Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ClF9-0Ef2hOM5JxB38mWrwiM8ro.roa
File: ClF9-0Ef2hOM5JxB38mWrwiM8ro.roa (raw, json)
Hash identifier: 4QFPnguy9AX4PBVfrt9G2T4kNIA8cmFWWCMvxrcuaKY=
Subject key identifier: 0A:51:7D:FB:41:1F:DA:13:8C:E4:9C:41:DF:C9:96:AF:08:8C:F2:BA
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 01950E65BA8DDBD46769EAC0FAB4D1C6AA9B
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ClF9-0Ef2hOM5JxB38mWrwiM8ro.roa
Signing time: Sun 16 Feb 2025 10:55:02 +0000
ROA not before: Sun 16 Feb 2025 10:55:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42216
IP address blocks: 31.210.47.0/24 maxlen: 24
77.92.142.0/24 maxlen: 24
77.92.143.0/24 maxlen: 24
77.92.152.0/24 maxlen: 24
78.135.78.0/24 maxlen: 24
78.135.86.0/24 maxlen: 24
188.132.188.0/24 maxlen: 24
2a10:9440:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 22 Feb 2025 22:12:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:0e:65:ba:8d:db:d4:67:69:ea:c0:fa:b4:d1:c6:aa:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Feb 16 10:55:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0a517dfb411fda138ce49c41dfc996af088cf2ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:4c:ca:67:bb:30:70:e7:3f:02:13:66:03:55:
a1:b3:a6:7e:2f:78:46:18:7f:7d:49:0f:96:6c:f3:
ca:df:19:05:a7:a4:5c:70:71:46:67:ab:d3:a3:a9:
a0:b1:56:97:b8:09:66:35:e4:68:65:06:6b:0e:69:
00:fa:e9:1a:cf:87:09:62:5f:b4:3e:49:93:ae:e7:
b9:6a:0c:c7:2d:19:7a:ce:4d:a2:08:c0:a3:bd:d8:
d4:95:b7:9e:bb:d7:0f:f0:36:38:c8:c6:b7:8c:c5:
5c:a7:ff:d9:87:eb:96:c6:99:db:7e:24:89:37:4f:
c6:1a:87:49:54:fe:65:ae:0e:68:ff:60:4a:d5:0c:
a1:3a:3a:db:50:f3:0e:5b:01:38:ce:30:98:e1:10:
0f:06:7e:e9:d0:3f:b8:d9:11:ef:bd:86:94:96:00:
51:fe:7c:e0:43:a0:90:04:8a:fb:4c:a4:24:6f:d4:
ec:6e:28:06:0b:81:49:fc:7d:df:a9:7d:47:87:e1:
11:64:46:75:0a:49:1c:3d:b8:3c:9d:4f:aa:49:8b:
5b:ec:65:e5:71:a3:bc:92:65:09:70:57:5a:06:65:
13:99:d8:35:28:26:bf:a8:04:25:ff:79:65:3e:81:
49:bc:36:dc:7c:43:55:7a:c3:9e:f7:d0:72:a5:ff:
b8:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:51:7D:FB:41:1F:DA:13:8C:E4:9C:41:DF:C9:96:AF:08:8C:F2:BA
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ClF9-0Ef2hOM5JxB38mWrwiM8ro.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.47.0/24
77.92.142.0/23
77.92.152.0/24
78.135.78.0/24
78.135.86.0/24
188.132.188.0/24
IPv6:
2a10:9440:1::/48
Signature Algorithm: sha256WithRSAEncryption
0b:c7:31:4e:94:3b:d7:23:26:1a:9f:c6:a9:55:21:b1:0e:f5:
20:57:82:ad:4f:29:4e:47:90:41:29:0b:17:65:8a:1d:91:fe:
80:12:fc:f7:90:1b:01:72:9e:b4:af:fd:87:a5:43:e1:b3:c2:
77:75:e3:0c:cf:c2:e6:3f:2e:43:7c:57:03:7d:c6:2d:c4:1a:
2d:a3:90:49:d3:ab:62:dd:e4:76:28:49:ea:21:04:9c:5b:11:
ad:bf:f4:c1:20:80:87:8d:c3:a4:5a:dc:5c:9c:8e:57:8a:b5:
06:c1:1f:f6:9d:39:44:42:5f:03:da:8b:03:cb:4f:d6:8e:7d:
47:a3:8e:ce:34:24:10:5c:f5:e8:e1:64:7e:7c:d4:07:4b:41:
2f:16:d6:e6:55:77:b8:02:56:0b:24:75:85:5b:6c:44:0a:f8:
bd:a4:82:ec:78:a5:97:f7:a5:7c:40:57:38:7c:8c:92:7e:82:
61:eb:5c:2e:be:21:60:bb:29:07:7c:31:18:87:76:9e:d8:62:
3c:a6:a7:a8:44:0e:b4:71:cf:bc:11:ef:48:75:c2:ce:96:62:
a0:d2:38:1d:78:76:5b:f0:cf:f6:5c:a4:d2:e6:1c:23:7c:ab:
50:bf:e2:61:0e:43:fa:6d:38:99:33:ec:65:9f:9f:e2:3d:31:
55:60:82:20
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZUOZbqN29RnaerA+rTRxqqbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjUwMjE2MTA1NTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTUxN2RmYjQxMWZkYTEzOGNlNDljNDFkZmM5OTZhZjA4OGNmMmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn0zKZ7swcOc/AhNmA1Whs6Z+L3hG
GH99SQ+WbPPK3xkFp6RccHFGZ6vTo6mgsVaXuAlmNeRoZQZrDmkA+ukaz4cJYl+0
PkmTrue5agzHLRl6zk2iCMCjvdjUlbeeu9cP8DY4yMa3jMVcp//Zh+uWxpnbfiSJ
N0/GGodJVP5lrg5o/2BK1QyhOjrbUPMOWwE4zjCY4RAPBn7p0D+42RHvvYaUlgBR
/nzgQ6CQBIr7TKQkb9TsbigGC4FJ/H3fqX1Hh+ERZEZ1CkkcPbg8nU+qSYtb7GXl
caO8kmUJcFdaBmUTmdg1KCa/qAQl/3llPoFJvDbcfENVesOe99Bypf+45QIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFApRfftBH9oTjOScQd/Jlq8IjPK6MB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvQ2xGOS0wRWYyaE9NNUp4QjM4bVdyd2lNOHJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAqBAIAATAkAwQAH9IvAwQB
TVyOAwQATVyYAwQATodOAwQATodWAwQAvIS8MA8EAgACMAkDBwAqEJRAAAEwDQYJ
KoZIhvcNAQELBQADggEBAAvHMU6UO9cjJhqfxqlVIbEO9SBXgq1PKU5HkEEpCxdl
ih2R/oAS/PeQGwFynrSv/YelQ+Gzwnd14wzPwuY/LkN8VwN9xi3EGi2jkEnTq2Ld
5HYoSeohBJxbEa2/9MEggIeNw6Ra3FycjleKtQbBH/adOURCXwPaiwPLT9aOfUej
js40JBBc9ejhZH581AdLQS8W1uZVd7gCVgskdYVbbEQK+L2kgux4pZf3pXxAVzh8
jJJ+gmHrXC6+IWC7KQd8MRiHdp7YYjymp6hEDrRxz7wR70h1ws6WYqDSOB14dlvw
z/ZcpNLmHCN8q1C/4mEOQ/ptOJkz7GWfn+I9MVVggiA=
-----END CERTIFICATE-----
Generated at Sun Jun 8 04:08:04 2025 by rpki-client