Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/a0qfP2XbbB0CBXIp3Xh0kpTYgJg.roa
File: a0qfP2XbbB0CBXIp3Xh0kpTYgJg.roa (raw, json)
Hash identifier: drVmZE5HCbh2CeuARxE9lSlBI6SCrgT+B610HpWAkzI=
Subject key identifier: 6B:4A:9F:3F:65:DB:6C:1D:02:05:72:29:DD:78:74:92:94:D8:80:98
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0195A941B388C3BAE0AD44AB36D5D2CDA039
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/a0qfP2XbbB0CBXIp3Xh0kpTYgJg.roa
Signing time: Tue 18 Mar 2025 12:36:50 +0000
ROA not before: Tue 18 Mar 2025 12:36:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 31.13.211.0/24 maxlen: 24
45.12.253.0/24 maxlen: 24
45.81.39.0/24 maxlen: 24
87.120.68.0/23 maxlen: 24
87.121.60.0/24 maxlen: 24
87.121.61.0/24 maxlen: 24
93.123.74.0/23 maxlen: 24
93.123.119.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
178.215.227.0/24 maxlen: 24
185.252.160.0/23 maxlen: 24
Validation: Failed, certificate revoked on Fri 28 Mar 2025 08:22:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a9:41:b3:88:c3:ba:e0:ad:44:ab:36:d5:d2:cd:a0:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Mar 18 12:36:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6b4a9f3f65db6c1d02057229dd78749294d88098
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:97:98:9b:a0:46:8b:de:b0:41:30:8a:84:50:
02:58:d4:76:75:12:fc:a1:c3:26:c5:28:a4:9d:91:
be:28:27:60:5e:7f:a5:4d:69:db:b6:68:31:07:ab:
8d:48:92:d8:72:45:12:a6:cf:cb:fb:c9:c2:3a:8b:
e0:21:60:c8:31:75:7e:1b:a0:01:8e:73:d5:27:6c:
b7:74:8e:bd:e3:06:4c:f8:f0:78:9d:58:f3:f5:05:
54:9a:47:f5:10:dd:8b:77:2b:52:7d:a1:8f:b5:7d:
75:53:2a:e9:ae:d9:28:6c:bf:f1:d0:ba:28:2b:00:
90:54:e9:98:36:b0:1a:87:ff:a7:a1:f6:d9:3b:81:
f6:4e:b5:d3:42:82:d9:0f:ef:30:1d:e5:d5:26:85:
5b:fb:30:eb:da:cc:96:64:63:aa:ee:32:b6:65:0e:
7d:7c:3f:63:ee:fd:7a:59:3c:20:c3:2f:b9:22:f3:
e5:f1:1a:6f:19:61:6a:69:e9:cb:f2:7a:68:3c:d4:
31:c1:04:ce:a2:46:05:ec:72:74:1e:c3:0d:2f:e8:
e5:94:bc:95:cb:96:c6:af:65:0e:ae:1a:72:22:33:
f6:f5:01:bc:4c:ea:1c:9c:68:98:4f:72:d3:4d:0c:
f5:00:f4:8e:de:94:8d:9c:bf:b1:a4:c0:24:1f:0e:
8b:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:4A:9F:3F:65:DB:6C:1D:02:05:72:29:DD:78:74:92:94:D8:80:98
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/a0qfP2XbbB0CBXIp3Xh0kpTYgJg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.211.0/24
45.12.253.0/24
45.81.39.0/24
