Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/9d4c0c-158f-4344-9641-747ced0b7486/1/6y3Ooo2YNm3schoFAfuLYmHOd_g.roa
File: 6y3Ooo2YNm3schoFAfuLYmHOd_g.roa (raw, json)
Hash identifier: MRGZOiv9wuW/q9kJ2B2eztVMie++aE01OENJ/+mjHZ4=
Subject key identifier: EB:2D:CE:A2:8D:98:36:6D:EC:72:1A:05:01:FB:8B:62:61:CE:77:F8
Certificate issuer: /CN=f18053ea7f3ab79a75e8f875386775551ef75739
Certificate serial: 01942369B74653D14A1083DC1FD22A2A9CE9
Authority key identifier: F1:80:53:EA:7F:3A:B7:9A:75:E8:F8:75:38:67:75:55:1E:F7:57:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8YBT6n86t5p16Ph1OGd1VR73Vzk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/9d4c0c-158f-4344-9641-747ced0b7486/1/6y3Ooo2YNm3schoFAfuLYmHOd_g.roa
Signing time: Wed 01 Jan 2025 19:48:38 +0000
ROA not before: Wed 01 Jan 2025 19:48:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15401
IP address blocks: 31.193.48.0/21 maxlen: 24
178.237.96.0/20 maxlen: 24
185.3.64.0/22 maxlen: 24
2a00:4280::/32 maxlen: 64
Validation: Failed, certificate revoked on Mon 06 Jan 2025 14:57:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:b7:46:53:d1:4a:10:83:dc:1f:d2:2a:2a:9c:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f18053ea7f3ab79a75e8f875386775551ef75739
Validity
Not Before: Jan 1 19:48:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=eb2dcea28d98366dec721a0501fb8b6261ce77f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:82:55:78:94:16:25:95:09:d6:0b:71:5f:d9:
d5:83:b8:41:f2:49:7b:a1:39:0e:9f:2d:ee:3d:98:
16:a7:43:81:ec:70:5c:0b:78:78:f4:b6:88:d2:d3:
de:af:d1:52:d4:6e:ab:6c:75:2b:5f:cd:7c:55:85:
bb:44:e2:19:da:70:5f:4c:94:b4:95:2c:06:38:04:
d3:ba:5b:74:5d:50:19:81:b0:c4:19:04:9e:4c:c1:
38:fa:e5:8f:0f:72:cf:49:4c:01:f2:16:7c:5c:42:
dc:c1:30:18:29:fb:af:36:f4:84:90:a1:5b:a9:4b:
0f:bd:de:a0:51:eb:0b:3d:b9:54:33:2c:e9:47:61:
ee:72:f7:ce:c0:73:dc:75:a3:63:78:b7:a5:df:5e:
f4:ce:36:bf:94:5c:77:c4:61:16:bd:37:c9:44:e7:
15:73:be:dc:96:06:10:10:61:42:cb:63:4b:73:2e:
be:57:b6:8f:b2:44:66:24:37:b8:21:7b:9d:32:66:
fa:67:67:16:de:45:6c:e2:12:2f:1d:5a:64:36:5c:
ed:8f:94:3e:65:81:a8:3d:2c:e2:17:b1:e7:33:2c:
50:13:c3:07:f5:0b:d3:18:65:04:a3:1b:43:67:dc:
12:78:4c:32:95:48:b6:20:93:44:17:59:c2:79:73:
bc:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:2D:CE:A2:8D:98:36:6D:EC:72:1A:05:01:FB:8B:62:61:CE:77:F8
X509v3 Authority Key Identifier:
keyid:F1:80:53:EA:7F:3A:B7:9A:75:E8:F8:75:38:67:75:55:1E:F7:57:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8YBT6n86t5p16Ph1OGd1VR73Vzk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/9d4c0c-158f-4344-9641-747ced0b7486/1/6y3Ooo2YNm3schoFAfuLYmHOd_g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/9d4c0c-158f-4344-9641-747ced0b7486/1/8YBT6n86t5p16Ph1OGd1VR73Vzk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.193.48.0/21
