Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/082c31-f4ef-4acb-90f1-da03bf7a2ec2/1/1-OD4rIUSUCHe8X6uqfgma70j5wQ.roa
File: 1-OD4rIUSUCHe8X6uqfgma70j5wQ.roa (raw, json)
Hash identifier: M2upshulXMpUqjSknjiTHQSnPBa3qd+uLm5HZ4dvFt8=
Subject key identifier: F8:E0:F8:AC:85:12:50:21:DE:F1:7E:AE:A9:F8:26:6B:BD:23:E7:04
Certificate issuer: /CN=fc4d06978969a8bdab6d6359062d7781e03449ca
Certificate serial: 0194AB9EEC9D0A0D8C01AD4A12D556450926
Authority key identifier: FC:4D:06:97:89:69:A8:BD:AB:6D:63:59:06:2D:77:81:E0:34:49:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_E0Gl4lpqL2rbWNZBi13geA0Sco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/082c31-f4ef-4acb-90f1-da03bf7a2ec2/1/1-OD4rIUSUCHe8X6uqfgma70j5wQ.roa
Signing time: Tue 28 Jan 2025 06:35:06 +0000
ROA not before: Tue 28 Jan 2025 06:35:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2914
IP address blocks: 31.209.64.0/20 maxlen: 24
80.243.16.0/21 maxlen: 21
Validation: Failed, certificate revoked on Fri 28 Feb 2025 11:29:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ab:9e:ec:9d:0a:0d:8c:01:ad:4a:12:d5:56:45:09:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc4d06978969a8bdab6d6359062d7781e03449ca
Validity
Not Before: Jan 28 06:35:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f8e0f8ac85125021def17eaea9f8266bbd23e704
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:ff:32:a6:e2:20:88:95:db:a5:be:72:2a:1e:
db:68:29:5f:ad:7d:2d:d7:dc:66:d2:22:5c:69:fc:
35:94:ee:63:fc:0e:14:b4:89:d3:c7:e6:39:1a:00:
10:7b:09:8f:7a:2b:99:80:80:72:74:c2:6c:2a:2e:
7a:a8:40:fb:66:2c:a2:24:5f:a8:34:af:9a:33:a6:
15:ff:2d:22:2e:6e:be:8c:1f:46:d8:7c:0c:11:06:
b1:1a:98:5d:4a:d6:50:8c:5e:f6:5f:fa:b0:eb:c1:
8e:c0:e7:c5:cd:e2:8c:46:f3:18:00:cd:91:70:b2:
93:34:a3:b2:5b:b5:c8:23:c9:0e:02:69:59:e1:b6:
53:1a:88:62:74:49:8d:4c:4a:65:db:9c:82:1f:e5:
02:21:77:de:f9:62:9a:23:8b:23:95:5d:c5:f9:eb:
4d:e9:fe:97:11:87:f5:2d:6e:af:71:81:2d:46:e6:
d4:13:fa:72:e8:07:b6:cf:f2:73:ed:54:a4:88:e2:
c2:8a:4f:11:94:4b:3a:b3:ba:4e:3f:25:e2:7f:ee:
5e:0c:03:39:c7:4b:00:64:3e:30:ce:7f:df:95:f7:
2e:b0:fe:25:bb:b9:ef:ac:42:9a:44:3d:73:7e:c8:
04:25:00:67:d9:28:75:d3:be:a0:cf:10:6b:10:3e:
cd:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:E0:F8:AC:85:12:50:21:DE:F1:7E:AE:A9:F8:26:6B:BD:23:E7:04
X509v3 Authority Key Identifier:
keyid:FC:4D:06:97:89:69:A8:BD:AB:6D:63:59:06:2D:77:81:E0:34:49:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_E0Gl4lpqL2rbWNZBi13geA0Sco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/082c31-f4ef-4acb-90f1-da03bf7a2ec2/1/1-OD4rIUSUCHe8X6uqfgma70j5wQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/082c31-f4ef-4acb-90f1-da03bf7a2ec2/1/_E0Gl4lpqL2rbWNZBi13geA0Sco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.209.64.0/20