87.120.68.0/23
87.121.60.0/23
93.123.74.0/23
93.123.119.0/24
147.78.102.0/24
178.215.227.0/24
185.252.160.0/23
Signature Algorithm: sha256WithRSAEncryption
1f:b4:65:41:9b:0b:4e:4d:ff:87:78:5a:1a:b6:90:05:09:e0:
39:78:32:9e:d4:d9:8c:c4:06:6d:bf:48:24:02:3b:e4:0a:26:
eb:39:90:64:a9:98:e5:6e:7d:19:b9:8f:f6:ab:10:a5:72:b4:
ef:4b:97:78:80:74:00:c3:c4:5b:6a:71:df:ab:1a:43:1e:79:
4f:72:02:de:f8:41:80:d6:88:9b:ab:ae:3f:90:0e:4f:ff:ff:
c2:0e:d9:64:a0:09:a9:1c:85:85:fd:5d:27:f2:fb:c7:c3:19:
4b:34:63:a4:06:ea:07:b3:32:64:a0:56:fd:d6:16:07:fe:0f:
69:6d:34:fb:55:35:97:4f:f0:1a:ea:fb:04:10:29:52:8d:4d:
3c:22:3e:c3:80:77:70:6b:d0:8b:54:ac:cf:14:91:a8:1c:73:
c4:ac:30:b5:1c:e5:36:ba:93:fa:09:e4:14:7c:59:a5:a7:f4:
2a:9a:4f:e9:6f:ae:7b:9e:53:41:37:bc:7e:8f:51:11:16:ae:
c4:e0:f1:5d:63:12:46:5d:b5:f4:b4:62:af:ae:21:7b:f6:02:
96:7c:92:83:8d:8b:fd:4e:89:72:35:4b:a0:65:5d:db:8f:95:
31:41:75:56:cc:ec:a1:aa:b6:db:09:73:bf:b4:25:96:a2:01:
89:ef:8b:e6
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZWpQbOIw7rgrUSrNtXSzaA5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwMzE4MTIzNjUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjRhOWYzZjY1ZGI2YzFkMDIwNTcyMjlkZDc4NzQ5Mjk0ZDg4MDk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxpeYm6BGi96wQTCKhFACWNR2dRL8
ocMmxSiknZG+KCdgXn+lTWnbtmgxB6uNSJLYckUSps/L+8nCOovgIWDIMXV+G6AB
jnPVJ2y3dI694wZM+PB4nVjz9QVUmkf1EN2LdytSfaGPtX11UyrprtkobL/x0Loo
KwCQVOmYNrAah/+nofbZO4H2TrXTQoLZD+8wHeXVJoVb+zDr2syWZGOq7jK2ZQ59
fD9j7v16WTwgwy+5IvPl8RpvGWFqaenL8npoPNQxwQTOokYF7HJ0HsMNL+jllLyV
y5bGr2UOrhpyIjP29QG8TOocnGiYT3LTTQz1APSO3pSNnL+xpMAkHw6LFwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFGtKnz9l22wdAgVyKd14dJKU2ICYMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvYTBxZlAyWGJiQjBDQlhJcDNYaDBrcFRZZ0pnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAHw3TAwQA
LQz9AwQALVEnAwQBV3hEAwQBV3k8AwQBXXtKAwQAXXt3AwQAk05mAwQAstfjAwQB
ufygMA0GCSqGSIb3DQEBCwUAA4IBAQAftGVBmwtOTf+HeFoatpAFCeA5eDKe1NmM
xAZtv0gkAjvkCibrOZBkqZjlbn0ZuY/2qxClcrTvS5d4gHQAw8RbanHfqxpDHnlP
cgLe+EGA1oibq64/kA5P///CDtlkoAmpHIWF/V0n8vvHwxlLNGOkBuoHszJkoFb9
1hYH/g9pbTT7VTWXT/Aa6vsEEClSjU08Ij7DgHdwa9CLVKzPFJGoHHPErDC1HOU2
upP6CeQUfFmlp/Qqmk/pb657nlNBN7x+j1ERFq7E4PFdYxJGXbX0tGKvriF79gKW
fJKDjYv9TolyNUugZV3bj5UxQXVWzOyhqrbbCXO/tCWWogGJ74vm
-----END CERTIFICATE-----
Generated at Wed Apr 16 19:43:46 2025 by rpki-client