178.237.96.0/20
185.3.64.0/22
IPv6:
2a00:4280::/32
Signature Algorithm: sha256WithRSAEncryption
09:3a:55:f6:2a:68:86:04:e9:c9:c7:37:5f:1b:99:e5:e4:1e:
9f:89:8b:37:23:8e:2e:5e:9a:20:c2:32:4e:5f:d3:7a:91:30:
8a:c7:b2:75:f7:e0:a9:3d:e8:15:6a:02:93:aa:0b:8b:74:e1:
d8:ce:c7:8e:40:3c:26:42:13:a8:bc:84:7c:a1:ed:a0:23:7a:
2b:a9:4f:ba:9a:bd:e1:b6:4a:eb:1e:9f:9e:c4:5c:b1:1d:64:
44:35:82:02:bf:ff:c5:11:82:98:37:09:b1:2c:95:d1:26:1f:
4a:93:a7:13:4f:60:d2:e8:0b:b7:85:28:a1:73:6c:05:ec:66:
9c:7c:ad:a3:97:a5:7a:97:41:cc:58:58:09:bc:4b:51:e1:4b:
b9:13:6f:b8:51:ba:b1:23:4e:70:32:5c:11:69:94:09:e7:6f:
9e:3b:f5:64:74:3c:1a:c1:d5:21:c6:f5:16:63:5b:f9:1b:68:
d4:db:1a:fb:b2:76:24:c0:72:01:fe:00:97:b4:96:d8:e9:8d:
42:3b:4e:a5:0a:57:fc:43:03:4f:66:31:63:ac:b9:c2:2d:96:
a0:af:a0:a9:2e:f0:15:ff:13:e9:23:09:9b:5c:4a:28:76:b7:
bf:d0:94:dd:b0:78:ab:3f:ad:4d:70:9a:4a:5e:62:e9:04:9e:
a3:9a:0e:a5
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQjabdGU9FKEIPcH9IqKpzpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxODA1M2VhN2YzYWI3OWE3NWU4Zjg3NTM4Njc3NTU1MWVm
NzU3MzkwHhcNMjUwMTAxMTk0ODM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjJkY2VhMjhkOTgzNjZkZWM3MjFhMDUwMWZiOGI2MjYxY2U3N2Y4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApIJVeJQWJZUJ1gtxX9nVg7hB8kl7
oTkOny3uPZgWp0OB7HBcC3h49LaI0tPer9FS1G6rbHUrX818VYW7ROIZ2nBfTJS0
lSwGOATTult0XVAZgbDEGQSeTME4+uWPD3LPSUwB8hZ8XELcwTAYKfuvNvSEkKFb
qUsPvd6gUesLPblUMyzpR2HucvfOwHPcdaNjeLel3170zja/lFx3xGEWvTfJROcV
c77clgYQEGFCy2NLcy6+V7aPskRmJDe4IXudMmb6Z2cW3kVs4hIvHVpkNlztj5Q+
ZYGoPSziF7HnMyxQE8MH9QvTGGUEoxtDZ9wSeEwylUi2IJNEF1nCeXO80QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFOstzqKNmDZt7HIaBQH7i2Jhznf4MB8GA1UdIwQY
MBaAFPGAU+p/Oreadej4dThndVUe91c5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFlCVDZuODZ0NXAxNlBoMU9HZDFWUjczVnprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy85ZDRjMGMtMTU4Zi00MzQ0LTk2NDEt
NzQ3Y2VkMGI3NDg2LzEvNnkzT29vMllObTNzY2hvRkFmdUxZbUhPZF9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy85ZDRjMGMtMTU4Zi00MzQ0LTk2NDEtNzQ3Y2VkMGI3NDg2
LzEvOFlCVDZuODZ0NXAxNlBoMU9HZDFWUjczVnprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDH8EwAwQE
su1gAwQCuQNAMA0EAgACMAcDBQAqAEKAMA0GCSqGSIb3DQEBCwUAA4IBAQAJOlX2
KmiGBOnJxzdfG5nl5B6fiYs3I44uXpogwjJOX9N6kTCKx7J19+CpPegVagKTqguL
dOHYzseOQDwmQhOovIR8oe2gI3orqU+6mr3htkrrHp+exFyxHWRENYICv//FEYKY
NwmxLJXRJh9Kk6cTT2DS6Au3hSihc2wF7GacfK2jl6V6l0HMWFgJvEtR4Uu5E2+4
UbqxI05wMlwRaZQJ52+eO/VkdDwawdUhxvUWY1v5G2jU2xr7snYkwHIB/gCXtJbY
6Y1CO06lClf8QwNPZjFjrLnCLZagr6CpLvAV/xPpIwmbXEoodre/0JTdsHirP61N
cJpKXmLpBJ6jmg6l
-----END CERTIFICATE-----
Generated at Sun Apr 20 15:33:20 2025 by rpki-client