Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/f4ea59-1810-4210-98f3-709f03624e7e/1/O041CiRRPw4mLSvs7VoO_ynR6Ww.roa
File: O041CiRRPw4mLSvs7VoO_ynR6Ww.roa (raw, json)
Hash identifier: rtX9q/gm/Z9sSYpbTZR3rbJEa1udVxm/io+mCNnEggU=
Subject key identifier: 3B:4E:35:0A:24:51:3F:0E:26:2D:2B:EC:ED:5A:0E:FF:29:D1:E9:6C
Certificate issuer: /CN=34bca94f6b61e10100dc3a7186ffa3f9b00c69dd
Certificate serial: 018CC3B68BF32EE96BD9B92B2DF4D044C664
Authority key identifier: 34:BC:A9:4F:6B:61:E1:01:00:DC:3A:71:86:FF:A3:F9:B0:0C:69:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NLypT2th4QEA3Dpxhv-j-bAMad0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/f4ea59-1810-4210-98f3-709f03624e7e/1/O041CiRRPw4mLSvs7VoO_ynR6Ww.roa
Signing time: Mon 01 Jan 2024 06:29:29 +0000
ROA not before: Mon 01 Jan 2024 06:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197686
IP address blocks: 31.31.216.0/21 maxlen: 24
31.31.216.0/24 maxlen: 24
31.31.218.0/24 maxlen: 24
31.31.217.0/24 maxlen: 24
31.31.219.0/24 maxlen: 24
31.31.223.0/24 maxlen: 24
31.31.222.0/24 maxlen: 24
31.31.221.0/24 maxlen: 24
31.31.220.0/24 maxlen: 24
2a07:1e00::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:8b:f3:2e:e9:6b:d9:b9:2b:2d:f4:d0:44:c6:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34bca94f6b61e10100dc3a7186ffa3f9b00c69dd
Validity
Not Before: Jan 1 06:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3b4e350a24513f0e262d2beced5a0eff29d1e96c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:8b:7a:d2:c2:09:39:4c:18:e8:fa:a1:6a:ee:
01:9a:45:eb:72:c0:ea:29:00:76:8d:87:64:19:cb:
aa:4d:8e:a7:6c:e2:ac:26:32:7a:56:e5:81:31:0f:
d6:3f:fd:12:55:c7:d5:0e:41:7f:8f:66:8d:e9:3d:
ec:d7:47:19:f0:30:6b:62:da:25:84:11:5e:bd:f1:
af:06:45:cb:c8:a9:43:2d:7d:ee:77:d6:26:c7:86:
c9:c6:90:32:c0:6b:66:d9:eb:75:e3:80:d4:c1:32:
ec:ee:25:cc:19:17:9a:4a:c9:24:b2:85:be:c3:82:
40:8e:22:ac:45:9e:1a:40:ed:b6:c7:50:42:72:de:
f3:db:a3:f7:86:b7:a6:0a:8e:17:10:b8:e5:d9:82:
05:9a:5e:00:81:73:ba:01:a3:52:de:29:3b:a4:60:
15:05:3e:ee:90:06:12:f5:af:e5:79:70:39:99:d4:
a4:be:d9:ce:86:cb:9f:d3:1f:72:2a:ea:fb:8d:af:
48:57:f8:c4:bb:e4:20:d6:6b:b2:76:53:58:8f:94:
82:8f:a1:43:82:2c:e9:5b:a9:ac:f9:74:14:f0:cd:
84:73:ba:c3:72:79:e8:e8:a8:eb:0a:fd:bf:36:7e:
47:f0:75:78:a6:9e:b9:a6:25:53:0e:a5:1b:c7:7a:
3b:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:4E:35:0A:24:51:3F:0E:26:2D:2B:EC:ED:5A:0E:FF:29:D1:E9:6C
X509v3 Authority Key Identifier:
keyid:34:BC:A9:4F:6B:61:E1:01:00:DC:3A:71:86:FF:A3:F9:B0:0C:69:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NLypT2th4QEA3Dpxhv-j-bAMad0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/f4ea59-1810-4210-98f3-709f03624e7e/1/O041CiRRPw4mLSvs7VoO_ynR6Ww.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/f4ea59-1810-4210-98f3-709f03624e7e/1/NLypT2th4QEA3Dpxhv-j-bAMad0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.31.216.0/21
