Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/1-DC-U8AcHmz_LvxCsrbg4rc6aHE.roa
File: 1-DC-U8AcHmz_LvxCsrbg4rc6aHE.roa (raw, json)
Hash identifier: 7YPt09Jio0CZRhsnZvh8yYJ4hqXg8CcmGrG50ZMPajo=
Subject key identifier: F8:30:BE:53:C0:1C:1E:6C:FF:2E:FC:42:B2:B6:E0:E2:B7:3A:68:71
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 0195CDDE637045496ABB17A5B75D7D2AFC5D
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/1-DC-U8AcHmz_LvxCsrbg4rc6aHE.roa
Signing time: Tue 25 Mar 2025 15:14:18 +0000
ROA not before: Tue 25 Mar 2025 15:14:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42216
IP address blocks: 31.210.47.0/24 maxlen: 24
77.92.142.0/24 maxlen: 24
77.92.143.0/24 maxlen: 24
77.92.152.0/24 maxlen: 24
78.135.78.0/24 maxlen: 24
78.135.86.0/24 maxlen: 24
78.135.98.0/24 maxlen: 24
188.132.188.0/24 maxlen: 24
188.132.214.0/24 maxlen: 24
188.132.215.0/24 maxlen: 24
188.132.216.0/24 maxlen: 24
2a10:9440:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 25 Mar 2025 19:20:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:cd:de:63:70:45:49:6a:bb:17:a5:b7:5d:7d:2a:fc:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Mar 25 15:14:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f830be53c01c1e6cff2efc42b2b6e0e2b73a6871
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:16:f7:39:0a:ab:27:62:a0:c4:48:11:04:4b:
64:50:45:d3:4d:82:41:51:c5:a3:97:cf:3e:8e:bb:
93:73:a6:dd:08:3a:2a:77:39:f9:e9:80:49:b8:f9:
f8:72:53:68:bd:e6:42:7f:7e:d0:5d:68:75:28:34:
10:51:0a:c6:6b:a2:f3:4a:42:14:e3:04:85:28:26:
e6:d8:5c:25:4b:c2:da:5b:f9:6b:77:e7:57:32:8a:
f6:ce:e3:05:c0:83:a2:70:c3:95:1f:24:08:da:ba:
0c:9c:f5:5b:d3:a5:4f:40:13:05:f8:1f:0e:bc:96:
45:88:fb:7a:e0:d8:c9:5a:fa:29:69:7d:72:98:85:
d1:6c:23:95:bf:94:d8:e1:0f:3f:00:e9:14:d0:bb:
98:87:b8:ea:73:99:28:68:4c:37:f5:0d:85:d8:2c:
6f:35:f8:9c:00:f3:1d:79:25:4e:9b:58:06:ba:f3:
af:69:26:f7:c2:df:d8:3f:88:85:b4:e0:7d:ab:85:
40:6c:7b:b7:03:10:45:eb:ba:c8:e3:35:f1:d4:53:
86:e3:a8:67:6a:98:1c:2d:61:1b:88:18:1b:14:b3:
50:4d:cd:3f:c8:ff:1f:de:8b:be:83:a2:d3:40:fc:
57:df:4a:b3:d4:da:15:51:c6:70:65:5f:15:1b:f4:
ff:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:30:BE:53:C0:1C:1E:6C:FF:2E:FC:42:B2:B6:E0:E2:B7:3A:68:71
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/1-DC-U8AcHmz_LvxCsrbg4rc6aHE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.47.0/24
77.92.142.0/23
77.92.152.0/24
78.135.78.0/24
78.135.86.0/24
78.135.98.0/24
188.132.188.0/24
188.132.214.0-188.132.216.255
