Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/9oWkuFbsPBsFvOGCCZgZbUUSJfw.roa
File: 9oWkuFbsPBsFvOGCCZgZbUUSJfw.roa (raw, json)
Hash identifier: RuLkRturuwlWHZbVtdza/2+69J2yWEvhh0SuHlsbZ+8=
Subject key identifier: F6:85:A4:B8:56:EC:3C:1B:05:BC:E1:82:09:98:19:6D:45:12:25:FC
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 0195C9239FB338B0505C4F9386A14112A7BC
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/9oWkuFbsPBsFvOGCCZgZbUUSJfw.roa
Signing time: Mon 24 Mar 2025 17:11:49 +0000
ROA not before: Mon 24 Mar 2025 17:11:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42216
IP address blocks: 31.210.47.0/24 maxlen: 24
77.92.142.0/24 maxlen: 24
77.92.143.0/24 maxlen: 24
77.92.152.0/24 maxlen: 24
78.135.78.0/24 maxlen: 24
78.135.86.0/24 maxlen: 24
78.135.98.0/24 maxlen: 24
188.132.188.0/24 maxlen: 24
2a10:9440:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 25 Mar 2025 15:11:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:c9:23:9f:b3:38:b0:50:5c:4f:93:86:a1:41:12:a7:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Mar 24 17:11:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f685a4b856ec3c1b05bce1820998196d451225fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:3b:2d:68:bc:74:08:a3:61:38:f4:39:f6:13:
07:bc:dc:3a:5b:49:7e:57:77:56:46:31:01:68:c0:
4b:73:a6:5a:b4:22:05:7f:eb:59:d0:11:33:86:52:
34:42:b1:88:c9:c6:f4:a8:08:24:32:b9:29:51:d3:
a7:f6:11:b1:72:0f:7a:bc:8f:32:98:ba:1d:73:1f:
cb:bb:dc:31:46:8b:7a:c6:c3:20:12:24:94:c4:a1:
27:db:36:ba:f3:19:15:48:5c:69:13:32:ee:c1:1c:
2e:44:9f:7d:0b:fe:ea:50:54:a8:07:e5:d8:bd:6b:
43:24:5d:38:96:43:1e:61:b9:89:40:2a:7d:19:0e:
ad:03:4c:f1:10:8d:b2:f8:f8:fe:c9:3b:fa:34:95:
31:6c:e6:18:30:9c:62:03:37:ea:15:be:67:31:e0:
f0:63:b2:1a:88:11:19:1c:1f:0d:77:0b:46:15:e4:
9b:57:cb:1d:c8:38:56:ae:e8:2b:c4:62:82:5c:c9:
28:8c:52:c1:94:a2:61:7d:80:f3:cd:80:53:cd:c2:
58:8f:6d:89:2d:50:fb:28:26:91:91:92:ef:47:70:
24:af:7a:56:5b:04:f2:6d:6d:fe:65:63:5f:d5:16:
49:28:01:4c:df:e4:c0:20:b3:e0:07:91:0f:0b:e2:
bc:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:85:A4:B8:56:EC:3C:1B:05:BC:E1:82:09:98:19:6D:45:12:25:FC
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/9oWkuFbsPBsFvOGCCZgZbUUSJfw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.47.0/24
77.92.142.0/23
77.92.152.0/24
78.135.78.0/24
78.135.86.0/24
78.135.98.0/24
188.132.188.0/24
IPv6:
2a10:9440:1::/48
Signature Algorithm: sha256WithRSAEncryption
51:2b:ca:f5:f5:9d:93:23:f1:a1:f2:a2:2b:07:3e:da:84:4b:
16:2f:b7:35:ce:53:1c:cd:59:d8:ad:83:9f:e3:89:6e:98:97:
d3:40:aa:31:89:38:a1:11:36:9e:90:78:43:68:22:cd:48:33:
41:01:1e:ec:21:75:55:07:b0:c2:c6:70:12:07:9e:bc:4e:a8:
21:d7:bf:80:48:fc:9d:9d:9c:05:b4:39:75:08:39:85:4b:b7:
34:d1:a9:3a:ec:1a:c9:76:37:68:02:fb:0f:50:db:b4:c3:bc:
76:aa:26:7c:44:d0:58:82:da:50:37:fa:d6:87:fd:fd:ff:42:
6f:33:ca:eb:96:44:72:41:45:e2:1a:3f:45:ca:6e:f1:77:da:
58:16:cc:5d:ee:fb:50:c0:ad:e7:04:be:1b:fd:a0:f9:bf:f2:
3b:e7:f6:2c:28:75:1b:e8:46:c2:e6:47:a5:c6:be:f7:72:36:
53:5f:b6:5c:52:25:62:c5:08:7a:8e:31:e2:5a:0f:09:61:a5:
c8:4a:14:64:8c:7c:72:bf:72:48:98:50:93:3a:64:be:ba:4d:
78:7d:4e:ad:78:89:46:b6:57:b4:38:e1:dc:4c:74:40:73:c2:
ca:ff:2a:31:48:9d:d8:84:d6:db:c6:e4:8f:f3:ad:03:1e:f5:
3e:f7:42:20
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAZXJI5+zOLBQXE+ThqFBEqe8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjUwMzI0MTcxMTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjg1YTRiODU2ZWMzYzFiMDViY2UxODIwOTk4MTk2ZDQ1MTIyNWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnTstaLx0CKNhOPQ59hMHvNw6W0l+
V3dWRjEBaMBLc6ZatCIFf+tZ0BEzhlI0QrGIycb0qAgkMrkpUdOn9hGxcg96vI8y
mLodcx/Lu9wxRot6xsMgEiSUxKEn2za68xkVSFxpEzLuwRwuRJ99C/7qUFSoB+XY
vWtDJF04lkMeYbmJQCp9GQ6tA0zxEI2y+Pj+yTv6NJUxbOYYMJxiAzfqFb5nMeDw
Y7IaiBEZHB8NdwtGFeSbV8sdyDhWrugrxGKCXMkojFLBlKJhfYDzzYBTzcJYj22J
LVD7KCaRkZLvR3Akr3pWWwTybW3+ZWNf1RZJKAFM3+TAILPgB5EPC+K8GQIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFPaFpLhW7DwbBbzhggmYGW1FEiX8MB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvOW9Xa3VGYnNQQnNGdk9HQ0NaZ1piVVVTSmZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAwBAIAATAqAwQAH9IvAwQB
TVyOAwQATVyYAwQATodOAwQATodWAwQATodiAwQAvIS8MA8EAgACMAkDBwAqEJRA
AAEwDQYJKoZIhvcNAQELBQADggEBAFEryvX1nZMj8aHyoisHPtqESxYvtzXOUxzN
Wditg5/jiW6Yl9NAqjGJOKERNp6QeENoIs1IM0EBHuwhdVUHsMLGcBIHnrxOqCHX
v4BI/J2dnAW0OXUIOYVLtzTRqTrsGsl2N2gC+w9Q27TDvHaqJnxE0FiC2lA3+taH
/f3/Qm8zyuuWRHJBReIaP0XKbvF32lgWzF3u+1DArecEvhv9oPm/8jvn9iwodRvo
RsLmR6XGvvdyNlNftlxSJWLFCHqOMeJaDwlhpchKFGSMfHK/ckiYUJM6ZL66TXh9
Tq14iUa2V7Q44dxMdEBzwsr/KjFIndiE1tvG5I/zrQMe9T73QiA=
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:32:44 2025 by rpki-client