Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/aO2eltGiX0O0EGEpXpvHgU9Jg_Q.roa
File: aO2eltGiX0O0EGEpXpvHgU9Jg_Q.roa (raw, json)
Hash identifier: INw7OFuNdFUswby+7E0ToIc9S++DXVKevwhLfP2M2YQ=
Subject key identifier: 68:ED:9E:96:D1:A2:5F:43:B4:10:61:29:5E:9B:C7:81:4F:49:83:F4
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0195951C891F9BE03513F93484C595065AFC
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/aO2eltGiX0O0EGEpXpvHgU9Jg_Q.roa
Signing time: Fri 14 Mar 2025 14:43:50 +0000
ROA not before: Fri 14 Mar 2025 14:43:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 151612
IP address blocks: 31.13.224.0/24 maxlen: 24
31.13.231.0/24 maxlen: 24
81.161.230.0/24 maxlen: 24
87.120.89.0/24 maxlen: 24
94.156.239.0/24 maxlen: 24
193.37.47.0/24 maxlen: 24
194.48.251.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 17 Mar 2025 11:24:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:95:1c:89:1f:9b:e0:35:13:f9:34:84:c5:95:06:5a:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Mar 14 14:43:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=68ed9e96d1a25f43b41061295e9bc7814f4983f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:33:c6:60:53:02:5b:09:66:d6:86:d2:e6:67:
d6:7a:02:76:1d:74:3d:86:db:ef:16:4f:09:3d:f7:
d5:ae:5b:e9:f2:55:cb:58:3c:99:47:a2:21:dc:02:
fa:5e:7b:12:d9:48:87:b8:cd:f8:bb:8f:0b:4a:ca:
52:d5:08:39:99:78:d5:22:e3:33:34:ec:bd:37:28:
8a:ea:71:0d:e9:7a:3b:ab:2c:b1:94:8c:f1:e6:a4:
d5:a7:4b:75:76:b2:ed:ef:97:55:c2:8a:77:fc:10:
b2:2a:61:05:86:c6:f1:11:2f:07:bc:79:9d:96:e7:
b0:d0:62:bc:42:c5:7f:34:48:55:1e:6b:82:ee:6e:
04:b9:8e:0d:7a:df:32:88:d1:b8:87:3c:f4:d2:d8:
c6:53:1a:3e:69:60:ac:e8:c8:50:52:43:a4:7e:f5:
40:d3:23:d5:11:13:16:36:cb:35:88:1b:83:8e:ef:
a4:5b:95:a5:47:c4:8f:21:b0:99:dc:41:d9:01:78:
9f:81:1b:c0:32:dc:95:0a:53:02:25:9a:51:dc:ff:
8c:08:6d:bf:b6:6b:ac:36:5f:e4:09:10:88:60:59:
33:15:08:bd:be:59:bc:f0:9f:7f:c0:f9:7e:78:f5:
6c:f6:a7:db:ae:6c:f8:b8:d4:65:19:6c:a2:e3:9e:
c3:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:ED:9E:96:D1:A2:5F:43:B4:10:61:29:5E:9B:C7:81:4F:49:83:F4
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/aO2eltGiX0O0EGEpXpvHgU9Jg_Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.224.0/24
31.13.231.0/24
81.161.230.0/24
87.120.89.0/24
94.156.239.0/24
193.37.47.0/24
194.48.251.0/24
Signature Algorithm: sha256WithRSAEncryption
53:30:17:80:3e:93:2a:8a:82:54:e3:5c:30:5e:bd:a0:85:31:
f5:18:e8:41:42:ca:4b:02:2d:37:2c:f1:a2:1a:35:3e:1e:8b:
6b:bd:2d:fc:48:cc:cd:ab:8a:e4:e3:15:c9:13:39:f4:4e:ad:
ca:f0:9c:6c:bb:93:31:19:63:cf:b9:2c:9d:1e:54:5f:89:03:
5b:57:11:f6:7b:2f:b5:c1:ef:df:83:8b:9c:5f:bb:72:d8:0e:
29:e9:b3:14:2f:e6:0b:31:ce:6c:18:f8:a7:b9:9e:4c:e1:46:
0a:46:1e:59:30:e1:2a:db:f1:fb:7a:b2:e6:e2:17:42:85:0b:
d4:71:46:8e:01:ec:ac:77:32:32:b2:e8:ad:a0:6a:d4:50:9b:
5b:05:b6:97:02:15:38:2f:e9:36:68:0e:81:3a:68:f5:5c:a0:
7b:d0:a0:f8:c5:33:b2:9d:90:df:c7:b7:d7:6b:9e:f8:23:f7:
0f:54:bc:12:a4:83:cf:d6:6a:1f:7c:2c:d0:b0:ce:5f:ba:d5:
79:29:ee:65:41:b7:d0:ab:0b:61:f7:36:66:68:0b:4d:ed:d3:
8c:14:83:3e:38:0f:10:8a:9a:c9:64:3b:fe:59:d0:95:79:44:
74:56:f3:70:18:d6:46:be:68:34:e6:00:3e:55:13:ce:d1:12:
32:45:eb:53
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZWVHIkfm+A1E/k0hMWVBlr8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwMzE0MTQ0MzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGVkOWU5NmQxYTI1ZjQzYjQxMDYxMjk1ZTliYzc4MTRmNDk4M2Y0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyTPGYFMCWwlm1obS5mfWegJ2HXQ9
htvvFk8JPffVrlvp8lXLWDyZR6Ih3AL6XnsS2UiHuM34u48LSspS1Qg5mXjVIuMz
NOy9NyiK6nEN6Xo7qyyxlIzx5qTVp0t1drLt75dVwop3/BCyKmEFhsbxES8HvHmd
luew0GK8QsV/NEhVHmuC7m4EuY4Net8yiNG4hzz00tjGUxo+aWCs6MhQUkOkfvVA
0yPVERMWNss1iBuDju+kW5WlR8SPIbCZ3EHZAXifgRvAMtyVClMCJZpR3P+MCG2/
tmusNl/kCRCIYFkzFQi9vlm88J9/wPl+ePVs9qfbrmz4uNRlGWyi457DowIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFGjtnpbRol9DtBBhKV6bx4FPSYP0MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvYU8yZWx0R2lYME8wRUdFcFhwdkhnVTlKZ19RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAHw3gAwQA
Hw3nAwQAUaHmAwQAV3hZAwQAXpzvAwQAwSUvAwQAwjD7MA0GCSqGSIb3DQEBCwUA
A4IBAQBTMBeAPpMqioJU41wwXr2ghTH1GOhBQspLAi03LPGiGjU+HotrvS38SMzN
q4rk4xXJEzn0Tq3K8Jxsu5MxGWPPuSydHlRfiQNbVxH2ey+1we/fg4ucX7ty2A4p
6bMUL+YLMc5sGPinuZ5M4UYKRh5ZMOEq2/H7erLm4hdChQvUcUaOAeysdzIysuit
oGrUUJtbBbaXAhU4L+k2aA6BOmj1XKB70KD4xTOynZDfx7fXa574I/cPVLwSpIPP
1moffCzQsM5futV5Ke5lQbfQqwth9zZmaAtN7dOMFIM+OA8QiprJZDv+WdCVeUR0
VvNwGNZGvmg05gA+VRPO0RIyRetT
-----END CERTIFICATE-----
Generated at Thu Apr 17 01:35:02 2025 by rpki-client