Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/JL2jTOiqDk3x3xpTX6Day-yMhB8.roa
File: JL2jTOiqDk3x3xpTX6Day-yMhB8.roa (raw, json)
Hash identifier: u5IppEBCOF6Y2bT7pgaYILAIxo1CXFw/aW2FpTDjYH0=
Subject key identifier: 24:BD:A3:4C:E8:AA:0E:4D:F1:DF:1A:53:5F:A0:DA:CB:EC:8C:84:1F
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 019596B88520DCDFE15B665DCBD0AE00C570
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/JL2jTOiqDk3x3xpTX6Day-yMhB8.roa
Signing time: Fri 14 Mar 2025 22:13:49 +0000
ROA not before: Fri 14 Mar 2025 22:13:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42910
IP address blocks: 31.210.46.0/24 maxlen: 24
31.210.50.0/24 maxlen: 24
31.210.51.0/24 maxlen: 24
31.210.53.0/24 maxlen: 24
31.210.54.0/24 maxlen: 24
77.92.148.0/24 maxlen: 24
188.132.170.0/24 maxlen: 24
188.132.191.0/24 maxlen: 24
188.132.215.0/24 maxlen: 24
188.132.227.0/24 maxlen: 24
188.132.228.0/24 maxlen: 24
212.68.36.0/24 maxlen: 24
212.68.49.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 25 Mar 2025 19:35:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:96:b8:85:20:dc:df:e1:5b:66:5d:cb:d0:ae:00:c5:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Mar 14 22:13:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=24bda34ce8aa0e4df1df1a535fa0dacbec8c841f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:8c:a2:88:97:61:dd:0f:f0:77:f5:42:db:25:
27:a5:65:c4:3d:ec:78:de:55:74:f6:67:c4:7e:d5:
b3:af:9a:71:de:74:d1:66:1d:3c:d1:ed:35:00:3f:
84:85:58:46:06:1a:64:7e:02:16:d0:04:c9:58:0f:
5b:05:42:48:66:24:ee:eb:0e:d1:f8:1e:43:86:08:
ba:43:66:07:9d:90:46:7b:b0:54:58:53:fe:9b:f4:
e9:1f:f2:01:69:eb:40:f6:e7:8b:b2:9e:70:e3:a4:
0b:83:e3:51:b8:3f:8b:e6:e4:20:eb:16:18:ee:ca:
ec:64:cc:c6:39:d3:68:20:59:76:1f:c2:7d:64:c0:
1c:8e:e5:3a:56:19:d2:1a:76:2d:4e:02:dc:8d:a9:
da:b2:ab:75:6c:c4:dd:ee:a6:99:a4:2a:c8:7b:e7:
df:79:07:1e:f3:ff:fd:34:a1:35:13:28:ac:a6:f6:
89:50:e7:ca:09:d8:75:a8:ca:7c:ed:99:db:1f:12:
c4:02:c6:c1:14:b1:bf:36:57:ae:3a:2d:7d:43:4d:
06:d8:0f:97:b3:6b:fc:4b:e6:5b:43:e7:27:d8:51:
11:38:49:3c:78:8e:c2:79:45:21:33:68:c1:8f:6c:
88:6c:be:2c:cb:d1:17:2e:bb:a5:65:59:18:54:2d:
6b:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:BD:A3:4C:E8:AA:0E:4D:F1:DF:1A:53:5F:A0:DA:CB:EC:8C:84:1F
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/JL2jTOiqDk3x3xpTX6Day-yMhB8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.46.0/24
31.210.50.0/23
31.210.53.0-31.210.54.255
