Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/On9yaQT7mh8YG9OHK9GLcItKoK0.roa
File: On9yaQT7mh8YG9OHK9GLcItKoK0.roa (raw, json)
Hash identifier: vXoN44Tby3GThdOKl+djsxMbF4EljZ6Ncrd2M5HmsZU=
Subject key identifier: 3A:7F:72:69:04:FB:9A:1F:18:1B:D3:87:2B:D1:8B:70:8B:4A:A0:AD
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 01942746BB8DC09B025C176F77745A3AEB91
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/On9yaQT7mh8YG9OHK9GLcItKoK0.roa
Signing time: Thu 02 Jan 2025 13:48:54 +0000
ROA not before: Thu 02 Jan 2025 13:48:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214036
IP address blocks: 31.210.50.0/24 maxlen: 24
77.92.145.0/24 maxlen: 24
188.132.129.0/24 maxlen: 24
188.132.153.0/24 maxlen: 24
188.132.183.0/24 maxlen: 24
188.132.184.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 14 Jan 2025 09:56:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:46:bb:8d:c0:9b:02:5c:17:6f:77:74:5a:3a:eb:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Jan 2 13:48:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3a7f726904fb9a1f181bd3872bd18b708b4aa0ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:f2:f7:40:d5:02:41:d6:20:12:34:ab:00:ec:
29:a8:75:67:1f:35:56:79:b5:a6:65:af:0e:74:c4:
6f:5a:c4:a1:84:68:02:45:6e:e7:a3:3e:2b:47:1e:
a4:9e:0d:84:ec:ec:1a:7c:38:6d:31:af:eb:18:8c:
f5:6e:4b:8c:f2:52:ee:ae:bb:16:02:e0:4d:06:22:
96:03:98:43:42:03:18:ad:cb:0e:c7:fe:09:55:7e:
89:c6:12:16:f5:6b:a0:1c:9d:90:46:21:92:6f:c0:
52:07:3b:4f:c7:f6:df:7c:fc:41:ce:ec:5d:8a:33:
d0:50:b9:cc:23:bf:b0:55:e4:67:bd:4c:3b:ac:7a:
46:11:c0:03:86:ff:88:cd:13:81:60:ac:f6:00:dc:
6a:81:a1:86:29:84:45:dd:e9:18:1c:5d:47:23:82:
1e:cf:64:95:7c:0f:1c:08:84:7d:ef:8f:91:65:2b:
b4:c2:ea:2d:cb:28:cc:30:25:2a:6b:75:17:d9:61:
24:28:a4:15:ba:c8:13:c8:0b:1f:b4:c0:99:b9:72:
d5:af:3d:eb:96:52:00:dd:ac:21:83:08:3b:a8:f3:
ad:f5:cc:ce:88:bd:e2:ef:6b:4c:d9:49:f7:6c:89:
50:a7:1a:f4:ab:91:e4:76:4a:2a:69:69:fa:30:56:
63:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:7F:72:69:04:FB:9A:1F:18:1B:D3:87:2B:D1:8B:70:8B:4A:A0:AD
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/On9yaQT7mh8YG9OHK9GLcItKoK0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.50.0/24
77.92.145.0/24
188.132.129.0/24
188.132.153.0/24
188.132.183.0-188.132.184.255
Signature Algorithm: sha256WithRSAEncryption
54:78:7c:de:4f:a1:3b:a1:a3:d8:d3:ce:9c:85:bd:50:7f:57:
f6:eb:0e:1b:1f:b3:06:62:ca:a3:7a:a1:63:9f:e1:5e:e4:d2:
8d:a8:cc:fe:fb:b2:9e:c8:55:24:68:ad:12:bc:f7:8c:60:4b:
b0:32:34:26:d3:d3:f4:32:c7:9a:41:cc:08:53:be:24:8e:fe:
46:f4:f1:9b:92:62:e6:42:48:4a:c4:7e:fe:60:c8:ba:08:0a:
0b:e3:c7:fc:9c:20:f4:fc:6e:34:18:01:13:21:6d:73:6f:47:
d4:f7:c0:1e:e7:01:4c:ff:0d:a7:72:4e:42:66:6c:dc:4c:b0:
05:4f:9e:8d:8d:fb:5f:4f:63:b0:de:87:39:14:ed:e7:c7:7d:
fd:0e:ea:fc:0b:fb:d5:e2:90:b9:4b:e5:5e:87:59:3e:8d:b1:
e2:22:ef:5e:10:47:40:02:9b:3a:ce:7d:b2:e7:b0:c9:60:c4:
1f:91:ea:ec:f4:12:6f:cb:4f:31:ca:16:76:ec:18:d7:46:37:
9b:76:76:0a:ae:80:92:c6:7c:2c:ca:2d:e8:bc:9c:99:4d:ed:
6a:bb:85:33:e6:19:5d:c6:a6:e1:35:57:d3:c2:37:68:14:3c:
64:38:ee:a1:df:cf:d5:0e:f2:3c:82:95:cc:64:c9:75:b3:9e:
c4:32:43:80
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZQnRruNwJsCXBdvd3RaOuuRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjUwMTAyMTM0ODU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTdmNzI2OTA0ZmI5YTFmMTgxYmQzODcyYmQxOGI3MDhiNGFhMGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsvL3QNUCQdYgEjSrAOwpqHVnHzVW
ebWmZa8OdMRvWsShhGgCRW7noz4rRx6kng2E7OwafDhtMa/rGIz1bkuM8lLurrsW
AuBNBiKWA5hDQgMYrcsOx/4JVX6JxhIW9WugHJ2QRiGSb8BSBztPx/bffPxBzuxd
ijPQULnMI7+wVeRnvUw7rHpGEcADhv+IzROBYKz2ANxqgaGGKYRF3ekYHF1HI4Ie
z2SVfA8cCIR974+RZSu0wuotyyjMMCUqa3UX2WEkKKQVusgTyAsftMCZuXLVrz3r
llIA3awhgwg7qPOt9czOiL3i72tM2Un3bIlQpxr0q5HkdkoqaWn6MFZjywIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFDp/cmkE+5ofGBvThyvRi3CLSqCtMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvT245eWFRVDdtaDhZRzlPSEs5R0xjSXRLb0swLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAH9IyAwQA
TVyRAwQAvISBAwQAvISZMAwDBAC8hLcDBAC8hLgwDQYJKoZIhvcNAQELBQADggEB
AFR4fN5PoTuho9jTzpyFvVB/V/brDhsfswZiyqN6oWOf4V7k0o2ozP77sp7IVSRo
rRK894xgS7AyNCbT0/Qyx5pBzAhTviSO/kb08ZuSYuZCSErEfv5gyLoICgvjx/yc
IPT8bjQYARMhbXNvR9T3wB7nAUz/DadyTkJmbNxMsAVPno2N+19PY7DehzkU7efH
ff0O6vwL+9XikLlL5V6HWT6NseIi714QR0ACmzrOfbLnsMlgxB+R6uz0Em/LTzHK
FnbsGNdGN5t2dgqugJLGfCzKLei8nJlN7Wq7hTPmGV3GpuE1V9PCN2gUPGQ47qHf
z9UO8jyClcxkyXWznsQyQ4A=
-----END CERTIFICATE-----
Generated at Thu Apr 17 07:07:30 2025 by rpki-client