Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/mjvKXG39OOraUTw7589W_e27Bno.roa
File: mjvKXG39OOraUTw7589W_e27Bno.roa (raw, json)
Hash identifier: AQCEDjrYfVktPWKxuRZUbJySmTOBpys6RnKNSg2bGIE=
Subject key identifier: 9A:3B:CA:5C:6D:FD:38:EA:DA:51:3C:3B:E7:CF:56:FD:ED:BB:06:7A
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 0195021351F6503EB10DB05A24031127D4B3
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/mjvKXG39OOraUTw7589W_e27Bno.roa
Signing time: Fri 14 Feb 2025 01:29:35 +0000
ROA not before: Fri 14 Feb 2025 01:29:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 31.210.35.0/24 maxlen: 24
78.135.97.0/24 maxlen: 24
188.132.188.0/24 maxlen: 24
188.132.189.0/24 maxlen: 24
188.132.190.0/24 maxlen: 24
188.132.191.0/24 maxlen: 24
188.132.193.0/24 maxlen: 24
188.132.236.0/24 maxlen: 24
188.132.249.0/24 maxlen: 24
212.68.59.0/24 maxlen: 24
212.68.60.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 17 Feb 2025 11:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:02:13:51:f6:50:3e:b1:0d:b0:5a:24:03:11:27:d4:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Feb 14 01:29:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9a3bca5c6dfd38eada513c3be7cf56fdedbb067a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:fb:dc:27:c1:64:d7:18:54:db:d6:c0:53:8b:
60:e3:1a:0b:01:6d:06:c9:ea:87:74:2b:1a:c6:94:
5b:bf:7d:63:07:3c:33:2a:46:24:af:90:f5:5c:6b:
5b:af:5d:04:bb:7f:f7:a5:3e:a4:09:e8:ca:0c:4b:
e1:4c:92:75:29:4d:cf:70:0b:37:31:9e:70:96:75:
95:7d:89:4e:d7:13:34:44:e3:e7:4e:d5:03:6f:ed:
6a:9a:97:1c:0f:e0:3b:0f:50:eb:82:93:95:ad:14:
a6:d9:ad:0d:f1:65:ff:94:e5:e7:0b:a1:86:eb:7b:
1a:d0:0e:50:7c:fb:82:fa:59:c0:c0:a9:79:6a:9d:
09:c9:c6:e0:e0:ad:50:2a:0b:5a:30:31:03:b8:0b:
9e:d6:6d:b0:a8:b0:81:53:dd:d4:99:03:76:d9:d9:
ed:cc:7d:53:2e:7e:dc:26:6c:e0:3b:b5:dd:30:0c:
7c:8c:cb:82:7f:ff:90:c1:43:03:19:ff:5d:4a:90:
9d:5f:cb:40:d2:78:e1:4f:ef:e6:39:6e:3a:38:46:
5d:56:69:61:a4:eb:5a:c5:a1:9d:d6:88:36:4f:32:
39:1a:26:d2:38:6e:bd:a5:3e:39:8f:85:3c:d1:31:
b4:64:3b:c7:1b:46:0a:3e:7c:f2:42:4a:d4:87:b1:
1e:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:3B:CA:5C:6D:FD:38:EA:DA:51:3C:3B:E7:CF:56:FD:ED:BB:06:7A
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/mjvKXG39OOraUTw7589W_e27Bno.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.35.0/24
78.135.97.0/24
188.132.188.0/22
188.132.193.0/24
188.132.236.0/24
188.132.249.0/24
212.68.59.0-212.68.60.255
Signature Algorithm: sha256WithRSAEncryption
88:48:bf:31:be:48:f9:d4:2e:e5:00:e1:9d:6d:00:cb:25:26:
a4:2c:22:e6:87:bf:21:84:57:cb:2b:82:e6:7b:6e:af:43:1c:
28:fb:32:c3:ce:c2:5d:50:0d:64:fc:d1:38:0b:79:ac:3f:ae:
ce:5a:87:2d:fe:c2:6f:2d:ef:89:c1:e6:37:da:06:eb:89:e7:
f4:9a:03:ac:ae:b9:09:42:a9:9c:9e:4f:d6:99:e6:d2:3a:f8:
19:78:e9:15:e3:ea:70:89:44:6b:96:6f:0f:6c:a5:89:80:15:
96:ac:fc:50:71:da:b2:cf:87:3f:a6:05:3f:09:6b:cf:e0:7e:
7d:b3:a7:e1:36:b4:44:4a:ee:cb:21:51:6f:0b:ce:98:ba:c7:
71:bc:b4:71:91:13:a4:27:93:7f:9c:c5:06:d4:34:c3:47:4b:
96:40:08:63:52:ee:3a:68:3d:83:d2:07:6c:67:02:be:9e:bd:
b0:f3:1e:a3:f9:30:10:30:13:ce:98:aa:34:30:d0:2b:89:71:
70:dc:54:ad:2a:a2:38:a2:b1:2e:25:e7:28:19:0a:8d:87:ac:
43:a8:0a:47:b4:b0:05:b3:95:ea:dc:b0:e4:a6:dd:5d:5e:25:
45:1d:01:21:05:96:1a:60:be:af:15:28:43:e5:73:36:e1:a8:
12:96:53:09
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZUCE1H2UD6xDbBaJAMRJ9SzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjUwMjE0MDEyOTM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTNiY2E1YzZkZmQzOGVhZGE1MTNjM2JlN2NmNTZmZGVkYmIwNjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArfvcJ8Fk1xhU29bAU4tg4xoLAW0G
yeqHdCsaxpRbv31jBzwzKkYkr5D1XGtbr10Eu3/3pT6kCejKDEvhTJJ1KU3PcAs3
MZ5wlnWVfYlO1xM0ROPnTtUDb+1qmpccD+A7D1DrgpOVrRSm2a0N8WX/lOXnC6GG
63sa0A5QfPuC+lnAwKl5ap0Jycbg4K1QKgtaMDEDuAue1m2wqLCBU93UmQN22dnt
zH1TLn7cJmzgO7XdMAx8jMuCf/+QwUMDGf9dSpCdX8tA0njhT+/mOW46OEZdVmlh
pOtaxaGd1og2TzI5GibSOG69pT45j4U80TG0ZDvHG0YKPnzyQkrUh7Ee8wIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFJo7ylxt/Tjq2lE8O+fPVv3tuwZ6MB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvbWp2S1hHMzlPT3JhVVR3NzU4OVdfZTI3Qm5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQAH9IjAwQA
TodhAwQCvIS8AwQAvITBAwQAvITsAwQAvIT5MAwDBADURDsDBADURDwwDQYJKoZI
hvcNAQELBQADggEBAIhIvzG+SPnULuUA4Z1tAMslJqQsIuaHvyGEV8srguZ7bq9D
HCj7MsPOwl1QDWT80TgLeaw/rs5ahy3+wm8t74nB5jfaBuuJ5/SaA6yuuQlCqZye
T9aZ5tI6+Bl46RXj6nCJRGuWbw9spYmAFZas/FBx2rLPhz+mBT8Ja8/gfn2zp+E2
tERK7sshUW8Lzpi6x3G8tHGRE6Qnk3+cxQbUNMNHS5ZACGNS7jpoPYPSB2xnAr6e
vbDzHqP5MBAwE86YqjQw0CuJcXDcVK0qojiisS4l5ygZCo2HrEOoCke0sAWzlerc
sOSm3V1eJUUdASEFlhpgvq8VKEPlczbhqBKWUwk=
-----END CERTIFICATE-----
Generated at Thu Apr 17 07:09:57 2025 by rpki-client