IPv6:
2a07:1e00::/32
Signature Algorithm: sha256WithRSAEncryption
95:42:b2:25:06:56:fa:75:91:e5:fb:eb:af:2d:84:a9:1a:a9:
99:50:22:47:eb:b1:36:fb:55:73:55:32:88:31:79:56:cb:9e:
31:96:d7:29:67:f4:4a:6c:9a:6c:6d:24:e3:dd:96:b3:11:bd:
fd:cf:2a:53:08:f9:c7:09:91:29:bc:d7:a4:03:05:83:97:83:
5b:0f:0b:22:23:24:bc:92:27:e8:60:07:47:dd:a5:f8:fa:44:
af:29:14:72:a6:06:71:55:5f:a6:54:b6:2b:c5:26:bc:2d:3d:
ce:49:dd:ad:7e:39:17:55:9c:76:47:58:62:42:38:7b:68:a7:
18:c6:de:38:f2:2a:fe:65:a1:b9:5d:7f:ec:cd:3d:9b:8d:30:
78:5a:6e:93:ed:a0:c6:dd:86:a3:15:b4:3b:34:6b:84:1f:66:
6d:fa:1f:19:54:40:2a:e2:d6:21:ba:8a:f1:85:32:11:cc:79:
b6:51:9c:bc:aa:54:6b:c3:eb:6f:cf:b2:57:1c:15:25:ba:0b:
6d:a8:26:03:d2:5c:73:48:3a:9b:b8:bb:52:9d:81:40:4a:8c:
65:fd:bb:8d:b5:a6:2b:43:ad:34:f6:95:47:14:84:4a:b7:ec:
80:23:e8:1f:5b:83:1b:8f:b9:1e:05:6f:71:23:74:aa:6a:b4:
21:e7:c0:60
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzDtovzLulr2bkrLfTQRMZkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0YmNhOTRmNmI2MWUxMDEwMGRjM2E3MTg2ZmZhM2Y5YjAw
YzY5ZGQwHhcNMjQwMTAxMDYyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjRlMzUwYTI0NTEzZjBlMjYyZDJiZWNlZDVhMGVmZjI5ZDFlOTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh4t60sIJOUwY6Pqhau4BmkXrcsDq
KQB2jYdkGcuqTY6nbOKsJjJ6VuWBMQ/WP/0SVcfVDkF/j2aN6T3s10cZ8DBrYtol
hBFevfGvBkXLyKlDLX3ud9Ymx4bJxpAywGtm2et144DUwTLs7iXMGReaSskksoW+
w4JAjiKsRZ4aQO22x1BCct7z26P3hremCo4XELjl2YIFml4AgXO6AaNS3ik7pGAV
BT7ukAYS9a/leXA5mdSkvtnOhsuf0x9yKur7ja9IV/jEu+Qg1muydlNYj5SCj6FD
gizpW6ms+XQU8M2Ec7rDcnno6KjrCv2/Nn5H8HV4pp65piVTDqUbx3o7wQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDtONQokUT8OJi0r7O1aDv8p0elsMB8GA1UdIwQY
MBaAFDS8qU9rYeEBANw6cYb/o/mwDGndMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkx5cFQydGg0UUVBM0RweGh2LWotYkFNYWQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9mNGVhNTktMTgxMC00MjEwLTk4ZjMt
NzA5ZjAzNjI0ZTdlLzEvTzA0MUNpUlJQdzRtTFN2czdWb09feW5SNld3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9mNGVhNTktMTgxMC00MjEwLTk4ZjMtNzA5ZjAzNjI0ZTdl
LzEvTkx5cFQydGg0UUVBM0RweGh2LWotYkFNYWQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDHx/YMA0E
AgACMAcDBQAqBx4AMA0GCSqGSIb3DQEBCwUAA4IBAQCVQrIlBlb6dZHl++uvLYSp
GqmZUCJH67E2+1VzVTKIMXlWy54xltcpZ/RKbJpsbSTj3ZazEb39zypTCPnHCZEp
vNekAwWDl4NbDwsiIyS8kifoYAdH3aX4+kSvKRRypgZxVV+mVLYrxSa8LT3OSd2t
fjkXVZx2R1hiQjh7aKcYxt448ir+ZaG5XX/szT2bjTB4Wm6T7aDG3YajFbQ7NGuE
H2Zt+h8ZVEAq4tYhuorxhTIRzHm2UZy8qlRrw+tvz7JXHBUlugttqCYD0lxzSDqb
uLtSnYFASoxl/buNtaYrQ6009pVHFIRKt+yAI+gfW4Mbj7keBW9xI3SqarQh58Bg
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:19:47 2025 by rpki-client