Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/7d11e2-5274-447e-9fe6-88aa6fd0aa8e/1/hTENOhLVypMQ1fK6laGgHjMQQ-0.roa
File: hTENOhLVypMQ1fK6laGgHjMQQ-0.roa (raw, json)
Hash identifier: AMaeGtVLv1gf42lSwHSuX35/0b7oxdW4n11wuRxO5ag=
Subject key identifier: 85:31:0D:3A:12:D5:CA:93:10:D5:F2:BA:95:A1:A0:1E:33:10:43:ED
Certificate issuer: /CN=6ab7b9cee004300eafe09bf12fcb6da1dd30a4d7
Certificate serial: 0195EE2AFE42BD3F515631CB746187671009
Authority key identifier: 6A:B7:B9:CE:E0:04:30:0E:AF:E0:9B:F1:2F:CB:6D:A1:DD:30:A4:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/are5zuAEMA6v4JvxL8ttod0wpNc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/7d11e2-5274-447e-9fe6-88aa6fd0aa8e/1/hTENOhLVypMQ1fK6laGgHjMQQ-0.roa
Signing time: Mon 31 Mar 2025 21:45:49 +0000
ROA not before: Mon 31 Mar 2025 21:45:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203489
IP address blocks: 31.24.136.0/21 maxlen: 21
69.172.96.0/19 maxlen: 19
69.172.96.0/20 maxlen: 20
69.172.112.0/20 maxlen: 20
82.145.160.0/19 maxlen: 19
178.20.72.0/21 maxlen: 21
185.3.36.0/22 maxlen: 22
213.137.32.0/19 maxlen: 21
2a00:fa80::/29 maxlen: 32
Validation: Failed, certificate revoked on Sat 12 Apr 2025 22:01:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ee:2a:fe:42:bd:3f:51:56:31:cb:74:61:87:67:10:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ab7b9cee004300eafe09bf12fcb6da1dd30a4d7
Validity
Not Before: Mar 31 21:45:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=85310d3a12d5ca9310d5f2ba95a1a01e331043ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:3c:53:9b:f0:d1:98:1d:d8:51:18:eb:29:6b:
bf:36:ba:11:2b:20:54:35:1e:45:be:71:9e:68:00:
0c:8c:60:3a:3a:64:f8:f7:e1:8a:f4:ce:2e:94:62:
e5:43:3a:fb:50:e7:89:55:0a:76:08:02:e7:21:db:
76:64:92:ce:ee:c7:81:93:a5:9d:6e:c5:96:38:12:
4c:9f:d8:8e:57:a5:7b:10:71:77:8a:05:0b:f4:0c:
01:8a:69:58:fb:1a:a2:96:59:bc:18:b4:cc:64:c6:
4f:ea:69:0d:09:28:f4:4f:0c:7a:17:0e:67:bc:aa:
9c:18:f4:61:13:d7:ca:8f:ca:90:5b:4e:b0:c5:07:
ea:88:4c:30:43:3b:22:54:7f:36:34:88:19:2d:96:
9e:ef:28:4c:20:59:1c:8a:a8:fe:be:53:a3:1f:6a:
1f:b1:57:ad:cd:46:3a:41:c5:8d:93:c0:24:53:9f:
b9:a3:33:75:23:55:99:9a:f4:7b:f8:5e:0a:ea:3f:
52:94:5b:87:ba:a3:b1:c5:6f:5c:0e:69:e6:03:5e:
85:8b:ea:1c:d9:32:4b:26:dd:c2:fc:05:6f:6d:a6:
cb:b4:18:45:28:fb:e1:f6:6d:90:5b:ed:45:75:4e:
39:d9:91:47:71:36:50:1b:e2:fa:ca:49:3f:45:63:
c2:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:31:0D:3A:12:D5:CA:93:10:D5:F2:BA:95:A1:A0:1E:33:10:43:ED
X509v3 Authority Key Identifier:
keyid:6A:B7:B9:CE:E0:04:30:0E:AF:E0:9B:F1:2F:CB:6D:A1:DD:30:A4:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/are5zuAEMA6v4JvxL8ttod0wpNc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/7d11e2-5274-447e-9fe6-88aa6fd0aa8e/1/hTENOhLVypMQ1fK6laGgHjMQQ-0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/7d11e2-5274-447e-9fe6-88aa6fd0aa8e/1/are5zuAEMA6v4JvxL8ttod0wpNc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.136.0/21
