Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/082c31-f4ef-4acb-90f1-da03bf7a2ec2/1/twlop8RG9hE4llVODFPMi3rUSs4.roa
File: twlop8RG9hE4llVODFPMi3rUSs4.roa (raw, json)
Hash identifier: J4f3KGaOKoz/NX/+rTZYEj8J6t8CG/i+cUsDM54IoII=
Subject key identifier: B7:09:68:A7:C4:46:F6:11:38:96:55:4E:0C:53:CC:8B:7A:D4:4A:CE
Certificate issuer: /CN=fc4d06978969a8bdab6d6359062d7781e03449ca
Certificate serial: 0194266B52826B9F52E26AAE6A3CB27E0EB2
Authority key identifier: FC:4D:06:97:89:69:A8:BD:AB:6D:63:59:06:2D:77:81:E0:34:49:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_E0Gl4lpqL2rbWNZBi13geA0Sco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/082c31-f4ef-4acb-90f1-da03bf7a2ec2/1/twlop8RG9hE4llVODFPMi3rUSs4.roa
Signing time: Thu 02 Jan 2025 09:49:15 +0000
ROA not before: Thu 02 Jan 2025 09:49:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2914
IP address blocks: 31.209.64.0/20 maxlen: 24
80.243.16.0/21 maxlen: 21
80.243.24.0/21 maxlen: 21
Validation: Failed, certificate revoked on Tue 28 Jan 2025 06:35:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:52:82:6b:9f:52:e2:6a:ae:6a:3c:b2:7e:0e:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc4d06978969a8bdab6d6359062d7781e03449ca
Validity
Not Before: Jan 2 09:49:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b70968a7c446f6113896554e0c53cc8b7ad44ace
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:2b:ce:21:f7:0c:54:79:15:30:9e:5a:ff:14:
65:3d:49:ea:f9:22:64:ba:e0:a5:31:56:2d:37:73:
9a:7d:ac:0a:bd:2e:85:3f:cc:53:d4:21:ac:25:a1:
eb:77:05:73:85:e7:e5:b0:99:9e:5a:2a:6f:f1:34:
ab:0d:2b:e6:1a:00:af:39:64:09:95:86:11:9a:cd:
39:fd:94:0a:11:d7:f5:47:15:41:b1:95:61:2c:bd:
af:68:e0:c9:88:27:1d:a5:90:dd:2c:f8:07:d3:7a:
4c:0a:1e:97:50:fb:19:f5:b5:24:1c:06:5a:83:24:
e7:25:8d:cf:c8:c4:cc:7b:b4:43:6b:ac:71:74:8a:
80:e7:96:89:ee:f1:4a:0d:67:3a:30:64:f6:56:98:
a3:14:5c:e7:66:9f:ea:4d:f6:52:10:48:8e:81:fa:
91:ec:f7:45:e9:e4:21:4f:ff:b3:3e:5f:ba:b2:d4:
62:7d:7e:f9:9f:9b:b4:58:30:a2:27:1a:30:83:7a:
6b:6d:b9:aa:bb:68:7e:35:4e:fb:ac:7c:80:9b:59:
4b:42:16:81:8e:fd:ca:ac:46:d6:e5:7b:48:d1:5c:
b1:0e:2d:60:44:b0:57:71:86:69:4b:36:79:35:ff:
ba:5a:2e:36:0f:4a:bb:47:a6:bc:6e:1e:72:0b:b7:
b0:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:09:68:A7:C4:46:F6:11:38:96:55:4E:0C:53:CC:8B:7A:D4:4A:CE
X509v3 Authority Key Identifier:
keyid:FC:4D:06:97:89:69:A8:BD:AB:6D:63:59:06:2D:77:81:E0:34:49:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_E0Gl4lpqL2rbWNZBi13geA0Sco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/082c31-f4ef-4acb-90f1-da03bf7a2ec2/1/twlop8RG9hE4llVODFPMi3rUSs4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/082c31-f4ef-4acb-90f1-da03bf7a2ec2/1/_E0Gl4lpqL2rbWNZBi13geA0Sco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.209.64.0/20
