Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/PNBsm_Kl5lmus9rqi5eJ6lMUssk.roa
File: PNBsm_Kl5lmus9rqi5eJ6lMUssk.roa (raw, json)
Hash identifier: 9eWtz+jWUl6//YcURxrE3ebVML1n3rpxoBW1uhVmg18=
Subject key identifier: 3C:D0:6C:9B:F2:A5:E6:59:AE:B3:DA:EA:8B:97:89:EA:53:14:B2:C9
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 0193C7137B121406DE7F4664A6FF241907B9
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/PNBsm_Kl5lmus9rqi5eJ6lMUssk.roa
Signing time: Sat 14 Dec 2024 21:29:22 +0000
ROA not before: Sat 14 Dec 2024 21:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42910
IP address blocks: 31.210.46.0/24 maxlen: 24
31.210.50.0/24 maxlen: 24
31.210.51.0/24 maxlen: 24
31.210.53.0/24 maxlen: 24
31.210.54.0/24 maxlen: 24
77.92.148.0/24 maxlen: 24
188.132.170.0/24 maxlen: 24
188.132.215.0/24 maxlen: 24
188.132.227.0/24 maxlen: 24
188.132.228.0/24 maxlen: 24
188.132.229.0/24 maxlen: 24
212.68.36.0/24 maxlen: 24
212.68.49.0/24 maxlen: 24
212.68.56.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 28 Dec 2024 00:06:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:c7:13:7b:12:14:06:de:7f:46:64:a6:ff:24:19:07:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Dec 14 21:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3cd06c9bf2a5e659aeb3daea8b9789ea5314b2c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:49:86:30:7e:a2:69:52:29:88:11:cb:25:3d:
29:6e:1a:56:13:6f:71:c6:74:36:09:de:0d:ae:3a:
eb:8b:12:b2:ce:0e:24:c8:d7:47:b9:1b:d4:6a:55:
00:19:9d:ef:39:da:9a:50:5e:b2:a8:54:b7:70:18:
40:65:b7:d9:3b:44:0a:31:55:b8:1a:3b:ac:df:72:
8a:90:7a:f3:e0:e0:99:92:0e:b9:2d:e1:40:65:45:
09:60:88:34:d2:ba:54:9d:ce:38:0b:a7:eb:a1:f1:
c8:bf:25:d0:f7:95:d2:7a:16:2c:ef:65:d6:92:1c:
c1:ad:e8:3f:ba:c1:ee:4a:52:0a:08:63:11:cc:f3:
59:63:6e:e6:d0:f5:9c:21:8e:07:7d:41:d4:09:57:
35:96:f8:4a:37:59:e0:3a:6b:22:80:2d:93:b5:ee:
8e:cb:8f:83:25:99:bc:90:24:aa:ba:ea:7e:ad:11:
0d:b0:e5:e9:72:73:5f:3f:68:6c:54:c7:bb:7d:2b:
3f:97:33:6f:e5:89:72:2a:bd:25:7b:54:6f:c3:a8:
1b:43:0c:a6:a0:88:90:2d:75:b6:33:e9:92:02:cb:
d4:c2:05:9c:b0:67:41:67:e4:e3:af:15:aa:3b:a5:
07:ef:1d:54:80:6f:f0:66:25:18:db:f6:4d:38:e2:
8d:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:D0:6C:9B:F2:A5:E6:59:AE:B3:DA:EA:8B:97:89:EA:53:14:B2:C9
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/PNBsm_Kl5lmus9rqi5eJ6lMUssk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.46.0/24
31.210.50.0/23
