
mfEPkkpo8TqojngN7QSrHF10cN0jos5B5a6NTFOUeA5U8+3c7d9nbDmjDVE0Bq+Q
jFQft5KUpeLA1PEo64Whs8KaMdiPCwigXq6TrGM3Fz+utKop4xxJLYGjWi+NR3KB
XHG4tHPUqcQ4VI37zf8v5/U+KiiMU/4l8bET73krjUeLgLwT0IHnqeOTt/XorWB3
SFSD5Fed09z50tJ8Ivy+KyKXwmKZ7qM/G9gK
-----END CERTIFICATE-----
Generated at Fri Apr 18 19:17:38 2025 by rpki-client