Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/4qSCb--EB1DnQUvHvnBJEFunlSg.roa
File: 4qSCb--EB1DnQUvHvnBJEFunlSg.roa (raw, json)
Hash identifier: h/sWcvmAynocZwOkTRKvUksj2h0LU1C88+kdYByiQ3s=
Subject key identifier: E2:A4:82:6F:EF:84:07:50:E7:41:4B:C7:BE:70:49:10:5B:A7:95:28
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 019424452F996762554FC0D16FAC92754EF5
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/4qSCb--EB1DnQUvHvnBJEFunlSg.roa
Signing time: Wed 01 Jan 2025 23:48:21 +0000
ROA not before: Wed 01 Jan 2025 23:48:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207710
IP address blocks: 193.31.12.0/24 maxlen: 24
193.31.13.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 31 Mar 2025 15:53:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:2f:99:67:62:55:4f:c0:d1:6f:ac:92:75:4e:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Jan 1 23:48:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e2a4826fef840750e7414bc7be7049105ba79528
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:6e:17:d1:b3:8a:3c:c2:c7:a9:40:b2:c7:b5:
cc:a0:65:51:7c:f2:d2:84:d2:5b:50:ad:fa:a5:86:
d5:4f:33:7a:06:36:d8:84:a2:fc:9e:cc:65:80:2e:
28:9e:23:12:29:e6:54:99:d7:b4:66:3a:d2:2c:7d:
b1:ff:97:8d:66:e2:7a:ad:cd:1b:a0:e0:0d:62:92:
c7:24:d2:db:33:40:64:e9:71:71:54:d2:0d:64:f6:
c3:b8:21:28:5f:2c:a9:16:51:7b:87:e9:f8:77:eb:
5f:aa:47:9f:20:9e:4d:bf:34:ec:c1:ac:9e:24:36:
11:c4:e9:b9:19:0a:2c:5f:9a:e3:38:15:5a:64:a4:
66:2a:96:88:80:db:3b:86:b7:ff:75:af:c3:7c:78:
83:7b:e6:26:ca:3f:4f:67:1e:54:72:95:50:45:3d:
6e:47:b5:78:35:39:b7:4b:79:5b:2c:ae:8c:4d:c6:
27:a3:20:f4:e0:54:11:16:7b:ba:e0:04:68:bc:77:
f4:5f:5b:7b:c2:9f:39:7c:85:ff:7d:38:dc:4e:e1:
11:3a:ff:23:bf:44:dd:24:ca:0c:c8:f1:20:ea:29:
3e:45:ce:e6:85:90:36:90:af:44:77:a4:39:6e:1f:
da:50:87:31:c7:19:7c:ab:aa:f3:e1:6b:d3:68:b1:
0f:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:A4:82:6F:EF:84:07:50:E7:41:4B:C7:BE:70:49:10:5B:A7:95:28
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/4qSCb--EB1DnQUvHvnBJEFunlSg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.31.12.0/23
Signature Algorithm: sha256WithRSAEncryption
57:4f:46:96:e6:cb:cf:67:ca:de:5d:36:f9:81:7b:6a:10:ce:
1f:a1:13:2d:31:80:df:d7:29:89:13:51:39:ef:ab:27:3d:08:
8b:c9:81:ac:73:d0:9a:a5:f6:eb:c6:00:fc:dd:76:54:e1:a4:
b3:7a:cf:a2:0b:0e:65:a1:1a:d9:1a:6f:a9:29:db:cf:a2:21:
9b:e1:c4:f3:45:61:f5:2a:d6:0e:3b:2a:2e:26:7e:23:ab:23:
dc:51:d0:b5:5f:09:aa:76:7f:32:a6:22:96:ab:63:d6:07:05:
a7:76:3b:83:ed:ff:b5:af:4e:d6:b2:5b:48:2f:2c:f8:01:a6:
3e:91:aa:40:78:f8:9a:be:35:63:ec:44:fe:e0:90:2e:74:10:
d4:eb:d0:9d:aa:14:ce:37:5c:c8:2b:11:9d:1a:93:0a:03:ea:
88:dc:62:db:c0:91:a2:91:b5:c3:b5:08:11:b8:00:e4:bd:f1:
58:48:5f:70:d0:40:ba:28:77:c4:e3:2f:26:ea:72:ee:6c:a4:
ff:40:0b:8b:30:e1:57:47:f2:e0:51:af:0b:ab:2b:33:2c:63:
12:f7:6e:b2:39:b5:b0:58:3f:ef:34:e4:fd:27:5d:b3:ef:97:
84:93:ae:79:1d:81:f2:20:8a:fc:b2:7f:cf:e4:6e:ea:bb:ce:
14:b3:14:70
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRS+ZZ2JVT8DRb6ySdU71MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjUwMTAxMjM0ODIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmE0ODI2ZmVmODQwNzUwZTc0MTRiYzdiZTcwNDkxMDViYTc5NTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr24X0bOKPMLHqUCyx7XMoGVRfPLS
hNJbUK36pYbVTzN6BjbYhKL8nsxlgC4oniMSKeZUmde0ZjrSLH2x/5eNZuJ6rc0b
oOANYpLHJNLbM0Bk6XFxVNINZPbDuCEoXyypFlF7h+n4d+tfqkefIJ5NvzTswaye
JDYRxOm5GQosX5rjOBVaZKRmKpaIgNs7hrf/da/DfHiDe+Ymyj9PZx5UcpVQRT1u
R7V4NTm3S3lbLK6MTcYnoyD04FQRFnu64ARovHf0X1t7wp85fIX/fTjcTuEROv8j
v0TdJMoMyPEg6ik+Rc7mhZA2kK9Ed6Q5bh/aUIcxxxl8q6rz4WvTaLEPcQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOKkgm/vhAdQ50FLx75wSRBbp5UoMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvNHFTQ2ItLUVCMURuUVV2SHZuQkpFRnVubFNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwR8MMA0G
CSqGSIb3DQEBCwUAA4IBAQBXT0aW5svPZ8reXTb5gXtqEM4foRMtMYDf1ymJE1E5
76snPQiLyYGsc9CapfbrxgD83XZU4aSzes+iCw5loRrZGm+pKdvPoiGb4cTzRWH1
KtYOOyouJn4jqyPcUdC1Xwmqdn8ypiKWq2PWBwWndjuD7f+1r07WsltILyz4AaY+
kapAePiavjVj7ET+4JAudBDU69CdqhTON1zIKxGdGpMKA+qI3GLbwJGikbXDtQgR
uADkvfFYSF9w0EC6KHfE4y8m6nLubKT/QAuLMOFXR/LgUa8LqyszLGMS926yObWw
WD/vNOT9J12z75eEk655HYHyIIr8sn/P5G7qu84UsxRw
-----END CERTIFICATE-----
Generated at Sat Apr 12 04:52:05 2025 by rpki-client