31.210.53.0-31.210.54.255
77.92.148.0/24
188.132.170.0/24
188.132.215.0/24
188.132.227.0-188.132.229.255
212.68.36.0/24
212.68.49.0/24
212.68.56.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:ca:95:b5:0b:ef:db:9a:b4:be:ee:24:41:55:24:62:4e:b3:
f8:a9:fa:f3:b1:cb:e0:f3:a4:28:30:39:1c:59:15:8e:e5:19:
ae:16:19:2f:37:87:24:32:94:5b:34:27:80:53:0c:bf:e0:f8:
42:6c:d4:4b:49:a2:d8:92:b2:bf:7b:fe:f8:cd:98:03:4d:c6:
b8:45:eb:9a:64:e6:79:8a:19:a3:f7:f8:cc:df:84:77:11:b0:
d5:a2:ce:81:fc:0d:ff:0c:8d:eb:69:1e:f1:f3:8e:4b:e3:e6:
f4:43:46:ef:f0:e3:bd:38:09:24:00:41:10:0e:d2:f9:94:55:
a3:d3:c9:39:bb:b9:e2:09:2d:37:c4:64:cd:4a:4f:b5:1b:3a:
c3:57:50:c2:a4:e6:e5:36:57:91:cf:6d:a2:4e:3c:55:5b:40:
4f:16:8f:16:33:85:81:d7:c6:75:4a:a4:73:c0:96:82:5f:d8:
a8:96:06:88:07:7c:a7:58:fb:91:83:15:db:bd:13:5b:85:77:
c7:f4:1c:c1:bc:a7:01:ed:ae:13:ad:be:e5:8c:e0:09:83:0d:
31:f9:30:07:33:44:ff:7b:f1:b7:83:ab:a5:fe:79:fe:9a:b1:
a3:3b:d7:6a:11:69:19:45:d5:cf:32:3a:cb:d2:79:6e:06:7d:
cc:d9:f2:ea
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZPHE3sSFAbef0Zkpv8kGQe5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjQxMjE0MjEyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2QwNmM5YmYyYTVlNjU5YWViM2RhZWE4Yjk3ODllYTUzMTRiMmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA50mGMH6iaVIpiBHLJT0pbhpWE29x
xnQ2Cd4NrjrrixKyzg4kyNdHuRvUalUAGZ3vOdqaUF6yqFS3cBhAZbfZO0QKMVW4
Gjus33KKkHrz4OCZkg65LeFAZUUJYIg00rpUnc44C6frofHIvyXQ95XSehYs72XW
khzBreg/usHuSlIKCGMRzPNZY27m0PWcIY4HfUHUCVc1lvhKN1ngOmsigC2Tte6O
y4+DJZm8kCSquup+rRENsOXpcnNfP2hsVMe7fSs/lzNv5YlyKr0le1Rvw6gbQwym
oIiQLXW2M+mSAsvUwgWcsGdBZ+TjrxWqO6UH7x1UgG/wZiUY2/ZNOOKN9wIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFDzQbJvypeZZrrPa6ouXiepTFLLJMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvUE5Cc21fS2w1bG11czlycWk1ZUo2bE1Vc3NrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAATBMAwQAH9IuAwQB
H9IyMAwDBAAf0jUDBAAf0jYDBABNXJQDBAC8hKoDBAC8hNcwDAMEALyE4wMEAbyE
5AMEANREJAMEANREMQMEANREODANBgkqhkiG9w0BAQsFAAOCAQEArMqVtQvv25q0
vu4kQVUkYk6z+Kn687HL4POkKDA5HFkVjuUZrhYZLzeHJDKUWzQngFMMv+D4QmzU
S0mi2JKyv3v++M2YA03GuEXrmmTmeYoZo/f4zN+EdxGw1aLOgfwN/wyN62ke8fOO
S+Pm9ENG7/DjvTgJJABBEA7S+ZRVo9PJObu54gktN8RkzUpPtRs6w1dQwqTm5TZX
kc9tok48VVtATxaPFjOFgdfGdUqkc8CWgl/YqJYGiAd8p1j7kYMV270TW4V3x/Qc
wbynAe2uE62+5YzgCYMNMfkwBzNE/3vxt4Orpf55/pqxozvXahFpGUXVzzI6y9J5
bgZ9zNny6g==
-----END CERTIFICATE-----
Generated at Thu Apr 17 07:26:55 2025 by rpki-client