Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/5a337f-c843-45f4-8d99-163fb7003e5d/1/_sQ_hRuWTOI0VuaMIZpWun9qV-g.roa
File: _sQ_hRuWTOI0VuaMIZpWun9qV-g.roa (raw, json)
Hash identifier: vfSDB7D6bMX1R0aIU3n/IWWdCMXC23LHz2rMRRQOwr8=
Subject key identifier: FE:C4:3F:85:1B:96:4C:E2:34:56:E6:8C:21:9A:56:BA:7F:6A:57:E8
Certificate issuer: /CN=62d190b238d97af7900bdcbd02304b782ffcaf2a
Certificate serial: 019587AFA3E60E8E83E7B8788D9735EF4C97
Authority key identifier: 62:D1:90:B2:38:D9:7A:F7:90:0B:DC:BD:02:30:4B:78:2F:FC:AF:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YtGQsjjZeveQC9y9AjBLeC_8ryo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/5a337f-c843-45f4-8d99-163fb7003e5d/1/_sQ_hRuWTOI0VuaMIZpWun9qV-g.roa
Signing time: Wed 12 Mar 2025 00:09:49 +0000
ROA not before: Wed 12 Mar 2025 00:09:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25577
IP address blocks: 31.3.208.0/21 maxlen: 21
31.3.208.0/24 maxlen: 24
31.3.211.0/24 maxlen: 24
31.3.212.0/23 maxlen: 23
31.3.221.0/24 maxlen: 24
31.3.223.0/24 maxlen: 24
81.27.64.0/19 maxlen: 19
81.27.87.0/24 maxlen: 24
81.27.88.0/21 maxlen: 21
82.197.72.0/22 maxlen: 22
82.197.74.0/24 maxlen: 24
2001:9d8::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 13 Mar 2025 04:57:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:87:af:a3:e6:0e:8e:83:e7:b8:78:8d:97:35:ef:4c:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62d190b238d97af7900bdcbd02304b782ffcaf2a
Validity
Not Before: Mar 12 00:09:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fec43f851b964ce23456e68c219a56ba7f6a57e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:db:49:49:98:0b:8d:a9:1d:fc:37:35:ce:a6:
c0:65:b9:d8:15:51:11:9e:d8:4c:12:62:4c:52:f0:
ff:51:3b:a2:f3:31:db:c7:3e:fc:cd:06:c3:ae:aa:
88:be:67:4a:ef:8f:8a:b8:64:70:cd:48:d8:24:81:
f5:d0:c8:35:a7:1f:d9:33:fc:4f:26:e6:87:dc:df:
ab:b0:46:c2:2e:7d:2b:3e:9d:94:06:29:68:78:00:
5f:da:7d:16:97:6e:ec:8f:46:9f:1b:f9:3a:6a:5d:
93:67:fe:5d:b8:f9:d3:b0:0c:d4:b3:36:a2:76:23:
a3:bb:43:1d:2d:b7:2a:7f:46:1d:77:aa:95:a2:e5:
b8:10:39:da:35:05:f2:7a:e7:b9:b5:42:33:fb:19:
1c:ba:6b:29:d5:30:8f:6d:e7:00:0c:bd:3f:b9:67:
50:2c:31:ee:e5:14:b0:5b:e3:a9:4f:be:87:8b:8a:
6e:93:be:a8:d5:93:71:ca:65:97:3b:7f:f2:e6:c4:
73:df:d8:7e:38:d8:a0:89:fb:d5:e6:3f:2f:b3:f4:
41:c1:83:83:7b:23:2d:54:a1:66:ae:df:27:03:6b:
1f:88:4a:44:67:91:f6:15:d2:73:99:22:a8:ed:17:
dc:d9:e6:52:50:7c:b1:22:d8:14:d1:c5:2d:1b:eb:
af:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:C4:3F:85:1B:96:4C:E2:34:56:E6:8C:21:9A:56:BA:7F:6A:57:E8
X509v3 Authority Key Identifier:
keyid:62:D1:90:B2:38:D9:7A:F7:90:0B:DC:BD:02:30:4B:78:2F:FC:AF:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YtGQsjjZeveQC9y9AjBLeC_8ryo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/5a337f-c843-45f4-8d99-163fb7003e5d/1/_sQ_hRuWTOI0VuaMIZpWun9qV-g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/5a337f-c843-45f4-8d99-163fb7003e5d/1/YtGQsjjZeveQC9y9AjBLeC_8ryo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.3.208.0/21