80.243.16.0/20
Signature Algorithm: sha256WithRSAEncryption
65:a8:fb:4c:35:36:80:82:bb:7f:85:38:e7:e6:8a:bf:31:eb:
b8:ef:5b:d6:79:53:4c:21:ad:0f:47:87:0f:c8:47:e6:8b:93:
3b:38:2f:d3:73:8a:67:78:fa:ff:0f:c0:33:2b:8a:ec:ea:13:
5e:7f:63:a1:fe:1e:15:a5:2b:6d:5b:ae:1e:88:2a:63:96:89:
85:a7:b3:ff:8b:50:27:e7:e5:98:a8:00:75:a7:ca:fc:a4:7f:
24:cc:e7:aa:3f:ef:bc:d2:01:2c:98:79:28:cb:ae:03:75:8a:
40:b5:1b:a9:9c:6c:a5:46:7e:3d:e4:36:de:7e:dd:7b:2f:1b:
22:1b:ba:01:c6:ac:98:db:4d:86:ee:fc:03:0b:86:96:dc:f3:
ba:20:c8:4b:01:3d:27:6f:71:24:a2:41:52:82:98:ad:e7:e6:
12:dc:58:ac:f3:76:6d:24:09:9a:20:e6:08:cd:e0:75:8b:fc:
16:3a:bc:6b:9b:9c:96:ed:ec:69:49:a5:d7:48:f8:f0:ee:c3:
8e:80:ec:68:8d:3a:0f:50:69:bf:32:74:ad:2f:8f:03:52:08:
bb:76:12:0f:1e:3d:53:c9:1c:7f:83:db:d5:bc:39:13:93:68:
fb:4e:16:21:1f:09:78:f4:85:ae:7a:36:4e:44:f6:38:9f:e3:
d8:e7:1b:24
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQma1KCa59S4mquajyyfg6yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjNGQwNjk3ODk2OWE4YmRhYjZkNjM1OTA2MmQ3NzgxZTAz
NDQ5Y2EwHhcNMjUwMTAyMDk0OTE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzA5NjhhN2M0NDZmNjExMzg5NjU1NGUwYzUzY2M4YjdhZDQ0YWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0SvOIfcMVHkVMJ5a/xRlPUnq+SJk
uuClMVYtN3OafawKvS6FP8xT1CGsJaHrdwVzheflsJmeWipv8TSrDSvmGgCvOWQJ
lYYRms05/ZQKEdf1RxVBsZVhLL2vaODJiCcdpZDdLPgH03pMCh6XUPsZ9bUkHAZa
gyTnJY3PyMTMe7RDa6xxdIqA55aJ7vFKDWc6MGT2VpijFFznZp/qTfZSEEiOgfqR
7PdF6eQhT/+zPl+6stRifX75n5u0WDCiJxowg3prbbmqu2h+NU77rHyAm1lLQhaB
jv3KrEbW5XtI0VyxDi1gRLBXcYZpSzZ5Nf+6Wi42D0q7R6a8bh5yC7ew5QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLcJaKfERvYROJZVTgxTzIt61ErOMB8GA1UdIwQY
MBaAFPxNBpeJaai9q21jWQYtd4HgNEnKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0UwR2w0bHBxTDJyYldOWkJpMTNnZUEwU2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8wODJjMzEtZjRlZi00YWNiLTkwZjEt
ZGEwM2JmN2EyZWMyLzEvdHdsb3A4Ukc5aEU0bGxWT0RGUE1pM3JVU3M0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8wODJjMzEtZjRlZi00YWNiLTkwZjEtZGEwM2JmN2EyZWMy
LzEvX0UwR2w0bHBxTDJyYldOWkJpMTNnZUEwU2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEH9FAAwQE
UPMQMA0GCSqGSIb3DQEBCwUAA4IBAQBlqPtMNTaAgrt/hTjn5oq/Meu471vWeVNM
Ia0PR4cPyEfmi5M7OC/Tc4pnePr/D8AzK4rs6hNef2Oh/h4VpSttW64eiCpjlomF
p7P/i1An5+WYqAB1p8r8pH8kzOeqP++80gEsmHkoy64DdYpAtRupnGylRn495Dbe
ft17LxsiG7oBxqyY202G7vwDC4aW3PO6IMhLAT0nb3EkokFSgpit5+YS3Fis83Zt
JAmaIOYIzeB1i/wWOrxrm5yW7expSaXXSPjw7sOOgOxojToPUGm/MnStL48DUgi7
dhIPHj1TyRx/g9vVvDkTk2j7ThYhHwl49IWuejZORPY4n+PY5xsk
-----END CERTIFICATE-----
Generated at Sat Apr 5 13:20:11 2025 by rpki-client