Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/18e48f-5972-4d3f-bb6a-b78dac37eac8/1/AP2TQexDhVPtOYZq44Woj13uNg0.roa
File: AP2TQexDhVPtOYZq44Woj13uNg0.roa (raw, json)
Hash identifier: 1yAYUQChvwz4j4ZgXzBZ7gYTaq8vMb+mBFy5EQMnTgY=
Subject key identifier: 00:FD:93:41:EC:43:85:53:ED:39:86:6A:E3:85:A8:8F:5D:EE:36:0D
Certificate issuer: /CN=da8a978b9ce5d26ebcaad0ccb67918a9df318f86
Certificate serial: 019123C16E52A14F4986F8B74256AC749285
Authority key identifier: DA:8A:97:8B:9C:E5:D2:6E:BC:AA:D0:CC:B6:79:18:A9:DF:31:8F:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2oqXi5zl0m68qtDMtnkYqd8xj4Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/18e48f-5972-4d3f-bb6a-b78dac37eac8/1/AP2TQexDhVPtOYZq44Woj13uNg0.roa
Signing time: Mon 05 Aug 2024 18:16:04 +0000
ROA not before: Mon 05 Aug 2024 18:16:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25455
IP address blocks: 31.210.169.0/24 maxlen: 24
83.143.68.0/22 maxlen: 22
91.90.200.0/21 maxlen: 21
92.43.164.0/23 maxlen: 23
94.232.30.0/24 maxlen: 24
185.79.40.0/22 maxlen: 22
2a05:7140::/32 maxlen: 32
2a05:7141::/32 maxlen: 32
2a05:7142::/31 maxlen: 31
2a05:7144::/30 maxlen: 30
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:47:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:23:c1:6e:52:a1:4f:49:86:f8:b7:42:56:ac:74:92:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da8a978b9ce5d26ebcaad0ccb67918a9df318f86
Validity
Not Before: Aug 5 18:16:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=00fd9341ec438553ed39866ae385a88f5dee360d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:fc:bf:77:96:55:2c:d7:65:46:a6:d2:18:8a:
b0:dc:bf:e9:33:a3:40:19:48:e7:66:b9:0a:b6:41:
35:fc:eb:2f:d8:70:6e:13:a7:d2:d4:08:db:25:09:
3b:0b:3f:db:2d:23:f7:39:74:fa:23:38:4e:3a:8d:
ee:75:2b:21:aa:9d:29:06:b7:ce:7e:f2:8e:7a:af:
fe:d1:49:16:b5:62:fe:2d:40:b0:8f:6d:a0:a8:bd:
3d:86:a7:3c:d0:79:d5:28:04:84:9c:d8:2f:75:ab:
71:6f:a9:b4:16:fb:22:45:e4:d4:89:b5:e6:95:b1:
68:a0:69:3a:8b:9c:e1:b1:1b:6f:8f:87:b9:db:ab:
b5:93:14:2e:bd:c4:6c:45:20:66:7a:ef:c8:58:39:
f3:6c:af:2b:72:7d:d0:35:18:be:b7:0e:62:7c:9f:
49:50:dc:24:d2:9a:c3:fc:ec:3f:63:33:1e:a1:8e:
1e:f4:d5:92:29:00:55:ba:91:15:28:dd:3b:8d:bc:
3b:c5:3d:c0:fe:30:40:52:25:b7:4d:1f:7d:2a:ae:
00:38:b7:d1:a9:bc:c0:cf:ee:21:9a:03:d4:e2:48:
c1:cf:0c:f6:30:6c:fe:fc:53:80:96:0d:f6:6e:8a:
31:4e:28:e9:0c:9f:a2:d1:56:59:2c:de:6a:d8:47:
f0:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:FD:93:41:EC:43:85:53:ED:39:86:6A:E3:85:A8:8F:5D:EE:36:0D
X509v3 Authority Key Identifier:
keyid:DA:8A:97:8B:9C:E5:D2:6E:BC:AA:D0:CC:B6:79:18:A9:DF:31:8F:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2oqXi5zl0m68qtDMtnkYqd8xj4Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/18e48f-5972-4d3f-bb6a-b78dac37eac8/1/AP2TQexDhVPtOYZq44Woj13uNg0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/18e48f-5972-4d3f-bb6a-b78dac37eac8/1/2oqXi5zl0m68qtDMtnkYqd8xj4Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.169.0/24