31.3.221.0/24
31.3.223.0/24
81.27.64.0/19
82.197.72.0/22
IPv6:
2001:9d8::/32
Signature Algorithm: sha256WithRSAEncryption
43:63:14:dd:0b:28:63:b3:5f:70:3c:c8:5c:ea:0a:25:da:7a:
ea:5e:40:55:22:4c:b0:4a:6a:cc:b0:14:18:ba:76:eb:03:a8:
95:31:c1:f6:65:46:77:05:00:66:fb:56:0d:32:85:99:20:45:
e9:82:14:97:64:e1:fc:0c:5d:23:31:3c:be:d5:92:19:c0:d2:
dd:82:3e:f4:3e:00:99:d2:05:5b:77:4a:ca:76:30:da:e8:84:
9b:b4:32:2b:00:f8:5b:f2:b6:1b:7b:5b:4c:01:ac:83:60:40:
4f:14:b4:9a:0f:5f:11:65:c8:5f:b9:a9:9c:ba:a1:3b:62:8a:
18:8d:2c:dd:e9:2f:e6:30:80:9b:33:0b:c9:df:67:e8:7a:97:
e7:ad:39:41:a4:db:50:49:57:90:73:6c:7e:5d:87:81:e5:81:
ef:48:4a:1b:80:23:40:90:3f:21:56:44:96:35:b9:d2:c5:6a:
3a:96:ec:4e:c9:28:c7:fe:a8:53:f7:47:66:5f:5a:ef:84:03:
56:b7:48:4d:d6:8e:44:e0:e7:33:ef:b4:b9:07:b8:55:f6:61:
9b:2a:18:a0:5a:7a:fe:76:a9:ee:df:2e:a0:30:f6:fc:45:01:
a3:34:06:42:d5:61:b6:cd:45:ae:1e:36:df:09:02:de:6b:3b:
10:c0:46:36
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZWHr6PmDo6D57h4jZc170yXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZDE5MGIyMzhkOTdhZjc5MDBiZGNiZDAyMzA0Yjc4MmZm
Y2FmMmEwHhcNMjUwMzEyMDAwOTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZWM0M2Y4NTFiOTY0Y2UyMzQ1NmU2OGMyMTlhNTZiYTdmNmE1N2U4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoNtJSZgLjakd/Dc1zqbAZbnYFVER
nthMEmJMUvD/UTui8zHbxz78zQbDrqqIvmdK74+KuGRwzUjYJIH10Mg1px/ZM/xP
JuaH3N+rsEbCLn0rPp2UBiloeABf2n0Wl27sj0afG/k6al2TZ/5duPnTsAzUszai
diOju0MdLbcqf0Ydd6qVouW4EDnaNQXyeue5tUIz+xkcumsp1TCPbecADL0/uWdQ
LDHu5RSwW+OpT76Hi4puk76o1ZNxymWXO3/y5sRz39h+ONigifvV5j8vs/RBwYOD
eyMtVKFmrt8nA2sfiEpEZ5H2FdJzmSKo7Rfc2eZSUHyxItgU0cUtG+uvYQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFP7EP4UblkziNFbmjCGaVrp/alfoMB8GA1UdIwQY
MBaAFGLRkLI42Xr3kAvcvQIwS3gv/K8qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXRHUXNqalpldmVRQzl5OUFqQkxlQ184cnlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi81YTMzN2YtYzg0My00NWY0LThkOTkt
MTYzZmI3MDAzZTVkLzEvX3NRX2hSdVdUT0kwVnVhTUlacFd1bjlxVi1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi81YTMzN2YtYzg0My00NWY0LThkOTktMTYzZmI3MDAzZTVk
LzEvWXRHUXNqalpldmVRQzl5OUFqQkxlQ184cnlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDHwPQAwQA
HwPdAwQAHwPfAwQFURtAAwQCUsVIMA0EAgACMAcDBQAgAQnYMA0GCSqGSIb3DQEB
CwUAA4IBAQBDYxTdCyhjs19wPMhc6gol2nrqXkBVIkywSmrMsBQYunbrA6iVMcH2
ZUZ3BQBm+1YNMoWZIEXpghSXZOH8DF0jMTy+1ZIZwNLdgj70PgCZ0gVbd0rKdjDa
6ISbtDIrAPhb8rYbe1tMAayDYEBPFLSaD18RZchfuamcuqE7YooYjSzd6S/mMICb
MwvJ32foepfnrTlBpNtQSVeQc2x+XYeB5YHvSEobgCNAkD8hVkSWNbnSxWo6luxO
ySjH/qhT90dmX1rvhANWt0hN1o5E4Ocz77S5B7hV9mGbKhigWnr+dqnu3y6gMPb8
RQGjNAZC1WG2zUWuHjbfCQLeazsQwEY2
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:13:14 2025 by rpki-client