IPv6:
2a10:9440:1::/48
Signature Algorithm: sha256WithRSAEncryption
7c:2f:5c:d7:aa:8a:9f:77:e0:e5:9b:de:6e:35:62:27:0d:75:
59:5b:c8:94:73:86:85:b2:cb:a3:8e:bb:ab:43:cf:22:e2:e5:
4a:28:96:8b:c7:18:ac:9a:06:35:98:e4:48:57:30:b2:4d:84:
4b:d0:99:0c:36:56:f5:8f:67:c1:cf:e6:0b:a2:c6:db:09:21:
9e:31:60:fb:c9:19:db:c6:4b:08:3d:52:8a:15:4d:6f:61:2d:
5e:da:ec:dc:c9:c9:0f:d6:39:73:69:07:68:09:d1:66:60:7f:
12:60:62:19:96:31:e9:12:c9:85:26:73:de:d2:d4:79:e5:22:
e3:2c:e5:ac:95:b2:ee:ee:29:28:29:2d:58:28:a8:1c:ae:6f:
c1:f7:f5:40:23:2a:33:af:9f:51:ab:a8:61:90:08:3d:f3:af:
52:6c:b4:42:54:f3:74:a6:44:d0:ac:3e:d7:b8:d4:ca:52:77:
58:ee:7a:10:17:b0:60:67:00:dd:5b:e0:30:ac:31:10:ae:6d:
33:6a:f3:26:49:f9:b7:7c:7c:e1:cb:e2:47:68:d9:2d:9c:2b:
75:0a:0e:fb:29:74:51:8b:66:78:cd:af:70:98:2d:71:db:bd:
99:b4:1c:9d:35:4f:37:c3:af:f1:9a:bd:7b:8a:c7:0c:4a:77:
e8:97:74:2b
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAZXN3mNwRUlquxelt119KvxdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjUwMzI1MTUxNDE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODMwYmU1M2MwMWMxZTZjZmYyZWZjNDJiMmI2ZTBlMmI3M2E2ODcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqBb3OQqrJ2KgxEgRBEtkUEXTTYJB
UcWjl88+jruTc6bdCDoqdzn56YBJuPn4clNoveZCf37QXWh1KDQQUQrGa6LzSkIU
4wSFKCbm2FwlS8LaW/lrd+dXMor2zuMFwIOicMOVHyQI2roMnPVb06VPQBMF+B8O
vJZFiPt64NjJWvopaX1ymIXRbCOVv5TY4Q8/AOkU0LuYh7jqc5koaEw39Q2F2Cxv
NficAPMdeSVOm1gGuvOvaSb3wt/YP4iFtOB9q4VAbHu3AxBF67rI4zXx1FOG46hn
apgcLWEbiBgbFLNQTc0/yP8f3ou+g6LTQPxX30qz1NoVUcZwZV8VG/T/PQIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFPgwvlPAHB5s/y78QrK24OK3OmhxMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvMS1EQy1VOEFjSG16X0x2eENzcmJnNHJjNmFIRS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGQvMTU4NmZkLWZkMmMtNDFmOC04ZmU5LTRlMTk4ZjBhNjAx
My8xL3lkVjBSLU5DQzRVNGRiYjZRRGNxcmVNWkxLSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBiBggrBgEFBQcBBwEB/wRTMFEwPgQCAAEwOAMEAB/SLwME
AU1cjgMEAE1cmAMEAE6HTgMEAE6HVgMEAE6HYgMEALyEvDAMAwQBvITWAwQAvITY
MA8EAgACMAkDBwAqEJRAAAEwDQYJKoZIhvcNAQELBQADggEBAHwvXNeqip934OWb
3m41YicNdVlbyJRzhoWyy6OOu6tDzyLi5UoolovHGKyaBjWY5EhXMLJNhEvQmQw2
VvWPZ8HP5guixtsJIZ4xYPvJGdvGSwg9UooVTW9hLV7a7NzJyQ/WOXNpB2gJ0WZg
fxJgYhmWMekSyYUmc97S1HnlIuMs5ayVsu7uKSgpLVgoqByub8H39UAjKjOvn1Gr
qGGQCD3zr1JstEJU83SmRNCsPte41MpSd1juehAXsGBnAN1b4DCsMRCubTNq8yZJ
+bd8fOHL4kdo2S2cK3UKDvspdFGLZnjNr3CYLXHbvZm0HJ01TzfDr/GavXuKxwxK
d+iXdCs=
-----END CERTIFICATE-----
Generated at Thu Apr 17 06:53:13 2025 by rpki-client