77.92.148.0/24
188.132.170.0/24
188.132.191.0/24
188.132.215.0/24
188.132.227.0-188.132.228.255
212.68.36.0/24
212.68.49.0/24
Signature Algorithm: sha256WithRSAEncryption
85:24:ac:48:80:f1:30:43:87:58:94:c2:05:83:63:c3:af:37:
d7:a3:1d:c5:fe:4d:e0:66:eb:fe:e1:4d:6a:38:b0:c6:0d:9a:
91:52:12:86:51:02:2e:c8:2f:33:60:d8:15:a5:26:95:96:ef:
56:53:8b:45:5b:41:6a:69:32:c8:c4:2d:0d:51:23:5b:00:dd:
04:47:b9:8a:83:77:65:35:3e:24:0a:e8:24:bb:0e:8c:22:5d:
03:22:ad:42:ef:09:76:9f:92:b6:d6:e0:f0:6d:90:bd:06:47:
ae:e3:e2:5a:4f:6e:09:f3:f2:73:be:0d:6d:48:c3:eb:18:34:
0b:05:c3:0d:60:50:5f:ef:86:1c:8c:7d:5e:fc:89:88:f2:84:
4f:4b:5e:59:f4:6b:29:88:c7:16:17:77:1b:5f:cc:00:35:c5:
1f:6c:b7:49:cf:32:ba:af:19:31:be:96:f2:a7:0b:74:c6:4f:
c3:05:9a:1e:92:9f:0c:ff:12:91:e2:3d:06:98:e9:79:23:bd:
2f:c4:70:e7:7a:ef:3b:e3:da:1e:4e:96:9b:96:d1:60:ee:3a:
2c:5f:41:7a:6b:60:05:01:b4:61:85:a1:1d:da:1f:1f:85:b0:
75:79:12:e9:46:db:60:a3:c0:c7:9f:52:d3:9f:15:47:dc:2d:
a2:36:06:de
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZWWuIUg3N/hW2Zdy9CuAMVwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjUwMzE0MjIxMzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGJkYTM0Y2U4YWEwZTRkZjFkZjFhNTM1ZmEwZGFjYmVjOGM4NDFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuIyiiJdh3Q/wd/VC2yUnpWXEPex4
3lV09mfEftWzr5px3nTRZh080e01AD+EhVhGBhpkfgIW0ATJWA9bBUJIZiTu6w7R
+B5Dhgi6Q2YHnZBGe7BUWFP+m/TpH/IBaetA9ueLsp5w46QLg+NRuD+L5uQg6xYY
7srsZMzGOdNoIFl2H8J9ZMAcjuU6VhnSGnYtTgLcjanasqt1bMTd7qaZpCrIe+ff
eQce8//9NKE1EyispvaJUOfKCdh1qMp87ZnbHxLEAsbBFLG/NleuOi19Q00G2A+X
s2v8S+ZbQ+cn2FEROEk8eI7CeUUhM2jBj2yIbL4sy9EXLrulZVkYVC1rLwIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFCS9o0zoqg5N8d8aU1+g2svsjIQfMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvSkwyalRPaXFEazN4M3hwVFg2RGF5LXlNaEI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAATBMAwQAH9IuAwQB
H9IyMAwDBAAf0jUDBAAf0jYDBABNXJQDBAC8hKoDBAC8hL8DBAC8hNcwDAMEALyE
4wMEALyE5AMEANREJAMEANREMTANBgkqhkiG9w0BAQsFAAOCAQEAhSSsSIDxMEOH
WJTCBYNjw68316Mdxf5N4Gbr/uFNajiwxg2akVIShlECLsgvM2DYFaUmlZbvVlOL
RVtBamkyyMQtDVEjWwDdBEe5ioN3ZTU+JAroJLsOjCJdAyKtQu8Jdp+Sttbg8G2Q
vQZHruPiWk9uCfPyc74NbUjD6xg0CwXDDWBQX++GHIx9XvyJiPKET0teWfRrKYjH
Fhd3G1/MADXFH2y3Sc8yuq8ZMb6W8qcLdMZPwwWaHpKfDP8SkeI9BpjpeSO9L8Rw
53rvO+PaHk6Wm5bRYO46LF9BemtgBQG0YYWhHdofH4WwdXkS6UbbYKPAx59S058V
R9wtojYG3g==
-----END CERTIFICATE-----
Generated at Thu Apr 17 06:57:35 2025 by rpki-client