Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/ONnXx3n0y-OT8I-fHtlWlvn9fCs.roa
File: ONnXx3n0y-OT8I-fHtlWlvn9fCs.roa (raw, json)
Hash identifier: hdU31WkoVxxWjJFgJIgUY4ugSjfqtEtQlLH4CkZ6kpQ=
Subject key identifier: 38:D9:D7:C7:79:F4:CB:E3:93:F0:8F:9F:1E:D9:56:96:F9:FD:7C:2B
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0194222011CEEBF344A1392383BF961D4173
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/ONnXx3n0y-OT8I-fHtlWlvn9fCs.roa
Signing time: Wed 01 Jan 2025 13:48:34 +0000
ROA not before: Wed 01 Jan 2025 13:48:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213850
IP address blocks: 5.231.31.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 07 Jan 2025 10:28:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:11:ce:eb:f3:44:a1:39:23:83:bf:96:1d:41:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Jan 1 13:48:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=38d9d7c779f4cbe393f08f9f1ed95696f9fd7c2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:51:ed:81:b4:ab:7e:d5:53:16:8a:15:1d:37:
37:cb:4f:0a:f4:b2:47:b2:3b:a6:5c:14:1d:2d:53:
d5:e4:60:cf:0e:d3:69:9a:fd:f7:90:27:9d:aa:42:
9b:67:da:9c:d9:10:2a:11:52:a0:54:56:88:75:e9:
7e:bd:b5:2f:38:48:22:0f:b9:df:b9:08:93:2a:9e:
7e:ac:da:4f:96:f9:39:d3:c6:b0:a9:1c:c3:ab:08:
dc:3e:50:39:44:fa:3b:9d:62:07:ab:e2:25:e8:16:
e1:b4:a3:7f:c7:43:5e:29:de:6c:49:b5:c8:9b:4f:
5b:c3:89:16:a9:04:7e:90:43:58:08:9f:66:08:1a:
c7:87:6c:fa:b0:3b:47:71:25:d3:31:13:3f:3c:33:
c6:48:3c:68:2a:dc:69:48:a2:c8:64:18:bc:2d:74:
94:4d:7e:f0:e1:72:92:a0:00:8e:13:f0:d5:49:d0:
96:57:e8:81:2e:99:0b:ab:ab:d8:d4:61:ee:bf:7a:
5b:72:6c:c0:ff:fc:2b:9a:bd:45:34:3a:59:7f:f2:
ea:58:2c:5a:d1:e9:6c:d2:49:d5:b2:f1:08:64:e0:
ba:7e:2d:9d:b8:d8:d2:0f:ac:b3:41:3a:f5:d5:cb:
94:3b:c2:ce:cb:1a:d1:3b:ad:85:2f:8d:bf:c8:49:
7b:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:D9:D7:C7:79:F4:CB:E3:93:F0:8F:9F:1E:D9:56:96:F9:FD:7C:2B
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/ONnXx3n0y-OT8I-fHtlWlvn9fCs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.231.31.0/24
Signature Algorithm: sha256WithRSAEncryption
70:f6:75:b2:aa:0b:7e:6a:03:9d:ee:98:d4:b1:a1:de:5e:97:
e5:a3:16:e1:e2:cb:45:0f:7d:c5:07:93:8c:2d:1b:9d:05:3d:
23:14:76:da:b3:43:1c:8a:56:1b:44:cb:52:ed:2f:4d:c4:5f:
59:8e:38:d9:3e:12:86:93:55:09:57:a3:99:3a:2c:0f:41:1d:
f3:1c:23:e1:14:16:05:bd:94:0d:4a:81:3e:ca:66:7a:9f:c2:
a1:bc:10:81:1b:03:1b:f5:c3:62:3f:50:2b:b5:e3:14:79:5d:
7b:14:c9:c2:a8:21:48:0d:5c:e8:ec:3b:a4:eb:46:71:df:00:
a0:d4:b2:6d:9b:ff:23:fe:e3:e1:c2:3d:3a:92:7d:50:d2:f6:
00:42:f3:11:cb:fe:6a:46:b7:38:a1:cc:3b:be:89:ab:1d:88:
94:71:c1:6b:d9:2d:b9:ec:4c:6e:c3:85:f6:be:e0:59:b4:b2:
db:d1:90:77:6a:82:0e:9c:f4:30:76:b0:85:f6:c3:99:ec:c2:
c2:ff:a0:c0:a3:84:66:35:c5:76:5a:bb:92:89:d5:e0:bd:79:
af:b3:0d:2f:e3:8a:ac:9d:69:be:23:6d:ba:92:72:2a:68:7f:
87:8a:4c:fc:e2:5d:e1:05:4e:e9:f1:33:69:2d:9b:ef:7e:5d:
f0:08:a8:50
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiIBHO6/NEoTkjg7+WHUFzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwMTAxMTM0ODM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGQ5ZDdjNzc5ZjRjYmUzOTNmMDhmOWYxZWQ5NTY5NmY5ZmQ3YzJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5lHtgbSrftVTFooVHTc3y08K9LJH
sjumXBQdLVPV5GDPDtNpmv33kCedqkKbZ9qc2RAqEVKgVFaIdel+vbUvOEgiD7nf
uQiTKp5+rNpPlvk508awqRzDqwjcPlA5RPo7nWIHq+Il6BbhtKN/x0NeKd5sSbXI
m09bw4kWqQR+kENYCJ9mCBrHh2z6sDtHcSXTMRM/PDPGSDxoKtxpSKLIZBi8LXSU
TX7w4XKSoACOE/DVSdCWV+iBLpkLq6vY1GHuv3pbcmzA//wrmr1FNDpZf/LqWCxa
0els0knVsvEIZOC6fi2duNjSD6yzQTr11cuUO8LOyxrRO62FL42/yEl7tQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDjZ18d59Mvjk/CPnx7ZVpb5/XwrMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvT05uWHgzbjB5LU9UOEktZkh0bFdsdm45ZkNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABecfMA0G
CSqGSIb3DQEBCwUAA4IBAQBw9nWyqgt+agOd7pjUsaHeXpfloxbh4stFD33FB5OM
LRudBT0jFHbas0McilYbRMtS7S9NxF9ZjjjZPhKGk1UJV6OZOiwPQR3zHCPhFBYF
vZQNSoE+ymZ6n8KhvBCBGwMb9cNiP1ArteMUeV17FMnCqCFIDVzo7Duk60Zx3wCg
1LJtm/8j/uPhwj06kn1Q0vYAQvMRy/5qRrc4ocw7vomrHYiUccFr2S257Exuw4X2
vuBZtLLb0ZB3aoIOnPQwdrCF9sOZ7MLC/6DAo4RmNcV2WruSidXgvXmvsw0v44qs
nWm+I226knIqaH+Hikz84l3hBU7p8TNpLZvvfl3wCKhQ
-----END CERTIFICATE-----
Generated at Sat Apr 12 03:18:17 2025 by rpki-client