83.143.68.0/22
91.90.200.0/21
92.43.164.0/23
94.232.30.0/24
185.79.40.0/22
IPv6:
2a05:7140::/29
Signature Algorithm: sha256WithRSAEncryption
2c:5f:05:d3:5b:96:3c:94:4c:61:f4:9f:d2:37:22:86:c4:ff:
50:2a:f8:42:63:6d:1c:c2:36:9d:5e:3a:29:c9:81:03:dd:5f:
d4:c3:fb:7b:a2:2f:5c:3b:16:43:dc:e9:94:8e:aa:fe:10:2b:
97:50:5d:67:87:e8:32:cd:67:f8:b9:29:13:81:82:19:6b:08:
a2:aa:a3:4d:7d:31:83:30:04:0b:bd:51:82:61:78:5f:bd:91:
3e:1c:36:ca:98:0e:7f:a4:62:b0:9a:64:cf:07:8c:31:22:3e:
f4:cf:42:5d:e3:52:c4:87:42:0e:a1:f1:57:bb:53:f3:74:1f:
5c:e9:1f:a7:b1:63:44:74:c2:e5:eb:11:b6:4f:44:91:e9:98:
62:03:a1:92:3a:05:2a:d2:f2:67:60:8d:0c:91:5f:51:81:ed:
85:56:fd:36:27:40:33:78:7e:0e:bf:19:5c:71:ee:49:bf:cf:
0e:04:95:e0:b6:05:83:32:ff:b7:61:b6:3b:87:c5:34:c4:2b:
ed:f9:d9:2e:3d:47:9a:ce:60:0d:69:6c:b4:f9:35:3b:ae:7e:
1b:c7:c5:17:c7:7f:e9:dd:b4:83:bb:3b:31:52:20:67:4b:db:
76:15:f9:12:4b:d1:9c:74:be:4d:4e:a4:5d:d1:56:66:17:32:
29:10:05:d3
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZEjwW5SoU9Jhvi3QlasdJKFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhOGE5NzhiOWNlNWQyNmViY2FhZDBjY2I2NzkxOGE5ZGYz
MThmODYwHhcNMjQwODA1MTgxNjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGZkOTM0MWVjNDM4NTUzZWQzOTg2NmFlMzg1YTg4ZjVkZWUzNjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsPy/d5ZVLNdlRqbSGIqw3L/pM6NA
GUjnZrkKtkE1/Osv2HBuE6fS1AjbJQk7Cz/bLSP3OXT6IzhOOo3udSshqp0pBrfO
fvKOeq/+0UkWtWL+LUCwj22gqL09hqc80HnVKASEnNgvdatxb6m0FvsiReTUibXm
lbFooGk6i5zhsRtvj4e526u1kxQuvcRsRSBmeu/IWDnzbK8rcn3QNRi+tw5ifJ9J
UNwk0prD/Ow/YzMeoY4e9NWSKQBVupEVKN07jbw7xT3A/jBAUiW3TR99Kq4AOLfR
qbzAz+4hmgPU4kjBzwz2MGz+/FOAlg32booxTijpDJ+i0VZZLN5q2Efw2wIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFAD9k0HsQ4VT7TmGauOFqI9d7jYNMB8GA1UdIwQY
MBaAFNqKl4uc5dJuvKrQzLZ5GKnfMY+GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm9xWGk1emwwbTY4cXRETXRua1lxZDh4ajRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8xOGU0OGYtNTk3Mi00ZDNmLWJiNmEt
Yjc4ZGFjMzdlYWM4LzEvQVAyVFFleERoVlB0T1lacTQ0V29qMTN1TmcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8xOGU0OGYtNTk3Mi00ZDNmLWJiNmEtYjc4ZGFjMzdlYWM4
LzEvMm9xWGk1emwwbTY4cXRETXRua1lxZDh4ajRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQAH9KpAwQC
U49EAwQDW1rIAwQBXCukAwQAXugeAwQCuU8oMA0EAgACMAcDBQMqBXFAMA0GCSqG
SIb3DQEBCwUAA4IBAQAsXwXTW5Y8lExh9J/SNyKGxP9QKvhCY20cwjadXjopyYED
3V/Uw/t7oi9cOxZD3OmUjqr+ECuXUF1nh+gyzWf4uSkTgYIZawiiqqNNfTGDMAQL
vVGCYXhfvZE+HDbKmA5/pGKwmmTPB4wxIj70z0Jd41LEh0IOofFXu1PzdB9c6R+n
sWNEdMLl6xG2T0SR6ZhiA6GSOgUq0vJnYI0MkV9Rge2FVv02J0AzeH4Ovxlcce5J
v88OBJXgtgWDMv+3YbY7h8U0xCvt+dkuPUeazmANaWy0+TU7rn4bx8UXx3/p3bSD
uzsxUiBnS9t2FfkSS9GcdL5NTqRd0VZmFzIpEAXT
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:00:43 2025 by rpki-client