Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/hVO3c0Ets_7bPIx0I4AnNlXdbq8.roa
File: hVO3c0Ets_7bPIx0I4AnNlXdbq8.roa (raw, json)
Hash identifier: vNEMcD8st7gDGo3CzHAGzhfJgtGC0ouejqfCwswd8Hg=
Subject key identifier: 85:53:B7:73:41:2D:B3:FE:DB:3C:8C:74:23:80:27:36:55:DD:6E:AF
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 0194258F8FC497870EADD188813730AB2695
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/hVO3c0Ets_7bPIx0I4AnNlXdbq8.roa
Signing time: Thu 02 Jan 2025 05:49:12 +0000
ROA not before: Thu 02 Jan 2025 05:49:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 137409
IP address blocks: 31.135.4.0/23 maxlen: 23
31.135.4.0/24 maxlen: 24
31.135.5.0/24 maxlen: 24
91.193.28.0/24 maxlen: 24
91.193.29.0/24 maxlen: 24
109.207.136.0/24 maxlen: 24
109.207.137.0/24 maxlen: 24
109.207.138.0/24 maxlen: 24
109.207.139.0/24 maxlen: 24
176.96.95.0/24 maxlen: 24
176.112.80.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 06 Mar 2025 15:11:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:8f:c4:97:87:0e:ad:d1:88:81:37:30:ab:26:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Jan 2 05:49:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8553b773412db3fedb3c8c742380273655dd6eaf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:d7:1d:96:7f:13:1d:45:10:6b:fa:51:48:90:
34:1d:9b:f2:68:22:49:31:60:38:dd:1f:5f:98:97:
82:ab:ef:b3:77:20:5e:22:4f:eb:82:9d:e9:b7:6a:
d0:fa:7e:d7:5e:f2:8d:97:61:26:41:ba:02:c1:08:
ff:b6:67:52:e9:6a:88:33:eb:ad:86:cf:04:e9:80:
43:8e:43:f8:09:35:5f:b0:df:f1:c5:c7:d4:0d:84:
be:24:8e:4d:d1:6f:62:4d:24:47:47:aa:36:c4:a1:
01:af:01:13:b1:d3:10:ba:13:c1:b3:9d:a4:c1:83:
be:1e:fc:1e:2e:18:a1:b9:e8:e1:65:e0:c0:11:90:
62:fc:55:51:05:a4:e4:f0:fa:2d:9d:4e:21:ca:16:
c7:66:70:39:a9:6d:59:d7:66:4f:da:b5:74:0b:26:
51:84:96:db:d5:a0:79:68:cc:f7:e2:c2:49:49:9f:
35:b8:0e:83:c6:eb:bd:3a:e6:11:52:b0:e2:98:89:
b3:75:0f:ea:19:5d:15:e6:b2:37:e5:03:f4:7d:06:
8c:8a:9a:0f:86:40:ad:a6:36:e4:f7:0d:2a:ab:61:
ac:92:14:4b:89:00:83:4b:a3:63:8e:8a:3a:41:96:
9f:2c:55:f0:11:c6:a4:cc:64:18:16:af:a9:4c:17:
15:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:53:B7:73:41:2D:B3:FE:DB:3C:8C:74:23:80:27:36:55:DD:6E:AF
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/hVO3c0Ets_7bPIx0I4AnNlXdbq8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.135.4.0/23
91.193.28.0/23
109.207.136.0/22
176.96.95.0/24
176.112.80.0/22
Signature Algorithm: sha256WithRSAEncryption
44:8c:b4:d9:74:d2:00:26:87:90:e0:b8:fe:c5:48:09:89:28:
b5:9c:97:4f:f1:dc:05:71:b8:42:e5:50:c4:59:f3:df:1d:4e:
1c:e0:1c:1a:a3:07:f9:92:f3:a1:d2:45:85:27:f4:a8:80:5f:
a1:ba:8f:25:58:56:dc:ff:6f:54:b9:4f:4a:58:4a:27:a3:65:
39:3c:fa:c4:b7:d7:16:93:b4:69:0a:d7:3e:b1:0f:8d:37:26:
75:6c:5f:d0:e5:f8:5b:d8:5a:50:c8:9e:51:44:39:31:08:b2:
56:0e:43:bd:93:98:84:a1:0c:38:66:6c:77:5a:91:1d:99:0a:
0e:c2:fa:01:95:15:3e:52:e1:f2:8a:f2:61:f4:d4:00:e9:bf:
31:44:6b:e6:e9:64:cc:41:1d:35:c4:d8:47:d9:5f:b0:03:a3:
0c:b7:5a:d1:15:e9:ca:53:bf:a0:af:44:dd:be:56:30:de:fd:
f7:f5:21:f0:12:e0:e9:aa:16:c8:9d:36:31:4c:f3:53:67:58:
ab:d8:e1:3f:f1:0e:79:04:f8:d0:36:e2:4e:c0:cc:77:fd:7a:
8f:03:83:4d:d3:f5:84:0d:61:f1:ed:4a:35:1a:df:1c:69:43:
db:5a:be:b9:6f:93:11:a9:dd:24:63:74:46:ea:85:66:51:bd:
bd:97:5d:8f
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQlj4/El4cOrdGIgTcwqyaVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjUwMTAyMDU0OTEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTUzYjc3MzQxMmRiM2ZlZGIzYzhjNzQyMzgwMjczNjU1ZGQ2ZWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk9cdln8THUUQa/pRSJA0HZvyaCJJ
MWA43R9fmJeCq++zdyBeIk/rgp3pt2rQ+n7XXvKNl2EmQboCwQj/tmdS6WqIM+ut
hs8E6YBDjkP4CTVfsN/xxcfUDYS+JI5N0W9iTSRHR6o2xKEBrwETsdMQuhPBs52k
wYO+HvweLhihuejhZeDAEZBi/FVRBaTk8PotnU4hyhbHZnA5qW1Z12ZP2rV0CyZR
hJbb1aB5aMz34sJJSZ81uA6Dxuu9OuYRUrDimImzdQ/qGV0V5rI35QP0fQaMipoP
hkCtpjbk9w0qq2GskhRLiQCDS6Njjoo6QZafLFXwEcakzGQYFq+pTBcVrQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFIVTt3NBLbP+2zyMdCOAJzZV3W6vMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvaFZPM2MwRXRzXzdiUEl4MEk0QW5ObFhkYnE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBH4cEAwQB
W8EcAwQCbc+IAwQAsGBfAwQCsHBQMA0GCSqGSIb3DQEBCwUAA4IBAQBEjLTZdNIA
JoeQ4Lj+xUgJiSi1nJdP8dwFcbhC5VDEWfPfHU4c4Bwaowf5kvOh0kWFJ/SogF+h
uo8lWFbc/29UuU9KWEono2U5PPrEt9cWk7RpCtc+sQ+NNyZ1bF/Q5fhb2FpQyJ5R
RDkxCLJWDkO9k5iEoQw4Zmx3WpEdmQoOwvoBlRU+UuHyivJh9NQA6b8xRGvm6WTM
QR01xNhH2V+wA6MMt1rRFenKU7+gr0TdvlYw3v339SHwEuDpqhbInTYxTPNTZ1ir
2OE/8Q55BPjQNuJOwMx3/XqPA4NN0/WEDWHx7Uo1Gt8caUPbWr65b5MRqd0kY3RG
6oVmUb29l12P
-----END CERTIFICATE-----
Generated at Sun Apr 6 04:40:37 2025 by rpki-client