69.172.96.0/19
82.145.160.0/19
178.20.72.0/21
185.3.36.0/22
213.137.32.0/19
IPv6:
2a00:fa80::/29
Signature Algorithm: sha256WithRSAEncryption
5f:9c:32:08:f9:49:d4:3a:ee:6e:a2:bf:5c:1f:ba:a0:ba:6e:
b1:11:7a:7c:35:1d:2b:b0:92:6b:77:24:97:51:bf:c8:22:30:
4b:64:09:0f:f1:92:8c:75:11:57:cd:fd:8d:4e:46:14:11:88:
22:30:45:e6:6d:3b:99:b4:10:f8:58:49:b4:fe:1e:30:c3:42:
b4:19:a5:00:2e:24:98:ef:c4:a1:66:64:6c:9c:62:d6:fd:81:
65:7d:c4:d4:28:af:d4:c5:62:d2:24:23:18:a4:97:0b:cb:54:
70:06:94:50:7d:a8:a6:e1:98:be:bf:d1:b7:74:3c:92:fc:45:
3c:c0:92:df:65:60:47:ac:08:26:8e:f9:60:f3:6f:ed:47:57:
89:e2:91:54:68:1e:18:d2:e3:98:59:60:b5:ee:be:0e:73:98:
10:93:76:54:bf:db:db:ed:49:8f:72:19:ea:79:a1:ff:44:57:
9c:1a:07:bb:92:09:be:f7:83:ba:6c:86:6f:03:8b:59:94:53:
56:11:e2:c8:bd:37:df:35:00:a8:55:df:0a:ea:cf:5e:b5:6c:
f5:d7:03:e1:b0:ef:71:58:ec:ea:4c:49:93:f8:6c:1d:ff:5c:
60:14:6b:70:74:bc:86:af:62:b9:bc:06:38:56:c2:2d:64:80:
0a:3f:a2:fc
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZXuKv5CvT9RVjHLdGGHZxAJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhYjdiOWNlZTAwNDMwMGVhZmUwOWJmMTJmY2I2ZGExZGQz
MGE0ZDcwHhcNMjUwMzMxMjE0NTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTMxMGQzYTEyZDVjYTkzMTBkNWYyYmE5NWExYTAxZTMzMTA0M2VkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtDxTm/DRmB3YURjrKWu/NroRKyBU
NR5FvnGeaAAMjGA6OmT49+GK9M4ulGLlQzr7UOeJVQp2CALnIdt2ZJLO7seBk6Wd
bsWWOBJMn9iOV6V7EHF3igUL9AwBimlY+xqillm8GLTMZMZP6mkNCSj0Twx6Fw5n
vKqcGPRhE9fKj8qQW06wxQfqiEwwQzsiVH82NIgZLZae7yhMIFkciqj+vlOjH2of
sVetzUY6QcWNk8AkU5+5ozN1I1WZmvR7+F4K6j9SlFuHuqOxxW9cDmnmA16Fi+oc
2TJLJt3C/AVvbabLtBhFKPvh9m2QW+1FdU452ZFHcTZQG+L6ykk/RWPCTQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFIUxDToS1cqTENXyupWhoB4zEEPtMB8GA1UdIwQY
MBaAFGq3uc7gBDAOr+Cb8S/LbaHdMKTXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXJlNXp1QUVNQTZ2NEp2eEw4dHRvZDB3cE5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS83ZDExZTItNTI3NC00NDdlLTlmZTYt
ODhhYTZmZDBhYThlLzEvaFRFTk9oTFZ5cE1RMWZLNmxhR2dIak1RUS0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS83ZDExZTItNTI3NC00NDdlLTlmZTYtODhhYTZmZDBhYThl
LzEvYXJlNXp1QUVNQTZ2NEp2eEw4dHRvZDB3cE5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDHxiIAwQF
RaxgAwQFUpGgAwQDshRIAwQCuQMkAwQF1YkgMA0EAgACMAcDBQMqAPqAMA0GCSqG
SIb3DQEBCwUAA4IBAQBfnDII+UnUOu5uor9cH7qgum6xEXp8NR0rsJJrdySXUb/I
IjBLZAkP8ZKMdRFXzf2NTkYUEYgiMEXmbTuZtBD4WEm0/h4ww0K0GaUALiSY78Sh
ZmRsnGLW/YFlfcTUKK/UxWLSJCMYpJcLy1RwBpRQfaim4Zi+v9G3dDyS/EU8wJLf
ZWBHrAgmjvlg82/tR1eJ4pFUaB4Y0uOYWWC17r4Oc5gQk3ZUv9vb7UmPchnqeaH/
RFecGge7kgm+94O6bIZvA4tZlFNWEeLIvTffNQCoVd8K6s9etWz11wPhsO9xWOzq
TEmT+Gwd/1xgFGtwdLyGr2K5vAY4VsItZIAKP6L8
-----END CERTIFICATE-----
Generated at Sun Apr 20 15:01:27 2025 by rpki-client