80.243.16.0/21
Signature Algorithm: sha256WithRSAEncryption
97:70:67:20:e1:df:f5:30:d7:fa:9c:fd:ea:6c:01:fa:96:0d:
45:f8:92:69:a5:39:ee:86:4b:cd:84:da:5a:1d:76:df:5c:83:
34:67:80:a3:74:84:6e:ec:ac:88:02:3d:bc:e2:54:13:7a:5b:
14:a1:a9:72:1c:9e:77:a8:98:4c:b1:79:ed:34:7f:25:d5:81:
8f:6c:03:c1:a6:b7:d7:7a:89:4a:dc:bd:63:23:64:99:7c:f9:
61:3c:b7:17:eb:3e:34:7f:f1:b5:a0:ec:3a:b0:7a:c7:37:b6:
14:d7:bf:ab:65:66:91:73:b7:13:c0:50:f2:39:33:e0:d1:cb:
a6:18:26:d9:95:9f:8c:6f:c6:3d:49:7e:43:60:62:0f:9c:96:
9b:36:da:ec:9b:15:de:23:0a:fc:00:57:30:f3:9c:91:67:1b:
4c:d7:06:4f:9c:a1:c5:61:52:eb:19:2c:08:42:09:37:15:ec:
11:69:a0:15:e3:26:04:a9:76:8d:32:b4:14:cc:81:3e:aa:94:
f5:9f:fc:1c:ee:cc:c4:61:82:ec:0c:2e:9b:e4:79:3c:04:80:
63:50:b8:e3:72:62:a8:ef:58:7d:12:45:52:00:b3:c0:8b:8b:
d3:78:b7:9c:02:1c:dd:dc:e8:35:37:62:84:3d:7a:5a:93:65:
d3:d9:57:a6
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAZSrnuydCg2MAa1KEtVWRQkmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjNGQwNjk3ODk2OWE4YmRhYjZkNjM1OTA2MmQ3NzgxZTAz
NDQ5Y2EwHhcNMjUwMTI4MDYzNTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGUwZjhhYzg1MTI1MDIxZGVmMTdlYWVhOWY4MjY2YmJkMjNlNzA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsf8ypuIgiJXbpb5yKh7baClfrX0t
19xm0iJcafw1lO5j/A4UtInTx+Y5GgAQewmPeiuZgIBydMJsKi56qED7ZiyiJF+o
NK+aM6YV/y0iLm6+jB9G2HwMEQaxGphdStZQjF72X/qw68GOwOfFzeKMRvMYAM2R
cLKTNKOyW7XII8kOAmlZ4bZTGohidEmNTEpl25yCH+UCIXfe+WKaI4sjlV3F+etN
6f6XEYf1LW6vcYEtRubUE/py6Ae2z/Jz7VSkiOLCik8RlEs6s7pOPyXif+5eDAM5
x0sAZD4wzn/flfcusP4lu7nvrEKaRD1zfsgEJQBn2Sh1076gzxBrED7NnQIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPjg+KyFElAh3vF+rqn4Jmu9I+cEMB8GA1UdIwQY
MBaAFPxNBpeJaai9q21jWQYtd4HgNEnKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0UwR2w0bHBxTDJyYldOWkJpMTNnZUEwU2NvLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8wODJjMzEtZjRlZi00YWNiLTkwZjEt
ZGEwM2JmN2EyZWMyLzEvMS1PRDRySVVTVUNIZThYNnVxZmdtYTcwajV3US5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMWQvMDgyYzMxLWY0ZWYtNGFjYi05MGYxLWRhMDNiZjdhMmVj
Mi8xL19FMEdsNGxwcUwycmJXTlpCaTEzZ2VBMFNjby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEBB/RQAME
A1DzEDANBgkqhkiG9w0BAQsFAAOCAQEAl3BnIOHf9TDX+pz96mwB+pYNRfiSaaU5
7oZLzYTaWh1231yDNGeAo3SEbuysiAI9vOJUE3pbFKGpchyed6iYTLF57TR/JdWB
j2wDwaa313qJSty9YyNkmXz5YTy3F+s+NH/xtaDsOrB6xze2FNe/q2VmkXO3E8BQ
8jkz4NHLphgm2ZWfjG/GPUl+Q2BiD5yWmzba7JsV3iMK/ABXMPOckWcbTNcGT5yh
xWFS6xksCEIJNxXsEWmgFeMmBKl2jTK0FMyBPqqU9Z/8HO7MxGGC7Awum+R5PASA
Y1C443JiqO9YfRJFUgCzwIuL03i3nAIc3dzoNTdihD16WpNl09lXpg==
-----END CERTIFICATE-----
Generated at Thu Apr 10 18:37:19 2025 by rpki-client